Change log for chromium-browser package in Debian
| 151 → 225 of 294 results | First • Previous • Next • Last |
chromium-browser (38.0.2125.101-2) unstable; urgency=medium * Disable HiDPI (closes: #764883). * Fix conffile handling (closes: #764769). * Correct icon installation logic (closes: #764828). * Use embedded protobuf code copy (closes: #764911). * Support larger set of html5 video formats again (closes: #764793). -- Michael Gilbert <email address hidden> Sun, 12 Oct 2014 21:34:26 +0000
chromium-browser (38.0.2125.101-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2014-3188: A special thanks to Jüri Aedla for a combination of V8
and IPC bugs that can lead to remote code execution outside of the
sandbox.
- CVE-2014-3189: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
- High CVE-2014-3190: Use-after-free in Events. Credit to cloudfuzzer,
Chen Zhang.
- CVE-2014-3191: Use-after-free in Rendering. Credit to cloudfuzzer.
- CVE-2014-3192: Use-after-free in DOM. Credit to cloudfuzzer.
- CVE-2014-3193: Type confusion in Session Management. Credit to miaubiz.
- CVE-2014-3194: Use-after-free in Web Workers. Credit to Collin Payne.
- CVE-2014-3195: Information Leak in V8. Credit to Jüri Aedla.
- CVE-2014-3196: Permissions bypass in Windows Sandbox. Credit to James
Forshaw.
- CVE-2014-3197: Information Leak in XSS Auditor. Credit to Takeshi
Terada.
- CVE-2014-3198: Out-of-bounds read in PDFium. Credit to Atte Kettunen.
- CVE-2014-3199: Release Assert in V8 bindings. Credit to Collin Payne.
- CVE-2014-3200: Various fixes from internal audits, fuzzing and other
initiatives (Chrome 38).
- Improved support for HiDPI displays (closes: #763421).
* Add libgnome-keyring-dev build dependency (closes: #764548).
* Install desktop file and icons again (closes: #764373).
* Correctly handle old conffiles (closes: #764180).
-- Michael Gilbert <email address hidden> Fri, 10 Oct 2014 00:49:02 +0000
| Superseded in sid-release |
chromium-browser (37.0.2062.120-4) unstable; urgency=medium * Merge changes from the experimental branch. * Install chromium menu entry (closes: #752855). * Use /etc/chromium.d for preferences (closes: #762574). -- Michael Gilbert <email address hidden> Sun, 28 Sep 2014 17:39:41 +0000
| Superseded in sid-release |
chromium-browser (37.0.2062.120-3) unstable; urgency=medium * Build with clang 3.5. * Enable support for HiDPI displays (closes: #763421). * Document debian-specific command-line options (closes: #755401). -- Michael Gilbert <email address hidden> Sun, 28 Sep 2014 17:39:41 +0000
chromium-browser (37.0.2062.120-2) unstable; urgency=medium * Build with clang instead of gcc. * Add libexif-dev build dependency. -- Michael Gilbert <email address hidden> Sun, 21 Sep 2014 22:57:11 +0000
| Superseded in sid-release |
chromium-browser (37.0.2062.120-1) unstable; urgency=medium
* New upstream stable release (closes: #761090):
- CVE-2014-3160: Same-Origin-Policy bypass in SVG. Credit to Christian
Schneider.
- CVE-2014-3162: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3165: Use-after-free in web sockets. Credit to Collin Payne.
- CVE-2014-3166: Information disclosure in SPDY. Credit to Antoine
Delignat-Lavaud.
- CVE-2014-3167: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3168: Use-after-free in SVG. Credit to cloudfuzzer.
- CVE-2014-3169: Use-after-free in DOM. Credit to Andrzej Dyjak.
- CVE-2014-3170: Extension permission dialog spoofing. Credit to Rob Wu.
- CVE-2014-3171: Use-after-free in bindings. Credit to cloudfuzzer.
- CVE-2014-3172: Issue related to extension debugging. Credit to Eli Grey.
- CVE-2014-3173: Uninitialized memory read in WebGL. Credit to jmuizelaar.
- CVE-2014-3174: Uninitialized memory read in Web Audio. Credit to Atte
Kettunen from OUSPG.
- CVE-2014-3175: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3176: A special reward to lokihardt@asrt for a combination of
bugs in V8, IPC, sync, and extensions that can lead to remote code
execution outside of the sandbox.
- CVE-2014-3177: A special reward to lokihardt@asrt for a combination of
bugs in V8, IPC, sync, and extensions that can lead to remote code
execution outside of the sandbox.
- CVE-2014-3178: Use-after-free in rendering. Credit to miaubiz.
- CVE-2014-3179: Various fixes from internal audits, fuzzing and other
initiatives.
- Fixes segfault in angle with gcc 4.9 (closes: #751652).
- Includes an embedded pdf viewer (closes: #667591).
* Use pristine upstream that doesn't have pre-built nacl (closes: #753761).
* Correct webbrowser spelling in the desktop file (closes: #758143).
* Remove leftover conffiles (closes: #751848).
* Build using gcc 4.9 (closes: #754182).
-- Michael Gilbert <email address hidden> Wed, 13 Aug 2014 22:56:16 +0000
| Deleted in experimental-release (Reason: None provided.) |
chromium-browser (36.0.1985.125-0) experimental; urgency=medium * New upstream beta release. * Disable Google API keys warning. * Remove more files from the upstream tarball. -- Michael Gilbert <email address hidden> Wed, 16 Jul 2014 00:49:19 +0000
| Deleted in experimental-release (Reason: None provided.) |
chromium-browser (36.0.1985.103-1) experimental; urgency=medium * New upstream beta release. * Remove android folders. -- Michael Gilbert <email address hidden> Sat, 12 Jul 2014 21:38:26 +0000
| Superseded in wheezy-release |
chromium-browser (35.0.1916.153-1~deb7u1) stable-security; urgency=high
* New upstream stable release:
- CVE-2014-3154: Use-after-free in filesystem api. Credit to Collin Payne.
- CVE-2014-3155: Out-of-bounds read in SPDY. Credit to James March, Daniel
Sommermann and Alan Frindell of Facebook.
- CVE-2014-3156: Buffer overflow in clipboard. Credit to Atte Kettunen.
- CVE-2014-3157: Heap overflow in media.
* Don't set sse2 compiler flags on i386 (closes: #750361).
-- Michael Gilbert <email address hidden> Fri, 13 Jun 2014 04:15:39 +0000
| Superseded in experimental-release |
chromium-browser (36.0.1985.98-1) experimental; urgency=medium * New upstream beta release. * Remove more files from the upstream tarball. -- Michael Gilbert <email address hidden> Sun, 06 Jul 2014 04:05:56 +0000
| Superseded in experimental-release |
chromium-browser (36.0.1985.97-1) experimental; urgency=medium * New upstream beta release. * Use system srtp, modpbase64, zlib, and minizip. * Remove srtp files from the upstream tarball (closes: #753826). -- Michael Gilbert <email address hidden> Sun, 06 Jul 2014 00:06:57 +0000
| Superseded in experimental-release |
chromium-browser (36.0.1985.84-1) experimental; urgency=medium * New upstream beta release. * Remove more files from the upstream tarball. -- Michael Gilbert <email address hidden> Sat, 21 Jun 2014 23:41:14 +0000
| Superseded in experimental-release |
chromium-browser (36.0.1985.67-1) experimental; urgency=medium * New upstream beta release. * More verbose linking output. * Fix unwanted output (closes: #751359). * More robust fix for older processors (closes: #750361). -- Michael Gilbert <email address hidden> Wed, 18 Jun 2014 00:18:47 +0000
chromium-browser (35.0.1916.153-2) unstable; urgency=medium * Avoid gcc 4.9 (closes: #751294) -- Michael Gilbert <email address hidden> Thu, 12 Jun 2014 01:11:09 +0000
chromium-browser (35.0.1916.153-1) unstable; urgency=high
* New upstream stable release:
- CVE-2014-3154: Use-after-free in filesystem api. Credit to Collin Payne.
- CVE-2014-3155: Out-of-bounds read in SPDY. Credit to James March, Daniel
Sommermann and Alan Frindell of Facebook.
- CVE-2014-3156: Buffer overflow in clipboard. Credit to Atte Kettunen.
- CVE-2014-3157: Heap overflow in media.
