6.0.472.63~r59945 -> 7.0.517.41~r62167 upgrade
Bug #663523 reported by
Fabien Tassin
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
chromium-browser (Ubuntu) |
Fix Released
|
High
|
Fabien Tassin | ||
Lucid |
Fix Released
|
High
|
Unassigned | ||
Maverick |
Fix Released
|
High
|
Unassigned | ||
Natty |
Fix Released
|
High
|
Fabien Tassin |
Bug Description
Binary package hint: chromium-browser
Upstream just released a new Major (stable) release, also fixing a bunch ofsecurity issues.
See http://
Needed in natty, maverick and lucid.
Changed in chromium-browser (Ubuntu Natty): | |
assignee: | nobody → Fabien Tassin (fta) |
importance: | Undecided → High |
status: | New → In Progress |
To post a comment you must log in.
This bug was fixed in the package chromium-browser - 7.0.517. 41~r62167- 0ubuntu1
--------------- 41~r62167- 0ubuntu1) natty; urgency=high
chromium-browser (7.0.517.
* New upstream Major release from the Stable Channel (LP: #663523), also patches/ no_tree_ sink_v8. patch patches/ series patches/ xdg-utils- update. patch code.google. com/p/chromium/ issues/ detail? id=49533 gets fixed apport/ chromium- browser. py
fixing the following security issues:
- [48225] [51727] Medium, Possible autofill / autocomplete profile
spamming. Credit to Google Chrome Security Team (Inferno).
- [48857] High, Crash with forms. Credit to the Chromium development
community.
- [50428] Critical, Browser crash with form autofill. Credit to the
Chromium development community.
- [51680] High, Possible URL spoofing on page unload. Credit to kuzzcc;
plus independent discovery by Jordi Chancel.
- [53002] Low, Pop-up block bypass. Credit to kuzzcc.
- [53985] Medium, Crash on shutdown with Web Sockets. Credit to the
Chromium development community.
- [54132] Low, Bad construction of PATH variable. Credit to Dan Rosenberg,
Virtual Security Research.
- [54500] High, Possible memory corruption with animated GIF. Credit to
Simon Schaak.
- [54794] High, Failure to sandbox worker processes on Linux. Credit to
Google Chrome Security Team (Chris Evans).
- [56451] High, Stale elements in an element map. Credit to Michal Zalewski
of the Google Security Team.
* Drop the -fno-tree-sink workaround for the armel gcc inlining bug now that the
strict-aliasing issue in dtoa has been fixed
- drop debian/
- update debian/
* Drop the xdg-mime patch now that we catched up with v7
- drop debian/
* Disable -Werror when building with gcc 4.5 until
http://
- update debian/rules
* Fix the apport hook crash when the use_system key is unset (LP: #660579)
- update debian/
-- Fabien Tassin <email address hidden> Tue, 19 Oct 2010 22:36:19 +0200