Hello community, here is the log from the commit of package chromium for openSUSE:Factory checked in at 2013-03-04 17:25:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/chromium (Old) and /work/SRC/openSUSE:Factory/.chromium.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "chromium", Maintainer is "orphaned@suse.de" Changes: -------- --- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2013-02-17 16:56:44.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.chromium.new/chromium.changes 2013-03-04 17:25:37.000000000 +0100 @@ -1,0 +2,54 @@ +Sat Feb 23 08:09:58 UTC 2013 - tittiatcoke@gmail.com + +- Update to 27.0.1425 + * Bug and stability fixes: + - Fixed crash after clicking through malware warning. + (Issue: 173986) + - Fixed broken command line to create extensions with locale info + (Issue: 176187) + - Hosted apps in Chrome will always be opened from app launcher. + (Issue: 176267) + - Added modal confirmation dialog to the enterprise profile + sign-in flow. (Issue: 171236) + - Fixed a crash with autofill. (Issues: 175454, 176576) + - Fixed issues with sign-in. + (Issues: 175672, 175819, 175541, 176190) + - Fixed spurious profile shortcuts created with a system-level + install. (Issue: 177047) + - Fixed the background tab flashing with certain themes. + (Issue: 175426) + + * Security Fixes: (bnc#804986) + - High CVE-2013-0879: Memory corruption with web audio node + - High CVE-2013-0880: Use-after-free in database handling + - Medium CVE-2013-0881: Bad read in Matroska handling + - High CVE-2013-0882: Bad memory access with excessive SVG + parameters. + - Medium CVE-2013-0883: Bad read in Skia. + - Low CVE-2013-0884: Inappropriate load of NaCl. + - Medium CVE-2013-0885: Too many API permissions granted to web + store + - Medium CVE-2013-0886: Incorrect NaCl signal handling. + - Low CVE-2013-0887: Developer tools process has too many + permissions and places too much trust in the connected server + - Medium CVE-2013-0888: Out-of-bounds read in Skia + - Low CVE-2013-0889: Tighten user gesture check for dangerous + file downloads. + - High CVE-2013-0890: Memory safety issues across the IPC layer. + - High CVE-2013-0891: Integer overflow in blob handling. + - Medium CVE-2013-0892: Lower severity issues across the IPC layer + - Medium CVE-2013-0893: Race condition in media handling. + - High CVE-2013-0894: Buffer overflow in vorbis decoding. + - High CVE-2013-0895: Incorrect path handling in file copying. + - High CVE-2013-0896: Memory management issues in plug-in message + handling + - Low CVE-2013-0897: Off-by-one read in PDF + - High CVE-2013-0898: Use-after-free in URL handling + - Low CVE-2013-0899: Integer overflow in Opus handling + - Medium CVE-2013-0900: Race condition in ICU + + * Make adjustment for autodetecting of the PepperFlash library. + The package with the PepperFlash hopefully will be soon + available through packman + +------------------------------------------------------------------- Old: ---- chromium.26.0.1411.0.svn181988.tar.bz2 New: ---- chromium.27.0.1425.0.svn185065.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ chromium.spec ++++++ --- /var/tmp/diff_new_pack.YhSg4v/_old 2013-03-04 17:26:32.000000000 +0100 +++ /var/tmp/diff_new_pack.YhSg4v/_new 2013-03-04 17:26:32.000000000 +0100 @@ -16,12 +16,12 @@ # -%define svn_revision 181988 +%define svn_revision 185065 %define chromium_no_dlopen 1 %define chromium_system_libs 0%{?suse_version} > 1220 Name: chromium -Version: 26.0.1411.0 +Version: 27.0.1425.0 Release: 0 Summary: Google's opens source browser project License: BSD-3-Clause and LGPL-2.1+ ++++++ chromium-browser.sh ++++++ --- /var/tmp/diff_new_pack.YhSg4v/_old 2013-03-04 17:26:32.000000000 +0100 +++ /var/tmp/diff_new_pack.YhSg4v/_new 2013-03-04 17:26:32.000000000 +0100 @@ -102,6 +102,13 @@ . /etc/default/chromium fi +# Detect if PepperFlash has been installed (based on the package in packman) +# If so, automatically enable it +if [ -f /usr/lib/chromium/PepperFlash/libpepflashplayer.so ]; then + PEPPER_FLASH_VERSION=$(grep '"version":' /usr/lib/chromium/PepperFlash/manifest.json| grep -Po '(?<=version": ")(?:\d|\.)*') + PEPPERFLASH="--ppapi-flash-path=/usr/lib/chromium/PepperFlash/libpepflashplayer.so --ppapi-flash-version=$PEPPER_FLASH_VERSION" +fi + # Prefer user defined CHROMIUM_USER_FLAGS (from env) over system # default CHROMIUM_FLAGS (from /etc/chromium/default) CHROMIUM_FLAGS=${CHROMIUM_USER_FLAGS:-$CHROMIUM_FLAGS} @@ -120,6 +127,6 @@ $GDB "$LIBDIR/$APPNAME" -x $tmpfile exit $? else - exec $LIBDIR/$APPNAME $SANDBOX ${CHROMIUM_FLAGS} "--password-store=basic" "$@" + exec $LIBDIR/$APPNAME $SANDBOX ${CHROMIUM_FLAGS} ${PEPPERFLASH} "--password-store=basic" "$@" fi ++++++ chromium-master-prefs-path.patch ++++++ --- /var/tmp/diff_new_pack.YhSg4v/_old 2013-03-04 17:26:32.000000000 +0100 +++ /var/tmp/diff_new_pack.YhSg4v/_new 2013-03-04 17:26:32.000000000 +0100 @@ -8,7 +8,7 @@ base::FilePath master_prefs; - if (!PathService::Get(base::DIR_EXE, &master_prefs)) - return base::FilePath(); -+ master_prefs = FilePath("/etc/chromium"); ++ master_prefs = base::FilePath("/etc/chromium"); return master_prefs.AppendASCII(installer::kDefaultMasterPrefs); } ++++++ chromium.26.0.1411.0.svn181988.tar.bz2 -> chromium.27.0.1425.0.svn185065.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/chromium/chromium.26.0.1411.0.svn181988.tar.bz2 /work/SRC/openSUSE:Factory/.chromium.new/chromium.27.0.1425.0.svn185065.tar.bz2 differ: char 11, line 1 -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org