Change log for chromium-browser package in Ubuntu
| 526 → 600 of 614 results | First • Previous • Next • Last |
| Superseded in oneiric-release |
chromium-browser (12.0.742.112~r90304-0ubuntu1) oneiric; urgency=high * New Minor upstream release from the Stable Channel (LP: #803107) This release fixes the following security issues: + WebKit issues: - [84355] High, CVE-2011-2346: Use-after-free in SVG font handling. Credit to miaubiz. - [85003] High, CVE-2011-2347: Memory corruption in CSS parsing. Credit to miaubiz. - [85102] High, CVE-2011-2350: Lifetime and re-entrancy issues in the HTML parser. Credit to miaubiz. - [85211] High, CVE-2011-2351: Use-after-free with SVG use element. Credit to miaubiz. - [85418] High, CVE-2011-2349: Use-after-free in text selection. Credit to miaubiz. + Chromium issues: - [77493] Medium, CVE-2011-2345: Out-of-bounds read in NPAPI string handling. Credit to Philippe Arteau. - [85177] High, CVE-2011-2348: Bad bounds check in v8. Credit to Aki Helin of OUSPG. Packaging changes: * Add Valencian (ca@valencia) to the list of supported langs for the lang-packs - update debian/rules - update debian/control * Add support for language variants in Grit, backported from trunk. This is needed to support lang-codes like ca@valencia - add debian/patches/grit_language_variants.patch - update debian/patches/series * Add a WANT_ONLY_WHITELISTED_NEW_LANGS knob to make it easier to sync translations of new langs between all the branches - update debian/rules * Properly stop the keep-alive when the build fails - update debian/rules * Fix the HTML5 <video> tag regression in Oneiric by properly linking libvpx so it's not being dropped from libffmpegsumo.so (LP: #795171) - add debian/patches/html5-codecs-fix.patch - update debian/patches/series * Drop the -inspector package, its content has been merged into the main deb in M12 and the deb remained empty since. Also drop chromium-codecs-ffmpeg-nonfree, renamed in M5 to -extra - update debian/control - update debian/rules * Backport of http://codereview.chromium.org/6883221 from M13 presumably fixing the ARM ftbfs from the last update, and set use_cups=0 on armel - add debian/patches/cups_cleanup_cr6883221.patch - update debian/patches/series - update debian/rules -- Fabien Tassin <email address hidden> Tue, 28 Jun 2011 07:17:52 +0200
Available diffs
| Superseded in natty-updates |
| Superseded in natty-security |
| Deleted in natty-proposed (Reason: moved to -updates) |
chromium-browser (12.0.742.91~r87961-0ubuntu0.11.04.1) natty-security; urgency=low [ Fabien Tassin <email address hidden> ] * New upstream release from the Stable Channel (LP: #794197) It includes: - Hardware accelerated 3D CSS - New Safe Browsing protection against downloading malicious files - Integrated Sync into new settings pages This release fixes the following security issues: + WebKit issues: - [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues in float handling. Credit to miaubiz. - [75496] Medium CVE-2011-1809: Use-after-free in accessibility support. Credit to Google Chrome Security Team (SkyLined). - [75643] Low CVE-2011-1810: Visit history information leak in CSS. Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability Research (MSVR). - [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit to kuzzcc. - [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to miaubiz. - [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey Glazunov. + Chromium issues: - [76034] Low CVE-2011-1811: Browser crash with lots of form submissions. Credit to “DimitrisV22”. - [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to kuzzcc. - [78516] High CVE-2011-1813: Stale pointer in extension framework. Credit to Google Chrome Security Team (Inferno). - [79862] Low CVE-2011-1815: Extension script injection into new tab page. Credit to kuzzcc. - [81916] Medium CVE-2011-1817: Browser memory corruption in history deletion. Credit to Collin Payne. - [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages. Credit to Vladislavas Jarmalis, plus subsequent independent discovery by Sergey Glazunov. - [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey Glazunov. * Drop the stored passwords patch (fixed upstream) - remove debian/patches/stored_passwords_lp743494.patch - update debian/patches/series * Empty the -inspector package now that it has been merged into the main resources.pak file (so that the Inspector remains usable after an upgrade until the next browser restart). Also remove the resources directory, now empty - remove debian/chromium-browser-inspector.install - update debian/chromium-browser.dirs - update debian/rules * Update the location of the app_strings templates - update debian/rules * Rebase the GL dlopen patch - update debian/patches/dlopen_sonamed_gl.patch * Drop the gtk resize patch, now that upstream does it for us - remove debian/patches/disable_gtk_resize_grip_on_natty.patch - update debian/patches/series * Drop the xdg-utils patch and use the system xdg tools when we detect that xdg-setting is present on the system (ensuring it's a recent enough xdg-utils) - update debian/chromium-browser.sh.in - remove debian/patches/xdg-utils_gnome3_lp670128_for_natty.patch - update debian/patches/series * Drop the dedicated webapp WMClass patch - remove debian/patches/webapps-wm-class-lp692462.patch - update debian/patches/series [ Micah Gersten <email address hidden> ] * Don't have chromium-browser depend on chromium-browser-inspector anymore it's now a transitional package; Change text of chromium-browser-inspector to reflect its transitional nature - update debian/control -- Micah Gersten <email address hidden> Fri, 10 Jun 2011 07:02:44 -0500
Available diffs
| Superseded in maverick-updates |
| Superseded in maverick-security |
| Deleted in maverick-proposed (Reason: moved to -updates) |
chromium-browser (12.0.742.91~r87961-0ubuntu0.10.10.1) maverick-security; urgency=low [ Fabien Tassin <email address hidden> ] * New upstream release from the Stable Channel (LP: #794197) It includes: - Hardware accelerated 3D CSS - New Safe Browsing protection against downloading malicious files - Integrated Sync into new settings pages This release fixes the following security issues: + WebKit issues: - [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues in float handling. Credit to miaubiz. - [75496] Medium CVE-2011-1809: Use-after-free in accessibility support. Credit to Google Chrome Security Team (SkyLined). - [75643] Low CVE-2011-1810: Visit history information leak in CSS. Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability Research (MSVR). - [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit to kuzzcc. - [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to miaubiz. - [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey Glazunov. + Chromium issues: - [76034] Low CVE-2011-1811: Browser crash with lots of form submissions. Credit to “DimitrisV22”. - [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to kuzzcc. - [78516] High CVE-2011-1813: Stale pointer in extension framework. Credit to Google Chrome Security Team (Inferno). - [79862] Low CVE-2011-1815: Extension script injection into new tab page. Credit to kuzzcc. - [81916] Medium CVE-2011-1817: Browser memory corruption in history deletion. Credit to Collin Payne. - [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages. Credit to Vladislavas Jarmalis, plus subsequent independent discovery by Sergey Glazunov. - [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey Glazunov. * Drop the stored passwords patch (fixed upstream) - remove debian/patches/stored_passwords_lp743494.patch - update debian/patches/series * Empty the -inspector package now that it has been merged into the main resources.pak file (so that the Inspector remains usable after an upgrade until the next browser restart). Also remove the resources directory, now empty - remove debian/chromium-browser-inspector.install - update debian/chromium-browser.dirs - update debian/rules * Update the location of the app_strings templates - update debian/rules * Don't build with libjpeg-turbo on armel, to prevent a FTBFS - update debian/rules * Rebase the GL dlopen patch - update debian/patches/dlopen_sonamed_gl.patch [ Micah Gersten <email address hidden> ] * Don't have chromium-browser depend on chromium-browser-inspector anymore it's now a transitional package; Change text of chromium-browser-inspector to reflect its transitional nature - update debian/control * Re-enable armel builds - update debian/control -- Micah Gersten <email address hidden> Tue, 07 Jun 2011 19:19:02 -0500
Available diffs
| Superseded in lucid-updates |
| Superseded in lucid-security |
| Deleted in lucid-proposed (Reason: moved to -updates) |