* Don't set sse2 compiler flags on i386 (closes: #750361).
* Prefer libgcrypt11 (closes: #750304).
-- Michael Gilbert <email address hidden> Wed, 11 Jun 2014 02:31:22 +0000
| Superseded in experimental-release |
chromium-browser (36.0.1985.49-1) experimental; urgency=medium * New upstream beta release. * Remove more files from the upstream tarball. -- Michael Gilbert <email address hidden> Sun, 08 Jun 2014 01:49:51 +0000
| Superseded in experimental-release |
chromium-browser (36.0.1985.36-1) experimental; urgency=medium * Use system libre2. * Remove more files from the upstream tarball. * Don't set sse2 compiler flags on i386 (closes: #750361). -- Michael Gilbert <email address hidden> Sat, 07 Jun 2014 22:00:14 +0000
| Superseded in experimental-release |
chromium-browser (36.0.1985.35-1) experimental; urgency=medium * Remove more files from the upstream tarball. * Only include TODO.Debian once (closes: #750568). -- Michael Gilbert <email address hidden> Thu, 05 Jun 2014 20:21:28 +0000
| Superseded in experimental-release |
chromium-browser (36.0.1985.32-1) experimental; urgency=medium * New upstream beta release. * Add icon to menu entry (closes: #703307). * Remove third_party/wtl (closes: #647529). * Update package descriptions (closes: #749673). -- Michael Gilbert <email address hidden> Sat, 31 May 2014 19:05:32 +0000
chromium-browser (35.0.1916.114-2) unstable; urgency=medium
* Add flags to avoid memory exhaustion while linking on i386
(closes: #746034).
-- Michael Gilbert <email address hidden> Tue, 27 May 2014 03:09:00 +0000
| Superseded in experimental-release |
chromium-browser (36.0.1985.18-2) experimental; urgency=medium * Add libexif-dev build dependency. * Add flags to avoid memory exhaustion while linking on i386. -- Michael Gilbert <email address hidden> Mon, 26 May 2014 23:43:25 +0000
| Superseded in experimental-release |
chromium-browser (36.0.1985.18-1) experimental; urgency=medium
* New upstream beta release.
* Build with gcc 4.9.
* Rebuild the packaging from scratch using the "lite" upstream packages,
ninja instead of make, debhelper 9 instead of cdbs, and simplified
debian/rules.
* Use system versions of icu, png, jpeg, opus, snappy, and jsoncpp.
* No longer provide get-current-source rule (closes: #585814).
* Add a README.debian document with information about chromium-inspector
and command-line flags (closes: #629505, #649812).
* Add protobuf-compiler, ninja-build, bison, and gperf build dependencies
(closes: #748673).
-- Michael Gilbert <email address hidden> Sun, 25 May 2014 03:39:39 +0000
| Superseded in sid-release |
chromium-browser (35.0.1916.114-1) unstable; urgency=high
* New upstream stable release:
- CVE-2014-1743: Use-after-free in styles. Credit to cloudfuzzer.
- CVE-2014-1744: Integer overflow in audio. Credit to Aaron Staple.
- CVE-2014-1745: Use-after-free in SVG. Credit to Atte Kettunen.
- CVE-2014-1746: Out-of-bounds read in media filters. Credit to
Holger Fuhrmannek.
- CVE-2014-1747: UXSS with local MHTML file. Credit to packagesu.
- CVE-2014-1748: UI spoofing with scrollbar. Credit to Jordan Milne.
- CVE-2014-1749: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3152: Integer underflow in V8 fixed in version 3.25.28.16.
-- Michael Gilbert <email address hidden> Wed, 21 May 2014 23:15:51 +0000
| Superseded in experimental-release |
chromium-browser (35.0.1916.99-1) experimental; urgency=medium * New upstream beta release. * Remove more upstream files. -- Michael Gilbert <email address hidden> Mon, 12 May 2014 02:27:32 +0000
| Superseded in sid-release |
chromium-browser (34.0.1847.137-1) unstable; urgency=medium
* New upstream stable release:
- High CVE-2014-1740: Use-after-free in WebSockets. Credit to Collin
Payne.
- High CVE-2014-1741: Integer overflow in DOM ranges. Credit to John
Butler.
- High CVE-2014-1742: Use-after-free in editing. Credit to cloudfuzzer.
-- Michael Gilbert <email address hidden> Sat, 17 May 2014 13:06:30 +0000
| Superseded in experimental-release |
chromium-browser (35.0.1916.86-1) experimental; urgency=medium
* New upstream beta release.
* Rebuild the packaging from scratch using the "lite" upstream packages,
ninja instead of make, debhelper 9 instead of cdbs, and simplified
debian/rules.
* Use system versions of icu, png, jpeg, opus, snappy, and jsoncpp.
* Fix capitalization in package descriptions (closes: #741270).
* Update package descriptions (closes: #650171).
-- Michael Gilbert <email address hidden> Thu, 08 May 2014 01:01:44 +0000
| Superseded in sid-release |
chromium-browser (34.0.1847.132-1) unstable; urgency=medium
* New upstream stable release:
- High CVE-2014-1730: Type confusion in V8. Credit to Anonymous.
- High CVE-2014-1731: Type confusion in DOM. Credit to John Butler.
- High CVE-2014-1736: Integer overflow in V8. Credit to SkyLined working
with HP's Zero Day Initiative
- Medium CVE-2014-1732: Use-after-free in Speech Recognition. Credit to
Khalil Zhani
- Medium CVE-2014-1733: Compiler bug in Seccomp-BPF. Credit to Jed Davis
- CVE-2014-1734: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-1735: Multiple vulnerabilities in V8 fixed in version
3.24.35.33.
* Add libkrb5-dev build-dependency (closes: #745794).
* Remove non-free file (closes: #745397).
-- Michael Gilbert <email address hidden> Sat, 26 Apr 2014 18:03:53 +0000
| Superseded in wheezy-release |
| Deleted in jessie-release (Reason: None provided.) |
| Superseded in sid-release |
chromium-browser (34.0.1847.116-1~deb7u1) stable-security; urgency=high
* New upstream stable release:
- High CVE-2014-1716: UXSS in V8. Credit to Anonymous.
- High CVE-2014-1717: OOB access in V8. Credit to Anonymous.
- High CVE-2014-1718: Integer overflow in compositor. Credit to Aaron
Staple.
- High CVE-2014-1719: Use-after-free in web workers. Credit to Collin
Payne.
- High CVE-2014-1720: Use-after-free in DOM. Credit to cloudfuzzer.
- High CVE-2014-1721: Memory corruption in V8. Credit to Christian Holler.
- High CVE-2014-1722: Use-after-free in rendering. Credit to miaubiz.
- High CVE-2014-1723: Url confusion with RTL characters. Credit to George
McBay.
- High CVE-2014-1724: Use-after-free in speech. Credit to Atte Kettunen.
- Medium CVE-2014-1725: OOB read with window property. Credit to
Anonymous.
- Medium CVE-2014-1726: Local cross-origin bypass. Credit to Jann Horn.
- Medium CVE-2014-1727: Use-after-free in forms. Credit to Khalil Zhani.
- CVE-2014-1728: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-1729: Multiple vulnerabilities in V8 fixed in version
3.24.35.22.
-- Michael Gilbert <email address hidden> Tue, 15 Apr 2014 01:02:54 +0000
| Superseded in sid-release |
chromium-browser (34.0.1847.116-2) unstable; urgency=medium * Add libgcrypt build-dependency. -- Michael Gilbert <email address hidden> Tue, 15 Apr 2014 00:22:36 +0000
| Superseded in sid-release |
chromium-browser (34.0.1847.116-1) unstable; urgency=high
* New upstream stable release:
- High CVE-2014-1716: UXSS in V8. Credit to Anonymous.
- High CVE-2014-1717: OOB access in V8. Credit to Anonymous.
- High CVE-2014-1718: Integer overflow in compositor. Credit to Aaron
Staple.
- High CVE-2014-1719: Use-after-free in web workers. Credit to Collin
Payne.
- High CVE-2014-1720: Use-after-free in DOM. Credit to cloudfuzzer.
- High CVE-2014-1721: Memory corruption in V8. Credit to Christian Holler.
- High CVE-2014-1722: Use-after-free in rendering. Credit to miaubiz.
