nickel-browser (8.0.552.237~r70801-1jolicloud1) robby-1.1; urgency=low

  [ Benjamin Ryzman ]
  * Always apply the app icon, whatever the tab URL
  * Imported Upstream version 8.0.552.237~r70801

  [ Fabien Tassin ]
  * Imported Debian patch 8.0.552.237~r70801-0ubuntu1~ucd~stable2~lucid

  [ Benjamin Ryzman ]

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Mon, 17 Jan 2011 15:41:56 +0100

chromium-browser (8.0.552.237~r70801-0ubuntu1~ucd~stable2~lucid) lucid; urgency=high

  * New upstream release from the Stable Channel (LP: #702542)
    This release fixes the following security issues:
    - [58053] Medium, Browser crash in extensions notification handling. Credit
      to Eric Roman of the Chromium development community.
    - [65764] High, Bad pointer handling in node iteration. Credit to Sergey
      Glazunov.
    - [66560] High, Stale pointer with CSS + canvas. Credit to Sergey Glazunov.
    - [66748] High, Stale pointer with CSS + cursors. Credit to Jan Tošovský.
    - [67303] High, Bad memory access with mismatched video frame sizes. Credit
      to Aki Helin of OUSPG; plus independent discovery by Google Chrome
      Security Team (SkyLined) and David Warren of CERT.
    - [67363] High, Stale pointer with SVG use element. Credited anonymously;
      plus indepdent discovery by miaubiz.
    - [67393] Medium, Uninitialized pointer in the browser triggered by rogue
      extension. Credit to kuzzcc.
    - [68115] High, Vorbis decoder buffer overflows. Credit to David Warren of
      CERT.
    - [68178] High, Bad cast in anchor handling. Credit to Sergey Glazunov.
    - [68181] High, Bad cast in video handling. Credit to Sergey Glazunov.
    - [68439] High, Stale rendering node after DOM node removal. Credit to
      Martin Barbella; plus independent discovery by Google Chrome Security
      Team (SkyLined).
    - [68666] Critical, Stale pointer in speech handling. Credit to Sergey
      Glazunov.
  * Add the chrome/app/policy/policy_templates.grd template to the list
    of templates translated in Launchpad
    - update debian/rules
  * Add Basque and Galician to the list of supported langs for the lang-packs
    (translations from Launchpad/Rosetta)
    - update debian/rules

 -- Fabien Tassin <fta@ubuntu.com>  Thu, 13 Jan 2011 23:35:52 +0100

nickel-browser (8.0.552.224~r68599-1jolicloud3) robby-1.1; urgency=low

  * Run make in parallel according to number of cores
  * Set desktop window geometry to 24px less than the desktop height
  * Rename jolicloud patch to use underscore, not dash
  * Automatically resize desktop window upon screen geometry change
  * Use same error page for Jolicloud Launcher and Jolicloud Web App

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Thu, 13 Jan 2011 16:37:26 +0100

nickel-browser (8.0.552.224~r68599-1jolicloud1) robby-1.1; urgency=low

  [ Benjamin Ryzman ]
  * Imported Upstream version 8.0.552.224~r68599

  [ Fabien Tassin ]
  * Imported Debian patch 8.0.552.224~r68599-0ubuntu1~ucd~stable1~lucid

  [ Jeremy Selier ]
  * Detect that url is in host and not in the callback.

  [ Benjamin Ryzman ]
  * Fix weird patch error

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Mon, 20 Dec 2010 16:09:02 +0100

chromium-browser (8.0.552.224~r68599-0ubuntu1) natty; urgency=high

  * New upstream release from the Stable Channel (LP: #689849)
    This release fixes the following security issues:
    - [64-bit Linux only] [56449] High Bad validation for message
      deserialization on 64-bit builds. Credit to Lei Zhang of the Chromium
      development community.
    - [60761] Medium, Bad extension can cause browser crash in tab handling.
      Credit to kuzzcc.
    - [63529] Low, Browser crash with NULL pointer in web worker handling.
      Credit to Nathan Weizenbaum of Google.
    - [63866] Medium, Out-of-bounds read in CSS parsing. Credit to Chris Rohlf.
    - [64959] High, Stale pointers in cursor handling. Credit to Sławomir
      Błażek and Sergey Glazunov.
  * Don't build with PIE on Natty/armel, for the same reason as for Maverick
    - update debian/rules

 -- Fabien Tassin <fta@ubuntu.com>  Mon, 13 Dec 2010 21:21:39 +0100

chromium-browser (8.0.552.215~r67652-0ubuntu1) natty; urgency=high

  * New upstream Major release from the Stable Channel (LP: #684502), also
    fixing the following security issues:
    - [17655] Low, Possible pop-up blocker bypass. Credit to Google Chrome
      Security Team (SkyLined).
    - [55745] Medium, Cross-origin video theft with canvas. Credit to Nirankush
      Panchbhai and Microsoft Vulnerability Research (MSVR).
    - [56237] Low, Browser crash with HTML5 databases. Credit to Google Chrome
      Security Team (Inferno).
    - [58319] Low, Prevent excessive file dialogs, possibly leading to browser
      crash. Credit to Cezary Tomczak (gosu.pl).
    - [59554] High, Use after free in history handling. Credit to Stefan
      Troger.
    - [59817] Medium, Make sure the “dangerous file types” list is uptodate
      with the Windows platforms. Credit to Billy Rios of the Google Security
      Team.
    - [61701] Low, Browser crash with HTTP proxy authentication. Credit to
      Mohammed Bouhlel.
    - [61653] Medium, Out-of-bounds read regression in WebM video support.
      Credit to Google Chrome Security Team (Chris Evans), based on earlier
      testcases from Mozilla and Microsoft (MSVR).
    - [62127] High, Crash due to bad indexing with malformed video. Credit to
      miaubiz.
    - [62168] Medium, Possible browser memory corruption via malicious
      privileged extension. Credit to kuzzcc.
    - [62401] High, Use after free with SVG animations. Credit to Sławomir
      Błażek.
    - [63051] Medium, Use after free in mouse dragging event handling. Credit
      to kuzzcc.
    - [63444] High, Double free in XPath handling. Credit to Yang Dingning from
      NCNIPC, Graduate University of Chinese Academy of Sciences.
  * Work-around a gcc 4.5 miscompilation bug causing regression in the
    omnibar, breaking searches (LP: #664584)
    - add debian/patches/gcc-4.5-build-workaround.patch
    - update debian/patches/series
  * Automatically merge Launchpad translations with the upstream grit files and
    produce patches in the source tarball. Apply those patches at build time
    during configure
    - update debian/rules
  * Add x-scheme-handler/http and x-scheme-handler/https to the MimeType
    entry of the desktop file (needed on Natty where handlers are no longer
    searched for in gconf)
    - update debian/chromium-browser.desktop

