Hello community,
here is the log from the commit of package chromium for openSUSE:Factory checked in at 2014-09-08 21:28:47
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/chromium (Old)
and /work/SRC/openSUSE:Factory/.chromium.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium"
Changes:
--------
--- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2014-08-21 16:16:05.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.chromium.new/chromium.changes 2014-09-08 21:29:20.000000000 +0200
@@ -1,0 +2,43 @@
+Mon Sep 1 07:33:24 UTC 2014 - tittiatcoke@gmail.com
+
+- Switch to shared libraries as a global default. This hopefully
+ speeds up the builds a little and prevents out-of-memory on OBS
+- Move the chrome sandbox binary to the main package and remove the
+ sub-package for it. This should resolve build issues when having
+ the debug flag on.
+
+-------------------------------------------------------------------
+Sun Aug 31 00:39:34 UTC 2014 - josua.m@t-online.de
+
+- add toolchain_linux_arm
+- disable NaCl on ARM because it doesn't build
+- add arm-webrtc-fix.patch
+- add chromium-arm-r0.patch
+- add skia.patch
+- build components as shared libaries on arm
+
+-------------------------------------------------------------------
+Wed Aug 27 11:53:24 UTC 2014 - tittiatcoke@gmail.com
+
+- Update to Chromium 37.0.2062.94
+ Security Fixes (bnc#893720)
+ * CVE-2014-3176, CVE-2014-3177: A combination of bugs in V8, IPC,
+ sync, and extensions that can lead to remote code execution
+ outside of the sandbox.
+ * CVE-2014-3168: Use-after-free in SVG
+ * CVE-2014-3169: Use-after-free in DOM
+ * CVE-2014-3170: Extension permission dialog spoofing
+ * CVE-2014-3171: Use-after-free in bindings
+ * CVE-2014-3172: Issue related to extension debugging
+ * CVE-2014-3173: Uninitialized memory read in WebGL
+ * CVE-2014-3174: Uninitialized memory read in Web Audio
+ * CVE-2014-3175: Various fixes from internal audits, fuzzing
+ and other initiatives
+ and 41 more security fixes for which no description was given
+
+- Drop the following patches as they are no longer required:
+ * chromium-23.0.1245-no-test-sources.patch
+ * no-download-nacl.diff
+ * chromium-no-courgette.patch
+
+-------------------------------------------------------------------
Old:
----
chromium-23.0.1245-no-test-sources.patch
chromium-36.0.1985.143.tar.xz
chromium-no-courgette.patch
no-download-nacl.diff
New:
----
arm-webrtc-fix.patch
chromium-37.0.2062.94.tar.xz
chromium-arm-r0.patch
skia.patch
toolchain_linux_arm.tar
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ chromium.spec ++++++
--- /var/tmp/diff_new_pack.GWy3oh/_old 2014-09-08 21:29:43.000000000 +0200
+++ /var/tmp/diff_new_pack.GWy3oh/_new 2014-09-08 21:29:43.000000000 +0200
@@ -20,7 +20,7 @@
%define chromium_system_libs 0
Name: chromium
-Version: 36.0.1985.143
+Version: 37.0.2062.94
Release: 0
Summary: Google's opens source browser project
License: BSD-3-Clause and LGPL-2.1+
@@ -28,7 +28,8 @@
Url: http://code.google.com/p/chromium/
Source0: http://gsdview.appspot.com/chromium-browser-official/%{name}-%{version}.tar.xz
Source1: toolchain_linux_x86.tar.bz2
-Source2: %{name}-rpmlintrc
+Source2: toolchain_linux_arm.tar
+Source3: %{name}-rpmlintrc
Source30: master_preferences
Source31: default_bookmarks.html
Source99: chrome-wrapper
@@ -46,28 +47,27 @@
Obsoletes: chromium-browser < %{version}
Conflicts: otherproviders(chromium-browser)
