Change log for chromium-browser package in Debian
| 226 → 294 of 294 results | First • Previous • Next • Last |
| Superseded in sid-release |
chromium-browser (18.0.1025.168~r134367-1) unstable; urgency=low
* New stable release:
- High CVE-2011-3078: Use after free in floats handling. Credit to
Google Chrome Security Team (Marty Barbella) and independent later
discovery by miaubiz.
- High CVE-2012-1521: Use after free in xml parser. Credit to Google
Chrome Security Team (SkyLined) and independent later discovery by
wushi of team509 reported through iDefense VCP (V-874rcfpq7z).
- Medium CVE-2011-3079: IPC validation failure. Credit to PinkiePie.
- Medium CVE-2011-3080: Race condition in sandbox IPC. Credit to Willem
Pinckaers of Matasano.
- High CVE-2011-3081: Use after free in floats handling. Credit to miaubiz
-- Giuseppe Iuculano <email address hidden> Wed, 02 May 2012 09:30:45 +0200
chromium-browser (18.0.1025.151~r130497-1) unstable; urgency=medium
* new stable release:
- [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping.
Credit to miaubiz.
- [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit
to Sergey Glazunov.
- [117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit
to miaubiz.
- [117728] High CVE-2011-3069: Use-after-free in line box handling.
Credit to miaubiz.
- [118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to
Google Chrome Security Team (SkyLined).
- [118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit
to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).
- [118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up
window. Credit to Sergey Glazunov.
- [118593] High CVE-2011-3073: Use-after-free in SVG resource handling.
Credit to Arthur Gerkis.
- [119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit
to Sławomir Błażek.
- [119525] High CVE-2011-3075: Use-after-free applying style command.
Credit to miaubiz.
- [120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to
miaubiz.
- [120189] Medium CVE-2011-3077: Read-after-free in script bindings.
Credit to Google Chrome Security Team (Inferno).
* [85dfed9] build-depend on libglewmx-dev instead of versioned libglewmx1.5-dev
* medium urgency for security fixes
-- Michael Gilbert <email address hidden> Thu, 05 Apr 2012 16:43:11 -0400
| Superseded in sid-release |
chromium-browser (18.0.1025.142~r129054-1) unstable; urgency=low
* New stable release:
- [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS
in EUC-JP. Credit to Masato Kinugawa.
- [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling.
Credit to Arthur Gerkis.
- [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment
handling. Credit to miaubiz.
- [116398] Medium CVE-2011-3061: SPDY proxy certificate checking error.
Credit to Leonidas Kontothanassis of Google.
- [116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to
Mateusz Jurczyk of the Google Security Team.
- [117417] Low CVE-2011-3063: Validate navigation requests from the
renderer more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie
and scarybeasts (Google Chrome Security Team).
- [117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to
Atte Kettunen of OUSPG.
- [117588] High CVE-2011-3065: Memory corruption in Skia. Credit to
Omair.
- [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
Holler.
* [19c4b51] include glib.h directly (closes: #666640)
* [d6e7094] remove .tmp files on clean
* [fd014ca] fix pulseaudio messageloop comparisons
* [6984cf7] build-depend on svn (required for upstream depot_tools checkout)
* [aae52af] refresh patches
* [102f9b7] depend on libv8 >= 3.8
* [bbd5511] build-depend on libudev-dev
-- Michael Gilbert <email address hidden> Sun, 01 Apr 2012 20:02:53 -0400
chromium-browser (17.0.963.83~r127885-1) unstable; urgency=high
* New stable release:
- CVE-2011-3050: Use-after-free with first-letter handling.
Credit to miaubiz.
- CVE-2011-3051: Use-after-free in CSS cross-fade
handling. Credit to Arthur Gerkis.
- CVE-2011-3052: Memory corruption in WebGL canvas handling.
Credit to Ben Vanik of Google.
- CVE-2011-3053: Use-after-free in block splitting. Credit
to miaubiz.
- Low CVE-2011-3054: Apply additional isolations to webui privileges.
Credit to Sergey Glazunov.
- CVE-2011-3055: Prompt in the browser native UI for unpacked
extension installation. Credit to PinkiePie.
- High CVE-2011-3056: Cross-origin violation with "magic
iframe". Credit to Sergey Glazunov.
- Low CVE-2011-3049: Extension web request API can interfere with
system requests. Credit to Michael Gundlach.
- CVE-2011-3047: Errant plug-in load and GPU process memory corruption.
Credit to PinkiePie.
-- Giuseppe Iuculano <email address hidden> Fri, 23 Mar 2012 09:45:08 +0100
chromium-browser (17.0.963.78~r125577-1) unstable; urgency=high
* New stable release fixed issue found at Google's Pwnium competition:
- CVE-2011-3046: UXSS and bad history navigation. Credit to Sergey
Glazunov.
-- Giuseppe Iuculano <email address hidden> Thu, 08 Mar 2012 23:41:39 +0100
| Superseded in sid-release |
chromium-browser (17.0.963.66~r124982-1) unstable; urgency=high
[ Jonathan Nieder ]
* [78437ab] Depend on libpng-dev instead of libpng12-dev at build time
(Closes: #662287)
[ Giuseppe Iuculano ]
* New stable release:
- High CVE-2011-3031: Use-after-free in v8 element wrapper.
Credit to Chamal de Silva.
- High CVE-2011-3032: Use-after-free in SVG value handling.
Credit to Arthur Gerkis.
- High CVE-2011-3033: Buffer overflow in the Skia
drawing library. Credit to Aki Helin of OUSPG.
- High CVE-2011-3034: Use-after-free in SVG document handling.
Credit to Arthur Gerkis.
- High CVE-2011-3035: Use-after-free in SVG use handling.
Credit to Arthur Gerkis.
- High CVE-2011-3036: Bad cast in line box handling. Credit to
miaubiz.
- High CVE-2011-3037: Bad casts in anonymous
block splitting. Credit to miaubiz.
- High CVE-2011-3038: Use-after-free in multi-column handling.
Credit to miaubiz.
- High CVE-2011-3039: Use-after-free in quote handling. Credit
to miaubiz.
- Medium CVE-2011-3040: Out-of-bounds read in text handling.
Credit to miaubiz.
- High CVE-2011-3041: Use-after-free in class attribute
handling. Credit to miaubiz.
- High CVE-2011-3042: Use-after-free in table section handling.
Credit to miaubiz.
- High CVE-2011-3043: Use-after-free in flexbox with floats.
Credit to miaubiz.
- High CVE-2011-3044: Use-after-free with SVG animation
elements. Credit to Arthur Gerkis.
-- Giuseppe Iuculano <email address hidden> Wed, 07 Mar 2012 17:21:51 +0100
chromium-browser (17.0.963.56~r121963-1) unstable; urgency=high
[ Michael Gilbert ]
* [5c3bb1e] remove duplicate dependency on libgconf2-dev
* [a978400] exclude .git directories from upstream tarball
* [d29d859] add descriptions to patches
* [52af88b] update debian/copyright field to adhere to latest DEP5 specification
* [f3b7ba9] update patches for chromium 17
* [4634823] install content_resources.pak
* [e7883c9] depend on libv8 >= 3.7
* [dd4fe7d] use pulseaudio
[ Giuseppe Iuculano ]
* [826649a] Fix FTBFS on armel and added armhf.
Thanks to Riku Voipio (Closes: #632119)
* [e9ac7ab] Link against system vpx (Closes: #642760)
* [b88a849] Remove ardcoded dependency on libvpx0 (Closes: #660159)
* [9dec8df] Updated patches
* New stable release:
- Medium CVE-2011-3016: Read-after-free with counter nodes.
Credit to miaubiz.
- High CVE-2011-3017: Possible use-after-free in database
handling. Credit to miaubiz.
- High CVE-2011-3018: Heap overflow in path rendering. Credit
to Aki Helin of OUSPG.
- High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit to
Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk / Gynvael
Coldwind of the Google Security Team.
- Medium CVE-2011-3020: Native client validator error. Credit to Nick
Bray of the Chromium development community.
- High CVE-2011-3021: Use-after-free in subframe loading.
Credit to Arthur Gerkis.
- Medium CVE-2011-3022: Inappropriate use of http for translation
script. Credit to Google Chrome Security Team (Jorge Obes).
- Medium CVE-2011-3023: Use-after-free with drag and drop.
Credit to pa_kt.
- Low CVE-2011-3024: Browser crash with empty x509 certificate. Credit
to chrometot.
- Medium CVE-2011-3025: Out-of-bounds read in h.264 parsing.
Credit to Sławomir Błażek.
- High CVE-2011-3026: Integer overflow / truncation in libpng.
Credit to Jüri Aedla.
- High CVE-2011-3027: Bad cast in column handling. Credit to
miaubiz
- Low CVE-2011-3953: Avoid clipboard monitoring after paste event.
Credit to Daniel Cheng of the Chromium development community.
- Low CVE-2011-3954: Crash with excessive database usage. Credit to
Collin Payne.
- High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit to
David Grogan of the Chromium development community.