chromium-browser (12.0.742.91~r87961-0ubuntu0.10.04.1) lucid-security; urgency=low [ Fabien Tassin <email address hidden> ] * New upstream release from the Stable Channel (LP: #794197) It includes: - Hardware accelerated 3D CSS - New Safe Browsing protection against downloading malicious files - Integrated Sync into new settings pages This release fixes the following security issues: + WebKit issues: - [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues in float handling. Credit to miaubiz. - [75496] Medium CVE-2011-1809: Use-after-free in accessibility support. Credit to Google Chrome Security Team (SkyLined). - [75643] Low CVE-2011-1810: Visit history information leak in CSS. Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability Research (MSVR). - [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit to kuzzcc. - [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to miaubiz. - [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey Glazunov. + Chromium issues: - [76034] Low CVE-2011-1811: Browser crash with lots of form submissions. Credit to “DimitrisV22”. - [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to kuzzcc. - [78516] High CVE-2011-1813: Stale pointer in extension framework. Credit to Google Chrome Security Team (Inferno). - [79862] Low CVE-2011-1815: Extension script injection into new tab page. Credit to kuzzcc. - [81916] Medium CVE-2011-1817: Browser memory corruption in history deletion. Credit to Collin Payne. - [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages. Credit to Vladislavas Jarmalis, plus subsequent independent discovery by Sergey Glazunov. - [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey Glazunov. * Drop the stored passwords patch (fixed upstream) - remove debian/patches/stored_passwords_lp743494.patch - update debian/patches/series * Empty the -inspector package now that it has been merged into the main resources.pak file (so that the Inspector remains usable after an upgrade until the next browser restart). Also remove the resources directory, now empty - remove debian/chromium-browser-inspector.install - update debian/chromium-browser.dirs - update debian/rules * Update the location of the app_strings templates - update debian/rules * Don't build with libjpeg-turbo on armel, to prevent a FTBFS - update debian/rules * Rebase the GL dlopen patch - update debian/patches/dlopen_sonamed_gl.patch [ Micah Gersten <email address hidden> ] * Don't have chromium-browser depend on chromium-browser-inspector anymore it's now a transitional package; Change text of chromium-browser-inspector to reflect its transitional nature - update debian/control * Re-enable armel builds - update debian/control -- Micah Gersten <email address hidden> Tue, 07 Jun 2011 18:48:38 -0500
Available diffs
| Superseded in oneiric-release |
chromium-browser (12.0.742.91~r87961-0ubuntu1) oneiric; urgency=high * New upstream release from the Stable Channel (LP: #794197) It includes: - Hardware accelerated 3D CSS - New Safe Browsing protection against downloading malicious files - Ability to delete Flash cookies from inside Chrome - Launch Apps by name from the Omnibox - Integrated Sync into new settings pages - Improved screen reader support - New warning when hitting Command-Q on Mac - Removal of Google Gears This release fixes the following security issues: + WebKit issues: - [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues in float handling. Credit to miaubiz. - [75496] Medium CVE-2011-1809: Use-after-free in accessibility support. Credit to Google Chrome Security Team (SkyLined). - [75643] Low CVE-2011-1810: Visit history information leak in CSS. Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability Research (MSVR). - [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit to kuzzcc. - [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to miaubiz. - [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey Glazunov. + Chromium issues: - [76034] Low CVE-2011-1811: Browser crash with lots of form submissions. Credit to “DimitrisV22”. - [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to kuzzcc. - [78516] High CVE-2011-1813: Stale pointer in extension framework. Credit to Google Chrome Security Team (Inferno). - [79862] Low CVE-2011-1815: Extension script injection into new tab page. Credit to kuzzcc. - [81916] Medium CVE-2011-1817: Browser memory corruption in history deletion. Credit to Collin Payne. - [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages. Credit to Vladislavas Jarmalis, plus subsequent independent discovery by Sergey Glazunov. - [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey Glazunov. Packaging changes: * Provide a batch of translations for the Unity quicklists, and update the regular desktop translations - update debian/chromium-browser.desktop * Add a keep-alive script preventing the builders from killing the build when it's not echoing anything for too long (useful when linking the main binary with ld-bfd) - add debian/keep-alive.sh - update debian/rules * Drop the gtk resize patch, now that upstream does it for us - remove debian/patches/disable_gtk_resize_grip_on_natty.patch - update debian/patches/series * Drop the xdg-utils patch and use the system xdg tools when we detect that xdg-setting is present on the system (ensuring it's a recent enough xdg-utils) - update debian/chromium-browser.sh.in - remove debian/patches/xdg-utils_gnome3_lp670128_for_natty.patch - update debian/patches/series * Drop the stored passwords patch - remove debian/patches/stored_passwords_lp743494.patch - update debian/patches/series * Drop the dedicated webapp WMClass patch - remove debian/patches/webapps-wm-class-lp692462.patch - update debian/patches/series * When building with a non-default g++, also link with the same version - update debian/rules * Empty the -inspector package now that it has been merged into the main resources.pak file (so that the Inspector remains usable after an upgrade until the next browser restart). Also remove the resources directory, now empty - remove debian/chromium-browser-inspector.install - update debian/chromium-browser.dirs - update debian/rules -- Fabien Tassin <email address hidden> Thu, 26 May 2011 17:16:41 +0200
Available diffs
| Superseded in natty-security |
| Superseded in natty-updates |
| Deleted in natty-proposed (Reason: moved to -updates) |
| Superseded in natty-proposed |
chromium-browser (11.0.696.71~r86024-0ubuntu0.11.04.1) natty-security; urgency=low [ Fabien Tassin <email address hidden> ] * New Minor upstream release from the Stable Channel (LP: #787846) This release fixes the following security issues: + WebKit issues: - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De Silva. - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit to Martin Barbella. - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community. + GPU/WebGL issue: - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command buffer. Credit to Google Chrome Security Team (Cris Neckar). * Update the svg icon once again, the previous one contained an embedded png (LP: #748881) - update debian/chromium-browser.svg -- Micah Gersten <email address hidden> Wed, 25 May 2011 18:01:58 -0500
Available diffs
| Superseded in maverick-security |
| Superseded in maverick-updates |
| Deleted in maverick-proposed (Reason: moved to -updates) |
| Superseded in maverick-proposed |
chromium-browser (11.0.696.71~r86024-0ubuntu0.10.10.1) maverick-security; urgency=low [ Fabien Tassin <email address hidden> ] * New Minor upstream release from the Stable Channel (LP: #787846) This release fixes the following security issues: + WebKit issues: - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De Silva. - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit to Martin Barbella. - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community. + GPU/WebGL issue: - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command buffer. Credit to Google Chrome Security Team (Cris Neckar). * Update the svg icon once again, the previous one contained an embedded png (LP: #748881) - update debian/chromium-browser.svg -- Micah Gersten <email address hidden> Wed, 25 May 2011 17:12:59 -0500
Available diffs
| Superseded in lucid-security |
| Superseded in lucid-updates |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-proposed |
chromium-browser (11.0.696.71~r86024-0ubuntu0.10.04.1) lucid-security; urgency=low [ Fabien Tassin <email address hidden> ] * New Minor upstream release from the Stable Channel (LP: #787846) This release fixes the following security issues: + WebKit issues: - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De Silva. - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit to Martin Barbella. - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community. + GPU/WebGL issue: - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command buffer. Credit to Google Chrome Security Team (Cris Neckar). * Update the svg icon once again, the previous one contained an embedded png (LP: #748881) - update debian/chromium-browser.svg -- Micah Gersten <email address hidden> Wed, 25 May 2011 15:24:22 -0500
Available diffs
| Superseded in oneiric-release |
chromium-browser (11.0.696.71~r86024-0ubuntu1) oneiric; urgency=low * New Minor upstream release from the Stable Channel (LP: #787846) This release fixes the following security issues: + WebKit issues: - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De Silva. - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit to Martin Barbella. - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community. - other issues covered by CVE-2011-1802, CVE-2011-1803, CVE-2011-1805 + GPU/WebGL issue: - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command buffer. Credit to Google Chrome Security Team (Cris Neckar). * Update the svg icon once again, the previous one contained an embedded png (LP: #748881) - update debian/chromium-browser.svg * Don't build with libjpeg-turbo on armel, to prevent a FTBFS - update debian/rules -- Fabien Tassin <email address hidden> Thu, 24 May 2011 23:42:08 +0200
Available diffs
| Superseded in natty-updates |
| Superseded in natty-security |
| Deleted in natty-proposed (Reason: moved to -updates) |
| Superseded in natty-proposed |
chromium-browser (11.0.696.68~r84545-0ubuntu0.11.04.1) natty-security; urgency=low [ Fabien Tassin <email address hidden> ] * New Minor upstream release from the Stable Channel (LP: #781822) This release fixes the following security issues: + WebKit issues: - [64046] High, CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit to Google Chrome Security Team (SkyLined). - [80608] High, CVE-2011-1800: Integer overflows in SVG filters. Credit to Google Chrome Security Team (Cris Neckar). -- Micah Gersten <email address hidden> Sat, 14 May 2011 22:44:46 +0200
Available diffs
| Superseded in lucid-updates |
| Superseded in lucid-security |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-proposed |