- High CVE-2014-1723: Url confusion with RTL characters. Credit to George
McBay.
- High CVE-2014-1724: Use-after-free in speech. Credit to Atte Kettunen.
- Medium CVE-2014-1725: OOB read with window property. Credit to
Anonymous.
- Medium CVE-2014-1726: Local cross-origin bypass. Credit to Jann Horn.
- Medium CVE-2014-1727: Use-after-free in forms. Credit to Khalil Zhani.
- CVE-2014-1728: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-1729: Multiple vulnerabilities in V8 fixed in version
3.24.35.22.
* Remove sourceless javascript files (closes: #735355).
* Remove sourceless swf files (closes: #735344).
-- Michael Gilbert <email address hidden> Fri, 11 Apr 2014 01:42:04 +0000
chromium-browser (33.0.1750.152-1) unstable; urgency=high
* [641361a] Disable new GN stuff
* [43cea90] Refreshed patches
* New stable release:
- High CVE-2014-1713: Use-after-free in Blink bindings
- High CVE-2014-1714: Windows clipboard vulnerability
- High CVE-2014-1705: Memory corruption in V8
- High CVE-2014-1715: Directory traversal issue
- High CVE-2014-1700: Use-after-free in speech. Credit to Chamal de Silva.
- High CVE-2014-1701: UXSS in events. Credit to aidanhs.
- High CVE-2014-1702: Use-after-free in web database.
Credit to Collin Payne.
- High CVE-2014-1703: Potential sandbox escape due to a use-after-free
in web sockets.
- CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version 3.23.17.18
- High CVE-2013-6663: Use-after-free in svg images. Credit to Atte
Kettunen of OUSPG.
- High CVE-2013-6664: Use-after-free in speech recognition.
Credit to Khalil Zhani.
- High CVE-2013-6665: Heap buffer overflow in software
rendering. Credit to cloudfuzzer.
- Medium CVE-2013-6666: Chrome allows requests in flash header request.
Credit to netfuzzerr.
- CVE-2013-6667: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2013-6668: Multiple vulnerabilities in V8 fixed in version 3.24.35.10
- High CVE-2013-6653: Use-after-free related to web contents.
Credit to Khalil Zhani.
- High CVE-2013-6654: Bad cast in SVG. Credit to TheShow3511.
- High CVE-2013-6655: Use-after-free in layout. Credit to cloudfuzzer.
- High CVE-2013-6656: Information leak in XSS auditor. Credit to NeexEmil.
- Medium CVE-2013-6657: Information leak in XSS auditor. Credit to NeexEmil
- Medium CVE-2013-6658: Use-after-free in layout. Credit to cloudfuzzer.
- Medium CVE-2013-6659: Issue with certificates validation in
TLS handshake. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan
from Prosecco, Inria Paris.
- Low CVE-2013-6660: Information leak in drag and drop. Credit to
bishopjeffreys.
- Low-High CVE-2013-6661: Various fixes from internal audits, fuzzing
and other initiatives. Of these, seven are fixes for issues that could
have allowed for sandbox escapes from compromised renderers.
-- Giuseppe Iuculano <email address hidden> Fri, 21 Mar 2014 17:20:44 +0100
chromium-browser (32.0.1700.123-4) unstable; urgency=medium * Remove polymer.js.min. -- Michael Gilbert <email address hidden> Sun, 09 Mar 2014 22:30:14 +0000
| Superseded in sid-release |
chromium-browser (32.0.1700.123-3) unstable; urgency=medium * Remove a lot of sourceless files. * Suggest mozplugger (closes: #626400). * Use file's -E option (closes: #740476). * Capitalize Chromium in descriptions (closes: #732928, #715802). -- Michael Gilbert <email address hidden> Sun, 16 Feb 2014 18:50:06 +0000
| Superseded in sid-release |
chromium-browser (32.0.1700.123-2) unstable; urgency=medium
* Build with system libjs-jquery-flot.
* Build chromedriver (closes: #725130).
- Thanks to Vincent Bernat and Adrian Lang.
-- Michael Gilbert <email address hidden> Sun, 16 Feb 2014 02:32:18 +0000
chromium-browser (32.0.1700.123-1) unstable; urgency=medium
* [a7cf72b] Refreshed Patches
* [0da7fc2] Added libdrm-dev and libcap-dev in build-deps
* New stable release:
- High CVE-2013-6649: Use-after-free in SVG images. Credit to
Atte Kettunen of OUSPG.
- High CVE-2013-6650: Memory corruption in V8. This issue was
fixed in v8 version 3.22.24.16. Credit to Christian Holler.
- High CVE-2013-6646: Use-after-free in web workers. Credit to
Collin Payne.
- High CVE-2013-6641: Use-after-free related to forms. Credit to
Atte Kettunen of OUSPG.
- High CVE-2013-6643: Unprompted sync with an attacker’s Google
account. Credit to Joao Lucas Melo Brasio.
- CVE-2013-6645 Use-after-free related to speech input elements.
Credit to Khalil Zhani.
- CVE-2013-6644: Various fixes from internal audits, fuzzing and other
initiatives.
-- Giuseppe Iuculano <email address hidden> Thu, 13 Feb 2014 19:36:17 +0100
| Superseded in wheezy-release |
chromium-browser (31.0.1650.63-1~deb7u1) stable-security; urgency=high
* New upstream stable release:
- Medium CVE-2013-6634: Session fixation in sync related to 302 redirects.
Credit to Andrey Labunets.
- High CVE-2013-6635: Use-after-free in editing. Credit to cloudfuzzer.
- Medium CVE-2013-6636: Address bar spoofing related to modal dialogs.
Credit to Bas Venis.
- CVE-2013-6637: Various fixes from internal audits, fuzzing and other
initiatives.
- Medium CVE-2013-6638: Buffer overflow in v8. This issue was fixed in v8
version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
- High CVE-2013-6639: Out of bounds write in v8. This issue was fixed in v8
version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
- Medium CVE-2013-6640: Out of bounds read in v8. This issue was fixed in
v8 version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
-- Michael Gilbert <email address hidden> Fri, 06 Dec 2013 16:56:44 +0000
chromium-browser (31.0.1650.63-1) unstable; urgency=medium
* New upstream stable release:
- Medium CVE-2013-6634: Session fixation in sync related to 302 redirects.
Credit to Andrey Labunets.
- High CVE-2013-6635: Use-after-free in editing. Credit to cloudfuzzer.
- Medium CVE-2013-6636: Address bar spoofing related to modal dialogs.
Credit to Bas Venis.
- CVE-2013-6637: Various fixes from internal audits, fuzzing and other
initiatives.
- Medium CVE-2013-6638: Buffer overflow in v8. This issue was fixed in v8
version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
- High CVE-2013-6639: Out of bounds write in v8. This issue was fixed in v8
version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
- Medium CVE-2013-6640: Out of bounds read in v8. This issue was fixed in
v8 version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
-- Michael Gilbert <email address hidden> Thu, 05 Dec 2013 14:05:22 +0000
chromium-browser (31.0.1650.57-1) unstable; urgency=medium
* New upstream stable release:
- Medium-Critical CVE-2013-2931: Various fixes from internal audits,
fuzzing and other initiatives.
- Medium CVE-2013-6621: Use after free related to speech input elements.
Credit to Khalil Zhani.
- High CVE-2013-6622: Use after free related to media elements. Credit to
cloudfuzzer.
- High CVE-2013-6623: Out of bounds read in SVG. Credit to miaubiz.
- High CVE-2013-6624: Use after free related to “id” attribute strings.
Credit to Jon Butler.
- High CVE-2013-6625: Use after free in DOM ranges. Credit to cloudfuzzer.
- Low CVE-2013-6626: Address bar spoofing related to interstitial warnings.
Credit to Chamal de Silva.
- High CVE-2013-6627: Out of bounds read in HTTP parsing. Credit to
skylined.
- Medium CVE-2013-6628: Issue with certificates not being checked during
TLS renegotiation. Credit to Antoine Delignat-Lavaud and Karthikeyan
Bhargavan from Prosecco of INRIA Paris.
- Medium CVE-2013-6629: Read of uninitialized memory in libjpeg and
libjpeg-turbo. Credit to Michal Zalewski of Google.
- Medium CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo.
Credit to Michal Zalewski of Google.
- High CVE-2013-6631: Use after free in libjingle. Credit to Patrik Höglund
of the Chromium project.