- Low CVE-2011-3956: Incorrect handling of sandboxed origins inside
extensions. Credit to Devdatta Akhawe, UC Berkeley.
- High CVE-2011-3958: Bad casts with column spans. Credit to
miaubiz.
- High CVE-2011-3959: Buffer overflow in locale handling.
Credit to Aki Helin of OUSPG.
- Medium CVE-2011-3960: Out-of-bounds read in audio decoding.
Credit to Aki Helin of OUSPG.
- Critical CVE-2011-3961: Race condition after crash of utility
process. Credit to Shawn Goertzen.
- Medium CVE-2011-3962: Out-of-bounds read in path clipping.
Credit to Aki Helin of OUSPG.
- Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to
Code Audit Labs of VulnHunt.com.
- Low CVE-2011-3965: Crash in signature check. Credit to Sławomir
Błażek.
- High CVE-2011-3966: Use-after-free in stylesheet error
handling. Credit to Aki Helin of OUSPG.
- Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben
Carrillo.
- High CVE-2011-3968: Use-after-free in CSS handling. Credit to
Arthur Gerkis.
- High CVE-2011-3969: Use-after-free in SVG layout. Credit to
Arthur Gerkis.
- Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to
Aki Helin of OUSPG.
- High CVE-2011-3971: Use-after-free with mousemove events.
Credit to Arthur Gerkis.
- Medium CVE-2011-3972: Out-of-bounds read in shader translator. Credit
to Google Chrome Security Team (Inferno).
-- Giuseppe Iuculano <email address hidden> Sun, 19 Feb 2012 20:29:17 +0100
chromium-browser (16.0.912.77~r118311-1) unstable; urgency=high
[ Jonathan Nieder ]
* [b9c1859] fix path in Ubuntu-specific build rules.
Thanks to Michael Kuhn (Closes: #655521)
[ Giuseppe Iuculano ]
* [c6132fa] Fix FTBFS with libav 0.8 (Closes: #654215)
* New stable release:
- High CVE-2011-3924: Use-after-free in DOM selections.
Credit to Arthur Gerkis.
- Critical CVE-2011-3925: Use-after-free in Safe Browsing
navigation. Credit to Chamal de Silva.
- High CVE-2011-3928: Use-after-free in DOM handling. Credit to wushi
of team509 reported through ZDI (ZDI-CAN-1415).
- High CVE-2011-3927: Uninitialized value in Skia. Credit to
miaubiz.
- High CVE-2011-3926: Heap-buffer-overflow in tree builder.
Credit to Arthur Gerkis.
-- Giuseppe Iuculano <email address hidden> Thu, 26 Jan 2012 10:57:28 +0100
| Superseded in sid-release |
chromium-browser (16.0.912.75~r116452-1) unstable; urgency=low
* New stable version:
- High CVE-2011-3921: Use-after-free in animation frames.
Credit to Boris Zbarsky of Mozilla.
- High CVE-2011-3919: Heap-buffer-overflow in libxml. Credit to Jüri Aedla.
- High CVE-2011-3922: Stack-buffer-overflow in glyph handling. Credit
to Google Chrome Security Team (Cris Neckar).
-- Giuseppe Iuculano <email address hidden> Mon, 09 Jan 2012 10:30:41 +0100
| Superseded in sid-release |
chromium-browser (16.0.912.63~r113337-1) unstable; urgency=low
[ Giuseppe Iuculano ]
* New stable version:
- Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to
David Holloway of the Chromium development community.
- Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google
Chrome Security Team (Inferno).
- Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit
to Aki Helin of OUSPG.
- High CVE-2011-3907: URL bar spoofing with view-source. Credit
to Luka Treiber of ACROS Security.
- Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to Aki
Helin of OUSPG.
- Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property
array. Credit to Google Chrome Security Team (scarybeasts) and Chu.
- Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling.
Credit to Google Chrome Security Team (Cris Neckar).
- High CVE-2011-3912: Use-after-free in SVG filters. Credit to
Arthur Gerkis.
- High CVE-2011-3913: Use-after-free in Range handling. Credit
to Arthur Gerkis.
- High CVE-2011-3914: Out-of-bounds write in v8 i18n handling.
Credit to Sławomir Błażek.
- High CVE-2011-3915: Buffer overflow in PDF font handling.
Credit to Atte Kettunen of OUSPG.
- Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to
Google Chrome Security Team (Marty Barbella).
- High CVE-2011-3904: Use-after-free in bidi handling. Credit to Google
Chrome Security Team (Inferno) and miaubiz.
* [5299644] Update patches for v16
[ Michael Gilbert ]
* [ce38c6a] depend on gyp >= r1119
* [d4236b8] fix upstream channel naming in source readme
* [3683f5d] refresh nss-workaround.patch and system_v8.patch
* [4c18347] add myself to uploaders
-- Giuseppe Iuculano <email address hidden> Sun, 01 Jan 2012 13:45:54 +0100
chromium-browser (15.0.874.121~r109964-1) unstable; urgency=high
[ Jonathan Nieder ]
* [f67eee0] chromium-inspector: Recommend chromium (>= 10) to avoid pulling in chromium-bsu
* [4de64d5] Use /etc/debian_version, not `lsb_release -sr`, to populate BUILD_DIST
* [7dba3cb] Permit '/' in Debian release names (Closes: #644526)
* [aa996fe] Unbreak get-orig-source in non-C locales by using "svn log --xml" instead of "svn info"
[ Giuseppe Iuculano ]
* [dc3b8be] Revert "Merge 104421 - Fix library paths for preloading NSS on Ubuntu 11.10."
Thanks to Jonathan Nieder (Closes: #647992)
* [d729967] Use system v8
* New stable release:
- High CVE-2011-3892: Double free in Theora decoder.
Credit to Aki Helin of OUSPG.
- Medium CVE-2011-3893: Out of bounds reads in MKV and
Vorbis media handlers. Credit to Aki Helin of OUSPG.
- High CVE-2011-3894: Memory corruption regression in VP8 decoding.
Credit to Andrew Scherkus of the Chromium development community.
- High CVE-2011-3895: Heap overflow in Vorbis decoder. Credit
to Aki Helin of OUSPG.
- High CVE-2011-3896: Buffer overflow in shader variable mapping.
Credit to Ken “strcpy” Russell of the Chromium development community.
- High CVE-2011-3897: Use-after-free in editing. Credit to pa_kt
reported through ZDI (ZDI-CAN-1416).
- Low CVE-2011-3898: Failure to ask for permission to run applets in
JRE7. Credit to Google Chrome Security Team (Chris Evans).
- High CVE-2011-3900: Out-of-bounds write in v8. Credit to Christian
Holler.
-- Giuseppe Iuculano <email address hidden> Wed, 07 Dec 2011 09:12:54 +0100
| Superseded in sid-release |
chromium-browser (15.0.874.106~r107270-1) unstable; urgency=medium
[ Matteo F. Vescovi ]
* [fb744c6] debian/control: cosmetic typo corrections (Closes: #644386)
[ Giuseppe Iuculano ]
* New stable release:
- High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi
Chancel.
- Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to
Jordi Chancel.
- Low CVE-2011-3876: Avoid stripping whitespace at the end of download
filenames. Credit to Marc Novak.
- Low CVE-2011-3877: XSS in appcache internals page. Credit to Google
Chrome Security Team (Tom Sepez) plus independent discovery by
Juho Nurminen.
- Medium CVE-2011-3878: Race condition in worker process initialization.
Credit to miaubiz.
- Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to
Masato Kinugawa.
- Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit to
Vladimir Vorontsov, ONsec company.
- High CVE-2011-3881: Cross-origin policy violations.
Credit to Sergey Glazunov.
- High CVE-2011-3882: Use-after-free in media buffer handling. Credit to
Google Chrome Security Team (Inferno).
- High CVE-2011-3883: Use-after-free in counter handling. Credit to miaubiz.
- High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian
Ryner of the Chromium development community.
- High CVE-2011-3885: Stale style bugs leading to use-after-free.
Credit to miaubiz.
- High CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler.
- Medium CVE-2011-3887: Cookie theft with javascript URIs.
Credit to Sergey Glazunov.
- [99138] High CVE-2011-3888: Use-after-free with plug-in and editing.
Credit to miaubiz.
- High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
- High CVE-2011-3890: Use-after-free in video source handling. Credit to
Ami Fischman of the Chromium development community.
- High CVE-2011-3891: Exposure of internal v8 functions. Credit to
Steven Keuchel of the Chromium development community plus independent
discovery by Daniel Divricean.
* [62dfe31] Refreshed patches
* [ebe38a0] Added scons, libelf-dev, and python-simplejson in Build-Depends
* [301651c] Use icu and libv8 private copy and disable nacl
[ Jonathan Nieder ]
* [59f4ae6] debian/licenses: add Ms-PL license snippet.
Thanks to Alexander Reichle-Schmehl (Closes: #647528)
-- Giuseppe Iuculano <email address hidden> Sun, 06 Nov 2011 14:27:45 +0100
| Published in squeeze-release |
chromium-browser (6.0.472.63~r59945-5+squeeze6) stable-security; urgency=low
* Added gbp.conf
* Fixed CVE-2011-2818: Use-after-free in display box rendering.
