Hello community, here is the log from the commit of package chromium for openSUSE:Factory checked in at 2013-11-30 14:19:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/chromium (Old) and /work/SRC/openSUSE:Factory/.chromium.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "chromium" Changes: -------- --- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2013-10-20 10:52:16.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.chromium.new/chromium.changes 2013-11-30 14:20:02.000000000 +0100 @@ -2 +2 @@ -Sat Oct 12 14:48:06 UTC 2013 - tittiatcoke@gmail.com +Wed Nov 27 09:36:08 UTC 2013 - tittiatcoke@gmail.com @@ -4,2 +4,2 @@ -- Update to Chromium 31.0.1650.11 - + Beta channel update: Bug and stability fixes +- Remove the build flags to build according to the Chrome ffmpeg + branding and the proprietary codecs. (bnc#847971) @@ -8 +8 @@ -Fri Oct 4 05:59:20 UTC 2013 - tittiatcoke@gmail.com +Sat Nov 16 08:44:23 UTC 2013 - tittiatcoke@gmail.com @@ -10,2 +10,25 @@ -- Update to Chromium 31.0.1650.8 - * Bug and Stability Fixes +- Update to Chromium 31.0.1650.57 + Stable channel update: + - Security Fixes: + * CVE-2013-6632: Multiple memory corruption issues. + +------------------------------------------------------------------- +Wed Nov 13 17:46:35 UTC 2013 - tittiatcoke@gmail.com + +- Update to Chromium 31.0.1650.48 + Stable Channel update: + - Security fixes: + * CVE-2013-6621: Use after free related to speech input elements.. + * CVE-2013-6622: Use after free related to media elements. + * CVE-2013-6623: Out of bounds read in SVG. + * CVE-2013-6624: Use after free related to “id” attribute strings. + * CVE-2013-6625: Use after free in DOM ranges. + * CVE-2013-6626: Address bar spoofing related to interstitial warnings. + * CVE-2013-6627: Out of bounds read in HTTP parsing. + * CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation. + * CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives. + * CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo. + * CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo. + * CVE-2013-6631: Use after free in libjingle. +- Added patch chromium-fix-chromedriver-build.diff to fix the + chromedriver build @@ -13,2 +36,32 @@ -- Removed patch chromium-fix-altgrkeys.diff due to upstream - inclusion +------------------------------------------------------------------- +Thu Nov 7 11:18:07 UTC 2013 - tittiatcoke@gmail.com + +- Enable ARM build for Chromium. + * Added patches chromium-arm-webrtc-fix.patch, + chromium-fix-arm-icu.patch and chromium-fix-arm-sysroot.patch + to resolve ARM specific build issues + +------------------------------------------------------------------- +Fri Oct 25 17:50:46 UTC 2013 - tittiatcoke@gmail.com + +- Update to Chromium 30.0.1599.114 + Stable Channel update: fix build for 32bit systems + +- Drop patch chromium-fix-chromedriver-build.diff. This is now + fixed upstream +- For openSUSE versions lower than 13.1, build against the in-tree + libicu + +------------------------------------------------------------------- +Wed Oct 16 05:14:12 UTC 2013 - tittiatcoke@gmail.com + +- Update to Chromium 30.0.1599.101 + - Security Fixes: + + CVE-2013-2925: Use after free in XHR + + CVE-2013-2926: Use after free in editing + + CVE-2013-2927: Use after free in forms. + + CVE-2013-2928: Various fixes from internal audits, + fuzzing and other initiatives. + +------------------------------------------------------------------- +Tue Oct 1 20:48:13 UTC 2013 - tittiatcoke@gmail.com @@ -16,2 +69,28 @@ -- Add patch chromium-fix-chromedriver-build.diff to fix the build - of chromedriver, so that this package can be build again. +- Update to Chromium 30.0.1599.66 + - Easier searching by image + - A number of new apps/extension APIs + - Lots of under the hood changes for stability and performance +- Security fixes: + + CVE-2013-2906: Races in Web Audio + + CVE-2013-2907: Out of bounds read in Window.prototype object + + CVE-2013-2908: Address bar spoofing related to the + “204 No Content” status code + + CVE-2013-2909: Use after free in inline-block rendering + + CVE-2013-2910: Use-after-free in Web Audio + + CVE-2013-2911: Use-after-free in XSLT + + CVE-2013-2912: Use-after-free in PPAPI + + CVE-2013-2913: Use-after-free in XML document parsing + + CVE-2013-2914: Use after free in the Windows color chooser + dialog + + CVE-2013-2915: Address bar spoofing via a malformed scheme + + CVE-2013-2916: Address bar spoofing related to the “204 No + Content” status code + + CVE-2013-2917: Out of bounds read in Web Audio + + CVE-2013-2918: Use-after-free in DOM + + CVE-2013-2919: Memory corruption in V8 + + CVE-2013-2920: Out of bounds read in URL parsing + + CVE-2013-2921: Use-after-free in resource loader + + CVE-2013-2922: Use-after-free in template element + + CVE-2013-2923: Various fixes from internal audits, fuzzing and + other initiatives + + CVE-2013-2924: Use-after-free in ICU. Upstream bug @@ -40,2 +118,0 @@ -- Add patch no-download-nacl.diff to enable building the - Native Client within the chromium build Old: ---- chromium-31.0.1650.11.tar.xz New: ---- chromium-31.0.1650.57.tar.xz chromium-arm-webrtc-fix.patch chromium-fix-arm-icu.patch chromium-fix-arm-sysroot.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ chromium.spec ++++++ --- /var/tmp/diff_new_pack.MKUmBt/_old 2013-11-30 14:20:10.000000000 +0100 +++ /var/tmp/diff_new_pack.MKUmBt/_new 2013-11-30 14:20:10.000000000 +0100 @@ -17,14 +17,14 @@ %define chromium_no_dlopen 1 -%define chromium_system_libs 0%{?suse_version} > 1230 +%define chromium_system_libs 0%{?suse_version} > 1220 %define pnacl_version 12180 %define newlib_version 12067 %define glibc_version 12053 Name: chromium -Version: 31.0.1650.11 +Version: 31.0.1650.57 Release: 0 Summary: Google's opens source browser project License: BSD-3-Clause and LGPL-2.1+ @@ -44,6 +44,8 @@ Source102: chromium-browser.xml Source103: chromium.default Source104: chromium-icons.tar.bz2 +# This is the update script to get the new tarballs +Source999: update_chromium Provides: chromium-based-browser = %{version} Provides: chromium-browser = %{version} Provides: browser(npapi) @@ -59,6 +61,12 @@ Patch2: exclude_ymp.diff # PATCH-FIX-OPENSUSE Disable the download of the NaCl tarballs Patch3: no-download-nacl.diff +# PATCH-FIX-OPENSUSE Remove the sysroot for ARM builds. This is causing issues when finding include-files +Patch4: chromium-fix-arm-sysroot.patch +# PATCH-FIX-OPENSUSE Don't use -m32 for the ARM builds +Patch5: chromium-fix-arm-icu.patch +# PATCH-FIX-OPENSUSE Fix the WEBRTC cpu-features for the ARM builds +Patch6: chromium-arm-webrtc-fix.patch # PATCH-FIX-OPENSUSE removes build part for courgette Patch13: chromium-no-courgette.patch # PATCH-FIX-OPENSUSE enables reading of the master preference @@ -71,7 +79,7 @@ Patch66: chromium-sandbox-pie.patch # PATCH-FIX-OPENSUSE Adjust ldflags for better building Patch67: adjust-ldflags-no-keep-memory.patch -# PATCH-FIX-OPENSUSE Fix the chromedriver build due to a non-svn tarball +# PATCH-FIX-OPENSUSE Remove the SVN revision for the chromedriver as that this fails with the tarball Patch68: chromium-fix-chromedriver-build.diff BuildRequires: alsa-devel @@ -96,8 +104,10 @@ BuildRequires: libicu-devel >= 4.0 BuildRequires: libpulse-devel %if !0%{?packman_bs} +%if 0%{?suse_version} > 1230 BuildRequires: ninja %endif +%endif BuildRequires: pam-devel BuildRequires: pciutils-devel