 -- Fabien Tassin <fta@ubuntu.com>  Thu, 02 Dec 2010 20:32:06 +0100

nickel-browser (8.0.552.200~r65749-1jolicloud2) robby-1.1; urgency=low

  [ Benjamin Ryzman ]
  * Imported Upstream version 8.0.552.200~r65749

  [ Fabien Tassin ]
  * Imported Debian patch 8.0.552.200~r65749-0ubuntu1~ucd~beta1~lucid

  [ Benjamin Ryzman ]
  * fix jolicloud_use_liberation_fonts.patch
  * fix jolicloud_set_app_icon_from_desktop_file.patch

  [ Adam McDaniel ]
  * Ran 'quilt refresh' on existing patch series
  * Corrected 'jolicloud_add_desktop_mode' patch to be compatible with
    Chromium v8

  [ Benjamin Ryzman ]
  * fix jolicloud_add_desktop_mode.patch
  * fix jolicloud_set_app_icon_from_desktop_file.patch

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Wed, 24 Nov 2010 15:55:30 +0100

chromium-browser (7.0.517.44~r64615-0ubuntu1) natty; urgency=high

  * New upstream Major release from the Stable Channel (LP: #671420), also
    fixing the following security issues:
    - [51602] High, Use-after-free in text editing. Credit to David Bloom of
      the Google Security Team, Google Chrome Security Team (Inferno) and
      Google Chrome Security Team (Cris Neckar).
    - [55257] High, Memory corruption with enormous text area. Credit to wushi
      of team509.
    - [58657] High, Bad cast with the SVG use element. Credit to the kuzzcc.
    - [58731] High, Invalid memory read in XPath handling. Credit to Bui Quang
      Minh from Bkis (www.bkis.com).
    - [58741] High, Use-after-free in text control selections. Credit to
      “vkouchna”.
    - [59320] High, Integer overflows in font handling. Credit to Aki Helin of
      OUSPG.
    - [60055] High, Memory corruption in libvpx. Credit to Christoph Diehl.
    - [60238] High, Bad use of destroyed frame object. Credit to various
      developers, including “gundlach”.
    - [60327] [60769] [61255] High, Type confusions with event objects. Credit
      to “fam.lam” and Google Chrome Security Team (Inferno).
    - [60688] High, Out-of-bounds array access in SVG handling. Credit to wushi
      of team509.
  * Work-around a gcc 4.5 miscompilation bug causing a regression in the
    omnibar, breaking searches (LP: #664584)
    - add debian/patches/gcc-4.5-build-workaround.patch
    - update debian/patches/series

 -- Fabien Tassin <fta@ubuntu.com>  Thu, 04 Nov 2010 20:53:09 +0100

nickel-browser (7.0.517.41~r62167-1jolicloud3) robby-1.1; urgency=low

  [ Benjamin Ryzman ]
  * Imported Upstream version 7.0.517.36~r61761

  [ Fabien Tassin ]
  * Imported Debian patch 7.0.517.36~r61761-0ubuntu1~ucd~beta1~lucid

  [ Benjamin Ryzman ]
  * Update jolicloud_user_agent_extension.patch
  * Update jolicloud_use_default_buttons.patch
  * Update jolicloud_set_app_icon_from_desktop_file.patch
  * Update jolicloud_add_desktop_mode.patch
  * Recommend google-talkplugin to ease installation
  * Imported Upstream version 7.0.517.41~r62167

  [ Fabien Tassin ]
  * Imported Debian patch 7.0.517.41~r62167-0ubuntu1~ucd~beta3~lucid

  [ Benjamin Ryzman ]
  * Fix fullscreen issue

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Wed, 27 Oct 2010 12:36:40 +0200

chromium-browser (7.0.517.41~r62167-0ubuntu1~ucd~beta3~lucid) lucid; urgency=low

  * New upstream Major release from the Stable Channel (LP: #663523), also
    fixing the following security issues:
    - [48225] [51727] Medium, Possible autofill / autocomplete profile
      spamming. Credit to Google Chrome Security Team (Inferno).
    - [48857] High, Crash with forms. Credit to the Chromium development
      community.
    - [50428] Critical, Browser crash with form autofill. Credit to the
      Chromium development community.
    - [51680] High, Possible URL spoofing on page unload. Credit to kuzzcc;
      plus independent discovery by Jordi Chancel.
    - [53002] Low, Pop-up block bypass. Credit to kuzzcc.
    - [53985] Medium, Crash on shutdown with Web Sockets. Credit to the
      Chromium development community.
    - [54132] Low, Bad construction of PATH variable. Credit to Dan Rosenberg,
      Virtual Security Research.
    - [54500] High, Possible memory corruption with animated GIF. Credit to
      Simon Schaak.
    - [54794] High, Failure to sandbox worker processes on Linux. Credit to
      Google Chrome Security Team (Chris Evans).
    - [56451] High, Stale elements in an element map. Credit to Michal Zalewski
      of the Google Security Team.
  * Drop the -fno-tree-sink workaround for the armel gcc inlining bug now that the
    strict-aliasing issue in dtoa has been fixed
    - drop debian/patches/no_tree_sink_v8.patch
    - update debian/patches/series
  * Drop the xdg-mime patch now that we catched up with v7
    - drop debian/patches/xdg-utils-update.patch
  * Disable -Werror when building with gcc 4.5 until 
    http://code.google.com/p/chromium/issues/detail?id=49533 gets fixed
    - update debian/rules
  * Fix the apport hook crash when the use_system key is unset (LP: #660579)
    - update debian/apport/chromium-browser.py