chromium-browser (11.0.696.68~r84545-0ubuntu0.10.04.1) lucid-security; urgency=low [ Fabien Tassin <email address hidden> ] * New Minor upstream release from the Stable Channel (LP: #781822) This release fixes the following security issues: + WebKit issues: - [64046] High, CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit to Google Chrome Security Team (SkyLined). - [80608] High, CVE-2011-1800: Integer overflows in SVG filters. Credit to Google Chrome Security Team (Cris Neckar). -- Micah Gersten <email address hidden> Sat, 14 May 2011 22:35:25 +0200
Available diffs
| Superseded in maverick-updates |
| Superseded in maverick-security |
| Deleted in maverick-proposed (Reason: moved to -updates) |
| Superseded in maverick-proposed |
chromium-browser (11.0.696.68~r84545-0ubuntu0.10.10.1) maverick-security; urgency=low [ Fabien Tassin <email address hidden> ] * New Minor upstream release from the Stable Channel (LP: #781822) This release fixes the following security issues: + WebKit issues: - [64046] High, CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit to Google Chrome Security Team (SkyLined). - [80608] High, CVE-2011-1800: Integer overflows in SVG filters. Credit to Google Chrome Security Team (Cris Neckar). -- Micah Gersten <email address hidden> Sat, 14 May 2011 22:38:30 +0200
Available diffs
| Superseded in oneiric-release |
chromium-browser (11.0.696.68~r84545-0ubuntu1) oneiric; urgency=high * New Minor upstream release from the Stable Channel (LP: #781822) This release fixes the following security issues: + WebKit issues: - [64046] High, CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit to Google Chrome Security Team (SkyLined). - [80608] High, CVE-2011-1800: Integer overflows in SVG filters. Credit to Google Chrome Security Team (Cris Neckar). -- Fabien Tassin <email address hidden> Thu, 12 May 2011 19:37:35 +0200
Available diffs
| Superseded in natty-updates |
| Superseded in natty-security |
| Superseded in natty-proposed |
| Superseded in natty-proposed |
chromium-browser (11.0.696.65~r84435-0ubuntu0.11.04.1) natty-security; urgency=low [ Fabien Tassin <email address hidden> ] * New Minor upstream release from the Stable Channel (LP: #778822) This release fixes the following security issues: + WebKit issues: - [67923] High, CVE-2011-1793: stale pointer in SVG image handling (credit: Mitz) - [78327] High, CVE-2011-1794: integer overflow in SVG filters (credit: Inferno) - [78948] High, CVE-2011-1795: integer underflow in forms handling (credit: Cris Neckar) - [79055] High, CVE-2011-1796: use-after-free in frame handling (credit: Inferno) - [79075] High, CVE-2011-1797: stale pointer in table captioning (credit: wushi) - [79595] High, CVE-2011-1798: bad cast in SVG text handling (credit: Inferno) * Pass --delete_unversioned_trees to gclient and drop the git.chromium.org workaround. - update debian/rules [ Micah Gersten <email address hidden> ] * Switch arch: any to arch: i386 amd64 so that we don't have to wait for armel - update debian/control -- Micah Gersten <email address hidden> Sun, 08 May 2011 02:57:29 +0200
Available diffs
| Superseded in maverick-security |
| Superseded in maverick-updates |
| Deleted in maverick-proposed (Reason: moved to -updates) |
| Superseded in maverick-proposed |
chromium-browser (11.0.696.65~r84435-0ubuntu0.10.10.1) maverick-security; urgency=low [ Fabien Tassin <email address hidden> ] * New Minor upstream release from the Stable Channel (LP: #778822) This release fixes the following security issues: + WebKit issues: - [67923] High, CVE-2011-1793: stale pointer in SVG image handling (credit: Mitz) - [78327] High, CVE-2011-1794: integer overflow in SVG filters (credit: Inferno) - [78948] High, CVE-2011-1795: integer underflow in forms handling (credit: Cris Neckar) - [79055] High, CVE-2011-1796: use-after-free in frame handling (credit: Inferno) - [79075] High, CVE-2011-1797: stale pointer in table captioning (credit: wushi) - [79595] High, CVE-2011-1798: bad cast in SVG text handling (credit: Inferno) * Pass --delete_unversioned_trees to gclient and drop the git.chromium.org workaround. - update debian/rules [ Micah Gersten <email address hidden> ] * Switch arch: any to arch: i386 amd64 so that we don't have to wait for armel - update debian/control -- Micah Gersten <email address hidden> Sun, 08 May 2011 02:26:50 +0200
Available diffs
| Superseded in lucid-updates |
| Superseded in lucid-security |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-proposed |
chromium-browser (11.0.696.65~r84435-0ubuntu0.10.04.1) lucid-security; urgency=low [ Fabien Tassin <email address hidden> ] * New Minor upstream release from the Stable Channel (LP: #778822) This release fixes the following security issues: + WebKit issues: - [67923] High, CVE-2011-1793: stale pointer in SVG image handling (credit: Mitz) - [78327] High, CVE-2011-1794: integer overflow in SVG filters (credit: Inferno) - [78948] High, CVE-2011-1795: integer underflow in forms handling (credit: Cris Neckar) - [79055] High, CVE-2011-1796: use-after-free in frame handling (credit: Inferno) - [79075] High, CVE-2011-1797: stale pointer in table captioning (credit: wushi) - [79595] High, CVE-2011-1798: bad cast in SVG text handling (credit: Inferno) * Pass --delete_unversioned_trees to gclient and drop the git.chromium.org workaround. - update debian/rules [ Micah Gersten <email address hidden> ] * Switch arch: any to arch: i386 amd64 so that we don't have to wait for armel - update debian/control -- Micah Gersten <email address hidden> Sun, 08 May 2011 01:46:21 +0200
Available diffs
| Superseded in oneiric-release |
chromium-browser (11.0.696.65~r84435-0ubuntu1) oneiric; urgency=high * New Minor upstream release from the Stable Channel (LP: #778822) This release fixes the following security issues: + WebKit issues: - [67923] High, CVE-2010-1793: stale pointer in SVG image handling (credit: Mitz) - [78327] High, CVE-2010-1794: integer overflow in SVG filters (credit: Inferno) - [78948] High, CVE-2010-1795: integer underflow in forms handling (credit: Cris Neckar) - [79055] High, CVE-2010-1796: use-after-free in frame handling (credit: Inferno) - [79075] High, CVE-2010-1797: stale pointer in table captioning (credit: wushi) - [79595] High, CVE-2010-1798: bad cast in SVG text handling (credit: Inferno) * Add a static quicklist for Unity allowing to open a new window (either regular or incognito) or a fresh session with a temporary profile - update debian/chromium-browser.desktop * Don't let scour touch the svg files (LP: #748881) - update debian/rules * Pass --delete_unversioned_trees to gclient and drop the git.chromium.org workaround. - update debian/rules * Build with gcc-4.5 on Oneiric for now. It's not ready for 4.6 - update debian/control - update debian/rules -- Fabien Tassin <email address hidden> Fri, 06 May 2011 23:04:53 +0200
| Superseded in lucid-security |
| Superseded in lucid-updates |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-proposed |
chromium-browser (11.0.696.57~r82915-0ubuntu0.10.04.1) lucid-security; urgency=high * New Major upstream release from the Stable Channel (LP: #771935) This release fixes the following security issues: + WebKit issues: - [61502] High, CVE-2011-1303: Stale pointer in floating object handling. Credit to Scott Hess of the Chromium development community and Martin Barbella. - [70538] Low, CVE-2011-1304: Pop-up block bypass via plug-ins. Credit to Chamal De Silva. - [70589] Medium, CVE-2011-1305: Linked-list race in database handling. Credit to Kostya Serebryany of the Chromium development community. - [73526] High, CVE-2011-1437: Integer overflows in float rendering. Credit to miaubiz. - [74653] High, CVE-2011-1438: Same origin policy violation with blobs. Credit to kuzzcc. - [75186] High, CVE-2011-1440: Use-after-free with <ruby> tag and CSS. Credit to Jose A. Vazquez. - [75347] High, CVE-2011-1441: Bad cast with floating select lists. Credit to Michael Griffiths. - [75801] High, CVE-2011-1442: Corrupt node trees with mutation events. Credit to Sergey Glazunov and wushi of team 509. - [76001] High, CVE-2011-1443: Stale pointers in layering code. Credit to Martin Barbella. - [76646] Medium, CVE-2011-1445: Out-of-bounds read in SVG. Credit to wushi of team509. - [76666] [77507] [78031] High, CVE-2011-1446: Possible URL bar spoofs with navigation errors and interrupted loads. Credit to kuzzcc. - [76966] High, CVE-2011-1447: Stale pointer in drop-down list handling. Credit to miaubiz. - [77130] High, CVE-2011-1448: Stale pointer in height calculations. Credit to wushi of team509. - [77346] High, CVE-2011-1449: Use-after-free in WebSockets. Credit to Marek Majkowski. - [77463] High, CVE-2011-1451: Dangling pointers in DOM id map. Credit to Sergey Glazunov. - [79199] High, CVE-2011-1454: Use-after-free in DOM id handling. Credit to Sergey Glazunov. + Chromium issues: - [71586] Medium, CVE-2011-1434: Lack of thread safety in MIME handling. Credit to Aki Helin. - [72523] Medium, CVE-2011-1435: Bad extension with ‘tabs’ permission can capture local files. Credit to Cole Snodgrass. - [72910] Low, CVE-2011-1436: Possible browser crash due to bad interaction with X. Credit to miaubiz. - [76542] High, CVE-2011-1444: Race condition in sandbox launcher. Credit to Dan Rosenberg. - [77349] Low, CVE-2011-1450: Dangling pointers in file dialogs. Credit to kuzzcc. - [77786] Medium, CVE-2011-1452: URL bar spoof with redirect and manual reload. Credit to Jordi Chancel. - [74763] High, CVE-2011-1439: Prevent interference between renderer processes. Credit to Julien Tinnes of the Google Security Team. * Fix the password store regression from the last Chromium 10 update. Backport from trunk provided by Elliot Glaysher from upstream (LP: #743494) - add debian/patches/stored_passwords_lp743494.patch - update debian/patches/series * Update the SVG logo to match the new simplified 2D logo (LP: #748881) - update debian/chromium-browser.svg * Ship the app icon in all the sizes provided upstream - update debian/rules * Add libpam0g-dev to Build-depends, needed by "Chromoting" - update debian/control * Enable the new use_third_party_translations flag at build time (it enables the Launchpad translations already used in Ubuntu since Chromium 8) - update debian/rules -- Fabien Tassin <email address hidden> Wed, 27 Apr 2011 17:31:35 +0200