- Critical CVE-2013-6632: Multiple memory corruption issues. Credit to
Pinkie Pie.
* Disable promos by default (closes: #634101).
* Set WANT_TESTS=0 if WANT_TESTS=1 fails (closes: #589654).
* Maintain window ordering when new tabs are opened (closes: #725350).
* Install chromium-inspector files to /usr/share instead of /usr/lib.
* Don't remove third party libraries from the upstream tarball.
* Remove non-default compression selections from debian/rules.
* Build with breakpad crash reporting.
* Fix some lintian warnings.
-- Michael Gilbert <email address hidden> Wed, 13 Nov 2013 07:44:55 +0000
chromium-browser (30.0.1599.101-3) unstable; urgency=medium * Fix sandbox installation path (closes: #728823). -- Michael Gilbert <email address hidden> Thu, 07 Nov 2013 04:24:55 +0000
| Superseded in sid-release |
chromium-browser (30.0.1599.101-2) unstable; urgency=medium * Use system zlib. * Remove arm patches. * Update lintian overrides. * Remove an unsafe symlink. * Remove icu build dependency. * Support poststript printing (closes: #717722). * Use fonts-ipafont instead of ttf-kochi (closes: #725800). -- Michael Gilbert <email address hidden> Sat, 02 Nov 2013 21:25:50 +0000
chromium-browser (30.0.1599.101-1) unstable; urgency=low
[ Giuseppe Iuculano ]
* New stable release:
- High CVE-2013-2925: Use after free in XHR. Credit to Atte Kettunen of
OUSPG.
- High CVE-2013-2926: Use after free in editing. Credit to
cloudfuzzer.
- High CVE-2013-2927: Use after free in forms. Credit to
cloudfuzzer.
- CVE-2013-2928: Various fixes from internal audits, fuzzing and other
initiatives.
- Medium CVE-2013-2906: Races in Web Audio.
Credit to Atte Kettunen of OUSPG.
- Medium CVE-2013-2907: Out of bounds read in Window.prototype object.
Credit to Boris Zbarsky.
- Medium CVE-2013-2908: Address bar spoofing related to the "204
No Content" status code. Credit to Chamal de Silva.
- High CVE-2013-2909: Use after free in inline-block
rendering. Credit to Atte Kettunen of OUSPG.
- Medium CVE-2013-2910: Use-after-free in Web Audio. Credit to
Byoungyoung Lee of Georgia Tech Information Security Center (GTISC).
- High CVE-2013-2911: Use-after-free in XSLT. Credit to Atte
Kettunen of OUSPG.
- High CVE-2013-2912: Use-after-free in PPAPI. Credit to Chamal
de Silva and 41.w4r10r(at)garage4hackers.com.
- High CVE-2013-2913: Use-after-free in XML document parsing.
Credit to cloudfuzzer.
- High CVE-2013-2914: Use after free in the Windows color
chooser dialog. Credit to Khalil Zhani.
- Low CVE-2013-2915: Address bar spoofing via a malformed scheme.
Credit to Wander Groeneveld.
- High CVE-2013-2916: Address bar spoofing related to the "204
No Content” status code. Credit to Masato Kinugawa.
- Medium CVE-2013-2917: Out of bounds read in Web Audio. Credit
to Byoungyoung Lee and Tielei Wang of Georgia Tech Information
Security Center (GTISC).
- High CVE-2013-2918: Use-after-free in DOM. Credit to
Byoungyoung Lee of Georgia Tech Information Security Center (GTISC).
- High CVE-2013-2919: Memory corruption in V8. Credit to Adam
Haile of Concrete Data.
- Medium CVE-2013-2920: Out of bounds read in URL parsing. Credit to
Atte Kettunen of OUSPG.
- High CVE-2013-2921: Use-after-free in resource loader. Credit
to Byoungyoung Lee and Tielei Wang of Georgia Tech Information
Security Center (GTISC).
- High CVE-2013-2922: Use-after-free in template element. Credit
to Jon Butler.
- CVE-2013-2923: Various fixes from internal audits, fuzzing and other
initiatives (Chrome 30).
- Medium CVE-2013-2924: Use-after-free in ICU. Upstream bug here.
* [6651f1c] Added chrpath to build-depends
* [3c88b20] Refreshed Patches for version 30
* [743a0a6] Make default of third-party cookies the most secure for users.
Thanks to Chad Miller
* [9507f07] Do not install remoting_locales/en-US.pak
* [64b895b] Move chrome_sandbox to chrome-sandbox, chromium reads that file
[ Shawn Landden ]
* [6d027f1] rules: dpkg compresses .deb files with xz by default now
[ Michael Gilbert ]
* [18341ce] add some TODO tasks
-- Giuseppe Iuculano <email address hidden> Mon, 21 Oct 2013 13:06:14 +0200
| Superseded in wheezy-release |
chromium-browser (29.0.1547.57-1~deb7u1) stable-security; urgency=high
* New upstream stable release:
- High CVE-2013-2900: Incomplete path sanitization in file handling.
Credit to Krystian Bigaj.
- Low CVE-2013-2905: Information leak via overly broad permissions on
shared memory files. Credit to Christian Jaeger.
- High CVE-2013-2901: Integer overflow in ANGLE. Credit to Alex Chapman.
- High CVE-2013-2902: Use after free in XSLT. Credit to cloudfuzzer.
- High CVE-2013-2903: Use after free in media element. Credit to
cloudfuzzer.
- High CVE-2013-2904: Use after free in document parsing. Credit to
cloudfuzzer.
- CVE-2013-2887: Various fixes from internal audits, fuzzing and other
initiatives (Chrome 29).
-- Michael Gilbert <email address hidden> Sun, 25 Aug 2013 00:13:29 +0000
| Deleted in experimental-release (Reason: None provided.) |
chromium-browser (29.0.1547.57-3+exp1) experimental; urgency=low [ Shawn Landden ] * Enable arm support. -- Michael Gilbert <email address hidden> Sun, 22 Sep 2013 00:34:12 +0000
chromium-browser (29.0.1547.57-3) unstable; urgency=medium * Drop transitional packages (closes: #684369). * Fix another copyright file syntax error. * Remove libav build dependencies. * Fix lintian override syntax. * Fix version control URL. * Use system vpx. -- Michael Gilbert <email address hidden> Tue, 27 Aug 2013 01:01:35 +0000
chromium-browser (29.0.1547.57-2) unstable; urgency=medium * Mark chromium-inspector as multi-arch: foreign (closes: #695229). * Use system libpng (closes: #699918). * Fix copyright file syntax error. * Drop implicit g++ dependency. * Add some lintian overrides. * Update my email address. * Remove unsafe symlink. -- Michael Gilbert <email address hidden> Sun, 25 Aug 2013 02:15:35 +0000
| Superseded in sid-release |
chromium-browser (29.0.1547.57-1) unstable; urgency=medium
[ Michael Gilbert ]
* New upstream stable release:
- High CVE-2013-2900: Incomplete path sanitization in file handling. Credit
to Krystian Bigaj.
- Low CVE-2013-2905: Information leak via overly broad permissions on
shared memory files. Credit to Christian Jaeger.
- High CVE-2013-2901: Integer overflow in ANGLE. Credit to Alex Chapman.
- High CVE-2013-2902: Use after free in XSLT. Credit to cloudfuzzer.
- High CVE-2013-2903: Use after free in media element. Credit to
cloudfuzzer.
- High CVE-2013-2904: Use after free in document parsing. Credit to
cloudfuzzer.
- CVE-2013-2887: Various fixes from internal audits, fuzzing and other
initiatives (Chrome 29).
* Remove unused webkit layout tests (closes: 720446).
* Use source package name for get-orig-source rule.
* Remove gfdl documentation (closes: #708860).
* Build-depend on git.
[ Shawn Landden ]
* New standards version.
* Use canonical VCS url.
* Always use system includes rather than ones of a chroot.
