%define revision 145807 %define crname chromium-browser %define _crdir %{_libdir}/%{crname} %define _src %{_topdir}/SOURCES %define basever 20.0.1132.43 %define patchver() ([ -f %{_src}/patch-%1-%2.diff.xz ] || exit 1; xz -dc %{_src}/patch-%1-%2.diff.xz|patch -p1); %define subrel 1 Name: chromium-browser-stable Version: 20.0.1132.57 Release: %mkrel 2 Summary: A fast webkit-based web browser Group: Networking/WWW License: BSD, LGPL Source0: chromium-%{basever}.tar.xz Source1: chromium-wrapper Source2: chromium-browser.desktop Patch0: chromium-19.0.1077.3-remove-inline.patch Patch1: chromium-20.0.1132.43-svnversion.patch # Fix build see: http://trac.webkit.org/changeset/116298 Patch2: patch-20.0.1132.47-20.0.1132.57-fix-build.patch Source1000: patch-20.0.1132.43-20.0.1132.47.diff.xz Source1001: patch-20.0.1132.47-20.0.1132.57.diff.xz #Source1001: binary-19.0.1077.3-19.0.1081.2.tar.xz #Source1002: script-19.0.1077.3-19.0.1081.2.sh Provides: %{crname} Conflicts: chromium-browser-unstable Conflicts: chromium-browser-beta Obsoletes: chromium-browser < 1:9.0.597.94 Obsoletes: chromium-browser-unstable < 17.0.963.27 Obsoletes: chromium-browser-beta < 17.0.963.34 BuildRequires: bison, flex, gtk2-devel, atk-devel, libexpat-devel, gperf BuildRequires: nspr-devel, nss-devel, libalsa-devel BuildRequires: glib2-devel, bzip2-devel, zlib-devel, png-devel BuildRequires: jpeg-devel, mesagl-devel, mesaglu-devel BuildRequires: libxscrnsaver-devel, dbus-glib-devel, cups-devel BuildRequires: libgnome-keyring-devel libvpx-devel libxtst-devel BuildRequires: libxslt-devel libxml2-devel libxt-devel pam-devel BuildRequires: libevent-devel libflac-devel pulseaudio-devel BuildRequires: elfutils-devel udev-devel speex-devel yasm libgnutls-devel %description Chromium is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier. This is the stable channel Chromium browser. It offers a rock solid browser which is updated with features and fixes once they have been thoroughly tested. If you want the latest features, install the chromium-browser-unstable package instead. Note: If you are reverting from unstable to stable or beta channel, you may experience tab crashes on startup. This crash only affects tabs restored during the first launch due to a change in how tab state is stored. See http://bugs.chromium.org/34688. It's always a good idea to back up your profile before changing channels. %package -n chromium-browser Summary: A fast webkit-based web browser (transition package) Epoch: 1 Group: Networking/WWW Requires: %{name} = %{version}-%{release} %description -n chromium-browser Chromium is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier. This is a transition package that installs the stable channel Chromium browser. If you prefer the dev channel browser, install the chromium-browser-unstable package instead. %prep %setup -q -n chromium-%{basever} %patch0 -p1 -b .remove-inline %patch1 -p1 -b .svnversion %patch2 -p0 %patchver 20.0.1132.43 20.0.1132.47 %patchver 20.0.1132.47 20.0.1132.57 #tar xvf %{_src}/binary-19.0.1077.3-19.0.1081.2.tar.xz #sh -x %{_src}/script-19.0.1077.3-19.0.1081.2.sh echo "%{revision}" > build/LASTCHANGE.in # Hard code extra version FILE=chrome/common/chrome_version_info_posix.cc sed -i.orig -e 's/getenv("CHROME_VERSION_EXTRA")/"%{product_vendor} %{product_version}"/' $FILE cmp $FILE $FILE.orig && exit 1 %build export GYP_GENERATORS=make build/gyp_chromium --depth=. \ -D linux_sandbox_path=%{_crdir}/chrome-sandbox \ -D linux_sandbox_chrome_path=%{_crdir}/chrome \ -D linux_link_gnome_keyring=0 \ -D use_gconf=0 \ -D werror='' \ -D use_system_sqlite=0 \ -D use_system_libxml=1 \ -D use_system_zlib=1 \ -D use_system_bzip2=1 \ -D use_system_xdg_utils=1 \ -D use_system_yasm=1 \ -D use_system_libpng=1 \ -D use_system_libjpeg=1 \ -D use_system_libevent=1 \ -D use_system_speex=1 \ -D use_system_flac=1 \ -D use_system_vpx=0 \ -D use_system_icu=0 \ %ifarch i586 -D disable_sse2=1 \ -D release_extra_cflags="-march=i586" %endif %ifarch %arm -D target_arch=arm \ -D disable_nacl=1 \ -D linux_use_tcmalloc=0 \ -D armv7=1 \ -D release_extra_cflags="-marm" %endif # Note: DON'T use system sqlite (3.7.3) -- it breaks history search %make chrome chrome_sandbox BUILDTYPE=Release %install rm -rf %{buildroot} mkdir -p %{buildroot}%{_bindir} mkdir -p %{buildroot}%{_crdir}/locales mkdir -p %{buildroot}%{_crdir}/themes mkdir -p %{buildroot}%{_crdir}/default_apps mkdir -p %{buildroot}%{_mandir}/man1 install -m 755 %{_src}/chromium-wrapper %{buildroot}%{_crdir}/ install -m 755 out/Release/chrome %{buildroot}%{_crdir}/ install -m 4755 out/Release/chrome_sandbox %{buildroot}%{_crdir}/chrome-sandbox install -m 644 out/Release/chrome.1 %{buildroot}%{_mandir}/man1/%{crname}.1 install -m 644 out/Release/chrome.pak %{buildroot}%{_crdir}/ install -m 755 out/Release/libffmpegsumo.so %{buildroot}%{_crdir}/ install -m 755 out/Release/libppGoogleNaClPluginChrome.so %{buildroot}%{_crdir}/ install -m 755 out/Release/nacl_helper_bootstrap %{buildroot}%{_crdir}/ install -m 755 out/Release/nacl_helper %{buildroot}%{_crdir}/ install -m 644 out/Release/nacl_irt_*.nexe %{buildroot}%{_crdir}/ install -m 644 out/Release/content_resources.pak %{buildroot}%{_crdir}/ install -m 644 out/Release/theme_resources_standard.pak %{buildroot}%{_crdir}/ install -m 644 out/Release/ui_resources_standard.pak %{buildroot}%{_crdir}/ install -m 644 out/Release/locales/*.pak %{buildroot}%{_crdir}/locales/ install -m 644 out/Release/resources.pak %{buildroot}%{_crdir}/ install -m 644 chrome/browser/resources/default_apps/* %{buildroot}%{_crdir}/default_apps/ ln -s %{_crdir}/chromium-wrapper %{buildroot}%{_bindir}/%{crname} find out/Release/resources/ -name "*.d" -exec rm {} \; cp -r out/Release/resources %{buildroot}%{_crdir} # Strip NaCl IRT %ifarch x86_64 ./native_client/toolchain/linux_x86_newlib/bin/x86_64-nacl-strip %{buildroot}%{_crdir}/nacl_irt_x86_64.nexe %endif %ifarch i586 ./native_client/toolchain/linux_x86_newlib/bin/i686-nacl-strip %{buildroot}%{_crdir}/nacl_irt_x86_32.nexe %endif # desktop file mkdir -p %{buildroot}%{_datadir}/applications install -m 644 %{_src}/%{crname}.desktop %{buildroot}%{_datadir}/applications/ # icon for i in 16 22 24 26 32 48 64 128 256; do mkdir -p %{buildroot}%{_iconsdir}/hicolor/${i}x${i}/apps install -m 644 chrome/app/theme/chromium/product_logo_$i.png \ %{buildroot}%{_iconsdir}/hicolor/${i}x${i}/apps/%{crname}.png done %files -n chromium-browser %files %{_bindir}/%{crname} %{_crdir}/chromium-wrapper %{_crdir}/chrome %{_crdir}/chrome-sandbox %{_crdir}/chrome.pak %{_crdir}/libffmpegsumo.so %{_crdir}/libppGoogleNaClPluginChrome.so %{_crdir}/nacl_helper_bootstrap %{_crdir}/nacl_helper %{_crdir}/nacl_irt_*.nexe %{_crdir}/locales %{_crdir}/resources.pak %{_crdir}/content_resources.pak %{_crdir}/theme_resources_standard.pak %{_crdir}/ui_resources_standard.pak %{_crdir}/resources %{_crdir}/themes %{_crdir}/default_apps %{_mandir}/man1/%{crname}* %{_datadir}/applications/*.desktop %{_iconsdir}/hicolor/*/apps/%{crname}.png %changelog * Fri Jul 13 2012 dmorgan <dmorgan> 20.0.1132.57-2.1.mga1 + Revision: 270499 - new upstream release 20.0.1132.57 (145807) * [129898] High CVE-2012-2842: Use-after-free in counter handling * [130595] High CVE-2012-2843: Use-after-free in layout height tracking * [133450] High CVE-2012-2844: Bad object access with JavaScript in PDF - Fix copying of missing .pak files - New version 20.0.1132.43 - Disable system flac ( fixes build ) - new upstream release 18.0.1025.168 * [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in EUC-JP * [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling * [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment handling * [116398] Medium CVE-2011-3061: SPDY proxy certificate checking error * [116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer * [117417] Low CVE-2011-3063: Validate navigation requests from the renderer more carefully * [117471] High CVE-2011-3064: Use-after-free in SVG clipping * [117588] High CVE-2011-3065: Memory corruption in Skia * [117794] Medium CVE-2011-3057: Invalid read in v8 * fix black screen on Hybrid Graphics system with GPU accelerated compositing enabled (Issue: 117371) * fix CSS not applied to <content> element (Issue: 114667) * fix Regression rendering a div with background gradient and borders (Issue: 113726) * fix Canvas 2D line drawing bug with GPU acceleration (Issue: 121285) * fix Multiple crashes (Issues: 72235, 116825 and 92998) * fix Pop-up dialog is at wrong position (Issue: 116045) * fix HTML Canvas patterns are broken if you change the transformation matrix (Issue: 112165) * fix SSL interstitial error "proceed anyway" / "back to safety" buttons don't work (Issue: 119252) * [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping * [117583] Medium CVE-2011-3067: Cross-origin iframe replacement * [117698] High