 -- Fabien Tassin <fta@ubuntu.com>  Tue, 19 Oct 2010 22:36:19 +0200

chromium-browser (6.0.472.63~r59945-0ubuntu2) maverick; urgency=low

  * Fix the default browser selection on KDE4 by bringing in a fresher
    xdg-mime (See http://crbug.com/18106) and ship it in the main deb
    - add debian/patches/xdg-utils-update.patch
    - update debian/chromium-browser.install
  * Set CHROME_DESKTOP in the wrapper to help the default browser
    checker (LP: #513133)
    - update debian/chromium-browser.sh.in

 -- Fabien Tassin <fta@ubuntu.com>  Wed, 29 Sep 2010 20:40:05 +0200

chromium-browser (6.0.472.63~r59945-0ubuntu1) maverick; urgency=low

  * New upstream release from the Stable Channel
  * Set CHROME_WRAPPER to the real name of the wrapper now that upstream
    use its value
    - update debian/chromium-browser.sh.in
  * Add some apport hooks adding useful information to the bugs
    - add debian/apport/chromium-browser.py
    - update debian/chromium-browser.install
  * Update the Desktop translations for ast/ca/pt_BR
    - update debian/chromium-browser.desktop

 -- Fabien Tassin <fta@ubuntu.com>  Fri, 24 Sep 2010 07:54:08 +0200

chromium-browser (6.0.472.62~r59676-0ubuntu1) maverick; urgency=high

  * New upstream release from the Stable Channel (LP: #641699)
    This release fixes the following security issues:
    - [55114] High, Bad cast with malformed SVG. Credit to wushi of team 509.
    - [55119] Critical, Buffer mismanagement in the SPDY protocol. Credit to
      Mike Belshe of the Chromium development community.
    - [55350] High, Cross-origin property pollution. Credit to Stefano Di Paola
      of MindedSecurity.
  * Add some translations for the "Name" field in the desktop file, and fix
    some "Comment" / "GenericName". Thanks to the Ubuntu translation team.
    See https://wiki.ubuntu.com/Translations/Wanted/ChromiumDesktop to
    contribute more translations (LP: #631670)

 -- Fabien Tassin <fta@ubuntu.com>  Fri, 17 Sep 2010 22:25:54 +0200

chromium-browser (6.0.472.59~r59126-0ubuntu1) maverick; urgency=low

  * New upstream release from the Stable Channel (LP: #638736)
    This release fixes the following security issues:
    - [50250] High, Use-after-free when using document APIs during parse.
      Credit to David Weston of Microsoft + Microsoft Vulnerability Research
      (MSVR) and wushi of team 509 (independent discoveries).
    - [50712] High, Use-after-free in SVG styles. Credit to kuzzcc.
    - [51252] High, Use-after-free with nested SVG elements. Credit to kuzzcc.
    - [51709] Low, Possible browser assert in cursor handling. Credit to
      “magnusmorton”.
    - [51919] High, Race condition in console handling. Credit to kuzzcc.
    - [53176] Low, Unlikely browser crash in pop-up blocking. Credit to kuzzcc.
    - [53394] High, Memory corruption in Geolocation. Credit to kuzzcc.
    - [53930] High, Memory corruption in Khmer handling. Credit to Google
      Chrome Security Team (Chris Evans).
    - [54006] Low, Failure to prompt for extension history access. Credit to
      “adriennefelt”.
  * Don't build with PIE on armel for now, it fails to link.
    - update debian/rules

 -- Fabien Tassin <fta@ubuntu.com>  Wed, 15 Sep 2010 07:20:49 +0200

chromium-browser (6.0.472.55~r58392-0ubuntu1) maverick; urgency=low

  * New upstream release from the Stable Channel (LP: #635949)
    This release fixes the following issues/regressions:
    - [51727] [52940] Failures when using autocomplete
    - [10913] Default search engine settings wiped out
    - [1906] Shift reload not working
  * Build with the Hardening Wrapper (to gain PIE), adding another layer of
    protection (See https://wiki.ubuntu.com/Security/HardeningWrapper)
    - update debian/control
    - update debian/rules
  * On Armel, when checking for armv7, also test for Maverick version
    - update debian/rules

