Package in bionic installs unnecessary build artifacts

Bug #1961565 reported by Olivier Tilloy
This bug affects 1 person
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
In Progress
Fix Released
Olivier Tilloy

Bug Description

Not sure when this started happening, but today I noticed while testing chromium-browser 98.0.4758.102-0ubuntu0.18.04.1 that the chromium-browser binary package installs a lot of build artifacts that increase unnecessarily the size of the package.

These artifacts include *.runtime_deps files, as well as binaries such as transport_security_state_generator or protozero_plugin.

Olivier Tilloy (osomon)
Changed in chromium-browser (Ubuntu):
status: New → Invalid
milestone: none → bionic-updates
status: Invalid → Triaged
assignee: nobody → Olivier Tilloy (osomon)
Revision history for this message
Olivier Tilloy (osomon) wrote :

With the following changes:


version 99.0.4844.35 (currently in the beta channel) goes from:

  Download-Size: 84,7 MB
  Installed-Size: 283 MB


  Download-Size: 77,7 MB
  Installed-Size: 250 MB

i.e. a net gain of 7 MB in compressed size, and 33 MB in installed size.

Changed in chromium-browser (Ubuntu):
status: Triaged → In Progress
Changed in chromium-browser (Ubuntu Bionic):
assignee: nobody → Olivier Tilloy (osomon)
Olivier Tilloy (osomon)
Changed in chromium-browser (Ubuntu Bionic):
status: New → Fix Committed
importance: Undecided → Medium
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 99.0.4844.51-0ubuntu0.18.04.1

chromium-browser (99.0.4844.51-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 99.0.4844.51
    - CVE-2022-0789: Heap buffer overflow in ANGLE.
    - CVE-2022-0790: Use after free in Cast UI.
    - CVE-2022-0791: Use after free in Omnibox.
    - CVE-2022-0792: Out of bounds read in ANGLE.
    - CVE-2022-0793: Use after free in Views.
    - CVE-2022-0794: Use after free in WebShare.
    - CVE-2022-0795: Type Confusion in Blink Layout.
    - CVE-2022-0796: Use after free in Media.
    - CVE-2022-0797: Out of bounds memory access in Mojo.
    - CVE-2022-0798: Use after free in MediaStream.
    - CVE-2022-0799: Insufficient policy enforcement in Installer.
    - CVE-2022-0800: Heap buffer overflow in Cast UI.
    - CVE-2022-0801: Inappropriate implementation in HTML parser.
    - CVE-2022-0802: Inappropriate implementation in Full screen mode.
    - CVE-2022-0803: Inappropriate implementation in Permissions.
    - CVE-2022-0804: Inappropriate implementation in Full screen mode.
    - CVE-2022-0805: Use after free in Browser Switcher.
    - CVE-2022-0806: Data leak in Canvas.
    - CVE-2022-0807: Inappropriate implementation in Autofill.
    - CVE-2022-0808: Use after free in Chrome OS Shell.
    - CVE-2022-0809: Out of bounds memory access in WebXR.
  * debian/rules: exclude unnecessary build artifacts (LP: #1961565)
  * debian/patches/arm64-no-pointer-authentication.patch: added
  * debian/patches/build-with-old-libva-missing-defines.patch: refreshed
  * debian/patches/build-with-old-libva-no-av1.patch: refreshed
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/define__libc_malloc.patch: updated
  * debian/patches/gn-no-std-equal_to.patch: added
  * debian/patches/libaom-armhf-build-cpudetect.patch: refreshed
  * debian/patches/revert-sequence-checker-capability-name.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
  * debian/patches/use-clang-versioned.patch: refreshed
  * debian/patches/widevine-enable-version-string.patch: refreshed

 -- Olivier Tilloy <email address hidden> Tue, 01 Mar 2022 21:43:44 +0100

Changed in chromium-browser (Ubuntu Bionic):
status: Fix Committed → Fix Released
Olivier Tilloy (osomon)
Changed in chromium-browser (Ubuntu):
assignee: Olivier Tilloy (osomon) → nobody
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.