-- Michael Gilbert <email address hidden> Sat, 24 Aug 2013 20:14:52 +0000
chromium-browser (28.0.1500.95-3) unstable; urgency=medium * Fix placement of -fuse-ld=gold in ldflags. -- Michael Gilbert <email address hidden> Thu, 01 Aug 2013 16:38:05 +0000
| Superseded in sid-release |
chromium-browser (28.0.1500.95-2) unstable; urgency=medium * Use -fuse-ld=gold instead of binutils-gold. * Drop libv8-dev build-dependency. -- Michael Gilbert <email address hidden> Wed, 31 Jul 2013 20:22:33 +0000
| Superseded in sid-release |
chromium-browser (28.0.1500.95-1) unstable; urgency=medium
* New upstream stable release:
- Medium CVE-2013-2881: Origin bypass in frame handling. Credit to Karthik
Bhargavan.
- High CVE-2013-2882: Type confusion in V8. Credit to Cloudfuzzer.
- High CVE-2013-2883: Use-after-free in MutationObserver. Credit to
Cloudfuzzer.
- High CVE-2013-2884: Use-after-free in DOM. Credit to Ivan Fratric of
Google Security Team.
- High CVE-2013-2885: Use-after-free in input handling. Credit to Ivan
Fratric of Google Security Team.
- High CVE-2013-2886: Various fixes from internal audits, fuzzing and other
initiatives.
-- Michael Gilbert <email address hidden> Tue, 30 Jul 2013 20:34:19 +0000
chromium-browser (28.0.1500.71-2) unstable; urgency=medium * Disable armhf. * Remove outdated patches. * Eliminate special handling for old compiler versions. -- Michael Gilbert <email address hidden> Mon, 15 Jul 2013 18:40:47 +0000
| Superseded in sid-release |
chromium-browser (28.0.1500.71-1) unstable; urgency=medium
[ Michael Gilbert ]
* New upstream stable release:
- Low CVE-2013-2867: Block pop-unders in various scenarios.
- High CVE-2013-2879: Confusion setting up sign-in and sync. Credit to
Andrey Labunets.
- Medium CVE-2013-2868: Incorrect sync of NPAPI extension component. Credit
to Andrey Labunets.
- Medium CVE-2013-2869: Out-of-bounds read in JPEG2000 handling. Credit to
Felix Groebert of Google Security Team.
- Critical CVE-2013-2870: Use-after-free with network sockets. Credit to
Collin Payne.
- Medium CVE-2013-2853: Man-in-the-middle attack against HTTP in SSL.
Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco
at INRIA Paris.
- High CVE-2013-2871: Use-after-free in input handling. Credit to miaubiz.
- High CVE-2013-2873: Use-after-free in resource loading. Credit to
miaubiz.
- Medium CVE-2013-2875: Out-of-bounds-read in SVG. Credit to miaubiz.
- Medium CVE-2013-2876: Extensions permissions confusion with
interstitials. Credit to Dev Akhawe.
- Low CVE-2013-2877: Out-of-bounds read in XML parsing. Credit to Aki Helin
of OUSPG.
- None: Remove the “viewsource” attribute on iframes. Credit to Collin
Jackson.
- Medium CVE-2013-2878: Out-of-bounds read in text handling. Credit to Atte
Kettunen of OUSPG.
- High CVE-2013-2880: Various fixes from internal audits, fuzzing and other
initiatives. Credit to Chrome 28 team.
* Install mksnapshot.
[ Shawn Landden ]
* Enable armhf.
* Build with system libwebp when version >= 0.3.0.
-- Michael Gilbert <email address hidden> Fri, 12 Jul 2013 15:19:18 +0000
| Superseded in sid-release |
chromium-browser (27.0.1453.110-2) unstable; urgency=low [ Michael Gilbert ] * Use default gcc. * Enable verbose build. * Support gcc 4.8 (closes: #701256). * Disable pie hardening flag due to ffmpeg linking issue. [ Giuseppe Iuculano ] * Remove hardening-wrapper and switch to dpkg-buildflags. -- Michael Gilbert <email address hidden> Sun, 07 Jul 2013 20:06:05 +0000
| Superseded in wheezy-release |
chromium-browser (27.0.1453.93-1~deb7u1) stable-security; urgency=high
* New stable release:
- High CVE-2013-2837: Use-after-free in SVG. Credit to Sławomir Błażek.
- Medium CVE-2013-2838: Out-of-bounds read in v8. Credit to Christian
Holler.
- High CVE-2013-2839: Bad cast in clipboard handling. Credit to Jon of MWR
InfoSecurity.
- High CVE-2013-2840: Use-after-free in media loader. Credit to Nils of
MWR InfoSecurity.
- High CVE-2013-2841: Use-after-free in Pepper resource handling. Credit
to Chamal de Silva.
- High CVE-2013-2842: Use-after-free in widget handling. Credit to Cyril
Cattiaux.
- High CVE-2013-2843: Use-after-free in speech handling. Credit to Khalil
Zhani.
- High CVE-2013-2844: Use-after-free in style resolution. Credit to Sachin
Shinde (@cons0ul).
- High CVE-2013-2845: Memory safety issues in Web Audio. Credit to Atte
Kettunen of OUSPG.
- High CVE-2013-2846: Use-after-free in media loader. Credit to Chamal de
Silva.
- High CVE-2013-2847: Use-after-free race condition with workers. Credit
to Collin Payne.
- Medium CVE-2013-2848: Possible data extraction with XSS Auditor. Credit
to Egor Homakov.
- Low CVE-2013-2849: Possible XSS with drag+drop or copy+paste. Credit to
Mario Heiderich.
-- Michael Gilbert <email address hidden> Wed, 22 May 2013 03:03:49 +0000
chromium-browser (27.0.1453.110-1) unstable; urgency=low
* New stable release:
- Medium CVE-2013-2855: Memory corruption in dev tools API.
Credit to "daniel.zulla".
- High CVE-2013-2856: Use-after-free in input handling. Credit
to miaubiz.
- High CVE-2013-2857: Use-after-free in image handling. Credit
to miaubiz.
- High CVE-2013-2858: Use-after-free in HTML5 Audio. Credit to
"cdel921".
- High CVE-2013-2859: Cross-origin namespace pollution. Credit
to "bobbyholley".
- High CVE-2013-2860: Use-after-free with workers accessing
database APIs. Credit to Collin Payne.
- High CVE-2013-2861: Use-after-free with SVG. Credit to
miaubiz.
- High CVE-2013-2862: Memory corruption in Skia GPU handling.
Credit to Atte Kettunen of OUSPG.
- Critical CVE-2013-2863: Memory corruption in SSL socket handling.
Credit to Sebastien Marchand of the Chromium development community.
- High CVE-2013-2864: Bad free in PDF viewer. Credit to Mateusz
Jurczyk, with contributions by Gynvael Coldwind, both from Google Security
Team.
- High CVE-2013-2865: Various fixes from internal audits, fuzzing and
other initiatives.
-- Giuseppe Iuculano <email address hidden> Wed, 05 Jun 2013 17:00:28 +0200
| Superseded in sid-release |
chromium-browser (27.0.1453.93-1) unstable; urgency=low
* New stable release:
- High CVE-2013-2837: Use-after-free in SVG. Credit to Sławomir Błażek.
- Medium CVE-2013-2838: Out-of-bounds read in v8. Credit to Christian
Holler.
- High CVE-2013-2839: Bad cast in clipboard handling. Credit to Jon of MWR
InfoSecurity.
- High CVE-2013-2840: Use-after-free in media loader. Credit to Nils of
MWR InfoSecurity.
- High CVE-2013-2841: Use-after-free in Pepper resource handling. Credit
to Chamal de Silva.
- High CVE-2013-2842: Use-after-free in widget handling. Credit to Cyril
Cattiaux.
- High CVE-2013-2843: Use-after-free in speech handling. Credit to Khalil
Zhani.
- High CVE-2013-2844: Use-after-free in style resolution. Credit to Sachin
Shinde (@cons0ul).
- High CVE-2013-2845: Memory safety issues in Web Audio. Credit to Atte
Kettunen of OUSPG.
- High CVE-2013-2846: Use-after-free in media loader. Credit to Chamal de
Silva.
- High CVE-2013-2847: Use-after-free race condition with workers. Credit
to Collin Payne.
- Medium CVE-2013-2848: Possible data extraction with XSS Auditor. Credit
to Egor Homakov.
- Low CVE-2013-2849: Possible XSS with drag+drop or copy+paste. Credit to
Mario Heiderich.
-- Michael Gilbert <email address hidden> Wed, 22 May 2013 03:03:49 +0000
chromium-browser (26.0.1410.43-1) unstable; urgency=medium
* New stable release:
- High CVE-2013-0916: Use-after-free in Web Audio. Credit to Atte Kettunen
of OUSPG.