 -- Fabien Tassin <fta@ubuntu.com>  Wed, 08 Sep 2010 09:12:35 +0200

chromium-browser (6.0.472.53~r57914-0ubuntu1) maverick; urgency=low

  * New upstream release from the Stable Channel (LP: #628924)
    This release fixes the following security issues:
    - [34414] Low, Pop-up blocker bypass with blank frame target. Credit to
      Google Chrome Security Team (Inferno) and “ironfist99”.
    - [37201] Medium, URL bar visual spoofing with homographic sequences.
      Credit to Chris Weber of Casaba Security.
    - [41654] Medium, Apply more restrictions on setting clipboard content.
      Credit to Brook Novak.
    - [45659] High, Stale pointer with SVG filters. Credit to Tavis Ormandy of
      the Google Security Team.
    - [45876] Medium, Possible installed extension enumeration. Credit to
      Lostmon.
    - [46750] [51846] Low, Browser NULL crash with WebSockets. Credit to Google
      Chrome Security Team (SkyLined), Google Chrome Security Team (Justin Schuh)
      and Keith Campbell.
    - [50386] High, Use-after-free in Notifications presenter. Credit to Sergey
      Glazunov.
    - [50839] High, Notification permissions memory corruption. Credit to
      Michal Zalewski of the Google Security Team and Google Chrome Security
      Team (SkyLined).
    - [51630] [51739] High, Integer errors in WebSockets. Credit to Keith
      Campbell and Google Chrome Security Team (Cris Neckar).
    - [51653] High, Memory corruption with counter nodes. Credit to kuzzcc.
    - [51727] Low, Avoid storing excessive autocomplete entries. Credit to
      Google Chrome Security Team (Inferno).
    - [52443] High, Stale pointer in focus handling. Credit to VUPEN
      Vulnerability Research Team (VUPEN-SR-2010-249).
    - [52682] High, Sandbox parameter deserialization error. Credit to Ashutosh
      Mehra and Vineet Batra of the Adobe Reader Sandbox Team.
    - [53001] Medium, Cross-origin image theft. Credit to Isaac Dawson.
  * Enable all codecs for HTML5 in Chromium, depending on which ffmpeg sumo lib
    is installed, the set of usable codecs (at runtime) will still vary.
    This is now done by setting proprietary_codecs=1 so we can drop our patch
    - update debian/rules
    - drop debian/patches/html5_video_mimetypes.patch
    - update debian/patches/series
  * Bump the Dependencies on chromium-codecs-ffmpeg to >= 0.6, needed for the new API
    - update debian/control
  * Add "libcups2-dev | libcupsys2-dev" (the latter for Hardy) to Build-Depends.
    This is needed for Cloud Printing
    - update debian/control
  * Add libppapi_tests.so and linker.lock to INSTALL_EXCLUDE_FILES and
    DumpRenderTree_resources/ to INSTALL_EXCLUDE_DIRS
    - update debian/rules
  * Install resources.pak in the main deb, and remove all resources/ accordingly
    - update debian/chromium-browser.install
  * Add libgnome-keyring-dev to Build-Depends. This is needed for the GNOME
    Keyring and KWallet integration. See http://crbug.com/12351
    - update debian/control
  * Ship empty policy dirs (for now) in /etc/chromium-browser/policies
    - update debian/rules
    - update debian/chromium-browser.dirs
  * Bump build-deps for gyp to >= 0.1~svn837
    - update debian/control
  * Drop the icedtea6-plugin workaround, it's no longer needed and it may cause
    troubles when the default xulrunner contains older nss/nspr libs
    - update debian/chromium-browser.sh.in

 -- Fabien Tassin <fta@ubuntu.com>  Thu, 02 Sep 2010 17:03:41 +0200

nickel-browser (6.0.472.36~r55963-1jolicloud4) robby; urgency=low

  [ Romain Huet ]
  * Update the custom error page patch to change button styles

 -- Andrew Stormont <andy@jolicloud.org>  Fri, 08 Oct 2010 12:28:58 +0200

nickel-browser (6.0.472.36~r55963-1jolicloud3) robby; urgency=low

  [ Jeremy Selier ]
  * Update to reflect the fact that we are now building on 1.1

 -- Andrew Stormont <andy@jolicloud.org>  Thu, 30 Sep 2010 09:28:26 +0200

nickel-browser (6.0.472.36~r55963-1jolicloud2) robby; urgency=low

  [ Jeremy Selier ]
  * Adapt layout for smaller screens.

 -- Andrew Stormont <andy@jolicloud.org>  Wed, 29 Sep 2010 14:04:29 +0200

nickel-browser (6.0.472.36~r55963-1jolicloud1) robby; urgency=low

  [ Jeremy Selier ]
  * Update the custom net error page.
  * Update image to fix a typo.

  [ Andrew Stormont ]
  * Patch: Use default nickel buttons with gtk theme

 -- Andrew Stormont <andy@jolicloud.org>  Mon, 27 Sep 2010 14:30:53 +0200

nickel-browser (6.0.472.36~r55963-1jolicloud0) robby; urgency=low

  [ Benjamin Ryzman ]
  * Imported Upstream version 6.0.472.36~r55963

  [ Fabien Tassin ]
  * Imported Debian patch 6.0.472.36~r55963-0ubuntu1~ucd1~jaunty

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Wed, 18 Aug 2010 09:37:13 +0200

chromium-browser (6.0.472.36~r55963-0ubuntu1~ucd1~jaunty) jaunty; urgency=low

  * New upstream release from the Stable Channel

 -- Fabien Tassin <fta@ubuntu.com>  Tue, 17 Aug 2010 08:44:32 +0200

nickel-browser (6.0.472.33~r55501-1jolicloud0) robby; urgency=low

  [ Benjamin Ryzman ]
  * Imported Upstream version 6.0.472.33~r55501

  [ Fabien Tassin ]
  * Imported Debian patch 6.0.472.33~r55501-0ubuntu1~ucd1~jaunty

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Mon, 16 Aug 2010 11:08:05 +0200

chromium-browser (5.0.375.127~r55887-0ubuntu1) maverick; urgency=low

  * New upstream release from the Stable Channel (LP: #622823)
    This release fixes the following security issues:
    - [45400] Critical, Memory corruption with file dialog. Credit to Sergey
      Glazunov.
    - [49596] High, Memory corruption with SVGs. Credit to wushi of team509.
    - [49628] High, Bad cast with text editing. Credit to wushi of team509.
    - [49964] High, Possible address bar spoofing with history bug. Credit to
      Mike Taylor.
    - [50515] [51835] High, Memory corruption in MIME type handling. Credit to
      Sergey Glazunov.
    - [50553] Critical, Crash on shutdown due to notifications bug. Credit to
      Sergey Glazunov.
    - [51146] Medium, Stop omnibox autosuggest if the user might be about to
      type a password. Credit to Robert Hansen.
    - [51654] High, Memory corruption with Ruby support. Credit to kuzzcc.
    - [51670] High, Memory corruption with Geolocation support. Credit to
      kuzzcc.
  * Add the xul libdir to LD_LIBRARY_PATH in the wrapper to help icedtea6-plugin
    (LP: #529242). This is needed at least for openjdk-6 6b18.
    - update debian/chromium-browser.sh
  * No longer use tar --lzma in get-orig-source now that it silently uses xz
    (since tar 1.23-2) which is not available in the backports. Use "tar | lzma"
    instead so the embedded tarball is always a lzma file
    - update debian/rules
  * Tweak the user agent to include Chromium and the Distro's name and version.
    - add debian/patches/chromium_useragent.patch.in
    - update debian/patches/series
    - update debian/rules
  * Fix a typo in the subst_files rule
    - update debian/rules
  * Fix a gyp file that triggers an error with newer gyp (because of dead code)
    - add debian/patches/drop_unused_rules_to_please_newer_gyp.patch
    - update debian/patches/series
  * Bump gyp Build-Depends to >= 0.1~svn810 to match upstream requirement
    - update debian/control