Credit to Martin Barbella.
* Fixed CVE-2011-2800: Leak of client-side redirect target.
Credit to Juho Nurminen
* FIxed CVE-2011-2359: Stale pointer due to bad line box tracking in
rendering. Credit to miaubiz and Martin Barbella.
* Blacklist SSL certificates issued by DigiNotar-controlled intermediate CAs
used by the Dutch PKIoverheid program
-- Giuseppe Iuculano <email address hidden> Fri, 09 Sep 2011 22:05:07 +0200
chromium-browser (14.0.835.202~r103287-1) unstable; urgency=low
[ Michael Gilbert ]
* [0e3387d] Remove unneeded shlibs:Depends
* [d7d8b22] Support libav's transition to multiarch
* [3211a33] Use url to writable git repo in vcs-git field
* [1c83896] Use relative symlinks to ffmpeg libraries
[ Giuseppe Iuculano ]
* New stable release:
- High CVE-2011-2876: Use-after-free in text line box handling.
Credit to miaubiz.
- High CVE-2011-2877: Stale font in SVG text handling. Credit to
miaubiz.
- High CVE-2011-2878: Inappropriate cross-origin access to the
window prototype. Credit to Sergey Glazunov.
- High CVE-2011-2879: Lifetime and threading issues in audio node
handling. Credit to Google Chrome Security Team (Inferno).
- High CVE-2011-2880: Use-after-free in the v8
bindings. Credit to Sergey Glazunov.
- High CVE-2011-2881: Memory corruption with v8 hidden objects.
Credit to Sergey Glazunov.
- Critical CVE-2011-3873: Memory corruption in shader translator.
-- Giuseppe Iuculano <email address hidden> Wed, 05 Oct 2011 11:15:53 +0200
| Superseded in sid-release |
chromium-browser (14.0.835.163~r101024-1) unstable; urgency=low
[ Matteo F. Vescovi ]
* [82a8b0b] debian/control: changing b-deps to libjpeg-dev (Closes: 641099)
[ Giuseppe Iuculano ]
* [ac85d47] Use system ffmpeg and icu
* [b4fbcd0] debian/gbp.conf: Added conf for git-dch
* [a4f4ee1] Do not install ffmpeg internal copy
* New stable release:
- High CVE-2011-2835: Race condition in the certificate cache.
Credit to Ryan Sleevi of the Chromium development community.
- Low CVE-2011-2836: Infobar the Windows Media Player plug-in to avoid
click-free access to the system Flash. Credit to electronixtar.
- Low CVE-2011-2837: Use PIC / pie compiler flags. Credit to wbrana.
- Low CVE-2011-2838: Treat MIME type more authoritatively when loading
plug-ins. Credit to Michal Zalewski of the Google Security Team.
- High CVE-2011-2839: Crash in v8 script object wrappers.
Credit to Kostya Serebryany of the Chromium development community.
- Low CVE-2011-2840: Possible URL bar spoofs with unusual user interaction.
Credit to kuzzcc.
- Medium CVE-2011-2843: Out-of-bounds read with media buffers.
Credit to Kostya Serebryany of the Chromium development community.
- Medium CVE-2011-2844: Out-of-bounds read with mp3 files.
Credit to Mario Gomes.
- High CVE-2011-2846: Use-after-free in unload event handling.
Credit to Arthur Gerkis.
- High CVE-2011-2847: Use-after-free in document loader.
Credit to miaubiz.
- Medium CVE-2011-2848: URL bar spoof with forward button.
Credit to Jordi Chancel.
- Low CVE-2011-2849: Browser NULL pointer crash with WebSockets.
Credit to Arthur Gerkis.
- Medium CVE-2011-3234: Out-of-bounds read in box handling.
Credit to miaubiz.
- Medium CVE-2011-2850: Out-of-bounds read with Khmer characters.
Credit to miaubiz.
- Medium CVE-2011-2851: Out-of-bounds read in video handling.
Credit to Google Chrome Security Team (Inferno).
- High CVE-2011-2852: Off-by-one in v8. Credit to Christian Holler.
- High CVE-2011-2853: Use-after-free in plug-in handling.
Credit to Google Chrome Security Team (SkyLined).
- High CVE-2011-2854: Use-after-free in ruby / table style handing.
Credit to Sławomir Błażek, and independent later discoveries by miaubiz
and Google Chrome Security Team (Inferno).
- High CVE-2011-2855: Stale node in stylesheet handling.
Credit to Arthur Gerkis.
- High CVE-2011-2856: Cross-origin bypass in v8.
Credit to Daniel Divricean.
- High CVE-2011-2857: Use-after-free in focus controller. Credit to miaubiz.
- High CVE-2011-2834: Double free in libxml XPath handling.
Credit to Yang Dingning from NCNIPC, Graduate University of Chinese
Academy of Sciences.
- Medium CVE-2011-2859: Incorrect permissions assigned to non-gallery pages.
Credit to Bernhard ‘Bruhns’ Brehm of Recurity Labs.
- High CVE-2011-2860: Use-after-free in table style handling.
Credit to miaubiz.
- High CVE-2011-2862: Unintended access to v8 built-in objects.
Credit to Sergey Glazunov.
- Medium CVE-2011-2864: Out-of-bounds read with Tibetan characters.
Credit to Google Chrome Security Team (Inferno).
- Medium CVE-2011-2858: Out-of-bounds read with triangle arrays.
Credit to Google Chrome Security Team (Inferno).
- Low CVE-2011-2874: Failure to pin a self-signed cert for a session.
Credit to Nishant Yadant of VMware and Craig Chamberlain (@randomuserid).
- High CVE-2011-2875: Type confusion in v8 object sealing.
Credit to Christian Holler.
-- Giuseppe Iuculano <email address hidden> Sat, 17 Sep 2011 21:46:29 +0200
| Deleted in experimental-release (Reason: None provided.) |
chromium-browser (14.0.835.157~r99685-1) experimental; urgency=low * New beta release * Fix gbp.conf for experimental branch * Refreshed patches * Use libv8 system copy * Do not remove Makefile files * Added libpulse-dev in Build-Depends. * re-enable armel build * Patch v8_i18n to compile with libv8 system copy, thanks to Jérémy Lal * Added a lintian override for the NaCL IRT files -- Giuseppe Iuculano <email address hidden> Wed, 07 Sep 2011 13:06:57 +0200
chromium-browser (13.0.782.220~r99552-1) unstable; urgency=high
[ Giuseppe Iuculano ]
* Fixed the dummy chromium-browser-l10n dependency (Closes: 639126)
* New stable release:
- Revoked trust for SSL certificates issued by DigiNotar-controlled
intermediate CAs used by the Dutch PKIoverheid program.
[ Jonathan Nieder ]
* Add a replace and breaks entry to reflect the compatibility symlinks
having moved to the chromium-browser package.
[ Michael Gilbert ]
* Fix lintian warning.
* Fix manpage comment characters.
* Strip the Native Client Integrated RunTime (NaCl IRT) libraries.
* Objectify an old changelog entry (closes: #606261).
-- Giuseppe Iuculano <email address hidden> Tue, 06 Sep 2011 08:34:50 +0200
| Superseded in sid-release |
chromium-browser (13.0.782.215~r97094-1) unstable; urgency=low
[ Michael Gilbert ]
* Remove all automatically generated files during clean up (this makes
it possible to build from source twice in a row now).
* Bump standards version to 3.9.2.
* Fix an obsolete character encoding in debian/copyright.
* Fix build failure with cups >= 1.5.0.
* Don't support lenny's cups anymore.
* Use system config.guess and config.sub for yasm's autotools files.
* Add chromium-browser.png symlink so old menu entries keep their icons
(closes: #622841).
* Add chromium-browser manpage symlink.
* Clean up package short descriptions.
[ Giuseppe Iuculano ]
* Move the compatibility symlinks to the chromium-browser package
* Fix the Vcs-Browser control field
* New stable release:
- High CVE-2011-2823: Use-after-free in line box handling. Credit to Google
Chrome Security Team (SkyLined) and independent later discovery
by miaubiz.
- High CVE-2011-2824: Use-after-free with counter nodes. Credit to miaubiz.
- High CVE-2011-2825: Use-after-free with custom fonts. Credit to wushi of
team509 reported through ZDI (ZDI-CAN-1283), plus indepdendent later
discovery by miaubiz.
- High CVE-2011-2821: Double free in libxml XPath handling. Credit to Yang
Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
- High CVE-2011-2826: Cross-origin violation with empty origins.
Credit to Sergey Glazunov.
- High CVE-2011-2827: Use-after-free in text searching. Credit to miaubiz.
- High CVE-2011-2828: Out-of-bounds write in v8.
Credit to Google Chrome Security Team (SkyLined).
- High CVE-2011-2829: Integer overflow in uniform arrays.
Credit to Sergey Glazunov.