- Low CVE-2013-0917: Out-of-bounds read in URL loader. Credit to Google
Chrome Security Team (Cris Neckar).
- Low CVE-2013-0918: Do not navigate dev tools upon drag and drop. Credit
to Vsevolod Vlasov of the Chromium development community.
- Medium CVE-2013-0919: Use-after-free with pop-up windows in extensions.
Credit to Google Chrome Security Team (Mustafa Emre Acer).
- Medium CVE-2013-0920: Use-after-free in extension bookmarks API. Credit
to Google Chrome Security Team (Mustafa Emre Acer).
- High CVE-2013-0921: Ensure isolated web sites run in their own processes.
- Low CVE-2013-0922: Avoid HTTP basic auth brute force attempts. Credit to
“t3553r”.
- Medium CVE-2013-0923: Memory safety issues in the USB Apps API. Credit to
Google Chrome Security Team (Mustafa Emre Acer).
- Low CVE-2013-0924: Check an extension’s permissions API usage again file
permissions. Credit to Benjamin Kalman of the Chromium development
community.
- Low CVE-2013-0925: Avoid leaking URLs to extensions without the tabs
permissions. Credit to Michael Vrable of Google.
- Medium CVE-2013-0926: Avoid pasting active tags in certain situations.
Credit to Subho Halder, Aditya Gupta, and Dev Kar of xys3c.
* Use embedded libvpx for vp9 support, which chromium now requires.
* Add libspeechd-dev build-dependency.
* Disable breakpad crash reporting.
-- Michael Gilbert <email address hidden> Sat, 30 Mar 2013 14:44:33 +0000
chromium-browser (25.0.1364.160-1) unstable; urgency=high
* New stable security release:
- High CVE-2013-0912: Type confusion in WebKit. Credit to Nils and Jon of
MWR Labs.
-- Michael Gilbert <email address hidden> Fri, 08 Mar 2013 03:46:20 +0000
| Superseded in sid-release |
chromium-browser (25.0.1364.152-1) unstable; urgency=high
* [8761d73] Remove armel and armhf. We cannot support them in wheezy
* New stable security release:
- High CVE-2013-0902: Use-after-free in frame loader. Credit to
Chamal de Silva.
- High CVE-2013-0903: Use-after-free in browser navigation
handling. Credit to "chromium.khalil".
- High CVE-2013-0904: Memory corruption in Web Audio.
Credit to Atte Kettunen of OUSPG.
- High CVE-2013-0905: Use-after-free with SVG animations.
Credit to Atte Kettunen of OUSPG.
- High CVE-2013-0906: Memory corruption in Indexed DB. Credit to Google
Chrome Security Team (Jüri Aedla).
- Medium CVE-2013-0907: Race condition in media thread handling. Credit
to Andrew Scherkus of the Chromium development community.
- Medium CVE-2013-0908: Incorrect handling of bindings for extension
processes.
- Low CVE-2013-0909: Referer leakage with XSS Auditor. Credit to Egor
Homakov.
- Medium CVE-2013-0910: Mediate renderer -> browser plug-in loads more
strictly. Credit to Google Chrome Security Team (Chris Evans).
- High CVE-2013-0911: Possible path traversal in database handling.
Credit to Google Chrome Security Team (Jüri Aedla).
-- Giuseppe Iuculano <email address hidden> Tue, 05 Mar 2013 11:14:34 +0100
| Superseded in sid-release |
chromium-browser (25.0.1364.97-1) unstable; urgency=low
* New stable release:
- High CVE-2013-0879: Memory corruption with web audio
node. Credit to Atte Kettunen of OUSPG.
- High CVE-2013-0880: Use-after-free in database handling.
Credit to Chamal de Silva.
- Medium CVE-2013-0881: Bad read in Matroska handling. Credit to
Atte Kettunen of OUSPG.
- High CVE-2013-0882: Bad memory access with excessive SVG
parameters. Credit to Renata Hodovan.
- Medium CVE-2013-0883: Bad read in Skia. Credit to Atte
Kettunen of OUSPG.
- Low CVE-2013-0884: Inappropriate load of NaCl. Credit to Google
Chrome Security Team (Chris Evans).
- Medium CVE-2013-0885: Too many API permissions granted to web store.
- Low CVE-2013-0887: Developer tools process has too many
permissions and places too much trust in the connected server.
- Medium CVE-2013-0888: Out-of-bounds read in Skia. Credit to Google
Chrome Security Team (Inferno).
- Low CVE-2013-0889: Tighten user gesture check for dangerous file
downloads.
- High CVE-2013-0890: Memory safety issues across the IPC
layer. Credit to Google Chrome Security Team (Chris Evans).
- High CVE-2013-0891: Integer overflow in blob handling. Credit to
Google Chrome Security Team (Jüri Aedla).
- Medium CVE-2013-0892: Lower severity issues across the IPC layer.
Credit to Google Chrome Security Team (Chris Evans).
- Medium CVE-2013-0893: Race condition in media handling. Credit to
Andrew Scherkus of the Chromium development community.
- High CVE-2013-0894: Buffer overflow in vorbis decoding. Credit to
Google Chrome Security Team (Inferno).
- High CVE-2013-0895: Incorrect path handling in file
copying. Credit to Google Chrome Security Team (Jüri Aedla).
- High CVE-2013-0896: Memory management issues in plug-in message
handling. Credit to Google Chrome Security Team (Cris Neckar).
- High CVE-2013-0898: Use-after-free in URL handling. Credit to
Alexander Potapenko of the Chromium development community.
- Low CVE-2013-0899: Integer overflow in Opus handling. Credit to
Google Chrome Security Team (Jüri Aedla).
- Medium CVE-2013-0900: Race condition in ICU. Credit to Google Chrome
Security Team (Inferno).
* [a5f15ae] Added libpci-dev to B-depends
* [ace2b7a] Refreshed patches
* [32c84fa] Install remoting_locales
* [f868804] Do not enable NEON on ARM, thanks Ubuntu.
* [d1a3e36] Ignore stamp files in missing checks
-- Giuseppe Iuculano <email address hidden> Sat, 23 Feb 2013 11:45:07 +0100
chromium-browser (24.0.1312.68-1) unstable; urgency=high
* New stable release:
- High CVE-2013-0839: Use-after-free in canvas font handling.
Credit to Atte Kettunen of OUSPG.
- Medium CVE-2013-0840: Missing URL validation when opening new
windows.
- High CVE-2013-0841: Unchecked array index in content blocking. Credit
to Google Chrome Security Team (Chris Evans).
- Medium CVE-2013-0842: Problems with NULL characters embedded in
paths. Credit to Google Chrome Security Team (Jüri Aedla).
- High CVE-2012-5145: Use-after-free in SVG layout. Credit to
Atte Kettunen of OUSPG.
- High CVE-2012-5146: Same origin policy bypass with malformed
URL. Credit to Erling A Ellingsen and Subodh Iyengar, both of Facebook.
- High CVE-2012-5147: Use-after-free in DOM handling. Credit to
José A. Vázquez.
- Medium CVE-2012-5148: Missing filename sanitization in hyphenation
support. Credit to Google Chrome Security Team (Justin Schuh).
- High CVE-2012-5149: Integer overflow in audio IPC handling. Credit to
Google Chrome Security Team (Chris Evans).
- High CVE-2012-5150: Use-after-free when seeking video. Credit to
Google Chrome Security Team (Inferno).
- High CVE-2012-5151: Integer overflow in PDF JavaScript. Credit to
Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google
Security Team.
- Medium CVE-2012-5152: Out-of-bounds read when seeking video. Credit
to Google Chrome Security Team (Inferno).
- High CVE-2012-5153: Out-of-bounds stack access in v8. Credit to
Andreas Rossberg of the Chromium development community.
- High CVE-2013-0829: Corruption of database metadata leading to
incorrect file access. Credit to Google Chrome Security Team (Jüri Aedla).
- Low CVE-2013-0831: Possible path traversal from extension process.
Credit to Google Chrome Security Team (Tom Sepez).
- [160380] Medium CVE-2013-0832: Use-after-free with printing. Credit to Google
Chrome Security Team (Cris Neckar).
- Medium CVE-2013-0833: Out-of-bounds read with printing. Credit to
Google Chrome Security Team (Cris Neckar).