 -- Fabien Tassin <fta@ubuntu.com>  Sat, 14 Aug 2010 00:37:12 +0200

nickel-browser (5.0.375.125~r53311-1jolicloud1) robby; urgency=low

  [ Benjamin Ryzman ]
  * Imported Upstream version 5.0.375.125~r53311

  [ Fabien Tassin ]
  * Imported Debian patch 5.0.375.125~r53311-0ubuntu2~ucd2~jaunty

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Mon, 02 Aug 2010 15:38:28 +0200

chromium-browser (5.0.375.125~r53311-0ubuntu1) maverick; urgency=low

  * New upstream release from the Stable Channel (LP: #612109)
    This release fixes the following security issues:
    - [42736] Medium Memory contents disclosure in layout code. Credit to
      Michail Nikolaev.
    - [43813] High Issue with large canvases. Credit to sp3x of
      SecurityReason.com.
    - [47866] High Memory corruption in rendering code. Credit to Jose A.
      Vazquez.
    - [48284] High Memory corruption in SVG handling. Credit to Aki Helin of
      OUSPG.
    - [48597] Low Avoid hostname truncation and incorrect eliding. Credit to
      Google Chrome Security Team (Inferno).
  * lsb_release is slow so try to source the static file /etc/lsb-release
    instead, and fallback to lsb_release if we didn't get the information we need
    for about:version (LP: #608253). Thanks to pitti for the idea.
    - update debian/chromium-browser.sh.in

 -- Fabien Tassin <fta@ubuntu.com>  Tue, 27 Jul 2010 12:03:40 +0200

nickel-browser (5.0.375.99~r51029-1jolicloud5) robby; urgency=low

  [ Adam McDaniel ]
  * Set desktop window-manager class and disable resizing in desktop
    mode
  * Patch to inhibit the resize problem in desktop-mode Nickel

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Mon, 02 Aug 2010 13:34:29 +0200

nickel-browser (5.0.375.99~r51029-1jolicloud4) robby; urgency=low

  * recommends localization package instead of merely suggesting it
  * revert "mark nickel-browser as an essential package"

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Mon, 19 Jul 2010 17:04:43 +0200

nickel-browser (5.0.375.99~r51029-1jolicloud3) robby; urgency=low

  * mark nickel-browser as an essential package

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Tue, 13 Jul 2010 13:01:39 +0200

nickel-browser (5.0.375.99~r51029-1jolicloud2) robby; urgency=low

  * Customize neterror page

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Mon, 12 Jul 2010 13:10:45 +0200

nickel-browser (5.0.375.99~r51029-1jolicloud1) robby; urgency=low

  [ Benjamin Ryzman ]
  * Imported Upstream version 5.0.375.99~r51029

  [ Fabien Tassin ]
  * Imported Debian patch 5.0.375.99~r51029-0ubuntu1~ucd1~jaunty

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Sat, 03 Jul 2010 10:59:02 +0200

chromium-browser (5.0.375.99~r51029-0ubuntu1) maverick; urgency=low

  * New upstream release from the Stable Channel (LP: #602142)
    This release fixes the following security issues:
    - [42396] Low OOB read with WebGL. Credit to Sergey Glazunov; Google Chrome
      Security Team (SkyLined). 
    - [42575] [42980] Medium Isolate sandboxed iframes more strongly. Credit to
      sirdarckcat of Google Security Team.
    - [43488] High Memory corruption with invalid SVGs. Credit to Aki Hekin of
      OUSPG; wushi of team509.
    - [44424] High Memory corruption in bidi algorithm. Credit to wushi of
      team509.
    - [45164] Low Crash with invalid image. Credit to Jose A. Vazquez.
    - [45983] High Memory corruption with invalid PNG (libpng bug). Credit to
      Aki Helin of OUSPG.
    - [46360] High Memory corruption in CSS style rendering. Credit to wushi of
      team509.
    - [46575] Low Annoyance with print dialogs. Credit to Mats Ahlgren.
    - [47056] Low Crash with modal dialogs. Credit to Aki Helin of OUSPG.

 -- Fabien Tassin <fta@ubuntu.com>  Fri, 02 Jul 2010 01:05:06 +0200

nickel-browser (5.0.375.86~r49890-1jolicloud2) robby; urgency=low

  * extend User Agent string to allow detection of Jolicloud by the
    launcher

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Mon, 28 Jun 2010 16:50:37 +0200

nickel-browser (5.0.375.86~r49890-1jolicloud1) robby; urgency=low

  [ Benjamin Ryzman ]
  * Imported Upstream version 5.0.375.86~r49890

  [ Fabien Tassin ]
  * Imported Debian patch 5.0.375.86~r49890-0ubuntu1~ucd2~jaunty

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Fri, 25 Jun 2010 16:27:23 +0200

chromium-browser (5.0.375.86~r49890-0ubuntu1) maverick; urgency=low

  * New upstream release from the Stable Channel (LP: #598913)
    Fixes the following security issues:
    - [38105] Medium XSS via application/json response (regression). Credit to
      Ben Davis for original discovery and Emanuele Gentili for regression
      discovery.
    - [43322] Medium Memory error in video handling. Credit to Mark Dowd under
      contract to Google Chrome Security Team.
    - [43967] High Subresource displayed in omnibox loading. Credit to Michal
      Zalewski of Google Security Team.
    - [45267] High Memory error in video handling. Credit to Google Chrome
      Security Team (Cris Neckar).
    - [46126] High Stale pointer in x509-user-cert response. Credit to Rodrigo
      Marcos of SECFORCE.
  * Drop the XLIB_SKIP_ARGB_VISUALS workaround now that the rgba patch has
    been backed off from gtk2 (LP: #584959)
    - update debian/chromium-browser.sh
  * Show in about:version and in the About UI when chromium is running on a different
    distribution that it has been built on
    - udpate debian/rules
    - rename and update debian/chromium-browser.sh => debian/chromium-browser.sh.in