Available diffs
| Superseded in maverick-security |
| Superseded in maverick-updates |
| Deleted in maverick-proposed (Reason: moved to -updates) |
| Superseded in maverick-proposed |
chromium-browser (11.0.696.57~r82915-0ubuntu0.10.10.1) maverick-security; urgency=high * New Major upstream release from the Stable Channel (LP: #771935) This release fixes the following security issues: + WebKit issues: - [61502] High, CVE-2011-1303: Stale pointer in floating object handling. Credit to Scott Hess of the Chromium development community and Martin Barbella. - [70538] Low, CVE-2011-1304: Pop-up block bypass via plug-ins. Credit to Chamal De Silva. - [70589] Medium, CVE-2011-1305: Linked-list race in database handling. Credit to Kostya Serebryany of the Chromium development community. - [73526] High, CVE-2011-1437: Integer overflows in float rendering. Credit to miaubiz. - [74653] High, CVE-2011-1438: Same origin policy violation with blobs. Credit to kuzzcc. - [75186] High, CVE-2011-1440: Use-after-free with <ruby> tag and CSS. Credit to Jose A. Vazquez. - [75347] High, CVE-2011-1441: Bad cast with floating select lists. Credit to Michael Griffiths. - [75801] High, CVE-2011-1442: Corrupt node trees with mutation events. Credit to Sergey Glazunov and wushi of team 509. - [76001] High, CVE-2011-1443: Stale pointers in layering code. Credit to Martin Barbella. - [76646] Medium, CVE-2011-1445: Out-of-bounds read in SVG. Credit to wushi of team509. - [76666] [77507] [78031] High, CVE-2011-1446: Possible URL bar spoofs with navigation errors and interrupted loads. Credit to kuzzcc. - [76966] High, CVE-2011-1447: Stale pointer in drop-down list handling. Credit to miaubiz. - [77130] High, CVE-2011-1448: Stale pointer in height calculations. Credit to wushi of team509. - [77346] High, CVE-2011-1449: Use-after-free in WebSockets. Credit to Marek Majkowski. - [77463] High, CVE-2011-1451: Dangling pointers in DOM id map. Credit to Sergey Glazunov. - [79199] High, CVE-2011-1454: Use-after-free in DOM id handling. Credit to Sergey Glazunov. + Chromium issues: - [71586] Medium, CVE-2011-1434: Lack of thread safety in MIME handling. Credit to Aki Helin. - [72523] Medium, CVE-2011-1435: Bad extension with ‘tabs’ permission can capture local files. Credit to Cole Snodgrass. - [72910] Low, CVE-2011-1436: Possible browser crash due to bad interaction with X. Credit to miaubiz. - [76542] High, CVE-2011-1444: Race condition in sandbox launcher. Credit to Dan Rosenberg. - [77349] Low, CVE-2011-1450: Dangling pointers in file dialogs. Credit to kuzzcc. - [77786] Medium, CVE-2011-1452: URL bar spoof with redirect and manual reload. Credit to Jordi Chancel. - [74763] High, CVE-2011-1439: Prevent interference between renderer processes. Credit to Julien Tinnes of the Google Security Team. * Fix the password store regression from the last Chromium 10 update. Backport from trunk provided by Elliot Glaysher from upstream (LP: #743494) - add debian/patches/stored_passwords_lp743494.patch - update debian/patches/series * Update the SVG logo to match the new simplified 2D logo (LP: #748881) - update debian/chromium-browser.svg * Ship the app icon in all the sizes provided upstream - update debian/rules * Add libpam0g-dev to Build-depends, needed by "Chromoting" - update debian/control * Enable the new use_third_party_translations flag at build time (it enables the Launchpad translations already used in Ubuntu since Chromium 8) - update debian/rules -- Fabien Tassin <email address hidden> Wed, 27 Apr 2011 17:31:35 +0200
Available diffs
| Superseded in oneiric-release |
| Superseded in natty-security |
| Superseded in natty-updates |
| Deleted in natty-proposed (Reason: moved to -updates) |
| Superseded in natty-proposed |
chromium-browser (11.0.696.57~r82915-0ubuntu0.11.04.1) natty-security; urgency=high * New Major upstream release from the Stable Channel (LP: #771935) This release fixes the following security issues: + WebKit issues: - [61502] High, CVE-2011-1303: Stale pointer in floating object handling. Credit to Scott Hess of the Chromium development community and Martin Barbella. - [70538] Low, CVE-2011-1304: Pop-up block bypass via plug-ins. Credit to Chamal De Silva. - [70589] Medium, CVE-2011-1305: Linked-list race in database handling. Credit to Kostya Serebryany of the Chromium development community. - [73526] High, CVE-2011-1437: Integer overflows in float rendering. Credit to miaubiz. - [74653] High, CVE-2011-1438: Same origin policy violation with blobs. Credit to kuzzcc. - [75186] High, CVE-2011-1440: Use-after-free with <ruby> tag and CSS. Credit to Jose A. Vazquez. - [75347] High, CVE-2011-1441: Bad cast with floating select lists. Credit to Michael Griffiths. - [75801] High, CVE-2011-1442: Corrupt node trees with mutation events. Credit to Sergey Glazunov and wushi of team 509. - [76001] High, CVE-2011-1443: Stale pointers in layering code. Credit to Martin Barbella. - [76646] Medium, CVE-2011-1445: Out-of-bounds read in SVG. Credit to wushi of team509. - [76666] [77507] [78031] High, CVE-2011-1446: Possible URL bar spoofs with navigation errors and interrupted loads. Credit to kuzzcc. - [76966] High, CVE-2011-1447: Stale pointer in drop-down list handling. Credit to miaubiz. - [77130] High, CVE-2011-1448: Stale pointer in height calculations. Credit to wushi of team509. - [77346] High, CVE-2011-1449: Use-after-free in WebSockets. Credit to Marek Majkowski. - [77463] High, CVE-2011-1451: Dangling pointers in DOM id map. Credit to Sergey Glazunov. - [79199] High, CVE-2011-1454: Use-after-free in DOM id handling. Credit to Sergey Glazunov. + Chromium issues: - [71586] Medium, CVE-2011-1434: Lack of thread safety in MIME handling. Credit to Aki Helin. - [72523] Medium, CVE-2011-1435: Bad extension with ‘tabs’ permission can capture local files. Credit to Cole Snodgrass. - [72910] Low, CVE-2011-1436: Possible browser crash due to bad interaction with X. Credit to miaubiz. - [76542] High, CVE-2011-1444: Race condition in sandbox launcher. Credit to Dan Rosenberg. - [77349] Low, CVE-2011-1450: Dangling pointers in file dialogs. Credit to kuzzcc. - [77786] Medium, CVE-2011-1452: URL bar spoof with redirect and manual reload. Credit to Jordi Chancel. - [74763] High, CVE-2011-1439: Prevent interference between renderer processes. Credit to Julien Tinnes of the Google Security Team. * Fix the password store regression from the last Chromium 10 update. Backport from trunk provided by Elliot Glaysher from upstream (LP: #743494) - add debian/patches/stored_passwords_lp743494.patch - update debian/patches/series * Fix the dedicated webapp WMClass (needed by Unity/bamf). Don't change the WMClass at all on XFCE where it is displayed to the user as a title (which it isn't). This is a backport of upstream revisions 82581 & 82672 (LP: #692462) - update debian/patches/webapps-wm-class-lp692462.patch * Update the SVG logo to match the new simplified 2D logo (LP: #748881) - update debian/chromium-browser.svg * Ship the app icon in all the sizes provided upstream - update debian/rules * Add libpam0g-dev to Build-depends, needed by "Chromoting" - update debian/control * Enable the new use_third_party_translations flag at build time (it enables the Launchpad translations already used in Ubuntu since Chromium 8) - update debian/rules -- Fabien Tassin <email address hidden> Wed, 27 Apr 2011 17:31:35 +0200
Available diffs
| Superseded in lucid-updates |
| Superseded in lucid-security |
| Superseded in lucid-updates |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-security |
chromium-browser (10.0.648.205~r81283-0ubuntu0.10.04.1) lucid-security; urgency=high * New upstream minor release from the Stable Channel (LP: #762275) This release fixes the following security issues: - [75629] Critical, CVE-2011-1301: Use-after-free in the GPU process. Credit to Google Chrome Security Team (Inferno). - [78524] Critical, CVE-2011-1302: Heap overflow in the GPU process. Credit to Christoph Diehl. This releasse also contains the security fixes from 10.0.648.204~r79063 (which has been skipped by the sponsors) (LP: #742118) + Webkit bugs: - [73216] High, CVE-2011-1292: Use-after-free in the frame loader. Credit to Sławomir Błażek. - [73595] High, CVE-2011-1293: Use-after-free in HTMLCollection. Credit to Sergey Glazunov. - [74562] High, CVE-2011-1294: Stale pointer in CSS handling. Credit to Sergey Glazunov. - [74991] High, CVE-2011-1295: DOM tree corruption with broken node parentage. Credit to Sergey Glazunov. - [75170] High, CVE-2011-1296: Stale pointer in SVG text handling. Credit to Sergey Glazunov. + Chromium bugs: - [72517] High, CVE-2011-1291: Buffer error in base string handling. Credit to Alex Turpin. Packaging changes: * Set arm_fpu=vfpv3-d16 on arm (less restrictive than the default vfpv3) preventing a SIGILL crash on some boards (LP: #735877) - update debian/control * Install libppGoogleNaClPluginChrome.so (LP: #738331) - update debian/rules - update debian/chromium-browser.install * Fix the apport hooks to pass the expected 'ui' to add_info(), needed when called from apport/ubuntu-bug (LP: #759635) - update debian/apport/chromium-browser.py * NaCL may be blacklisted, so only include it when it's actually been built (fixes the ftbfs on arm) (LP: #745854) - update debian/rules - update debian/chromium-browser.install * Harden the apport hooks in the extensions section - update debian/apport/chromium-browser.py -- Fabien Tassin <email address hidden> Thu, 14 Apr 2011 22:36:16 +0200