* Added autotools-dev in Build-Depends
-- Giuseppe Iuculano <email address hidden> Tue, 23 Aug 2011 17:31:19 +0200
chromium-browser (13.0.782.107~r94237-1) unstable; urgency=high
* New stable version
- Medium CVE-2011-2358: Always confirm an extension install via a browser
dialog. Credit to Sergey Glazunov.
- High CVE-2011-2359: Stale pointer due to bad line box tracking in
rendering. Credit to miaubiz and Martin Barbella.
- Low CVE-2011-2360: Potential bypass of dangerous file prompt.
Credit to kuzzcc.
- Low CVE-2011-2361: Improve designation of strings in the basic auth
dialog. Credit to kuzzcc.
- Medium CVE-2011-2782: File permissions error with drag and drop.
Credit to Evan Martin of the Chromium development community.
- Medium CVE-2011-2783: Always confirm a developer mode NPAPI extension
install via a browser dialog. Credit to Sergey Glazunov.
- Low CVE-2011-2784: Local file path disclosure via GL program log.
Credit to kuzzcc.
- Low CVE-2011-2785: Sanitize the homepage URL in extensions.
Credit to kuzzcc.
- Low CVE-2011-2786: Make sure the speech input bubble is always on-screen.
Credit to Olli Pettay of Mozilla.
- Medium CVE-2011-2787: Browser crash due to GPU lock re-entrancy issue.
Credit to kuzzcc.
- Low CVE-2011-2788: Buffer overflow in inspector serialization.
Credit to Mikołaj Małecki.
- Medium CVE-2011-2789: Use after free in Pepper plug-in instantiation.
Credit to Mario Gomes and kuzzcc.
- High CVE-2011-2790: Use-after-free with floating styles.
Credit to miaubiz.
- High CVE-2011-2791: Out-of-bounds write in ICU. Credit to Yang Dingning
from NCNIPC, Graduate University of Chinese Academy of Sciences.
- High CVE-2011-2792: Use-after-free with float removal. Credit to miaubiz.
- High CVE-2011-2793: Use-after-free in media selectors. Credit to miaubiz.
- Medium CVE-2011-2794: Out-of-bounds read in text iteration.
Credit to miaubiz.
- Medium CVE-2011-2795: Cross-frame function leak. Credit to Shih Wei-Long.
- High CVE-2011-2796: Use-after-free in Skia. Credit to Google Chrome
Security Team (Inferno) and Kostya Serebryany of the Chromium
development community.
- High CVE-2011-2797: Use-after-free in resource caching. Credit to miaubiz.
- Low CVE-2011-2798: Prevent a couple of internal schemes from being web
accessible. Credit to sirdarckcat of the Google Security Team.
- High CVE-2011-2799: Use-after-free in HTML range handling.
Credit to miaubiz.
- Medium CVE-2011-2800: Leak of client-side redirect target.
Credit to Juho Nurminen.
- High CVE-2011-2802: v8 crash with const lookups.
Credit to Christian Holler.
- Medium CVE-2011-2803: Out-of-bounds read in Skia paths.
Credit to Google Chrome Security Team (Inferno).
- High CVE-2011-2801: Use-after-free in frame loader. Credit to miaubiz.
- High CVE-2011-2818: Use-after-free in display box rendering.
Credit to Martin Barbella.
- High CVE-2011-2805: Cross-origin script injection.
Credit to Sergey Glazunov.
- [90222] High CVE-2011-2819: Cross-origin violation in base URI handling.
Credit to Sergey Glazunov.
* Re-added binutils-gold in Build-depends
* Refreshed patches
* Switch to git
* Use system vpx, flac, webp, speex libs
* Build-depens on gyp >= 0.1~svn971
* Run the gclient hooks when creating the source tarball, as we need files
from the Native Client's integrated runtime (IRT) library
(Thanks to Fabien Tassin)
* Install the NaCL IRT files
* Added a lintian override for the NaCL IRT files
-- Giuseppe Iuculano <email address hidden> Thu, 04 Aug 2011 11:02:34 +0200
chromium-browser (12.0.742.112~r90304-1) unstable; urgency=high * New stable micro release - [77493] Medium CVE-2011-2345: Out-of-bounds read in NPAPI string handling. Credit to Philippe Arteau. - [84355] High CVE-2011-2346: Use-after-free in SVG font handling. Credit to miaubiz. - [85003] High CVE-2011-2347: Memory corruption in CSS parsing. Credit to miaubiz. - [85102] High CVE-2011-2350: Lifetime and re-entrancy issues in the HTML parser. Credit to miaubiz. - [85177] High CVE-2011-2348: Bad bounds check in v8. Credit to Aki Helin of OUSPG. - [85211] High CVE-2011-2351: Use-after-free with SVG use element. Credit to miaubiz. - [85418] High CVE-2011-2349: Use-after-free in text selection. Credit to miaubiz. * Do not use the experimental gold linker -- Giuseppe Iuculano <email address hidden> Wed, 29 Jun 2011 15:28:33 +0200
chromium-browser (12.0.742.91~r87961-1) unstable; urgency=high * New stable major release (Closes: 630548) - [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues in float handling. Credit to miaubiz. - [75496] Medium CVE-2011-1809: Use-after-free in accessibility support. Credit to Google Chrome Security Team (SkyLined). - [75643] Low CVE-2011-1810: Visit history information leak in CSS. Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability Research - [76034] Low CVE-2011-1811: Browser crash with lots of form submissions. Credit to “DimitrisV22”. - [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to kuzzcc. - [78516] High CVE-2011-1813: Stale pointer in extension framework. Credit to Google Chrome Security Team (Inferno). - [79362] Medium CVE-2011-1814: Read from uninitialized pointer. Credit to Eric Roman of the Chromium development community. - [79862] Low CVE-2011-1815: Extension script injection into new tab page. Credit to kuzzcc. - [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit to kuzzcc. - [81916] Medium CVE-2011-1817: Browser memory corruption in history deletion. Credit to Collin Payne. - [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to miaubiz. - [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages. Credit to Vladislavas Jarmalis, plus subsequent independent discovery by Sergey Glazunov. - [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey Glazunov. - [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey Glazunov. * Refreshed patches. * Use internal libv8 copy * Use internal protobuf copy * Remove armel from archs, too many toolchain issues and we want chromium in testing. * Override the embedded-library error, chromium uses a modified sqlite copy. -- Giuseppe Iuculano <email address hidden> Fri, 17 Jun 2011 11:13:54 +0200
chromium-browser (6.0.472.63~r59945-5+squeeze5) stable-security; urgency=low * Fixed CVE-2011-1292: Use-after-free in the frame loader. Credit to Sławomir Błażek. * Fixed CVE-2011-1293: Use-after-free in HTMLCollection. Credit to Sergey Glazunov. * Fixed CVE-2011-1440: Use-after-free with <ruby> tag and CSS. Credit to Jose A. Vazquez. * Fixed CVE-2011-1444: Race condition in sandbox launcher. Credit to Dan Rosenberg. * Fixed CVE-2011-1797: stale pointer in table captioning (credit: wushi) * Fixed CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit to Google Chrome Security Team (SkyLined). -- Giuseppe Iuculano <email address hidden> Fri, 13 May 2011 18:57:51 +0200
chromium-browser (11.0.696.71~r86024-1) unstable; urgency=low * New Stable release: - [72189] Low CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De Silva - [82546] High CVE-2011-1804: Stale pointer in floats rendering. Credit to Martin Barbella. - [82873] Critical CVE-2011-1806: Memory corruption in GPU command buffer. Credit to Google Chrome Security Team (Cris Neckar). - [82903] Critical CVE-2011-1807: Out-of-bounds write in blob handling. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community. -- Giuseppe Iuculano <email address hidden> Wed, 25 May 2011 09:16:11 +0200
| Superseded in sid-release |
chromium-browser (11.0.696.68~r84545-3) unstable; urgency=low * Use the experimental gold linker -- Giuseppe Iuculano <email address hidden> Mon, 23 May 2011 08:57:21 +0200
| Superseded in sid-release |
chromium-browser (11.0.696.68~r84545-2) unstable; urgency=low * Fix the libv8 patch * Disable javascript i18n api, we will re-enable it when libv8 will compile i18n experimental extension, #627066 -- Giuseppe Iuculano <email address hidden> Tue, 17 May 2011 22:18:11 +0200
| Superseded in sid-release |
chromium-browser (11.0.696.68~r84545-1) unstable; urgency=high * New Stable release: - [64046] High CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit to Google Chrome Security Team (SkyLined). - [80608] High CVE-2011-1800: Integer overflows in SVG filters. Credit to Google Chrome Security Team (Cris Neckar). * Added --password-store=detect in chromium flags * Updated the svg logo * Ship the app icon in all the sizes provided upstream (Thanks Fabien Tassin) * Build-dep on gyp >= 0.1~svn917 to try to fix FTBFS on armel * Use protobuf system copy, this should fix FTBFS on armel #616662 * Bump urgency, we want chromium 11 in wheezy * Remove *.pyc from src/depot_tools and src/build (Closes: #626894) -- Giuseppe Iuculano <email address hidden> Mon, 16 May 2011 22:05:07 +0200