- Medium CVE-2013-0834: Out-of-bounds read with glyph handling. Credit
to Google Chrome Security Team (Cris Neckar).
- Low CVE-2013-0835: Browser crash with geolocation. Credit to Arthur
Gerkis.
- High CVE-2013-0836: Crash in v8 garbage collection. Credit to Google
Chrome Security Team (Cris Neckar).
- Medium CVE-2013-0837: Crash in extension tab handling. Credit to Tom
Nielsen.
- Low CVE-2013-0838: Tighten permissions on shared memory
segments. Credit to Google Chrome Security Team (Chris Palmer).
- High CVE-2012-5139: Use-after-free with visibility events.
Credit to Chamal de Silva.
- High CVE-2012-5140: Use-after-free in URL loader. Credit to
Chamal de Silva.
- Medium CVE-2012-5141: Limit Chromoting client plug-in instantiation.
Credit to Google Chrome Security Team (Jüri Aedla).
- Critical CVE-2012-5142: Crash in history navigation. Credit to Michal
Zalewski of Google Security Team.
- Medium CVE-2012-5143: Integer overflow in PPAPI image buffers. Credit
to Google Chrome Security Team (Cris Neckar).
- High CVE-2012-5144: Stack corruption in AAC decoding. Credit
to pawlkt.
- High CVE-2012-5138: Incorrect file path handling. Credit to Google
Chrome Security Team (Jüri Aedla).
- High CVE-2012-5137: Use-after-free in media source handling.
Credit to Pinkie Pie.
- High CVE-2012-5133: Use-after-free in SVG filters. Credit to
miaubiz.
- Medium CVE-2012-5130: Out-of-bounds read in Skia. Credit to
Atte Kettunen of OUSPG.
- Low CVE-2012-5132: Browser crash with chunked encoding. Credit to
Attila Szász.
- High CVE-2012-5134: Buffer underflow in libxml. Credit to Google
Chrome Security Team (Jüri Aedla).
- Medium CVE-2012-5135: Use-after-free with printing. Credit to Fermin
Serna of Google Security Team.
- Medium CVE-2012-5136: Bad cast in input element handling. Credit to
Google Chrome Security Team (Inferno).
- Medium CVE-2012-5127: Integer overflow leading to
out-of-bounds read in WebP handling. Credit to Phil Turnbull.
- [Linux 64-bit only] Medium CVE-2012-5120: Out-of-bounds array
access in v8. Credit to Atte Kettunen of OUSPG.
- High CVE-2012-5116: Use-after-free in SVG filter handling.
Credit to miaubiz.
- High CVE-2012-5121: Use-after-free in video layout. Credit to
Atte Kettunen of OUSPG.
- Low CVE-2012-5117: Inappropriate load of SVG subresource in img
context. Credit to Felix Gröbert of the Google Security Team.
- Medium CVE-2012-5119: Race condition in Pepper buffer handling.
Credit to Fermin Serna of the Google Security Team.
- Medium CVE-2012-5122: Bad cast in input handling. Credit to Google
Chrome Security Team (Inferno).
- Medium CVE-2012-5123: Out-of-bounds reads in Skia. Credit to
Google Chrome Security Team (Inferno).
- High CVE-2012-5124: Memory corruption in texture handling. Credit to
Al Patrick of the Chromium development community.
- Medium CVE-2012-5125: Use-after-free in extension tab handling.
Credit to Alexander Potapenko of the Chromium development community.
- Medium CVE-2012-5126: Use-after-free in plug-in placeholder handling.
Credit to Google Chrome Security Team (Inferno).
- High CVE-2012-5128: Bad write in v8. Credit to Google Chrome Security
Team (Cris Neckar).
* [574d76c] Override the lintian flag:
embedded-library usr/lib/chromium/libffmpegsumo.so: libavcodec
* [3105012] Updated changelog
* [ac9c032] Use explicit library dependencies instead of dlopen
* [1ad217c] Fixed CHANNELS_URL
* [7c2d359] Drop SCM revision from the version
* [ca31c0c] Install all chromium libs
* [167aea7] Use internal copy of libpng. This is necessary because with
system libpng render process is consuming 100% CPU
(see http://code.google.com/p/chromium/issues/detail?id=174603)
* [8742d82] debian/patches/pulse_ftbfs.patch: Fix FTBFS
* [9e76ec7] Refreshed patches
* [1c6f4c3] Use Debian api key
* [cdf5c74] Refreshed patches
* [ad9480c] Remove useless embedded copy of documentation from source
containing non DFSG-compliant material:
- src/native_client/toolchain/linux_x86/info
- src/native_client/toolchain/linux_x86/man
- src/native_client/toolchain/linux_x86/share/info
- src/native_client/toolchain/linux_x86/x86_64-nacl/share/info
- src/native_client/toolchain/linux_x86_newlib/info
- src/native_client/toolchain/linux_x86_newlib/man
- src/native_client/toolchain/linux_x86_newlib/share/info
(Closes: #695703)
* [31ea388] Fixed Homepage field.
Thanks to Dmitry Shachnev (Closes: #686561)
* [d509e07] Override the lintian flag: embedded-library usr/lib/chromium/chromium: libpng
-- Giuseppe Iuculano <email address hidden> Wed, 06 Feb 2013 15:34:17 +0100
chromium-browser (22.0.1229.94~r161065+dfsg-0.1) unstable; urgency=low
* Non-maintainer upload.
* Remove useless embedded copy of documentation from source containing non
DFSG-compliant material:
- src/native_client/toolchain/linux_x86/info
- src/native_client/toolchain/linux_x86/man
- src/native_client/toolchain/linux_x86/share/info
- src/native_client/toolchain/linux_x86/x86_64-nacl/share/info
- src/native_client/toolchain/linux_x86_newlib/info
- src/native_client/toolchain/linux_x86_newlib/man
- src/native_client/toolchain/linux_x86_newlib/share/info
Closes: #695703
-- David Prévot <email address hidden> Mon, 31 Dec 2012 15:47:12 -0400
chromium-browser (22.0.1229.94~r161065-3) unstable; urgency=medium * Use system vpx library again (resolves armel build failures). -- Michael Gilbert <email address hidden> Sun, 28 Oct 2012 00:55:58 -0400
| Superseded in sid-release |
chromium-browser (22.0.1229.94~r161065-2) unstable; urgency=medium
* [574d76c] Override the lintian flag: embedded-library
usr/lib/chromium/libffmpegsumo.so: libavcodec
-- Giuseppe Iuculano <email address hidden> Tue, 23 Oct 2012 17:51:56 +0200
chromium-browser (21.0.1180.89~r154005-1) unstable; urgency=high
* New stable security release:
- Medium CVE-2012-2865: Out-of-bounds read in line breaking. Credit to miaubiz.
- High CVE-2012-2866: Bad cast with run-ins. Credit to miaubiz.
- Low CVE-2012-2867: Browser crash with SPDY.
- Medium CVE-2012-2868: Race condition with workers and XHR.
Credit to miaubiz.
- High CVE-2012-2869: Avoid stale buffer in URL loading. Credit to
Fermin Serna of the Google Security Team.
- Low CVE-2012-2870: Lower severity memory management issues
in XPath. Credit to Nicolas Gregoire.
- High CVE-2012-2871: Bad cast in XSL transforms. Credit to
Nicolas Gregoire.
- Medium CVE-2012-2872: XSS in SSL interstitial. Credit to
Emmanuel Bronshtein.
-- Giuseppe Iuculano <email address hidden> Fri, 31 Aug 2012 11:24:58 +0200
| Superseded in sid-release |
chromium-browser (21.0.1180.75~r150248-1) unstable; urgency=medium
[ Shawn Landden ]
* [b7c6ba3] update changelog to record changes in last upload
* [3c6a149] master_prefs: don't go straight to internet, don't prompt to change default browser
* [e441276] initial_bookmarks.html: add Debian support page
* [2bb621a] compress source tarball as xz (Closes: #676774)
[ Giuseppe Iuculano ]
* New stable minor release fixing the following issues:
- REGRESSION: Rendering difference in Chrome 21 and 22 that affected on
Persian Wikipedia
- Some known crashes
- Audio objects are not "switched" immediately
- Print and Print Preview ignore paper size default in printer config
- Candidate windows is shown in wrong place in Retina display
- more of the choppy and distorted audio issues
- Japanese characters showing in Chinese font
- Sync invalidation notification broken after restart
-- Giuseppe Iuculano <email address hidden> Fri, 10 Aug 2012 17:31:57 +0200
| Superseded in sid-release |
chromium-browser (21.0.1180.57~r148591-1) unstable; urgency=medium
* [fd04758] Install demo extension
* New upstream stable release:
- Medium CVE-2012-2846: Cross-process interference in
renderers. Credit to Google Chrome Security Team (Julien Tinnes).