Available diffs
| Superseded in maverick-updates |
| Superseded in maverick-security |
| Superseded in maverick-updates |
| Superseded in maverick-security |
| Deleted in maverick-proposed (Reason: moved to -updates) |
chromium-browser (10.0.648.205~r81283-0ubuntu0.10.10.1) maverick-security; urgency=high * New upstream minor release from the Stable Channel (LP: #762275) This release fixes the following security issues: - [75629] Critical, CVE-2011-1301: Use-after-free in the GPU process. Credit to Google Chrome Security Team (Inferno). - [78524] Critical, CVE-2011-1302: Heap overflow in the GPU process. Credit to Christoph Diehl. This releasse also contains the security fixes from 10.0.648.204~r79063 (which has been skipped by the sponsors) (LP: #742118) + Webkit bugs: - [73216] High, CVE-2011-1292: Use-after-free in the frame loader. Credit to Sławomir Błażek. - [73595] High, CVE-2011-1293: Use-after-free in HTMLCollection. Credit to Sergey Glazunov. - [74562] High, CVE-2011-1294: Stale pointer in CSS handling. Credit to Sergey Glazunov. - [74991] High, CVE-2011-1295: DOM tree corruption with broken node parentage. Credit to Sergey Glazunov. - [75170] High, CVE-2011-1296: Stale pointer in SVG text handling. Credit to Sergey Glazunov. + Chromium bugs: - [72517] High, CVE-2011-1291: Buffer error in base string handling. Credit to Alex Turpin. Packaging changes: * Set arm_fpu=vfpv3-d16 on arm (less restrictive than the default vfpv3) preventing a SIGILL crash on some boards (LP: #735877) - update debian/control * Install libppGoogleNaClPluginChrome.so (LP: #738331) - update debian/rules - update debian/chromium-browser.install * Fix the apport hooks to pass the expected 'ui' to add_info(), needed when called from apport/ubuntu-bug (LP: #759635) - update debian/apport/chromium-browser.py * NaCL may be blacklisted, so only include it when it's actually been built (fixes the ftbfs on arm) (LP: #745854) - update debian/rules - update debian/chromium-browser.install * Harden the apport hooks in the extensions section - update debian/apport/chromium-browser.py -- Fabien Tassin <email address hidden> Thu, 14 Apr 2011 22:36:16 +0200
Available diffs
chromium-browser (10.0.648.205~r81283-0ubuntu1) natty; urgency=high * New upstream minor release from the Stable Channel (LP: #762275) This release fixes the following security issues: - [75629] Critical, CVE-2011-1301: Use-after-free in the GPU process. Credit to Google Chrome Security Team (Inferno). - [78524] Critical, CVE-2011-1302: Heap overflow in the GPU process. Credit to Christoph Diehl. * Make the default mail client and browser settings work with the x-scheme-handler method of registering URI handlers in gnome3. This is based on the xdg-utils 1.1.0~rc1-2ubuntu3 fix by Chris Coulson <email address hidden>, itself based on Bastien Nocera <email address hidden> upstream fix (LP: #670128) - add debian/patches/xdg-utils_gnome3_lp670128_for_natty.patch - update debian/patches/series * Fix the apport hooks to pass the expected 'ui' to add_info(), needed when called from apport/ubuntu-bug (LP: #759635) - update debian/apport/chromium-browser.py * Report a dedicated WMClass per webapp, needed by Unity/bamf. (backported from trunk) (LP: #692462) - add debian/patches/webapps-wm-class-lp692462.patch - update debian/patches/series -- Fabien Tassin <email address hidden> Thu, 14 Apr 2011 22:36:16 +0200
Available diffs
| Superseded in natty-release |
chromium-browser (10.0.648.204~r79063-0ubuntu2) natty; urgency=high
* NaCL may be blacklisted, so only include it when it's actually been
built (fixes the ftbfs on arm) (LP: #745854)
- update debian/rules
- update debian/chromium-browser.install
* Harden the apport hooks in the extensions section
- update debian/apport/chromium-browser.py
-- Fabien Tassin <email address hidden> Wed, 30 Mar 2011 19:51:36 +0200
Available diffs
| Superseded in natty-release |
chromium-browser (10.0.648.204~r79063-0ubuntu1) natty; urgency=high * New upstream minor release from the Stable Channel (LP: #742118) This release fixes the following security issues: + Webkit bugs: - [73216] High, CVE-2011-1292: Use-after-free in the frame loader. Credit to Sławomir Błażek. - [73595] High, CVE-2011-1293: Use-after-free in HTMLCollection. Credit to Sergey Glazunov. - [74562] High, CVE-2011-1294: Stale pointer in CSS handling. Credit to Sergey Glazunov. - [74991] High, CVE-2011-1295: DOM tree corruption with broken node parentage. Credit to Sergey Glazunov. - [75170] High, CVE-2011-1296: Stale pointer in SVG text handling. Credit to Sergey Glazunov. + Chromium bugs: - [72517] High, CVE-2011-1291: Buffer error in base string handling. Credit to Alex Turpin. Packaging changes: * Set arm_fpu=vfpv3-d16 on arm (less restrictive than the default vfpv3) preventing a SIGILL crash on some boards (LP: #735877) - update debian/control * Install libppGoogleNaClPluginChrome.so (LP: #738331) - update debian/rules - update debian/chromium-browser.install -- Fabien Tassin <email address hidden> Thu, 24 Mar 2011 23:05:14 +0100
Available diffs
| Superseded in maverick-updates |
| Superseded in maverick-security |
| Deleted in maverick-proposed (Reason: moved to -updates) |
| Superseded in maverick-proposed |
chromium-browser (10.0.648.133~r77742-0ubuntu0.10.10.1) maverick-security; urgency=high * New upstream security release from the Stable Channel (LP: #733514) + Webkit: - CVE-2011-1290 [75712] High, Memory corruption in style handling. Credit to Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers reported through ZDI. -- Fabien Tassin <email address hidden> Fri, 11 Mar 2011 22:10:11 +0100
Available diffs
| Superseded in lucid-updates |
| Superseded in lucid-security |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-proposed |
chromium-browser (10.0.648.133~r77742-0ubuntu0.10.04.1) lucid-security; urgency=high * New upstream security release from the Stable Channel (LP: #733514) + Webkit: - CVE-2011-1290 [75712] High, Memory corruption in style handling. Credit to Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers reported through ZDI. -- Fabien Tassin <email address hidden> Fri, 11 Mar 2011 22:10:11 +0100
Available diffs
| Superseded in natty-release |
chromium-browser (10.0.648.133~r77742-0ubuntu1) natty; urgency=high * New upstream security release from the Stable Channel (LP: #733514) + Webkit: - CVE-2011-1290 [75712] High, Memory corruption in style handling. Credit to Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers reported through ZDI. -- Fabien Tassin <email address hidden> Fri, 11 Mar 2011 22:10:11 +0100
Available diffs
| Superseded in maverick-security |
| Superseded in maverick-updates |
| Deleted in maverick-proposed (Reason: moved to -updates) |
| Superseded in maverick-proposed |
chromium-browser (10.0.648.127~r76697-0ubuntu0.10.10.1) maverick-security; urgency=high * New upstream major release from the Stable Channel (LP: #731520) It includes: - New version of V8 - Crankshaft - which greatly improves javascript performance - New settings pages that open in a tab, rather than a dialog box - Improved security with malware reporting and disabling outdated plugins by default - Password sync as part of Chrome Sync now enabled by default - GPU Accelerated Video - Background WebApps - webNavigation extension API This release also fixes the following security issues: + Webkit bugs: - [42574] [42765] Low, Possible to navigate or close the top location in a sandboxed frame. Credit to sirdarckcat of the Google Security Team. - [69628] High, Memory corruption with counter nodes. Credit to Martin Barbella. - [70027] High, Stale node in box layout. Credit to Martin Barbella. - [70336] Medium, Cross-origin error message leak with workers. Credit to Daniel Divricean. - [70442] High, Use after free with DOM URL handling. Credit to Sergey Glazunov. - [70779] Medium, Out of bounds read handling unicode ranges. Credit to miaubiz. - [70885] [71167] Low, Pop-up blocker bypasses. Credit to Chamal de Silva. - [71763] High, Use-after-free in document script lifetime handling. Credit to miaubiz. - [72028] High, Stale pointer in table painting. Credit to Martin Barbella. - [73066] High, Crash with the DataView object. Credit to Sergey Glazunov. - [73134] High, Bad cast in text rendering. Credit to miaubiz. - [73196] High, Stale pointer in WebKit context code. Credit to Sergey Glazunov. - [73746] High, Stale pointer with SVG cursors. Credit to Sergey Glazunov. - [74030] High, DOM tree corruption with attribute handling. Credit to Sergey Glazunov. + Chromium bugs: - [49747] Low, Work around an X server bug and crash with long messages. Credit to Louis Lang. - [66962] Low, Possible browser crash with parallel print()s. Credit to Aki Helin of OUSPG. - [69187] Medium, Cross-origin error message leak. Credit to Daniel Divricean. - [70877] High, Same origin policy bypass in v8. Credit to Daniel Divricean. + v8: - [74662] High, Corruption via re-entrancy of RegExp code. Credit to Christian Holler. - [74675] High, Invalid memory access in v8. Credit to Christian Holler. + ffmpeg: - [71788] High, Out-of-bounds write in the OGG container. Credit to Google Chrome Security Team (SkyLined); plus subsequent independent discovery by David Weston of Microsoft and MSVR. - [73026] High, Use of corrupt out-of-bounds structure in video code. Credit to Tavis Ormandy of the Google Security Team. + libxslt: - [73716] Low, Leak of heap address in XSLT. Credit to Google Chrome Security Team (Chris Evans). Packaging changes: * Promote Uyghur to the list of supported translations - update debian/rules - update debian/control * Fix the FTBFS on arm by re-adding the lost arm_neon=0, and really set armv7=1 on maverick and natty - update debian/rules * Fix the broken symlinks in /usr/share/doc created by CDBS (See LP: #194574) - update debian/rules * Add libxt-dev to Build-deps needed by ppGoogleNaClPluginChrome - update debian/control * Fix the Webkit version in about:version (the build system expects the svn or git directories to be available at build time) - add debian/patches/webkit_rev_parser.patch - update debian/patches/series * Bump build-depends on libvpx-dev to >= 0.9.5 - update debian/control -- Fabien Tassin <email address hidden> Tue, 08 Mar 2011 17:19:58 +0100