BuildRequires: pkg-config @@ -158,7 +168,7 @@ %endif Requires: alsa -Requires: ffmpegsumo +Requires: ffmpegsumo = %{version} Requires: hicolor-icon-theme Requires: update-alternatives Requires: xdg-utils @@ -206,8 +216,8 @@ Summary: Library to provide ffmpeg support to Chromium License: BSD-3-Clause and LGPL-2.1+ Group: Productivity/Networking/Web/Browsers -Provides: ffmpegsumo -Conflicts: chromium-ffmpeg +Provides: ffmpegsumo = %{version} +Conflicts: otherproviders(ffmpegsumo) Requires: %{name} %description ffmpegsumo @@ -278,8 +288,8 @@ Summary: The ffmpeg lib for Google's opens source browser Chromium License: BSD-3-Clause and LGPL-2.1+ Group: Productivity/Networking/Web/Browsers -Provides: ffmpegsumo -Conflicts: %{name}-ffmpegsumo +Provides: ffmpegsumo = %{version} +Conflicts: otherproviders(ffmpegsumo) Requires: %{name} %description ffmpeg @@ -292,6 +302,11 @@ %patch1 -p0 %patch2 -p0 %patch3 -p0 +%ifarch armv7hl +%patch4 -p0 +%patch5 -p0 +%patch6 -p0 +%endif %patch64 -p0 %patch13 -p0 %patch14 -p0 @@ -325,20 +340,42 @@ myconf+="-Dwerror= -Dlinux_sandbox_chrome_path=%{_libdir}/chromium/chromium - -Ddisable_nacl=0 - -Ddisable_glibc=1 - -Ddisable_pnacl=0 - -Ddisable_newlib_untar=0 -Duse_openssl=0 -Duse_system_ffmpeg=0 -Dbuild_ffmpegsumo=1 - -Dremove_webcore_debug_symbols=1 -Dproprietary_codecs=1 + -Dremove_webcore_debug_symbols=1 -Dlogging_like_official_build=1 - -Dffmpeg_branding=Chrome -Dlinux_fpic=1 -Ddisable_sse2=1" +%if 0%{?packman_bs} +myconf+=" -Dffmpeg_branding=Chrome" +%endif + +%ifarch armv7hl +myconf+=" -Dlinux_use_tcmalloc=0 + -DCAN_USE_ARMV7_INSTRUCTIONS=1 + -DV8_TARGET_ARCH_ARM + -Dtarget_arch=arm + -DARMV7=1 + -Darm_neon=0 + -Darm_fpu=vfpv3-d16 + -Drelease_extra_cflags=$CFLAGS -DUSE_EABI_HARDFLOAT + -Dv8_use_arm_eabi_hardfloat=true + -Darm_float_abi=hard + -Ddisable_nacl=1 + -Ddisable_glibc=1 + -Ddisable_pnacl=1 + -Ddisable_newlib_untar=0 + -Darm_version=7" +%else +myconf+=" -Ddisable_nacl=0 + -Ddisable_glibc=1 + -Ddisable_pnacl=0 + -Ddisable_newlib_untar=0" +%endif + %ifarch x86_64 myconf+=" -Dtarget_arch=x64" %endif @@ -351,7 +388,6 @@ -Duse_system_libmtp=1 -Duse_system_opus=1 -Duse_system_bzip2=1 - -Duse_system_icu=1 -Duse_system_harfbuzz=1 -Duse_system_libjpeg=1 -Duse_system_libpng=1 @@ -361,6 +397,10 @@ -Duse_system_protobuf=1 -Duse_system_yasm=1" +%if 0%{?suse_version} > 1230 +myconf+=" -Duse_system_icu=1" +%endif + %if 0 # Remove most bundled libraries. Some are still needed. ./build/linux/unbundle/remove_bundled_libraries.py \ @@ -472,10 +512,11 @@ build/linux/unbundle/replace_gyp_files.py $myconf %if 0%{?packman_bs} - ./build/gyp_chromium -f make third_party/ffmpeg/ffmpeg.gyp --depth . $myconf + ./build/gyp_chromium -f make third_party/ffmpeg/ffmpeg.gyp --no-parallel --depth . $myconf cd third_party/ffmpeg make -r %{?_smp_mflags} -f ffmpeg.Makefile BUILDTYPE=Release V=1 %else +%if 0%{?suse_version} > 1230 export GYP_GENERATORS='ninja' ./build/gyp_chromium build/all.gyp --depth . $myconf @@ -486,6 +527,17 @@ # Build the ChromeDriver test suite ninja -C out/Release chromedriver +%else + ./build/gyp_chromium -f make build/all.gyp --depth . $myconf + + make -r %{?_smp_mflags} chrome V=1 BUILDTYPE=Release + + # Build the required SUID_SANDBOX helper + make -r %{?_smp_mflags} chrome_sandbox V=1 BUILDTYPE=Release + + # Build the ChromeDriver test suite + make -r %{?