| Superseded in sid-release |
chromium-browser (11.0.696.65~r84435-1) unstable; urgency=low * New Stable release: - Fixed password loss (Closes: #619903) - [61502] High CVE-2011-1303: Stale pointer in floating object handling. Credit to Scott Hess of the Chromium development community and Martin Barbella. - [70538] Low CVE-2011-1304: Pop-up block bypass via plug-ins. Credit to Chamal De Silva. - [70589] Medium CVE-2011-1305: Linked-list race in database handling. Credit to Kostya Serebryany of the Chromium development community. - [71586] Medium CVE-2011-1434: Lack of thread safety in MIME handling. Credit to Aki Helin. - [72523] Medium CVE-2011-1435: Bad extension with ‘tabs’ permission can capture local files. Credit to Cole Snodgrass. - [72910] Low CVE-2011-1436: Possible browser crash due to bad interaction with X. Credit to miaubiz. - [73526] High CVE-2011-1437: Integer overflows in float rendering. Credit to miaubiz. - [74653] High CVE-2011-1438: Same origin policy violation with blobs. Credit to kuzzcc. - [74763] High CVE-2011-1439: Prevent interference between renderer processes. Credit to Julien Tinnes of the Google Security Team. - [75186] High CVE-2011-1440: Use-after-free with <ruby> tag and CSS. Credit to Jose A. Vazquez. - [75347] High CVE-2011-1441: Bad cast with floating select lists. Credit to Michael Griffiths. - [75801] High CVE-2011-1442: Corrupt node trees with mutation events. Credit to Sergey Glazunov and wushi of team 509. - [76001] High CVE-2011-1443: Stale pointers in layering code. Credit to Martin Barbella. - [76542] High CVE-2011-1444: Race condition in sandbox launcher. Credit to Dan Rosenberg. - [76646] Medium CVE-2011-1445: Out-of-bounds read in SVG. Credit to wushi of team509. - [76666] [77507] [78031] High CVE-2011-1446: Possible URL bar spoofs with navigation errors and interrupted loads. Credit to kuzzcc. - [76966] High CVE-2011-1447: Stale pointer in drop-down list handling. Credit to miaubiz. - [77130] High CVE-2011-1448: Stale pointer in height calculations. Credit to wushi of team509. - [77346] High CVE-2011-1449: Use-after-free in WebSockets. Credit to Marek Majkowski. - [77349] Low CVE-2011-1450: Dangling pointers in file dialogs. Credit to kuzzcc. - [77463] High CVE-2011-1451: Dangling pointers in DOM id map. Credit to Sergey Glazunov. - [77786] Medium CVE-2011-1452: URL bar spoof with redirect and manual reload. Credit to Jordi Chancel. - [79199] High CVE-2011-1454: Use-after-free in DOM id handling. Credit to Sergey Glazunov. * Updated patches * Use libv8 system copy * Fixed FTBFS (converting to non-pointer type from NULL) * Addeed libpam0g-dev in Build-Depends * Fixed FTBFS with gcc 4.6 (closes: 624814) * Do not use the to use the experimental gold linker, it causes FTBFS * Added in install excluded files: genmacro genmodule genperf genstring genversion re2c yasm -- Giuseppe Iuculano <email address hidden> Sat, 14 May 2011 15:22:23 +0200
| Superseded in sid-release |
chromium-browser (10.0.648.205~r81283-1) unstable; urgency=low * New stable release: - [75629] Critical CVE-2011-1301: Use-after-free in the GPU process. Credit to Google Chrome Security Team (Inferno). - [78524] Critical CVE-2011-1302: Heap overflow in the GPU process. Credit to Christoph Diehl. -- Giuseppe Iuculano <email address hidden> Fri, 15 Apr 2011 09:13:45 +0200
| Superseded in sid-release |
chromium-browser (10.0.648.204~r79063-1) unstable; urgency=low * New stable release: - [72517] High CVE-2011-1291: Buffer error in base string handling. Credit to Alex Turpin. - [73216] High CVE-2011-1292: Use-after-free in the frame loader. Credit to Sławomir Błażek. - [73595] High CVE-2011-1293: Use-after-free in HTMLCollection. Credit to Sergey Glazunov. - [74562] High CVE-2011-1294: Stale pointer in CSS handling. Credit to Sergey Glazunov. - [74991] High CVE-2011-1295: DOM tree corruption with broken node parentage. Credit to Sergey Glazunov. - [75170] High CVE-2011-1296: Stale pointer in SVG text handling. Credit to Sergey Glazunov. * Depends on libvpx0 >= 0.9.6 (Closes: #618621) -- Giuseppe Iuculano <email address hidden> Fri, 25 Mar 2011 12:20:13 +0100
chromium-browser (6.0.472.63~r59945-5+squeeze4) stable-security; urgency=low * Fixed CVE-2011-0779: does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension. * Fixed CVE-2011-1290: Integer overflow in style elements * Removed mips from arch to avoid flood of given-back build log -- Giuseppe Iuculano <email address hidden> Fri, 11 Mar 2011 13:56:22 +0100
| Superseded in sid-release |
chromium-browser (10.0.648.133~r77742-1) unstable; urgency=high * New stable release: - Fix CVE-2011-1290: Memory corruption in style handling. Credit to Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers reported through ZDI. * chromium-browser: Depend on chromium (>= 10) (Closes: #617760) * Added a symlink to old binary name in chromium-browser package (Closes: #616623) * Document the binary renaming in the NEWS file. -- Giuseppe Iuculano <email address hidden> Fri, 11 Mar 2011 23:10:31 +0100
| Superseded in sid-release |
chromium-browser (10.0.648.127~r76697-1) unstable; urgency=low * New stable version * Refreshed patches -- Giuseppe Iuculano <email address hidden> Wed, 09 Mar 2011 23:04:13 +0100
| Superseded in experimental-release |
chromium-browser (10.0.648.114~r75702-1) experimental; urgency=low
* New beta version * Refreshed pathces * Renamed binary packages, new names: chromium, chromium-l10n, chromium-inspector, chromium-dbg * Removed SMULBB instructions (Closes: 611725) Thanks to Jérémy Lal * Move /etc/chromium-browser/{default,master_preferences} to /etc/chromium/{default,master_preferences} * Remove mips from archs * Use in-source v8 * Added binutils-gold in build-depends to use the experimental gold linker * debian/rules: Force $DEBIAN_NAME to chromium * Fixed the webkit version parser. Patch from Ubuntu, thanks to Fabien Tassin * Do not install anymore xdg-settings and xdg-mime copy * Install libppGoogleNaClPluginChrome.so -- Giuseppe Iuculano <email address hidden> Wed, 02 Mar 2011 11:36:53 +0100
| Superseded in sid-release |
chromium-browser (9.0.597.107~r75357-1) unstable; urgency=low [ Giuseppe Iuculano ] * New Stable version: - [54262] High URL bar spoof. Credit to Jordi Chancel. - [63732] High Crash with javascript dialogs. Credit to Sergey Radchenko. - [68263] High Stylesheet node stale pointer. Credit to Sergey Glazunov. - [68741] High Stale pointer with key frame rule. Credit to Sergey Glazunov. - [70078] High Crash with forms controls. Credit to Stefan van Zanden. - [70244] High Crash in SVG rendering. Credit to Sławomir Błażek. - [64-bit Linux only] [70376] Medium Out-of-bounds read in pickle deserialization. Credit to Evgeniy Stepanov of the Chromium development community. - [71114] High Stale node in table handling. Credit to Martin Barbella. - [71115] High Stale pointer in table rendering. Credit to Martin Barbella. - [71296] High Stale pointer in SVG animations. Credit to miaubiz. - [71386] High Stale nodes in XHTML. Credit to wushi of team509. - [71388] High Crash in textarea handling. Credit to wushi of team509. - [71595] High Stale pointer in device orientation. Credit to Sergey Glazunov. - [71717] Medium Out-of-bounds read in WebGL. Credit to miaubiz. - [71855] High Integer overflow in textarea handling. Credit to miaubiz. - [71960] Medium Out-of-bounds read in WebGL. Credit to Google Chrome Security Team (Inferno). - [72214] High Accidental exposure of internal extension functions. Credit to Tavis Ormandy of the Google Security Team. - [72437] High Use-after-free with blocked plug-ins. Credit to Chamal de Silva. - [73235] High Stale pointer in layout. Credit to Martin Barbella. [ Daniel Echeverry ] * Added patch fix-manpage.patch Closes: #607503 -- Giuseppe Iuculano <email address hidden> Thu, 03 Mar 2011 11:42:01 +0100
| Superseded in sid-release |
chromium-browser (9.0.597.98~r74359-1) unstable; urgency=low [ Giuseppe Iuculano ] * New stable version: - [67234] High Stale pointer in animation event handling. Credit to Rik Cabanier. - [68120] High Use-after-free in SVG font faces. Credit to miaubiz. - [69556] High Stale pointer with anonymous block handling. Credit to Martin Barbella. - [69970] Medium Out-of-bounds read in plug-in handling. Credit to Bill Budge of Google. - [70456] Medium Possible failure to terminate process on out-of-memory condition. Credit to David Warren of CERT/CC. [ Daniel Echeverry ] * Fixed FTBFS caused by nspr.patch (Closes: #612618) -- Giuseppe Iuculano <email address hidden> Wed, 16 Feb 2011 09:07:31 +0100