Available diffs
| Superseded in lucid-security |
| Superseded in lucid-updates |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-proposed |
chromium-browser (10.0.648.127~r76697-0ubuntu0.10.04.1) lucid-security; urgency=high * New upstream major release from the Stable Channel (LP: #731520) It includes: - New version of V8 - Crankshaft - which greatly improves javascript performance - New settings pages that open in a tab, rather than a dialog box - Improved security with malware reporting and disabling outdated plugins by default - Password sync as part of Chrome Sync now enabled by default - GPU Accelerated Video - Background WebApps - webNavigation extension API This release also fixes the following security issues: + Webkit bugs: - [42574] [42765] Low, Possible to navigate or close the top location in a sandboxed frame. Credit to sirdarckcat of the Google Security Team. - [69628] High, Memory corruption with counter nodes. Credit to Martin Barbella. - [70027] High, Stale node in box layout. Credit to Martin Barbella. - [70336] Medium, Cross-origin error message leak with workers. Credit to Daniel Divricean. - [70442] High, Use after free with DOM URL handling. Credit to Sergey Glazunov. - [70779] Medium, Out of bounds read handling unicode ranges. Credit to miaubiz. - [70885] [71167] Low, Pop-up blocker bypasses. Credit to Chamal de Silva. - [71763] High, Use-after-free in document script lifetime handling. Credit to miaubiz. - [72028] High, Stale pointer in table painting. Credit to Martin Barbella. - [73066] High, Crash with the DataView object. Credit to Sergey Glazunov. - [73134] High, Bad cast in text rendering. Credit to miaubiz. - [73196] High, Stale pointer in WebKit context code. Credit to Sergey Glazunov. - [73746] High, Stale pointer with SVG cursors. Credit to Sergey Glazunov. - [74030] High, DOM tree corruption with attribute handling. Credit to Sergey Glazunov. + Chromium bugs: - [49747] Low, Work around an X server bug and crash with long messages. Credit to Louis Lang. - [66962] Low, Possible browser crash with parallel print()s. Credit to Aki Helin of OUSPG. - [69187] Medium, Cross-origin error message leak. Credit to Daniel Divricean. - [70877] High, Same origin policy bypass in v8. Credit to Daniel Divricean. + v8: - [74662] High, Corruption via re-entrancy of RegExp code. Credit to Christian Holler. - [74675] High, Invalid memory access in v8. Credit to Christian Holler. + ffmpeg: - [71788] High, Out-of-bounds write in the OGG container. Credit to Google Chrome Security Team (SkyLined); plus subsequent independent discovery by David Weston of Microsoft and MSVR. - [73026] High, Use of corrupt out-of-bounds structure in video code. Credit to Tavis Ormandy of the Google Security Team. + libxslt: - [73716] Low, Leak of heap address in XSLT. Credit to Google Chrome Security Team (Chris Evans). Packaging changes: * Promote Uyghur to the list of supported translations - update debian/rules - update debian/control * Fix the FTBFS on arm by re-adding the lost arm_neon=0, and really set armv7=1 on maverick and natty - update debian/rules * Fix the broken symlinks in /usr/share/doc created by CDBS (See LP: #194574) - update debian/rules * Add libxt-dev to Build-deps needed by ppGoogleNaClPluginChrome - update debian/control * Fix the Webkit version in about:version (the build system expects the svn or git directories to be available at build time) - add debian/patches/webkit_rev_parser.patch - update debian/patches/series * Bump build-depends on libvpx-dev to >= 0.9.5 - update debian/control -- Fabien Tassin <email address hidden> Tue, 08 Mar 2011 17:19:58 +0100
Available diffs
| Superseded in natty-release |
chromium-browser (10.0.648.127~r76697-0ubuntu1) natty; urgency=high * New upstream major release from the Stable Channel (LP: #731520) It includes: - New version of V8 - Crankshaft - which greatly improves javascript performance - New settings pages that open in a tab, rather than a dialog box - Improved security with malware reporting and disabling outdated plugins by default - Password sync as part of Chrome Sync now enabled by default - GPU Accelerated Video - Background WebApps - webNavigation extension API This release also fixes the following security issues: + Webkit bugs: - [42574] [42765] Low, Possible to navigate or close the top location in a sandboxed frame. Credit to sirdarckcat of the Google Security Team. - [69628] High, Memory corruption with counter nodes. Credit to Martin Barbella. - [70027] High, Stale node in box layout. Credit to Martin Barbella. - [70336] Medium, Cross-origin error message leak with workers. Credit to Daniel Divricean. - [70442] High, Use after free with DOM URL handling. Credit to Sergey Glazunov. - [70779] Medium, Out of bounds read handling unicode ranges. Credit to miaubiz. - [70885] [71167] Low, Pop-up blocker bypasses. Credit to Chamal de Silva. - [71763] High, Use-after-free in document script lifetime handling. Credit to miaubiz. - [72028] High, Stale pointer in table painting. Credit to Martin Barbella. - [73066] High, Crash with the DataView object. Credit to Sergey Glazunov. - [73134] High, Bad cast in text rendering. Credit to miaubiz. - [73196] High, Stale pointer in WebKit context code. Credit to Sergey Glazunov. - [73746] High, Stale pointer with SVG cursors. Credit to Sergey Glazunov. - [74030] High, DOM tree corruption with attribute handling. Credit to Sergey Glazunov. + Chromium bugs: - [49747] Low, Work around an X server bug and crash with long messages. Credit to Louis Lang. - [66962] Low, Possible browser crash with parallel print()s. Credit to Aki Helin of OUSPG. - [69187] Medium, Cross-origin error message leak. Credit to Daniel Divricean. - [70877] High, Same origin policy bypass in v8. Credit to Daniel Divricean. + v8: - [74662] High, Corruption via re-entrancy of RegExp code. Credit to Christian Holler. - [74675] High, Invalid memory access in v8. Credit to Christian Holler. + ffmpeg: - [71788] High, Out-of-bounds write in the OGG container. Credit to Google Chrome Security Team (SkyLined); plus subsequent independent discovery by David Weston of Microsoft and MSVR. - [73026] High, Use of corrupt out-of-bounds structure in video code. Credit to Tavis Ormandy of the Google Security Team. + libxslt: - [73716] Low, Leak of heap address in XSLT. Credit to Google Chrome Security Team (Chris Evans). Packaging changes: * Promote Uyghur to the list of supported translations - update debian/rules - update debian/control * Fix the FTBFS on arm by re-adding the lost arm_neon=0, and really set armv7=1 on maverick and natty - update debian/rules * Fix the broken symlinks in /usr/share/doc created by CDBS (See LP: #194574) - update debian/rules * Add libxt-dev to Build-deps needed by ppGoogleNaClPluginChrome - update debian/control * Fix the Webkit version in about:version (the build system expects the svn or git directories to be available at build time) - add debian/patches/webkit_rev_parser.patch - update debian/patches/series -- Fabien Tassin <email address hidden> Tue, 08 Mar 2011 17:19:58 +0100
Available diffs
chromium-browser (9.0.597.107~r75357-0ubuntu0.10.10.1) maverick-security; urgency=high * New upstream release from the Stable Channel (LP: #726895) This release fixes the following security issues: + Webkit bugs: - [54262] High, URL bar spoof with history interaction. Credit to Jordi Chancel. - [68263] High, Stylesheet node stale pointer. Credit to Sergey Glazunov. - [68741] High, Stale pointer with key frame rule. Credit to Sergey Glazunov. - [70078] High, Crash with forms controls. Credit to Stefan van Zanden. - [70244] High, Crash in SVG rendering. Credit to Sławomir Błażek. - [71114] High, Stale node in table child handling. Credit to Martin Barbella. - [71115] High, Stale pointer in table rendering. Credit to Martin Barbella. - [71296] High, Stale pointer in SVG animations. Credit to miaubiz. - [71386] High, Stale nodes in XHTML. Credit to wushi of team509. - [71388] High, Crash in textarea handling. Credit to wushi of team509. - [71595] High, Stale pointer in device orientation. Credit to Sergey Glazunov. - [71855] High, Integer overflow in textarea handling. Credit to miaubiz. - [71960] Medium, Out-of-bounds read in WebGL. Credit to Google Chrome Security Team (Inferno). - [73235] High, Stale pointer in layout. Credit to Martin Barbella. + Chromium bugs: - [63732] High, Crash with javascript dialogs. Credit to Sergey Radchenko. - [64-bit only] [70376] Medium, Out-of-bounds read in pickle deserialization. Credit to Evgeniy Stepanov of the Chromium development community. - [71717] Medium, Out-of-bounds read in WebGL. Credit to miaubiz. - [72214] High, Accidental exposure of internal extension functions. Credit to Tavis Ormandy of the Google Security Team. - [72437] High, Use-after-free with blocked plug-ins. Credit to Chamal de Silva. * Bump the lang-pack package from Suggests to Recommends (LP: #689267) - update debian/control * Disable PIE on Armel/Lucid (LP: #716703) - update debian/rules * Add the disk usage to the Apport hooks - update debian/apport/chromium-browser.py * Drop gyp from Build-Depends, use in-source gyp instead - update debian/control * Merge back the ffmpeg codecs (from the chromium-codecs-ffmpeg source package) - update debian/rules - update debian/control - add debian/chromium-codecs-ffmpeg-extra.install - add debian/chromium-codecs-ffmpeg.install -- Fabien Tassin <email address hidden> Tue, 01 Mar 2011 00:14:02 +0100
Available diffs
