- Update to Chromium 38.0.2125.101
This update includes 159 security fixes, including 113 relatively
minor fixes. Highlighted securtiy fixes are:
CVE-2014-3188: A combination of V8 and IPC bugs that can lead to
remote code execution outside of the sandbox
CVE-2014-3189: Out-of-bounds read in PDFium
CVE-2014-3190: Use-after-free in Events
CVE-2014-3191: Use-after-free in Rendering
CVE-2014-3192: Use-after-free in DOM
CVE-2014-3193: Type confusion in Session Management
CVE-2014-3194: Use-after-free in Web Workers
CVE-2014-3195: Information Leak in V8
CVE-2014-3196: Permissions bypass in Windows Sandbox
CVE-2014-3197: Information Leak in XSS Auditor
CVE-2014-3198: Out-of-bounds read in PDFium
CVE-2014-3199: Release Assert in V8 bindings
CVE-2014-3200: Various fixes from internal audits, fuzzing and
other initiatives
- Drop the build of the Native Client. This is actually not a build
as that prebuild binaries are being shipped. Also Google no
longer provides prebuild binaries for the NativeClient for 32bit.
Chromium as webbrowser is not affected by this and it bring
Chromium inline with the regulations that prebuild binaries
should not be shipped.
* toolchaing_linux tarball dropped
* Spec-file cleaned for NaCl stuff
- Added patch no-clang-on-packman.diff to prevent the usage of
clang on packman, which is not supported there