| Superseded in sid-release |
chromium-browser (9.0.597.84~r72991-1) unstable; urgency=low * New stable version: - [55831] High Use-after-free in image loading. Credit to Aki Helin of OUSPG - [59081] Low Apply some restrictions to cross-origin drag + drop. Credit to Google Chrome Security Team (SkyLined) and the Google Security Team (Michal Zalewski, David Bloom). - [62791] Low Browser crash with extension with missing key. Credit to Brian Kirchoff. - [65669] Low Handle merging of autofill profiles more gracefully. Credit to Google Chrome Security Team (Inferno). - [68244] Low Browser crash with bad volume setting. Credit to Matthew Heidermann. - [69195] Critical Race condition in audio handling. Credit to the gamers of Reddit! -- Giuseppe Iuculano <email address hidden> Sun, 06 Feb 2011 23:50:23 +0100
| Superseded in sid-release |
chromium-browser (9.0.597.83~r72435-1) unstable; urgency=low [ Giuseppe Iuculano ] * New beta version. * Added a README.Debian and warn about downgrading (Closes: #605548) * honor DEB_BUILD_OPTIONS=nocheck, thanks to Jonathan Nieder (Closes: #589653) * Avoid "cannot access" messagges when using ffmpeg internal copy. Thanks to Jonathan Nieder. (Closes: #589563) * Refreshed patches. * Build against libv8 * Use libicu system headers * Use system glew * Use system xdg-utils * Build-depends on libv8-dev >= 2.5.9 * Update translations in Desktop file. Thanks to the Ubuntu translation team. * Upload to unstable [ Fabien Tassin ] * Add libxt-dev to Build-deps needed by ppGoogleNaClPluginChrome * Add x-scheme-handler/http and x-scheme-handler/https to the MimeType entry of the desktop file * Set CHROME_WRAPPER to the real name of the wrapper now that upstream use its value * Set CHROME_DESKTOP in the wrapper to help the default browser checker (LP: #513133) -- Giuseppe Iuculano <email address hidden> Sun, 30 Jan 2011 22:14:01 +0100
| Superseded in experimental-release |
chromium-browser (9.0.597.45~r70550-1) experimental; urgency=low * New beta version -- Giuseppe Iuculano <email address hidden> Mon, 17 Jan 2011 09:55:51 +0100
chromium-browser (6.0.472.63~r59945-5) unstable; urgency=high * Backported security patches from stable: - High Bad pointer handling in node iteration. Credit to Sergey Glazunov. - High Stale pointer with CSS + canvas. Credit to Sergey Glazunov. - High Stale pointer with CSS + cursors. Credit to Jan Tošovský. - High Stale pointer with SVG use element. Credited anonymously; plus indepdent discovery by miaubiz. - High Vorbis decoder buffer overflows. Credit to David Warren of CERT. - High Bad cast in anchor handling. Credit to Sergey Glazunov. - High Bad cast in video handling. Credit to Sergey Glazunov. - High Stale rendering node after DOM node removal. Credit to Martin Barbella; plus independent discovery by Google Chrome Security Team (SkyLined). -- Giuseppe Iuculano <email address hidden> Sat, 15 Jan 2011 12:04:52 +0100
| Superseded in experimental-release |
chromium-browser (9.0.597.19~r68937-1) experimental; urgency=low * New beta version * Refreshed patches -- Giuseppe Iuculano <email address hidden> Wed, 29 Dec 2010 09:17:12 +0100
chromium-browser (6.0.472.63~r59945-4) unstable; urgency=high * Backported security patches from stable: - [64-bit Linux only] High Bad validation for message deserialization on 64-bit builds. Credit to Lei Zhang of the Chromium development community. - Low Browser crash with NULL pointer in web worker handling. Credit to Nathan Weizenbaum of Google. - Medium Out-of-bounds read in CSS parsing. Credit to Chris Rohlf. - High Stale pointers in cursor handling. Credit to Sławomir Błażek and Sergey Glazunov. -- Giuseppe Iuculano <email address hidden> Sat, 18 Dec 2010 17:39:19 +0100
| Superseded in sid-release |
chromium-browser (6.0.472.63~r59945-3) unstable; urgency=high * Backported security patches from stable: - Medium Cross-origin video theft with <canvas>. Credit to Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR). - High Use after free in history handling. Credit to Stefan Troger. - Medium Make sure the “dangerous file types” list is uptodate with the Windows platforms. Credit to Billy Rios of the Google Security Team. - High Crash due to bad indexing with malformed video. Credit to miaubiz. - High Use after free with SVG animations. Credit to Sławomir Błażek. - Medium Use after free in mouse dragging event handling. Credit to kuzzcc. -- Giuseppe Iuculano <email address hidden> Tue, 07 Dec 2010 12:53:25 +0100
| Superseded in experimental-release |
chromium-browser (9.0.587.0~r66374-1) experimental; urgency=low * New dev version -- Giuseppe Iuculano <email address hidden> Sat, 20 Nov 2010 18:33:03 +0100
| Superseded in experimental-release |
chromium-browser (9.0.576.0~r65344-1) experimental; urgency=low * New dev version * Refreshed patches * Added libxtst-dev in build-depends * Use v8, libvpx and glew system copy for the moment. * Disable tests * Do not install /usr/lib/chromium-browser/libosmesa.so (Closes: #599511) -- Giuseppe Iuculano <email address hidden> Wed, 17 Nov 2010 22:26:37 +0100
chromium-browser (6.0.472.63~r59945-2) unstable; urgency=high
* Added the missing changelog credit for the 5.0.375.29~r46008-1 revision.
Obviously this was not a "stealing" as foolishly written by Fabien Tassin
in a blog rant, but was a bad debian/changelog merge.
* Backported security patches from stable:
- High Use-after-free in text editing. Credit to David Bloom of the Google
Security Team, Google Chrome Security Team (Inferno) and Google Chrome
Security Team (Cris Neckar).
- High Memory corruption with enormous text area. Credit to wushi of
team509.
- High Bad cast with the SVG use element. Credit to the kuzzcc.
- High Use-after-free in text control selections. Credit to "vkouchna".
- High Integer overflows in font handling. Credit to Aki Helin of OUSPG.
- High Bad use of destroyed frame object. Credit to various developers,
including "gundlach".
- High Type confusions with event objects. Credit to "fam.lam" and Google
Chrome Security Team (Inferno).
- High Out-of-bounds array access in SVG handling. Credit to wushi of
team509.
-- Giuseppe Iuculano <email address hidden> Fri, 05 Nov 2010 09:19:33 +0100
chromium-browser (6.0.472.63~r59945-1) unstable; urgency=high
* New stable microrelease.
* Allow to choose whether links are opened in a new link or new tab.
(Closes: #581391) Thanks to Sam Morris
* Backported security patches:
- Medium Possible autofill / autocomplete profile spamming. Credit to
Google Chrome Security Team (Inferno).
- High Crash with forms. Credit to the Chromium development community.
- Critical Browser crash with form autofill. Credit to the Chromium
development community.
- High Possible URL spoofing on page unload. Credit to kuzzcc; plus
independent discovery by Jordi Chancel.
- High Possible memory corruption with animated GIF. Credit to Simon Schaak.
- High Failure to sandbox worker processes on Linux. Credit to Google
Chrome Security Team (Chris Evans).
- High Stale elements in an element map. Credit to Michal Zalewski of the
Google Security Team.
-- Giuseppe Iuculano <email address hidden> Tue, 19 Oct 2010 12:59:21 +0200
| Superseded in experimental-release |
chromium-browser (7.0.544.0~r61416-1) experimental; urgency=low * New dev version * Remove system-icu.patch, applied upstream * Remove icu44.patch, applied upstream * Refreshed patches * Enable compile-time dependency on gnome-keyring * Use system speex * Build depends on libv8-dev >= 2.4.7 * Remove disable_dlog_and_dcheck_in_release_builds.patch * Install libosmesa.so ssl_false_start_blacklist_process and xdg-mime -- Giuseppe Iuculano <email address hidden> Wed, 06 Oct 2010 14:55:53 +0200
chromium-browser (6.0.472.62~r59676-1) unstable; urgency=low
* New stable security microrelease:
- [55114] High Bad cast with malformed SVG. Credit to wushi of team 509.
- [55119] Critical Buffer mismanagement in the SPDY protocol. Credit to Ron
Ten-Hove of Google.
- [55350] High Cross-origin property pollution. Credit to Stefano Di Paola
of MindedSecurity.
* Add translations for the "Name" field in the desktop file, and fix
some "Comment" / "GenericName". Thanks to the Ubuntu translation team.