# There is no v8 for ppc and thus chromium won't run on ppc. For aarch64 certain buildrequires are missing (e.g. valgrind)
-ExcludeArch: aarch64 ppc ppc64 ppc64le armv7hl
+ExcludeArch: aarch64 ppc ppc64 ppc64le
## Start Patches
# Many changes to the gyp systems so we can use system libraries
-# PATCH-FIX-OPENSUSE Test sources have been removed to shrink the tarball
-Patch1: chromium-23.0.1245-no-test-sources.patch
# PATCH-FIX-OPENSUSE Make the 1-click-install ymp file always download [bnc#836059]
-Patch2: exclude_ymp.diff
-# PATCH-FIX-OPENSUSE Disable the download of the NaCl tarballs
-Patch3: no-download-nacl.diff
-# PATCH-FIX-OPENSUSE removes build part for courgette
-Patch13: chromium-no-courgette.patch
+Patch1: exclude_ymp.diff
# PATCH-FIX-OPENSUSE enables reading of the master preference
-Patch14: chromium-master-prefs-path.patch
+Patch4: chromium-master-prefs-path.patch
# PATCH-FIX-OPENSUSE Fix some includes specifically for the GCC version used
-Patch20: chromium-gcc-fixes.patch
+Patch5: chromium-gcc-fixes.patch
# PATCH-FIX-UPSTREAM Add more charset aliases
-Patch64: chromium-more-codec-aliases.patch
+Patch6: chromium-more-codec-aliases.patch
# PATCH-FIX-OPENSUSE Compile the sandbox with -fPIE settings
-Patch66: chromium-sandbox-pie.patch
+Patch7: chromium-sandbox-pie.patch
# PATCH-FIX-OPENSUSE Adjust ldflags for better building
-Patch67: adjust-ldflags-no-keep-memory.patch
+Patch8: adjust-ldflags-no-keep-memory.patch
+
+# archlinux arm enhancement patches
+Patch100: arm-webrtc-fix.patch
+Patch101: chromium-arm-r0.patch
+Patch102: skia.patch
BuildRequires: alsa-devel
BuildRequires: bison
@@ -93,9 +93,11 @@
BuildRequires: libgnome-keyring-devel
BuildRequires: libicu-devel >= 4.0
BuildRequires: libpulse-devel
+
%if !0%{?packman_bs}
BuildRequires: ninja
%endif
+BuildRequires: libdrm-devel
BuildRequires: pam-devel
BuildRequires: pciutils-devel
BuildRequires: pkg-config
@@ -113,6 +115,8 @@
BuildRequires: pkgconfig(gconf-2.0)
BuildRequires: pkgconfig(glib-2.0)
BuildRequires: pkgconfig(gtk+-2.0)
+BuildRequires: pkgconfig(libcrypto)
+BuildRequires: pkgconfig(libexif)
BuildRequires: pkgconfig(libexif)
BuildRequires: pkgconfig(libudev)
BuildRequires: pkgconfig(libxslt)
@@ -193,7 +197,8 @@
Requires(pre): permissions
Recommends: Chromium-password = %{version}
-Requires: %{name}-suid-helper = %{version}
+Obsoletes: %{name}-suid-helper < %{version}
+Provides: %{name}-suid-helper = %{version}
# Recommends the chromium-ffmpeg library (available from packman)
Recommends: chromium-ffmpeg
@@ -243,24 +248,6 @@
Gnome's Keyring. Please be aware that by this change the old password are no longer accessible and
are also not converted to Gnome's Keyring.
-%package suid-helper
-
-Summary: A suid helper to let a process willingly drop privileges on Linux
-License: BSD-3-Clause and LGPL-2.1+
-Group: Productivity/Networking/Web/Browsers
-Url: http://code.google.com/p/setuid-sandbox/
-Requires(pre): permissions
-
-%description suid-helper
-t will allow a process to execute a target executable that will be able to drop privileges:
-
- * The suid sandbox will create a new PID namespace or will switch uid/gid to isolate the process
- * a helper process, sharing the filesystem view of the existing process, will be created. It
- will accept a request to chroot() the process to an empty directory
-
-This is convenient because an executable can be launched, load libraries and open files and get
-chroot()-ed to an empty directory when it wants to drop filesystem access.