_smp_mflags} chromedriver V=1 BUILDTYPE=Release +%endif %endif %install @@ -529,11 +581,15 @@ cp -a chrome.1 %{buildroot}%{_mandir}/man1/chromium.1 %fdupes %{buildroot}%{_mandir}/man1/ +%ifarch armv7hl +# Native Client doesn't build yet for ARM +%else # NaCl cp -a nacl_helper %{buildroot}%{_libdir}/chromium/ cp -a nacl_helper_bootstrap %{buildroot}%{_libdir}/chromium/ cp -a nacl_irt_*.nexe %{buildroot}%{_libdir}/chromium/ cp -a libppGoogleNaClPluginChrome.so %{buildroot}%{_libdir}/chromium/ +%endif #libffmpegsumo cp -a libffmpegsumo.so %{buildroot}%{_libdir}/chromium/ ++++++ chromium-31.0.1650.11.tar.xz -> chromium-31.0.1650.57.tar.xz ++++++ /work/SRC/openSUSE:Factory/chromium/chromium-31.0.1650.11.tar.xz /work/SRC/openSUSE:Factory/.chromium.new/chromium-31.0.1650.57.tar.xz differ: char 27, line 1 ++++++ chromium-arm-webrtc-fix.patch ++++++ --- skia/skia_library_opts.gyp 2013-10-11 19:29:07.000000000 +0200 +++ skia/skia_library_opts.gyp 2013-10-19 18:40:03.817037422 +0200 @@ -110,6 +110,7 @@ '../third_party/skia/src/opts/SkBlitRow_opts_arm.cpp', '../third_party/skia/src/opts/SkBlitRow_opts_arm.h', '../third_party/skia/src/opts/opts_check_arm.cpp', + '../third_party/skia/src/opts/memset.arm.S', ], }], [ 'target_arch == "mipsel"',{ --- third_party/webrtc/system_wrappers/source/cpu_features.cc 2013-10-11 19:43:08.000000000 +0200 +++ third_party/webrtc/system_wrappers/source/cpu_features.cc 2013-10-19 18:40:03.806037535 +0200 @@ -18,6 +18,47 @@ #include "webrtc/typedefs.h" +#include <elf.h> +#ifdef __arm__ +#include <fcntl.h> +#include <unistd.h> +#include <linux/auxvec.h> +#include <asm/hwcap.h> +#endif + +#ifdef __arm__ +uint64_t WebRtc_GetCPUFeaturesARM() { + static bool detected = false; + static uint64_t have_neon = 0; + + int fd; + Elf32_auxv_t auxv; + unsigned int hwcaps; + + if (!detected) { + int fd; + Elf32_auxv_t auxv; + unsigned int hwcaps; + + fd = open("/proc/self/auxv", O_RDONLY); + if (fd >= 0) { + while (read(fd, &auxv, sizeof(Elf32_auxv_t)) == sizeof(Elf32_auxv_t)) { + if (auxv.a_type == AT_HWCAP) { + have_neon = (auxv.a_un.a_val & HWCAP_NEON) ? kCPUFeatureNEON : 0; + break; + } + } + close (fd); + } else { + have_neon = 0; + } + detected = true; + } + + return 0 | have_neon; // others here as we need them +} +#endif + // No CPU feature is available => straight C path. int GetCPUInfoNoASM(CPUFeature feature) { (void)feature; ++++++ chromium-fix-arm-icu.patch ++++++ --- third_party/icu/icu.gyp 2013-09-22 19:17:03.283692753 +0200 +++ third_party/icu/icu.gyp 2013-09-22 19:17:03.283692753 +0200 @@ -27,7 +27,7 @@ }], ['(OS=="linux" or OS=="freebsd" or OS=="openbsd" or OS=="solaris" \ or OS=="netbsd" or OS=="mac" or OS=="android") and \ - (target_arch=="arm" or target_arch=="ia32" or \ + (target_arch=="ia32" or \ target_arch=="mipsel")', { 'target_conditions': [ ['_toolset=="host"', { --- native_client/src/trusted/service_runtime/linux/nacl_bootstrap.gyp 2013-10-11 19:35:11.000000000 +0200 +++ native_client/src/trusted/service_runtime/linux/nacl_bootstrap.gyp 2013-10-11 19:35:11.000000000 +0200 @@ -36,6 +36,7 @@ ], 'libraries': [ '-lelf', + '-lgcc_s', ], # This is an ugly kludge because gyp doesn't actually treat # host_arch=x64 target_arch=ia32 as proper cross compilation. ++++++ chromium-fix-arm-sysroot.patch ++++++ --- build/common.gypi 2013-01-09 07:02:00.000000000 -0700 +++ build/common.gypi 2013-01-11 20:09:13.380197474 -0700 @@ -678,7 +678,7 @@ 'linux_use_tcmalloc%': 0, # sysroot needs to be an absolute path otherwise it generates # incorrect results when passed to pkg-config - 'sysroot%': '<!(cd <(DEPTH) && pwd -P)/arm-sysroot', + # 'sysroot%': '<!(cd <(DEPTH) && pwd -P)/arm-sysroot', }], # OS=="linux" and target_arch=="arm" and chromeos==0 ++++++ update_chromium ++++++ --- /var/tmp/diff_new_pack.MKUmBt/_old 2013-11-30 14:20:11.000000000 +0100 +++ /var/tmp/diff_new_pack.MKUmBt/_new 2013-11-30 14:20:11.000000000 +0100 @@ -40,4 +40,4 @@ # Remove and add the new tarballs osc addremove -osc ci -m"New Update" +#osc ci -m"New Update" -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org