* Build with PIE (Position Independent Executable)
-- Giuseppe Iuculano <email address hidden> Sat, 18 Sep 2010 16:48:44 +0200
| Superseded in sid-release |
chromium-browser (6.0.472.59~r59126-1) unstable; urgency=low
* New stable security microrelease:
- [50250] High Use-after-free when using document APIs during parse. Credit
to David Weston of Microsoft + Microsoft Vulnerability Research (MSVR) and
wushi of team 509 (independent discoveries).
- [50712] High Use-after-free in SVG styles. Credit to kuzzcc.
- [51252] High Use-after-free with nested SVG elements. Credit to kuzzcc.
- [51709] Low Possible browser assert in cursor handling. Credit to
"magnusmorton".
- [51919] High Race condition in console handling. Credit to kuzzcc.
- [53176] Low Unlikely browser crash in pop-up blocking. Credit to kuzzcc.
- [53394] High Memory corruption in Geolocation. Credit to kuzzcc.
- [53930] High Memory corruption in Khmer handling. Credit to Google Chrome
Security Team (Chris Evans).
- [54006] Low Failure to prompt for extension history access. Credit to
"adriennefelt".
-- Giuseppe Iuculano <email address hidden> Wed, 15 Sep 2010 16:00:10 +0200
| Superseded in sid-release |
chromium-browser (6.0.472.53~r57914-3) unstable; urgency=low
* Upload to unstable, this release fixes the following security issue:
- [34414] Low Pop-up blocker bypass with blank frame target. Credit to
Google Chrome Security Team (Inferno) and “ironfist99”.
- [37201] Medium URL bar visual spoofing with homographic sequences. Credit
to Chris Weber of Casaba Security.
- [41654] Medium Apply more restrictions on setting clipboard content.
Credit to Brook Novak.
- [45659] High Stale pointer with SVG filters. Credit to Tavis Ormandy of
the Google Security Team.
- [45876] Medium Possible installed extension enumeration. Credit to
Lostmon.
- [46750] [51846] Low Browser NULL crash with WebSockets. Credit to Google
Chrome Security Team (SkyLined), Google Chrome Security Team
(Justin Schuh) and Keith Campbell.
- [50386] High Use-after-free in Notifications presenter. Credit to Sergey
Glazunov.
- [50839] High Notification permissions memory corruption. Credit to Michal
Zalewski of the Google Security Team and Google Chrome Security Team
(SkyLined).
- [51630] [51739] High Integer errors in WebSockets. Credit to
Keith Campbell and Google Chrome Security Team (Cris Neckar).
- [51653] High Memory corruption with counter nodes. Credit to kuzzcc.
- [51727] Low Avoid storing excessive autocomplete entries. Credit to Google
Chrome Security Team (Inferno).
- [52443] High Stale pointer in focus handling. Credit to VUPEN
Vulnerability Research Team (VUPEN-SR-2010-249).
- [52682] High Sandbox parameter deserialization error. Credit to Ashutosh
Mehra and Vineet Batra of the Adobe Reader Sandbox Team.
- [53001] Medium Cross-origin image theft. Credit to Isaac Dawson.
* Provide gnome-www-browser (Closes: #594057)
* use startup-notification correctly (Closes: #581347)
* the main scrollbar doesn'have anymore low contrast (Closes: #582648)
* check DISPLAY envvar (Closes: #587398)
* Doesn't segfault with cups (Closes: #593748)
-- Giuseppe Iuculano <email address hidden> Tue, 07 Sep 2010 18:49:45 +0200
| Superseded in experimental-release |
chromium-browser (6.0.472.53~r57914-2) experimental; urgency=low
* Do not install libppapi_tests.so and DumpRenderTree_resources/
* Add libppapi_tests.so to INSTALL_EXCLUDE_FILES and
DumpRenderTree_resources/ to INSTALL_EXCLUDE_DIRS
-- Giuseppe Iuculano <email address hidden> Sat, 04 Sep 2010 08:28:27 +0200
| Superseded in experimental-release |
chromium-browser (6.0.472.53~r57914-1) experimental; urgency=low
* New upstream release
* Merge the unstable branch
* Backport arm ffmpeg fix from unstable (v5)
* chromium-browser-inspector: added a conflict with
chromium-browser (<< ${source:Version}) (Closes: #594909)
-- Giuseppe Iuculano <email address hidden> Wed, 01 Sep 2010 15:39:16 +0200
chromium-browser (5.0.375.127~r55887-1) unstable; urgency=high
* New stable security microrelease.
- Critical. Memory corruption with file dialog. Credit to Sergey Glazunov.
- High. Memory corruption with SVGs. Credit to wushi of team509.
- High. Bad cast with text editing. Credit to wushi of team509.
- High. Possible address bar spoofing with history bug. Credit to Mike
Taylor.
- High. Memory corruption in MIME type handling. Credit to Sergey Glazunov.
- Critical. Crash on shutdown due to notifications bug. Credit to Sergey
Glazunov.
- Medium. Stop omnibox autosuggest if the user might be about to type a
password. Credit to Robert Hansen.
- High. Memory corruption with Ruby support. Credit to kuzzcc.
- High. Memory corruption with Geolocation support. Credit to kuzzcc.
* Remove gecko-mediaplayer from blacklist (Closes: #590145)
-- Giuseppe Iuculano <email address hidden> Fri, 20 Aug 2010 11:09:16 +0200
| Superseded in experimental-release |
chromium-browser (6.0.472.36~r55963-1) experimental; urgency=low * New beta release * Refreshed patches * Build and use the custom ffmpeg copy * Build and use the custom protobuf copy. -- Giuseppe Iuculano <email address hidden> Thu, 19 Aug 2010 09:53:03 +0200
chromium-browser (5.0.375.125~r53311-1) unstable; urgency=medium
* Flush cairo surface at end of CanvasPaintLinux (Closes: #587164)
* New stable micro release:
- Medium Memory contents disclosure in layout code. Credit to Michail
Nikolaev.
- High Issue with large canvases. Credit to sp3x of SecurityReason.com.
- High Memory corruption in rendering code. Credit to Jose A. Vazquez.
- High Memory corruption in SVG handling. Credit to Aki Helin of OUSPG.
- Low Avoid hostname truncation and incorrect eliding. Credit to Google
Chrome Security Team (Inferno).
-- Giuseppe Iuculano <email address hidden> Tue, 27 Jul 2010 12:44:58 +0200
| Superseded in experimental-release |
chromium-browser (6.0.466.0~r52279-1) experimental; urgency=low
* Flush cairo surface at end of CanvasPaintLinux (Closes: #587164)
* New dev upstream for experimental suite
* Refreshed patches.
* Install new resource.pak
* Added libcups2-dev, libgnome-keyring-dev, libgconf2-dev in BUild-depends
* set disable_sse2=1
* Switch back to ffmpeg system libs
* Install DumpRenderTree_resources
* Define GOOGLE_PROTOBUF_NO_RTTI to fix FTBFS when compiling against system
protobuf
-- Giuseppe Iuculano <email address hidden> Wed, 21 Jul 2010 10:50:54 +0200
| Superseded in sid-release |
chromium-browser (5.0.375.99~r51029-4) unstable; urgency=low
* Fix FTBFS with icu 4.4 (Closes: #589414)
* Do not use armv4 incompatible code
* Remove src/out and "*.pyc" files in clean target. (Closes: #589160)
Thanks to Timo Juhani Lindfors.
-- Giuseppe Iuculano <email address hidden> Sat, 17 Jul 2010 17:22:47 +0200
| Superseded in sid-release |
chromium-browser (5.0.375.99~r51029-3) unstable; urgency=low
* [armel] Disabled thumb to fix FTBFS in armel
* Bump to Standards-Version 3.9.0, no changes needed
* Backport support for the Ambiance/Radiance and Dust themes button ordering
by reading the gconf pref
-- Giuseppe Iuculano <email address hidden> Thu, 08 Jul 2010 13:34:15 +0200
| Superseded in sid-release |
chromium-browser (5.0.375.99~r51029-2) unstable; urgency=low * Backport patch for CVE-2010-1760 * [armel] set arm_neon=0 * [armel] Remove all V5TE, VFP code from ffmpeg -- Giuseppe Iuculano <email address hidden> Tue, 06 Jul 2010 16:14:12 +0200
| Superseded in sid-release |
chromium-browser (5.0.375.99~r51029-1) unstable; urgency=low
* DEB_HOST_ARCH_CPU in armel is arm, updating debian/rules
* New stable version, this release fixes the following security
issues:
- [42396] Low OOB read with WebGL. Credit to Sergey Glazunov; Google Chrome
Security Team (SkyLined).
- [42575] [42980] Medium Isolate sandboxed iframes more strongly. Credit to
sirdarckcat of Google Security Team.
- [43488] High Memory corruption with invalid SVGs. Credit to Aki Hekin of
OUSPG; wushi of team509.
- [44424] High Memory corruption in bidi algorithm. Credit to wushi of
team509.
- [45164] Low Crash with invalid image. Credit to javg0x83.
- [45983] High Memory corruption with invalid PNG (libpng bug). Credit to
Aki Helin of OUSPG.
- [46360] High Memory corruption in CSS style rendering. Credit to wushi of
team509.