 -- Fabien Tassin <fta@ubuntu.com>  Fri, 25 Jun 2010 02:05:06 +0200

nickel-browser (5.0.375.70~r48679-1jolicloud5-j2.5) robby; urgency=low

  * Imported Debian patch 5.0.375.70~r48679-0ubuntu2~ucd5~jaunty

 -- Fabien Tassin <fta@ubuntu.com>  Wed, 23 Jun 2010 12:18:56 +0200

chromium-browser (5.0.375.70~r48679-0ubuntu2~ucd5~jaunty) jaunty; urgency=low

  * Refresh list of languages in the -l10n package
    - update debian/control
  * Stop building and running the testsuite. The builders restricted env
    makes the results mostly unusable in an automated way and resources to
    manually exploit them are not available
    - update debian/control
    - update debian/rules
  * Remove duplicates of the main copyright file in order to save space on the CD
    - update debian/rules
  * Add support for the Ambiance/Radiance and Dust themes button ordering by
    reading the gconf pref (LP: #568307)
    (thanks to Giuseppe Iuculano for importing the patch from trunk)
    - add debian/patches/gtk-ambiance.patch
    - update debian/patches/series

 -- Fabien Tassin <fta@ubuntu.com>  Sat, 12 Jun 2010 12:27:42 +0200

nickel-browser (5.0.375.70~r48679-1jolicloud4) robby; urgency=low

  * Do not run default browser check when running in desktop-mode
  * Allow the desktop browser to close gracefully if a process signal
    was sent.

 -- Adam McDaniel <adam@jolicloud.org>  Tue, 15 Jun 2010 13:13:42 +0200

nickel-browser (5.0.375.70~r48679-1jolicloud3) robby; urgency=low

  * Disable features FEATURE_TITLEBAR and FEATURE_DOWNLOADSHELF if
    desktop mode enabled
  * Set the package source format to "3.0 (native)"

 -- Adam McDaniel <adam@jolicloud.org>  Sun, 13 Jun 2010 19:29:38 +0200

nickel-browser (5.0.375.70~r48679-1jolicloud2) robby; urgency=low

  * Removed references to chromium-testsuite in debian/control
  * Added --desktop switch to use a Chromium URL as the X desktop

 -- Adam McDaniel <adam@jolicloud.org>  Fri, 11 Jun 2010 14:40:49 +0200

nickel-browser (5.0.375.70~r48679-1jolicloud1) robby; urgency=low

  * Imported Upstream version 5.0.375.70~r48679
  * Imported Debian patch 5.0.375.70~r48679-0ubuntu1~ucd1~jaunty

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Mon, 07 Jun 2010 17:43:04 +0200

chromium-browser (5.0.375.70~r48679-0ubuntu1) maverick; urgency=low

  * New upstream release from the Stable Channel (LP: #591474)
    Fixes the following security issues:
    - [15766] Medium Cross-origin keystroke redirection. Credit to Michal
      Zalewski of Google Security Team.
    - [39985] High Cross-origin bypass in DOM methods. Credit to Sergey
      Glazunov.
    - [42723] High Memory error in table layout. Credit to wushi of team509.
    - [43304] High Linux sandbox escape. Credit to Mark Dowd under contract to
      Google Chrome Security Team.
    - [43307] High Bitmap stale pointer. Credit to Mark Dowd under contract to
      Google Chrome Security Team.
    - [43315] High Memory corruption in DOM node normalization. Credit to Mark
      Dowd under contract to Google Chrome Security Team.
    - [43487] High Memory corruption in text transforms. Credit to wushi of
      team509.
    - [43902] Medium XSS in innerHTML property of textarea. Credit to
      sirdarckcat of Google Security Team.
    - [44740] High Memory corruption in font handling. Credit: Apple.
    - [44868] High Geolocation events fire after document deletion. Credit to
      Google Chrome Security Team (Justin Schuh).
    - [44955] High Memory corruption in rendering of list markers. Credit:
      Apple.
  * Add a --temp-profile knob to the launcher script starting Chromium with
    a new profile which will last only for the duration of the session
    - update debian/chromium-browser.sh
  * Change StartupWMClass to Chromium-browser in the desktop launcher so
    cairo-dock does the right thing (LP: #587664)
    - update debian/chromium-browser.desktop
  * Set XLIB_SKIP_ARGB_VISUALS=1 in the wrapper to prevent flash from dying
    with a Gdk-ERROR when gtk2 is built with RGBA support (like in Maverick).
    (LP: #584959)
    - update debian/chromium-browser.sh
  * Unbreak get-orig-source when it needs to drop its cache after a channel jump
    (replace brace expansion - which is a bashism - with proper $(wildcard))
    - update debian/rules

 -- Fabien Tassin <fta@ubuntu.com>  Wed, 09 Jun 2010 07:30:50 +0200

chromium-browser (5.0.375.55~r47796-0ubuntu1) maverick; urgency=low

  * New upstream release from the Stable Channel (at last!)
    - Some minor crash and stability fixes
    - Fixed a regression so that incognito zoom changes are no longer
      remembered (Issue: 43107)

 -- Fabien Tassin <fta@ubuntu.com>  Sat, 22 May 2010 17:09:00 +0200

chromium-browser (5.0.375.38~r46659-0ubuntu1) maverick; urgency=low

  * New upstream release from the Beta Channel
    - Some crash and stability fixes
    - Localization refresh of the strings

 -- Fabien Tassin <fta@ubuntu.com>  Tue, 11 May 2010 10:23:45 +0200

nickel-browser (5.0.375.55~r47796-1jolicloud1) robby; urgency=low

  * Imported Upstream version 5.0.375.55~r47796
  * Imported Debian patch 5.0.375.55~r47796-0ubuntu1~ucd1~jaunty

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Tue, 01 Jun 2010 10:47:13 +0200

chromium-browser (5.0.375.55~r47796-0ubuntu1~ucd1~jaunty) jaunty; urgency=low

  * New upstream snapshot

 -- Fabien Tassin <fta@ubuntu.com>  Sat, 22 May 2010 17:09:00 +0200


nickel-browser (5.0.375.38~r46659-1jolicloud1) robby; urgency=low

  * Imported Upstream version 5.0.375.38~r46659
  * Imported Debian patch 5.0.375.38~r46659-0ubuntu1~ucd1~jaunty