-
%package -n chromedriver
Summary: WebDriver for Google Chrome/Chromium
@@ -287,22 +274,24 @@
%prep
%if !0%{?packman_bs}
-%setup -q -n %{name}-%{version} -a 999 -a 998 -a 1
+%setup -q -n %{name}-%{version} -a 999 -a 998 -a 997 -a 1 -a 2
%else
%setup -q -n %{name}-%{version} -a 999 -a 998 -a 997
%endif
%patch1 -p0
-%patch2 -p0
-%patch3 -p0
-%patch64 -p0
-%patch13 -p0
-%patch14 -p0
-%patch20 -p0
-%patch66 -p0
-%patch67 -p0
+%patch6 -p0
+%patch4 -p0
+%patch5 -p0
+%patch7 -p0
+%patch8 -p0
#Upstream fixes
+# archlinux arm enhancements
+%patch100 -p0
+%patch101 -p0
+%patch102 -p0
+
export PATH="$PATH":`pwd`/depot_tools
%if !0%{?packman_bs}
@@ -325,7 +314,9 @@
-Dremove_webcore_debug_symbols=1
-Dlogging_like_official_build=1
-Dlinux_fpic=1
- -Ddisable_sse2=1"
+ -Ddisable_sse2=1
+ -Dcomponent=shared_library
+ -Dtoolkit_uses_gtk=0"
%if 0%{?packman_bs}
myconf+=" -Dffmpeg_branding=Chrome"
@@ -340,6 +331,15 @@
myconf+=" -Dtarget_arch=x64"
%endif
+%ifarch %arm
+myconf+=" -Dtarget_arch=arm
+ -Dsysroot=
+ -Ddisable_nacl=1"
+%endif
+%ifarch armv6hl armv7hl
+myconf+=" -Darm_float_abi=hard"
+%endif
+
%if 0%{?chromium_system_libs}
myconf+=" -Duse_system_flac=1
-Duse_system_speex=1
@@ -457,10 +457,16 @@
%fdupes %{buildroot}%{_mandir}/man1/
# NaCl
+%ifnarch %arm
cp -a nacl_helper %{buildroot}%{_libdir}/chromium/
cp -a nacl_helper_bootstrap %{buildroot}%{_libdir}/chromium/
cp -a nacl_irt_*.nexe %{buildroot}%{_libdir}/chromium/
cp -a libppGoogleNaClPluginChrome.so %{buildroot}%{_libdir}/chromium/
+%endif
+
+ # chromium components
+ mkdir -p %{buildroot}%{_libdir}/chromium/lib/
+ cp -av lib/*.so %{buildroot}%{_libdir}/chromium/lib/
#libffmpegsumo
cp -a libffmpegsumo.so %{buildroot}%{_libdir}/chromium/
@@ -508,16 +514,14 @@
# Add snipplets to update the GTK cache on package install.
-%verifyscript suid-helper
+%verifyscript
%verify_permissions -e %{_prefix}/lib/chrome_sandbox
-%post suid-helper
-%set_permissions %{_prefix}/lib/chrome_sandbox
-
%post
%icon_theme_cache_post
%desktop_database_post
"%_sbindir/update-alternatives" --install %{_bindir}/chromium chromium %{_libdir}/chromium/chromium-generic 10
+%set_permissions %{_prefix}/lib/chrome_sandbox
%postun
%icon_theme_cache_postun
@@ -563,6 +567,7 @@
%files
%defattr(-,root,root,-)
+%verify(not mode) %{_prefix}/lib/chrome_sandbox
%doc AUTHORS LICENSE
%config %{_sysconfdir}/%{name}
%config(noreplace) %{_sysconfdir}/default/chromium
@@ -573,11 +578,11 @@
%{_datadir}/applications/*.desktop
%{_datadir}/gnome-control-center/default-apps/chromium-browser.xml
%{_datadir}/icons/hicolor/
+%{_prefix}/lib/chrome_sandbox
%exclude %{_libdir}/chromium/libffmpegsumo.so
%exclude %{_libdir}/chromium/chromium-kde
%exclude %{_libdir}/chromium/chromium-gnome
%exclude %{_libdir}/chromium/chromedriver
-%exclude %{_libdir}/chromium/chrome-sandbox
%_bindir/chromium
%ghost %_sysconfdir/alternatives/chromium
@@ -591,11 +596,6 @@
%files desktop-gnome
%attr(755, root, root) %{_libdir}/chromium/chromium-gnome
-%files suid-helper
-%defattr(-,root,root,-)
-%verify(not mode) %{_prefix}/lib/chrome_sandbox
-%{_libdir}/chromium/chrome-sandbox
-
%files -n chromedriver
%defattr(-,root,root,-)
%{_libdir}/chromium/chromedriver
++++++ arm-webrtc-fix.patch ++++++
--- third_party/webrtc/system_wrappers/source/cpu_features.cc.orig 2014-01-15 18:38:50.331954791 -0700
+++ third_party/webrtc/system_wrappers/source/cpu_features.cc 2014-01-15 18:38:37.902004379 -0700
@@ -18,6 +18,47 @@
#include "webrtc/typedefs.h"
+#include