- Low CVE-2012-2847: Missing re-prompt to user upon excessive
downloads. Credit to Matt Austin of Aspect Security.
- Medium CVE-2012-2848: Overly broad file access granted after
drag+drop. Credit to Matt Austin of Aspect Security.
- Low CVE-2012-2849: Off-by-one read in GIF decoder. Credit to Atte
Kettunen of OUSPG.
- Medium CVE-2012-2853: webRequest can interfere with the Chrome Web
Store. Credit to Trev of Adblock.
- Low CVE-2012-2854: Leak of pointer values to WebUI renderers. Credit
to Nasko Oskov of the Chromium development community.
- High CVE-2012-2855: Use-after-free in PDF viewer. Credit to Mateusz
Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of
Google Security Team.
- High CVE-2012-2857: Use-after-free in CSS DOM. Credit to
- Arthur Gerkis.
- High CVE-2012-2858: Buffer overflow in WebP decoder. Credit
to Jüri Aedla.
- Critical CVE-2012-2859: Crash in tab handling. Credit to
Jeff Roberts of Google Security Team.
- Medium CVE-2012-2860: Out-of-bounds access when clicking in date
picker. Credit to Chamal de Silva.
-- Giuseppe Iuculano <email address hidden> Tue, 07 Aug 2012 10:55:17 +0200
chromium-browser (20.0.1132.57~r145807-1) unstable; urgency=medium
[ Michael Gilbert ]
* New ustream stable security release:
- [129898] High CVE-2012-2842: Use-after-free in counter handling. Credit
to miaubiz.
- [130595] High CVE-2012-2843: Use-after-free in layout height tracking.
Credit to miaubiz.
- [133450] High CVE-2012-2844: Bad object access with JavaScript in PDF.
Credit to Alexey Samsonov of Google.
[ Shawn Landden ]
* Revert "Do not use binutils-gold in armel and armhf".
* Update vpx patch to use system headers (Closes: #674728).
* Fixup skia fixup for <armv6.
-- Michael Gilbert <email address hidden> Fri, 13 Jul 2012 15:31:11 -0400
chromium-browser (20.0.1132.43~r143823-1) unstable; urgency=high
* New stable release
- Low CVE-2012-2815: Leak of iframe fragment id. Credit to Elie
Bursztein of Google.
- High CVE-2012-2817: Use-after-free in table section handling.
Credit to miaubiz.
- High CVE-2012-2818: Use-after-free in counter layout. Credit
to miaubiz.
- High CVE-2012-2819: Crash in texture handling. Credit to Ken "gets"
Russell of the Chromium development community.
- Medium CVE-2012-2820: Out-of-bounds read in SVG filter handling.
Credit to Atte Kettunen of OUSPG.
- Medium CVE-2012-2821: Autofill display problem. Credit to
"simonbrown60"
- High CVE-2012-2823: Use-after-free in SVG resource handling.
Credit to miaubiz.
- High CVE-2012-2824: Use-after-free in SVG painting. Credit to
miaubiz.
- Medium CVE-2012-2826: Out-of-bounds read in texture conversion.
Credit to Google Chrome Security Team (Inferno).
- High CVE-2012-2829: Use-after-free in first-letter handling.
Credit to miaubiz.
- High CVE-2012-2830: Wild pointer in array value setting.
Credit to miaubiz.
- [130356] High CVE-2012-2831: Use-after-free in SVG reference handling.
Credit to miaubiz.
- High CVE-2012-2834: Integer overflow in Matroska container.
Credit to Jüri Aedla.
-- Giuseppe Iuculano <email address hidden> Sat, 30 Jun 2012 14:33:40 +0200
| Superseded in sid-release |
chromium-browser (20.0.1132.41~r143299-1) unstable; urgency=medium * [98cf55e] Do not use binutils-gold in armel and armhf * New beta release -- Giuseppe Iuculano <email address hidden> Fri, 22 Jun 2012 16:41:48 +0200
| Superseded in sid-release |
chromium-browser (20.0.1132.34~r141824-1) unstable; urgency=low
* [29f002e] Add -DUSE_EABI_HARDFLOAT in gyp defines for armhf
* [3a003ca] Added some armel and armhf patches.
Thanks to Shawn
* [2f15044] Search te correct icon when minimised.
Thanks to Jonathan Nieder (Closes: #651455)
-- Giuseppe Iuculano <email address hidden> Wed, 20 Jun 2012 19:05:50 +0200
| Superseded in sid-release |
chromium-browser (20.0.1132.27~r140692-2) unstable; urgency=low
* [c0e9499] Improved sqlite patch.
Thanks to Andrew Chant (Closes: #676636)
* [62d276b] Backported: Use 32-byte alignment in AudioArray if using
WEBAUDIO_FFMPEG https://bugs.webkit.org/show_bug.cgi?id=87430
* [1183b6a] Added -DUSE_EABI_HARDFLOAT for armhf
-- Giuseppe Iuculano <email address hidden> Wed, 13 Jun 2012 13:21:26 +0200
| Superseded in sid-release |
chromium-browser (20.0.1132.27~r140692-1) unstable; urgency=low * New beta release. * [e2adf90] Applied sqlite patch and fixed omnibox crash (Closes: #676636) * [69cc508] Define arm_float_abi=soft for armel and arm_float_abi=hard for armhf -- Giuseppe Iuculano <email address hidden> Mon, 11 Jun 2012 17:54:51 +0200
| Superseded in sid-release |
chromium-browser (20.0.1132.21~r139451-3) unstable; urgency=low * Upload to unstable. -- Giuseppe Iuculano <email address hidden> Wed, 06 Jun 2012 10:29:58 +0200
| Deleted in experimental-release (Reason: None provided.) |
chromium-browser (20.0.1132.21~r139451-2) experimental; urgency=low
* [1de8e21] Build depends on binutils-gold also in armel and armhf
* [5890c9b] Do not use third_party/gold as the linker. (Closes: #675563)
* [e883861] Strip third_party/gold from upstream tarball.
Thanks to Andrew Chant
* [c9ac368] Use gcc 4.7
* [7f1ad3e] link against libgnome-keyring instead of using dlopen()
* [57f6712] Added gcc 4.7 patch
* [2be55e4] Use GConf and GIO
-- Giuseppe Iuculano <email address hidden> Sun, 03 Jun 2012 17:01:46 +0200
| Superseded in experimental-release |
chromium-browser (20.0.1132.21~r139451-1) experimental; urgency=low
[ Jonathan Nieder ]
* [70fc5ec] Refresh patches and add descriptions
[ Giuseppe Iuculano ]
* [8cb8e89] Use gcc 4.6 for the moment (Closes: #671994)
[ Jonathan Nieder ]
* [cd6baae] Build-Depends: g++-4.6
* [09908a2] Remove workaround for bug #651912, which seems to have been fixed in libnspr
(Closes: #661948)
* [58d631d] Remove hardcoded versioned dependency on libnss3-1d
* [c9e2e81] Require nspr4 >= 2:4.9-2 (Closes: #651912)
[ Giuseppe Iuculano ]
* [150b326] Added libssl-dev in B-depends
* [88ff66a] Refreshed patches
* [7e7de0c] Disable tcmalloc, use internal copy of ffmpeg and libv8
* [ca0f508] Updated patches
* [1343b0c] Fixed floating point exception in protobuf internal copy.
Thanks to Andrew Chant
* [2b62b38] Disable protobuf patch
* [cae4c9c] updated vpx patch
* [7233f03] Start to fix build issues with gcc 4.7
* [b4e5b1d] Fix FTBFS when compiling with pulseaudio support
* [235e171] install all .pak files
-- Giuseppe Iuculano <email address hidden> Fri, 01 Jun 2012 15:36:07 +0200
| 151 → 225 of 294 results | First • Previous • Next • Last |
