Hello community,
here is the log from the commit of package chromium for openSUSE:Factory checked in at 2016-03-08 09:39:07
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/chromium (Old)
and /work/SRC/openSUSE:Factory/.chromium.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium"
Changes:
--------
--- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2016-02-23 16:58:57.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.chromium.new/chromium.changes 2016-03-08 10:18:19.000000000 +0100
@@ -1,0 +2,24 @@
+Fri Mar 4 10:49:51 UTC 2016 - tittiatcoke@gmail.com
+
+- Update to Chromium 49.0.2623.75
+ * 26 security fixes, with the most important ones being:
+ - CVE-2016-1630: Same-origin bypass in Blink
+ - CVE-2016-1631: Same-origin bypass in Pepper Plugin
+ - CVE-2016-1632: Bad cast in Extensions
+ - CVE-2016-1633: Use-after-free in Blink
+ - CVE-2016-1634: Use-after-free in Blink
+ - CVE-2016-1635: Use-after-free in Blink
+ - CVE-2016-1636: SRI Validation Bypass
+ - CVE-2015-8126: Out-of-bounds access in libpng
+ - CVE-2016-1637: Information Leak in Skia
+ - CVE-2016-1638: WebAPI Bypass
+ - CVE-2016-1639: Use-after-free in WebRTC
+ - CVE-2016-1640: Origin confusion in Extensions UI
+ - CVE-2016-1641: Use-after-free in Favicon
+ - CVE-2016-1642: Various fixes from internal audits, fuzzing
+ and other initiatives
+ - Multiple vulnerabilities in V8 fixed at the tip of the 4.9
+ branch (currently 4.9.385.26)
+ (boo#969333)
+
+-------------------------------------------------------------------
Old:
----
chromium-48.0.2564.116.tar.xz
New:
----
chromium-49.0.2623.75.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ chromium.spec ++++++
--- /var/tmp/diff_new_pack.Ev35zQ/_old 2016-03-08 10:18:32.000000000 +0100
+++ /var/tmp/diff_new_pack.Ev35zQ/_new 2016-03-08 10:18:32.000000000 +0100
@@ -18,7 +18,7 @@
%define chromium_no_dlopen 1
Name: chromium
-Version: 48.0.2564.116
+Version: 49.0.2623.75
Release: 0
Summary: Google's opens source browser project
License: BSD-3-Clause and LGPL-2.1+
@@ -94,6 +94,7 @@
BuildRequires: libgsm
BuildRequires: libgsm-devel
BuildRequires: libjack-devel
+BuildRequires: libjpeg-devel
BuildRequires: libogg-devel
BuildRequires: liboil-devel >= 0.3.15
BuildRequires: libopenssl-devel
@@ -141,6 +142,7 @@
BuildRequires: pkgconfig(xscrnsaver)
BuildRequires: pkgconfig(xt)
BuildRequires: pkgconfig(xtst)
+BuildRequires: pkgconfig(libffi)
Requires: alsa
Requires: ffmpegsumo
Requires: hicolor-icon-theme
@@ -279,6 +281,7 @@
-Denable_hotwording=0
-Duse_system_ffmpeg=0
-Dbuild_ffmpegsumo=1
+ -Duse_system_libjpeg=1
-Dproprietary_codecs=1
-Dremove_webcore_debug_symbols=1
-Dlogging_like_official_build=1
@@ -314,7 +317,8 @@
myconf+=" -Darm_float_abi=hard"
%endif
-myconf+=" -Dclang=0"
+myconf+=" -Dclang=0
+ -Duse_sysroot=0"
%if 0%{?chromium_no_dlopen}
myconf+=" -Duse_pulseaudio=1
++++++ adjust-ldflags-no-keep-memory.patch ++++++
--- /var/tmp/diff_new_pack.Ev35zQ/_old 2016-03-08 10:18:32.000000000 +0100
+++ /var/tmp/diff_new_pack.Ev35zQ/_new 2016-03-08 10:18:32.000000000 +0100
@@ -1,8 +1,8 @@
--- chrome/chrome_exe.gypi.ldflags 2012-06-28 09:02:24.000000000 -0400
+++ chrome/chrome_exe.gypi 2012-07-06 15:46:13.008003437 -0400
-@@ -75,6 +75,14 @@
- 'app/signature_validator_win.cc',
- 'app/signature_validator_win.h',
+@@ -76,6 +76,14 @@
+ 'app/main_dll_loader_win.cc',
+ 'app/main_dll_loader_win.h',
],
+ # Hey, I know what would be an awesome idea.
+ # Let us statically compile EVERYTHING into one giant
++++++ chromium-48.0.2564.116.tar.xz -> chromium-49.0.2623.75.tar.xz ++++++
/work/SRC/openSUSE:Factory/chromium/chromium-48.0.2564.116.tar.xz /work/SRC/openSUSE:Factory/.chromium.new/chromium-49.0.2623.75.tar.xz differ: char 26, line 1
++++++ chromium-gcc-fixes.patch ++++++
--- /var/tmp/diff_new_pack.Ev35zQ/_old 2016-03-08 10:18:32.000000000 +0100
+++ /var/tmp/diff_new_pack.Ev35zQ/_new 2016-03-08 10:18:32.000000000 +0100
@@ -1,20 +1,8 @@
-Index: chromium/src/base/debug/stack_trace.h
-===================================================================
---- base/debug/stack_trace.h
-+++ base/debug/stack_trace.h
-@@ -5,6 +5,7 @@
- #ifndef BASE_DEBUG_STACK_TRACE_H_
- #define BASE_DEBUG_STACK_TRACE_H_
-
-+#include