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Fri, 14 May 2010 16:12:38 +0200

chromium-browser (5.0.375.38~r46659-0ubuntu1~ucd1~jaunty) jaunty; urgency=low

  * New upstream snapshot

 -- Fabien Tassin <fta@ubuntu.com>  Tue, 11 May 2010 10:23:45 +0200

nickel-browser (5.0.375.29~r46008-1jolicloud2) robby; urgency=low

  * Allow localhost websocket connection
  * Fix inspector dependency

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Wed, 12 May 2010 17:51:09 +0200

nickel-browser (5.0.375.29~r46008-1jolicloud1) robby; urgency=low

  * Imported Upstream version 5.0.375.29~r46008
  * Imported Debian patch 5.0.375.29~r46008-0ubuntu1~ucd1~jaunty
  * fix rejected patch due to new upstream release

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Wed, 05 May 2010 19:16:50 +0200

chromium-browser (5.0.375.29~r46008-0ubuntu1~ucd1~jaunty) jaunty; urgency=low

  * New upstream release from the Beta Channel
    - HTML5 Features: Geolocation, App Cache, web sockets, file drag-and-drop.
    - V8 performance improvements
    - Preferences synchronization
    - NaCl behind a flag
  * Disable DLOG and DCHECK (like it is done in Chrome). This should improve
    performances.
    - add debian/patches/disable_dlog_and_dcheck_in_release_builds.patch
    - update debian/patches/series
  * Build with build_ffmpegsumo=0 instead of use_system_ffmpeg=1 (which
    now means something else)
    - update debian/rules
  * Install resources/{bookmark_manager,shared,net_internals} in the main deb
    - update debian/chromium-browser.install
  * Introduce a enable_sse2 flag in the gyp rules and set it to 0
    - update debian/patches/drop_sse2.patch => debian/patches/add_enable_sse2_flag.patch
    - update debian/patches/series
    - update debian/rules
  * Add app_unittests_strings and resources/{calendar_app,docs_app,gmail_app}
    to INSTALL_EXCLUDE_DIRS
    - update debian/rules
  * Add xdg-utils to Depends (LP: #568984)
    - update debian/control
  * Add a gnome-www-browser alternative (LP: #571103)
    - update debian/chromium-browser.{postinst,prerm}

 -- Fabien Tassin <fta@ubuntu.com>  Tue, 04 May 2010 17:00:02 +0200

nickel-browser (5.0.342.9~r43360-1jolicloud3) robby; urgency=low

  * Change CHROME_VERSION_EXTRA to refer to Jolicloud

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Thu, 22 Apr 2010 18:21:31 +0200

nickel-browser (5.0.342.9~r43360-1jolicloud2) robby; urgency=low

  * Change default homepage to http://www.jolicloud.com/start
  * Use GTK theme by default
  * use Liberation font family

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Wed, 21 Apr 2010 13:50:04 +0200

nickel-browser (5.0.342.9~r43360-1jolicloud1) robby; urgency=low

  * Imported Upstream version 5.0.342.9~r43360
  * Imported Debian patch 5.0.342.9~r43360-0ubuntu1~ucd1~jaunty

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Mon, 12 Apr 2010 11:45:40 +0200

chromium-browser (5.0.342.9~r43360-0ubuntu1~ucd1~jaunty) jaunty; urgency=low

  * New upstream snapshot

 -- Fabien Tassin <fta@ubuntu.com>  Wed, 05 May 2010 00:43:15 +0200

chromium-browser (5.0.342.9~r43360-0ubuntu2) lucid; urgency=low

  [ Fabien Tassin <fta@ubuntu.com> ]
  * Mention 'Chrome' in the main package description (LP: #561667)
    - update debian/control
  * When 'gclient update' fails, clear up the cache and retry. This helps
    the channels updates often failing with a "Can't switch the checkout" error
    - update debian/rules

  [ Chris Coulson <chris.coulson@canonical.com> ]
  * Update the default search URL
    - update debian/rules

 -- Fabien Tassin <fta@ubuntu.com>  Fri, 16 Apr 2010 17:36:29 +0200

chromium-browser (5.0.342.9~r43360-0ubuntu1) lucid; urgency=low

  * New upstream release from the Beta Channel
    - Fix extensions installer where some extensions cannot be installed
      (issue 38220)
  * Don't build with system zlib on Intrepid/Jaunty (needed to unbreak the
    backports). See http://crbug.com/38073
    - update debian/rules

 -- Fabien Tassin <fta@ubuntu.com>  Wed, 07 Apr 2010 21:02:55 +0200

nickel-browser (5.0.342.7~r42476-1jolicloud1) robby; urgency=low

  * Imported Upstream version 5.0.342.7~r42476
  * Imported Debian patch 5.0.342.7~r42476-0ubuntu2~ucd3~jaunty

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Mon, 29 Mar 2010 17:50:23 +0200

chromium-browser (5.0.342.7~r42476-0ubuntu2~ucd3~jaunty) jaunty; urgency=low

  * New upstream snapshot

 -- Fabien Tassin <fta@ubuntu.com>  Mon, 29 Mar 2010 08:43:55 +0200

chromium-browser (5.0.342.7~r42476-0ubuntu1) lucid; urgency=low

  * New upstream release from the Beta Channel
    - fix an issue with Google SSL sites failing with 'error 107
      (net::ERR_SSL_PROTOCOL_ERROR)' (issue 37722)
    - Automatic translations and greater control over content for privacy
    - Really, really reload. A normal reload causes the browser to check with
      the server before reusing its cached content.  The server can decide
      whether or not the browser should use its cached content.  A force reload
      causes the browser to ignore its cached content and ask the server for a
      fresh copy of the page. Use Shift+Reload to force a reload.
  * Add libdbus-glib-1-dev to Build-Depends
    - update debian/control
  * Move third_party/gles2_book from STRIPPED_DIRS to ALMOST_STRIPPED_DIRS
    as we now need its gyp file (but nothing else)
    - update debian/rules
  * Bump gyp requirement to >= 0.1~svn795, it's needed for the new syntax
    - update debian/control
  * Add 'timestats' to INSTALL_EXCLUDE_FILES
    - update debian/rules
  * Import translations and mime-types from the upstream desktop file
    Thanks to Julien Lavergne <gilir@ubuntu.com> (LP: #538664)
    - update debian/chromium-browser.desktop
  * Import the free SVG logo from the Chromium website and install it
    in /usr/share/icons/hicolor/scalable/apps (LP: #528640)
    - add debian/chromium-browser.svg
    - update debian/rules
  * Move chromium-browser-inspector to Depends, it breaks some features
    when it's not installed
    - update debian/control
  * Rename chromium-codecs-ffmpeg-nonfree into chromium-codecs-ffmpeg-extra
    and move the two codecs back to Depends (LP: #537617, #513776)
    - update debian/control
 
