* Upstream release 37.0.2062.120:
- CVE-2014-3178: Use-after-free in rendering. Credit to miaubiz.
- CVE-2014-3179: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/rules: Simplify and rearrange.
* debian/rules, debian/known_gyp_flags: Keep better track of known GYP flags,
so we can fail when something changes unexpectedly.
* debian/rules: Fix up patch-translations rule.
Why are changes being made to debian/rules to "Simplify and rearrange" in an LTS update? That's just inviting problems like this. In looking at a side-by-side diff (via meld), it appears that the removal of this line may have been of victim of the referenced rearranging. I attempted to find the packaging source repository, but the one referenced in LP appears to be out dated and did not see a reference to the current one (if there is a public one).
It's not called out specifically in the change log. The existing entries in the change log are very concerning for the 12.04 LTS update:
chromium-browser (37.0.2062. 120-0ubuntu0. 12.04.1~ pkg917) precise-security; urgency=medium
* Release to stage
chromium-browser (37.0.2062. 120-0ubuntu1) UNRELEASED; urgency=low
* Upstream release 37.0.2062.120: known_gyp_ flags: Keep better track of known GYP flags,
- CVE-2014-3178: Use-after-free in rendering. Credit to miaubiz.
- CVE-2014-3179: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/rules: Simplify and rearrange.
* debian/rules, debian/
so we can fail when something changes unexpectedly.
* debian/rules: Fix up patch-translations rule.
Why are changes being made to debian/rules to "Simplify and rearrange" in an LTS update? That's just inviting problems like this. In looking at a side-by-side diff (via meld), it appears that the removal of this line may have been of victim of the referenced rearranging. I attempted to find the packaging source repository, but the one referenced in LP appears to be out dated and did not see a reference to the current one (if there is a public one).