- [46575] Low Annoyance with print dialogs. Credit to Mats Ahlgren.
- [47056] Low Crash with modal dialogs. Credit to Aki Helin of OUSPG.
* Remove armv6 and armv7 support from ffmpeg internal copy
* Set arm_thumb=0 to avoid FTBFS in armel. Thanks to Peter De Schrijver,
Timo Lindfors and Reinhard Tartler
-- Giuseppe Iuculano <email address hidden> Sat, 03 Jul 2010 13:23:26 +0200
| Superseded in sid-release |
chromium-browser (5.0.375.86~r49890-4) unstable; urgency=low
* Use the full path in chromium-browser.desktop Exec field (Closes: #580582)
* Remove the 3d patch, non-3d videos are messed up (Closes: 587389)
* Build depends on libicu-dev (>= 4.2.1) and libevent-dev (>= 1.4.13) to
avoid bad backports
-- Giuseppe Iuculano <email address hidden> Mon, 28 Jun 2010 15:10:05 +0200
| Superseded in sid-release |
chromium-browser (5.0.375.86~r49890-3) unstable; urgency=low * Set ffmpeg_branding=Chrome to enable the h264 decoder (Closes: #587293) * Backport VP8/WebM code and use system copy of libvpx * Add xulrunner lib path to LD_LIBRARY_PATH (Closes: #574679) * Removed license info for src/native_client/src/third_party/valgrind/bin/ * Fixed 3d visualization on youtube video with html5 and Webm -- Giuseppe Iuculano <email address hidden> Sun, 27 Jun 2010 13:01:44 +0200
| Superseded in sid-release |
chromium-browser (5.0.375.86~r49890-2) unstable; urgency=low
* Partially revert info in about:version, it has significant impact in
first-run performance
* Build and use the custom ffmpeg copy, when ffmpeg 0.6 will be uploaded in
unstable chromium will use the system copy of ffmpeg. (Closes: #581507)
* Install libffmpegsumo
* Add a replace and conflict entry for chromium-codecs-ffmpeg and
chromium-codecs-ffmpeg-extra. This is necessary for people who used or
are using the unofficial PPA build.
* Update language list in chromium-browser-l10n description
-- Giuseppe Iuculano <email address hidden> Sat, 26 Jun 2010 09:47:17 +0200
| Superseded in sid-release |
chromium-browser (5.0.375.86~r49890-1) unstable; urgency=low
[ Jonathan Nieder ]
* Use dpkg-architecture directly instead of relying on
dpkg-buildpackage to set DEB_*_ARCH variables. Use
DEB_HOST_ARCH_CPU instead of DEB_BUILD_ARCH to detect target CPU.
(Closes: #585801)
[ Giuseppe Iuculano ]
* New stable version, this release fixes the following security
issues:
- [38105] Medium XSS via application/json response (regression). Credit to
Ben Davis for original discovery and Emanuele Gentili for regression
discovery.
- [43322] Medium Memory error in video handling. Credit to Mark Dowd under
contract to Google Chrome Security Team.
- [43967] High Subresource displayed in omnibox loading. Credit to Michal
Zalewski of Google Security Team.
- [45267] High Memory error in video handling. Credit to Google Chrome
Security Team (Cris Neckar).
- [46126] High Stale pointer in x509-user-cert response. Credit to Rodrigo
Marcos of SECFORCE.
- Drop the XLIB_SKIP_ARGB_VISUALS workaround as it creates regressions.
See http://crbug.com/46439
* Use /usr/bin/chromium-browser in chromium-browser.xml (Closes: #580582)
[ Fabien Tassin ]
* Show in about:version when chromium is running on a different
distribution that it has been built on
- udpate debian/rules
- rename and update debian/chromium-browser.sh => debian/chromium-browser.sh.in
-- Giuseppe Iuculano <email address hidden> Fri, 25 Jun 2010 10:15:35 +0200
| Superseded in sid-release |
chromium-browser (5.0.375.70~r48679-2) unstable; urgency=low
[ Fabien Tassin ]
* Accept 'stable' as value for $(CHANNEL)
- update debian/rules
[ Giuseppe Iuculano ]
* Use the full path in chromium-browser.xml, now Gnome's Preferred
Applications doesn't get confused. (Closes: #580582)
* debian/patches/protobuf.patch: Use system copy of libprotobuf
* Added protobuf-compiler and libprotobuf-dev in Build-Depends
* debian/patches/glew.patch: Use system copy of libglewmx (version with
support for thread-safe usage of multiple rendering contexts)
* Added libglewmx1.5-dev in Build-Depends
* Removed Fabien and Alexander from Uploaders.
* Updated VCS control fields
* Fix an infinite recursion crash when trying to wrap media elements without
a media player. (Closes: #582709)
-- Giuseppe Iuculano <email address hidden> Sun, 13 Jun 2010 22:23:59 +0200
| Superseded in sid-release |
chromium-browser (5.0.375.70~r48679-1) unstable; urgency=low
[ Fabien Tassin ]
* Add a --temp-profile knob to the launcher script starting Chromium with
a new profile which will last only for the duration of the session
- update debian/chromium-browser.sh
* Change StartupWMClass to Chromium-browser in the desktop launcher so
cairo-dock does the right thing (LP: #587664)
- update debian/chromium-browser.desktop
* Set XLIB_SKIP_ARGB_VISUALS=1 in the wrapper to prevent flash from dying
with a Gdk-ERROR when gtk2 is built with RGBA support (like in Maverick).
(LP: #584959)
- update debian/chromium-browser.sh
[ Giuseppe Iuculano ]
* New upstream stable release, this release fixes the following security
issues:
- [15766] Medium Cross-origin keystroke redirection.
- [39985] High Cross-origin bypass in DOM methods.
- [42723] High Memory error in table layout.
- [43304] High Linux sandbox escape.
- [43307] High Bitmap stale pointer.
- [43315] High Memory corruption in DOM node normalization.
- [43487] High Memory corruption in text transforms.
- [43902] Medium XSS in innerHTML property of textarea.
- [44740] High Memory corruption in font handling.
- [44868] High Geolocation events fire after document deletion.
- [44955] High Memory corruption in rendering of list markers.
-- Giuseppe Iuculano <email address hidden> Wed, 09 Jun 2010 12:08:42 +0200
| Superseded in sid-release |
chromium-browser (5.0.375.55~r47796-1) unstable; urgency=low
* New beta release.
- This release contains some minor crash and stability fixes.
* Switch to dpkg-source 3.0 (quilt) format.
* Don't use a tar.lzma-in-a-tar.gz
- Now debian/rules binary works (Closes: #580535)
* Refreshed patches and removed zoom_incognito.patch (applied upstream)
* Removed quilt from Build-Depends
* Build-depends on libv8-dev >= 2.2.7 and fix build-depends-on-1-revision
lintian warning
-- Giuseppe Iuculano <email address hidden> Sun, 23 May 2010 23:22:16 +0200
| Superseded in sid-release |
chromium-browser (5.0.375.38~r46659-2) unstable; urgency=low
[ Fabien Tassin ]
* Unbreak get-orig-source when it needs to drop its cache after a channel jump
(replace brace expansion - which is a bashism - with proper $(wildcard))
- update debian/rules
[ Giuseppe Iuculano ]
* chromium-browser-inspector: demoted chromium-browser to Recommend and
avoid circular dependency (Closes: #581743)
* Tell Chromium to look in /etc/chromium-browser for the master_preferences
file
- update debian/patches/series
- add debian/patches/prefs.patch
* Ship a custom first-run preferences file
- update debian/chromium-browser.install
- add debian/master_preferences
* Removed g++-4.3 | g++-4.2 from Build-Depends
- update debian/control
* Removed the icon field from the menu file
- update debian/chromium-browser.menu
* Removed libc6-dev-i386 [amd64] and g++-multilib [amd64] from Build-Depends
- update debian/control
* Install a presubj bug file
- update debian/chromium-browser.install
- add debian/presubj
* Forget zoom levels set/changed in incognito mode
- add debian/patches/zoom_incognito.patch
- update debian/patches/series
-- Giuseppe Iuculano <email address hidden> Tue, 18 May 2010 23:52:40 +0200
| Superseded in sid-release |
chromium-browser (5.0.375.38~r46659-1) unstable; urgency=low
[ Giuseppe Iuculano ]
* Use system copy of libv8
- update debian/control
- update debian/patches/series
- update debian/patches/system_v8.patch
- update debian/rules
* Build-depends on libv8-dev >= 2.2.7
See http://code.google.com/p/v8/issues/detail?id=506
- update debian/control
* Recognize iceweasel in about:memory
- update debian/patches/series
- add debian/patches/memory_iceweasel.patch
* Set arch to i386 amd64 armel mips
* New beta release
- In addition to crash and stability fixes, this release also includes
a localization refresh
* Upload in unstable
[ Andres Mejia ]
* Be able to use system ffmpeg-0.5.1. (Closes: #580947)
-- Giuseppe Iuculano <email address hidden> Thu, 13 May 2010 11:31:32 +0200
| 226 → 294 of 294 results | First • Previous • Next • Last |