 -- Fabien Tassin <fta@ubuntu.com>  Thu, 25 Mar 2010 08:22:40 +0100

nickel-browser (5.0.307.11~r39572-1jolicloud6) robby; urgency=low

  * Fix netbook-launcher icon

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Mon, 22 Mar 2010 19:02:11 +0100

nickel-browser (5.0.307.11~r39572-1jolicloud5) robby; urgency=low

  * Enable "Set as default browser" setting to stick
  * New nickel icon

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Mon, 22 Mar 2010 15:28:08 +0100

nickel-browser (5.0.307.11~r39572-1jolicloud4) robby; urgency=low

  * set max default size to 1024x576
  * Enable first run importer in Apps

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Wed, 17 Mar 2010 16:27:17 +0100

nickel-browser (5.0.307.11~r39572-1jolicloud3) robby; urgency=low

  * Fix icon for external links

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Tue, 16 Mar 2010 20:41:29 +0100

nickel-browser (5.0.307.11~r39572-1jolicloud2) robby; urgency=low

  * Share profile with Google Chrome

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Fri, 12 Mar 2010 10:27:51 +0100

nickel-browser (5.0.307.11~r39572-1jolicloud1) robby; urgency=low

  * Use correct webapp icon for new webapp instances

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Thu, 11 Mar 2010 12:26:59 +0100

nickel-browser (5.0.307.11~r39572-0ubuntu1~ucd1~robby) robby; urgency=low

  * force concurrency, don't build tests
  * Provides jolicloud-webapps-engine
  * Patch to use .desktop icon file provided by -app-id command line
    switch
  * Rename Chromium to Nickel

 -- Benjamin Ryzman <benjamin@jolicloud.org>  Wed, 03 Mar 2010 23:21:59 +0100


chromium-browser (5.0.307.11~r39572-0ubuntu1) lucid; urgency=low

  * New upstream release from the Beta Channel
    - Fixed an issue where an error resolving a proxy server would not try a
      direct connection. (Issue 32316)
    - Fixed an extensions bug that could crash the entire browser. (Issue 34778)
    - Fixed an issue in the cross-site scripting auditor that could prevent
      Google translate from working on sites. (Issue 33115)

 -- Fabien Tassin <fta@ubuntu.com>  Sat, 27 Feb 2010 17:07:23 +0100

chromium-browser (5.0.307.9~r39052-0ubuntu1) lucid; urgency=low

  * New upstream release from the Beta Channel
    - Fixed a tab crash that could be triggered by visiting wordpress.com,
      http://acid3.acidtests.org/, and many other sites. (Issue 35498)
    - Fixed a tab crash in image loading. (Issue 32230)
    - Improved font bolding for fonts without native bold. (Issue 22360)
  * Bump gyp Build-Depends to >= 0.1~svn785
    - update debian/control
  * Add --no-circular-check to gyp_chromium to prevent gyp from failing
    - update debian/rules

 -- Fabien Tassin <fta@ubuntu.com>  Thu, 18 Feb 2010 00:20:07 +0100

chromium-browser (5.0.307.7~r38400+0-0ubuntu1) lucid; urgency=low

  * Disable WANT_SYSTEM_LIBS since it makes Gmail/GCal crash (libxml,
    libxslt, ..). See http://crbug.com/34725 (LP: #522078)
    - update debian/rules

 -- Fabien Tassin <fta@ubuntu.com>  Mon, 15 Feb 2010 12:17:07 +0100

chromium-browser (5.0.307.7~r38400-0ubuntu1) lucid; urgency=low

  * New upstream release from the Beta Channel
  * Re-add the -l10n strict version dependency on chromium-browser
    - update debian/control

 -- Fabien Tassin <fta@ubuntu.com>  Fri, 12 Feb 2010 22:00:39 +0100

chromium-browser (5.0.307.5~r37950+0-0ubuntu1) lucid; urgency=low

  * Drop third_party/libxml from STRIPPED_SYSTEM_LIB_DIRS
    - update debian/rules

 -- Fabien Tassin <fta@ubuntu.com>  Wed, 10 Feb 2010 18:46:55 +0100

chromium-browser (5.0.307.5~r37950-0ubuntu1) lucid; urgency=low

  * Add libxss-dev to Build-Depends, the new browser sync engine needs
    X11/extensions/scrnsaver.h
    - update debian/control
  * Add a safety net to get-orig-source when fetching sources for a channel
    - update debian/rules

 -- Fabien Tassin <fta@ubuntu.com>  Tue, 09 Feb 2010 17:07:18 +0100

chromium-browser (4.0.305.0~svn20100123r36929-0ubuntu1) lucid; urgency=low

  [ Fabien Tassin <fta@ubuntu.com> ]
  * Initial release. (Closes: #520324, LP: #387765)

  [ Alexander Sack <asac@ubuntu.com> ]
  * extensive license review; see copyright and copyright.problems;
    also see debian/licensecheck.pl for details how the copyright files are
    generated
  * address archive-admin comments:
    + add "Paul Hsieh's Public Domain Option" license snippet and mark
      net/disk_cache/hash.cc to be govered by that; recreate copyright*
      - add debian/licenses/LICENSE.Paul Hsieh's Public Domain Option
      - update debian/licensecheck.pl
      - update debian/copyright
      - update debian/copyright.problems

 -- Fabien Tassin <fta@ubuntu.com>  Tue, 26 Jan 2010 17:43:19 +0100