chromium-browser (9.0.597.107~r75357-0ubuntu0.10.04.1) lucid-security; urgency=high * New upstream release from the Stable Channel (LP: #726895) This release fixes the following security issues: + Webkit bugs: - [54262] High, URL bar spoof with history interaction. Credit to Jordi Chancel. - [68263] High, Stylesheet node stale pointer. Credit to Sergey Glazunov. - [68741] High, Stale pointer with key frame rule. Credit to Sergey Glazunov. - [70078] High, Crash with forms controls. Credit to Stefan van Zanden. - [70244] High, Crash in SVG rendering. Credit to Sławomir Błażek. - [71114] High, Stale node in table child handling. Credit to Martin Barbella. - [71115] High, Stale pointer in table rendering. Credit to Martin Barbella. - [71296] High, Stale pointer in SVG animations. Credit to miaubiz. - [71386] High, Stale nodes in XHTML. Credit to wushi of team509. - [71388] High, Crash in textarea handling. Credit to wushi of team509. - [71595] High, Stale pointer in device orientation. Credit to Sergey Glazunov. - [71855] High, Integer overflow in textarea handling. Credit to miaubiz. - [71960] Medium, Out-of-bounds read in WebGL. Credit to Google Chrome Security Team (Inferno). - [73235] High, Stale pointer in layout. Credit to Martin Barbella. + Chromium bugs: - [63732] High, Crash with javascript dialogs. Credit to Sergey Radchenko. - [64-bit only] [70376] Medium, Out-of-bounds read in pickle deserialization. Credit to Evgeniy Stepanov of the Chromium development community. - [71717] Medium, Out-of-bounds read in WebGL. Credit to miaubiz. - [72214] High, Accidental exposure of internal extension functions. Credit to Tavis Ormandy of the Google Security Team. - [72437] High, Use-after-free with blocked plug-ins. Credit to Chamal de Silva. * Bump the lang-pack package from Suggests to Recommends (LP: #689267) - update debian/control * Disable PIE on Armel/Lucid (LP: #716703) - update debian/rules * Add the disk usage to the Apport hooks - update debian/apport/chromium-browser.py * Drop gyp from Build-Depends, use in-source gyp instead - update debian/control * Merge back the ffmpeg codecs (from the chromium-codecs-ffmpeg source package) - update debian/rules - update debian/control - add debian/chromium-codecs-ffmpeg-extra.install - add debian/chromium-codecs-ffmpeg.install -- Fabien Tassin <email address hidden> Tue, 01 Mar 2011 00:14:02 +0100
Available diffs
| Superseded in natty-release |
chromium-browser (9.0.597.107~r75357-0ubuntu1) natty; urgency=high * New upstream release from the Stable Channel (LP: #726895) This release fixes the following security issues: + Webkit bugs: - [54262] High, URL bar spoof with history interaction. Credit to Jordi Chancel. - [68263] High, Stylesheet node stale pointer. Credit to Sergey Glazunov. - [68741] High, Stale pointer with key frame rule. Credit to Sergey Glazunov. - [70078] High, Crash with forms controls. Credit to Stefan van Zanden. - [70244] High, Crash in SVG rendering. Credit to Sławomir Błażek. - [71114] High, Stale node in table child handling. Credit to Martin Barbella. - [71115] High, Stale pointer in table rendering. Credit to Martin Barbella. - [71296] High, Stale pointer in SVG animations. Credit to miaubiz. - [71386] High, Stale nodes in XHTML. Credit to wushi of team509. - [71388] High, Crash in textarea handling. Credit to wushi of team509. - [71595] High, Stale pointer in device orientation. Credit to Sergey Glazunov. - [71855] High, Integer overflow in textarea handling. Credit to miaubiz. - [71960] Medium, Out-of-bounds read in WebGL. Credit to Google Chrome Security Team (Inferno). - [73235] High, Stale pointer in layout. Credit to Martin Barbella. + Chromium bugs: - [63732] High, Crash with javascript dialogs. Credit to Sergey Radchenko. - [64-bit only] [70376] Medium, Out-of-bounds read in pickle deserialization. Credit to Evgeniy Stepanov of the Chromium development community. - [71717] Medium, Out-of-bounds read in WebGL. Credit to miaubiz. - [72214] High, Accidental exposure of internal extension functions. Credit to Tavis Ormandy of the Google Security Team. - [72437] High, Use-after-free with blocked plug-ins. Credit to Chamal de Silva. * Bump the lang-pack package from Suggests to Recommends (LP: #689267) - update debian/control * Disable PIE on Armel/Lucid (LP: #716703) - update debian/rules * Add the disk usage to the Apport hooks - update debian/apport/chromium-browser.py * Drop gyp from Build-Depends, use in-source gyp instead - update debian/control * Merge back the ffmpeg codecs (from the chromium-codecs-ffmpeg source package) - update debian/rules - update debian/control - add debian/chromium-codecs-ffmpeg-extra.install - add debian/chromium-codecs-ffmpeg.install -- Fabien Tassin <email address hidden> Tue, 01 Mar 2011 00:14:02 +0100
Available diffs
chromium-browser (9.0.597.94~r73967-0ubuntu0.10.10.1) maverick-security; urgency=high * New upstream release from the Stable Channel (LP: #715357) This release fixes the following security issues: - [67234] High, Stale pointer in animation event handling. Credit to Rik Cabanier. - [68120] High, Use-after-free in SVG font faces. Credit to miaubiz. - [69556] High, Stale pointer with anonymous block handling. Credit to Martin Barbella. - [69970] Medium, Out-of-bounds read in plug-in handling. Credit to Bill Budge of Google. - [70456] Medium, Possible failure to terminate process on out-of-memory condition. Credit to David Warren of CERT/CC. * Update the gl dlopen patch to search for libGLESv2.so.2 instead of .1 - update debian/patches/dlopen_sonamed_gl.patch -- Fabien Tassin <email address hidden> Tue, 08 Feb 2011 20:18:51 +0100
Available diffs
chromium-browser (9.0.597.94~r73967-0ubuntu0.10.04.1) lucid-security; urgency=high * New upstream release from the Stable Channel (LP: #715357) This release fixes the following security issues: - [67234] High, Stale pointer in animation event handling. Credit to Rik Cabanier. - [68120] High, Use-after-free in SVG font faces. Credit to miaubiz. - [69556] High, Stale pointer with anonymous block handling. Credit to Martin Barbella. - [69970] Medium, Out-of-bounds read in plug-in handling. Credit to Bill Budge of Google. - [70456] Medium, Possible failure to terminate process on out-of-memory condition. Credit to David Warren of CERT/CC. * Update the gl dlopen patch to search for libGLESv2.so.2 instead of .1 - update debian/patches/dlopen_sonamed_gl.patch -- Fabien Tassin <email address hidden> Tue, 08 Feb 2011 20:18:51 +0100
Available diffs
| Superseded in natty-release |
chromium-browser (9.0.597.94~r73967-0ubuntu1) natty; urgency=high * New upstream release from the Stable Channel (LP: #715357) This release fixes the following security issues: - [67234] High, Stale pointer in animation event handling. Credit to Rik Cabanier. - [68120] High, Use-after-free in SVG font faces. Credit to miaubiz. - [69556] High, Stale pointer with anonymous block handling. Credit to Martin Barbella. - [69970] Medium, Out-of-bounds read in plug-in handling. Credit to Bill Budge of Google. - [70456] Medium, Possible failure to terminate process on out-of-memory condition. Credit to David Warren of CERT/CC. * Update the gl dlopen patch to search for libGLESv2.so.2 instead of .1 - update debian/patches/dlopen_sonamed_gl.patch -- Fabien Tassin <email address hidden> Tue, 08 Feb 2011 20:18:51 +0100
Available diffs
chromium-browser (9.0.597.84~r72991-0ubuntu0.10.10.1) maverick-security; urgency=high * New upstream release from the Stable Channel (LP: #712655) This release fixes the following security issues: - [55831] High, Use-after-free in image loading. Credit to Aki Helin of OUSPG. - [59081] Low, Apply some restrictions to cross-origin drag + drop. Credit to Google Chrome Security Team (SkyLined) and the Google Security Team (Michal Zalewski, David Bloom). - [62791] Low, Browser crash with extension with missing key. Credit to Brian Kirchoff. - [65669] Low, Handle merging of autofill profiles more gracefully. Credit to Google Chrome Security Team (Inferno). - [68244] Low, Browser crash with bad volume setting. Credit to Matthew Heidermann. - [69195] Critical, Race condition in audio handling. Credit to the gamers of Reddit! * Add the app/resources/app_strings.grd template to the list of templates translated in Launchpad - update debian/rules * Drop the gcc 4.5 work-around, applied upstream - remove debian/patches/gcc-4.5-build-workaround.patch - update debian/patches/series * Drop gcc 4.2/4.3 from Build-depends and remove the gcc 4.4 workarounds now done in the upstream gyp files - update debian/control - update debian/rules * Add libxtst-dev to Build-deps now that chromoting uses the XTest extension to execute mouse and keyboard events - update debian/control * Fix the libgnutls dlopen to look for the sonamed lib - add debian/patches/dlopen_libgnutls.patch - update debian/patches/series * Fix the libosmesa/libGLESv2/libEGL dlopen() to look for the sonamed libs. This assumes either the libgles2-mesa + libegl1-mesa packages (better) or the libosmesa6 package are installed - add debian/patches/dlopen_sonamed_gl.patch - update debian/patches/series -- Fabien Tassin <email address hidden> Thu, 03 Feb 2011 22:56:37 +0100
Available diffs