CVE-2011-3068: Use-after-free in run-in handling * [117728] High CVE-2011-3069: Use-after-free in line box handling * [118185] High CVE-2011-3070: Use-after-free in v8 bindings * [118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement * [118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up window * [118593] High CVE-2011-3073: Use-after-free in SVG resource handling * [119281] Medium CVE-2011-3074: Use-after-free in media handling * [119525] High CVE-2011-3075: Use-after-free applying style command * [120037] High CVE-2011-3076: Use-after-free in focus handling * [120189] Medium CVE-2011-3077: Read-after-free in script bindings * [106413] High CVE-2011-3078: Use after free in floats handling * [117110] High CVE-2012-1521: Use after free in xml parser * [117627] Medium CVE-2011-3079: IPC validation failure * [121726] Medium CVE-2011-3080: Race condition in sandbox IPC * [121899] High CVE-2011-3081: Use after free in floats handling - new upstream release 16.0.912.63 (113337) - security fixes * [81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching. * [95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. * [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser. * [99016] High CVE-2011-3907: URL bar spoofing with view-source. * [100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing. * [101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property array. * [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling. * [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF. * [102359] High CVE-2011-3912: Use-after-free in SVG filters. * [103921] High CVE-2011-3913: Use-after-free in Range handling. * [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling. * [104529] High CVE-2011-3915: Buffer overflow in PDF font handling. * [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross references. * [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher. * [107258] High CVE-2011-3904: Use-after-free in bidi handling. - New version 15.0.874.120 - new upstream release 15.0.874.102 (106587) * [86758] High CVE-2011-2845: URL bar spoof in history handling. * [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. * [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of download filenames. * [91218] Low CVE-2011-3877: XSS in appcache internals page. * [94487] Medium CVE-2011-3878: Race condition in worker process initialization. * [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. * [95992] Low CVE-2011-3880: Don't permit as a HTTP header delimiter. * [96047][96885][98053][99512][99750] High CVE-2011-3881: Cross-origin policy violations. * [96292] High CVE-2011-3882: Use-after-free in media buffer handling. * [96902] High CVE-2011-3883: Use-after-free in counter handling. * [97148] High CVE-2011-3884: Timing issues in DOM traversal. * [97599][98064][98556][99294][99880][100059] High CVE-2011-3885: Stale style bugs leading to use-after-free. * [98773][99167] High CVE-2011-3886: Out of bounds writes in v8. * [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. * [99138] High CVE-2011-3888: Use-after-free with plug-in and editing. * [99211] High CVE-2011-3889: Heap overflow in Web Audio. * [99553] High CVE-2011-3890: Use-after-free in video source handling. * [100332] High CVE-2011-3891: Exposure of internal v8 functions. - Obsolete beta and unstable versions - Fix buildrequires - Use %%subrel - new upstream release 14.0.835.163 (101024) - security fixes: * [49377] High CVE-2011-2835: Race condition in the certificate cache * [57908] Low CVE-2011-2837: Use PIC / pie compiler flags * [75070] Low CVE-2011-2838: Treat MIME type more authoritatively when loading plug-ins * [76771] High CVE-2011-2839: Crash in v8 script object wrappers * [78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with unusual user interaction * [78639] High CVE-2011-2841: Garbage collection error in PDF * [82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers * [85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files * [$1000] [89219] High CVE-2011-2846: Use-after-free in unload event handling * [$1000] [89330] High CVE-2011-2847: Use-after-free in document loader * [89564] Medium CVE-2011-2848: URL bar spoof with forward button * [89795] Low CVE-2011-2849: Browser NULL pointer crash with WebSockets * [89991] Medium CVE-2011-3234: Out-of-bounds read in box handling * [90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer characters * [90173] Medium CVE-2011-2851: Out-of-bounds read in video handling * [91120] High CVE-2011-2852: Off-by-one in v8 * [91197] High CVE-2011-2853: Use-after-free in plug-in handling * [92651] [94800] High CVE-2011-2854: Use-after-free in ruby / table style handing * [92959] High CVE-2011-2855: Stale node in stylesheet handling * [93416] High CVE-2011-2856: Cross-origin bypass in v8 * [93420] High CVE-2011-2857: Use-after-free in focus controller * [93472] High CVE-2011-2834: Double free in libxml XPath handling * [93497] Medium CVE-2011-2859: Incorrect permissions assigned to non-gallery pages * [93587] High CVE-2011-2860: Use-after-free in table style handling * [93596] Medium CVE-2011-2861: Bad string read in PDF * [93906] High CVE-2011-2862: Unintended access to v8 built-in objects * [95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan characters * [95625] Medium CVE-2011-2858: Out-of-bounds read with triangle arrays * [95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a session * [95920] High CVE-2011-2875: Type confusion in v8 object sealing - detailed changelog at http://goo.gl/6B1kT - BuildRequires gnutls-devel, otherwise cups-config fails ( from tvignaud ) - Do not apply P3: Fix build - new upstream release 13.0.782.220 (99552) * revoking trust for SSL certificates issued by DigiNotar-controlled intermediate CAs used by the Dutch PKIoverheid program ( mga # 2581 ) * Wed May 18 2011 tv <tv> 11.0.696.68-1.mga1 + Revision: 99600 - new upstream release 11.0.696.68 (stable) - security fixes * [64046] High CVE-2011-1799: Bad casts in Chromium WebKit glue. * [80608] High CVE-2011-1800: Integer overflows in SVG filters. * Sat May 07 2011 tv <tv> 11.0.696.65-1.mga1 + Revision: 95741 - new upstream release 11.0.696.65 (stable) * Fri Apr 29 2011 tv <tv> 11.0.696.57-1.mga1 + Revision: 93388 - new upstream release 11.0.696.57 (stable) (detailed changelog at http://goo.gl/arI9m) * Fri Apr 15 2011 tv <tv> 10.0.648.205-1.mga1 + Revision: 85803 - new upstream release 10.0.648.205 (stable) (detailed changelog at http://goo.gl/wJg8b) * Wed Apr 06 2011 tv <tv> 10.0.648.204-1.mga1 + Revision: 80981 - new upstream release 10.0.648.204 (stable) - BuildRequires: libevent-devel speex-devel - fix a group * Tue Mar 22 2011 tv <tv> 10.0.648.151-1.mga1 + Revision: 75407 - new upstream release 10.0.648.151 (stable) * blacklist a small number of HTTPS certificates * Wed Mar 16 2011 tv <tv> 10.0.648.133-1.mga1 + Revision: 72787 - imported package chromium-browser-stable * Sat Mar 12 2011 Claudio Matsuoka <claudio@mandriva.com> 10.0.648.133-1mdv2011.0 + Revision: 644042 - new upstream release 10.0.648.133 (stable) * [CVE-2011-1290] fix memory corruption in style handling - check presence of patch files * Fri Mar 11 2011 Claudio Matsuoka <claudio@mandriva.com> 10.0.648.127-2 + Revision: 643848 - apply patches correctly * Wed Mar 09 2011 Claudio Matsuoka <claudio@mandriva.com> 10.0.648.127-1 + Revision: 643105 - new upstream release 10.0.648.127 (stable) * New version of V8 which greatly improves javascript performance * New settings pages that open in a tab, rather than a dialog box * Improved security with malware reporting and disabling outdated plugins by default * Password sync as part of Chrome Sync now enabled by default * GPU Accelerated Video * Background WebApps * webNavigation extension API - annoucement and security fix list: http://goo.gl/PWdBi - move chromium patch 10.0.648.114 from beta channel to stable - move chromium patch 10.0.648.82 from beta channel to stable - move chromium patch 10.0.648.127 from beta channel to stable - move chromium patch 10.0.648.126 from beta channel to stable - move chromium 10.0.648.45 from beta channel to stable - move patch from beta channel to stable - move patch from beta channel to stable * Tue Mar 01 2011 Claudio Matsuoka <claudio@mandriva.com> 9.0.597.107-1 + Revision: 641075 - new upstream release 9.0.597.107 (stable) - contains security fixes, see detais at http://goo.gl/rkTSm - add beta browser to the downgrade notice in spec description * Sat Feb 12 2011 Claudio Matsuoka <claudio@mandriva.com> 9.0.597.98-1 + Revision: 637364 - new upstream version 9.0.597.98 - add conflicts to beta channel browser - add obsoletes entry for old (canary) chromium-browser package * Thu Feb 10 2011 Claudio Matsuoka <claudio@mandriva.com> 9.0.597.94-1 + Revision: 637082 - imported package chromium-browser-stable