chromium-browser (9.0.597.84~r72991-0ubuntu0.10.04.1) lucid-security; urgency=high * New upstream release from the Stable Channel (LP: #712655) This release fixes the following security issues: - [55831] High, Use-after-free in image loading. Credit to Aki Helin of OUSPG. - [59081] Low, Apply some restrictions to cross-origin drag + drop. Credit to Google Chrome Security Team (SkyLined) and the Google Security Team (Michal Zalewski, David Bloom). - [62791] Low, Browser crash with extension with missing key. Credit to Brian Kirchoff. - [65669] Low, Handle merging of autofill profiles more gracefully. Credit to Google Chrome Security Team (Inferno). - [68244] Low, Browser crash with bad volume setting. Credit to Matthew Heidermann. - [69195] Critical, Race condition in audio handling. Credit to the gamers of Reddit! * Add the app/resources/app_strings.grd template to the list of templates translated in Launchpad - update debian/rules * Drop the gcc 4.5 work-around, applied upstream - remove debian/patches/gcc-4.5-build-workaround.patch - update debian/patches/series * Drop gcc 4.2/4.3 from Build-depends and remove the gcc 4.4 workarounds now done in the upstream gyp files - update debian/control - update debian/rules * Add libxtst-dev to Build-deps now that chromoting uses the XTest extension to execute mouse and keyboard events - update debian/control * Fix the libgnutls dlopen to look for the sonamed lib - add debian/patches/dlopen_libgnutls.patch - update debian/patches/series * Fix the libosmesa/libGLESv2/libEGL dlopen() to look for the sonamed libs. This assumes either the libgles2-mesa + libegl1-mesa packages (better) or the libosmesa6 package are installed - add debian/patches/dlopen_sonamed_gl.patch - update debian/patches/series -- Fabien Tassin <email address hidden> Thu, 03 Feb 2011 22:56:37 +0100
Available diffs
| Superseded in natty-release |
chromium-browser (9.0.597.84~r72991-0ubuntu1) natty; urgency=high * New upstream release from the Stable Channel (LP: #712655) This release fixes the following security issues: - [55831] High, Use-after-free in image loading. Credit to Aki Helin of OUSPG. - [59081] Low, Apply some restrictions to cross-origin drag + drop. Credit to Google Chrome Security Team (SkyLined) and the Google Security Team (Michal Zalewski, David Bloom). - [62791] Low, Browser crash with extension with missing key. Credit to Brian Kirchoff. - [65669] Low, Handle merging of autofill profiles more gracefully. Credit to Google Chrome Security Team (Inferno). - [68244] Low, Browser crash with bad volume setting. Credit to Matthew Heidermann. - [69195] Critical, Race condition in audio handling. Credit to the gamers of Reddit! * Add the app/resources/app_strings.grd template to the list of templates translated in Launchpad - update debian/rules * Drop the gcc 4.5 work-around, applied upstream - remove debian/patches/gcc-4.5-build-workaround.patch - update debian/patches/series * Drop gcc 4.2/4.3 from Build-depends and remove the gcc 4.4 workarounds now done in the upstream gyp files - update debian/control - update debian/rules * Add libxtst-dev to Build-deps now that chromoting uses the XTest extension to execute mouse and keyboard events - update debian/control * Remove GNOME_DESKTOP_SESSION_ID from the Apport report, it's useless - update debian/apport/chromium-browser.py * Add a system to enable/disable distribution specific patches from the quilt series - add debian/enable-dist-patches.pl - update debian/rules * Disable the gtk resize grip on Natty (LP: #703451) Original patch by Cody Russell <email address hidden>, ported to v9 - add debian/patches/disable_gtk_resize_grip_on_natty.patch - update debian/patches/series * Fix the libgnutls dlopen to look for the sonamed lib - add debian/patches/dlopen_libgnutls.patch - update debian/patches/series * Fix the libosmesa/libGLESv2/libEGL dlopen() to look for the sonamed libs. This assumes either the libgles2-mesa + libegl1-mesa packages (better) or the libosmesa6 package are installed - add debian/patches/dlopen_sonamed_gl.patch - update debian/patches/series -- Fabien Tassin <email address hidden> Thu, 03 Feb 2011 22:56:37 +0100
Available diffs
| Superseded in maverick-security |
| Superseded in maverick-updates |
| Deleted in maverick-proposed (Reason: moved to -updates) |
| Superseded in maverick-proposed |
chromium-browser (8.0.552.237~r70801-0ubuntu0.10.10.1) maverick-security; urgency=high * New upstream release from the Stable Channel (LP: #702542) This release fixes the following security issues: - [58053] Medium, Browser crash in extensions notification handling. Credit to Eric Roman of the Chromium development community. - [65764] High, Bad pointer handling in node iteration. Credit to Sergey Glazunov. - [66560] High, Stale pointer with CSS + canvas. Credit to Sergey Glazunov. - [66748] High, Stale pointer with CSS + cursors. Credit to Jan Tošovský. - [67303] High, Bad memory access with mismatched video frame sizes. Credit to Aki Helin of OUSPG; plus independent discovery by Google Chrome Security Team (SkyLined) and David Warren of CERT. - [67363] High, Stale pointer with SVG use element. Credited anonymously; plus indepdent discovery by miaubiz. - [67393] Medium, Uninitialized pointer in the browser triggered by rogue extension. Credit to kuzzcc. - [68115] High, Vorbis decoder buffer overflows. Credit to David Warren of CERT. - [68178] High, Bad cast in anchor handling. Credit to Sergey Glazunov. - [68181] High, Bad cast in video handling. Credit to Sergey Glazunov. - [68439] High, Stale rendering node after DOM node removal. Credit to Martin Barbella; plus independent discovery by Google Chrome Security Team (SkyLined). - [68666] Critical, Stale pointer in speech handling. Credit to Sergey Glazunov. * Add the chrome/app/policy/policy_templates.grd template to the list of templates translated in Launchpad - update debian/rules * Add Basque and Galician to the list of supported langs for the lang-packs (translations from Launchpad/Rosetta) - update debian/rules -- Fabien Tassin <email address hidden> Thu, 13 Jan 2011 07:31:05 +0100
Available diffs
| Superseded in lucid-updates |
| Superseded in lucid-security |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-proposed |
chromium-browser (8.0.552.237~r70801-0ubuntu0.10.04.1) lucid-security; urgency=high * New upstream release from the Stable Channel (LP: #702542) This release fixes the following security issues: - [58053] Medium, Browser crash in extensions notification handling. Credit to Eric Roman of the Chromium development community. - [65764] High, Bad pointer handling in node iteration. Credit to Sergey Glazunov. - [66560] High, Stale pointer with CSS + canvas. Credit to Sergey Glazunov. - [66748] High, Stale pointer with CSS + cursors. Credit to Jan Tošovský. - [67303] High, Bad memory access with mismatched video frame sizes. Credit to Aki Helin of OUSPG; plus independent discovery by Google Chrome Security Team (SkyLined) and David Warren of CERT. - [67363] High, Stale pointer with SVG use element. Credited anonymously; plus indepdent discovery by miaubiz. - [67393] Medium, Uninitialized pointer in the browser triggered by rogue extension. Credit to kuzzcc. - [68115] High, Vorbis decoder buffer overflows. Credit to David Warren of CERT. - [68178] High, Bad cast in anchor handling. Credit to Sergey Glazunov. - [68181] High, Bad cast in video handling. Credit to Sergey Glazunov. - [68439] High, Stale rendering node after DOM node removal. Credit to Martin Barbella; plus independent discovery by Google Chrome Security Team (SkyLined). - [68666] Critical, Stale pointer in speech handling. Credit to Sergey Glazunov. * Add the chrome/app/policy/policy_templates.grd template to the list of templates translated in Launchpad - update debian/rules * Add Basque and Galician to the list of supported langs for the lang-packs (translations from Launchpad/Rosetta) - update debian/rules -- Fabien Tassin <email address hidden> Thu, 13 Jan 2011 07:31:05 +0100
Available diffs
| Superseded in natty-release |
chromium-browser (8.0.552.237~r70801-0ubuntu1) natty; urgency=high * New upstream release from the Stable Channel (LP: #702542) This release fixes the following security issues: - [58053] Medium, Browser crash in extensions notification handling. Credit to Eric Roman of the Chromium development community. - [65764] High, Bad pointer handling in node iteration. Credit to Sergey Glazunov. - [66560] High, Stale pointer with CSS + canvas. Credit to Sergey Glazunov. - [66748] High, Stale pointer with CSS + cursors. Credit to Jan Tošovský. - [67303] High, Bad memory access with mismatched video frame sizes. Credit to Aki Helin of OUSPG; plus independent discovery by Google Chrome Security Team (SkyLined) and David Warren of CERT. - [67363] High, Stale pointer with SVG use element. Credited anonymously; plus indepdent discovery by miaubiz. - [67393] Medium, Uninitialized pointer in the browser triggered by rogue extension. Credit to kuzzcc. - [68115] High, Vorbis decoder buffer overflows. Credit to David Warren of CERT. - [68178] High, Bad cast in anchor handling. Credit to Sergey Glazunov. - [68181] High, Bad cast in video handling. Credit to Sergey Glazunov. - [68439] High, Stale rendering node after DOM node removal. Credit to Martin Barbella; plus independent discovery by Google Chrome Security Team (SkyLined). - [68666] Critical, Stale pointer in speech handling. Credit to Sergey Glazunov. * Add the chrome/app/policy/policy_templates.grd template to the list of templates translated in Launchpad - update debian/rules * Add Basque and Galician to the list of supported langs for the lang-packs (translations from Launchpad/Rosetta) - update debian/rules -- Fabien Tassin <email address hidden> Thu, 13 Jan 2011 07:31:05 +0100
Available diffs
chromium-browser (8.0.552.224~r68599-0ubuntu0.10.10.1) maverick-security; urgency=high * New upstream release from the Stable Channel (LP: #689849) This release fixes the following security issues: - [64-bit Linux only] [56449] High Bad validation for message deserialization on 64-bit builds. Credit to Lei Zhang of the Chromium development community. - [60761] Medium, Bad extension can cause browser crash in tab handling. Credit to kuzzcc. - [63529] Low, Browser crash with NULL pointer in web worker handling. Credit to Nathan Weizenbaum of Google. - [63866] Medium, Out-of-bounds read in CSS parsing. Credit to Chris Rohlf. - [64959] High, Stale pointers in cursor handling. Credit to Sławomir Błażek and Sergey Glazunov. -- Fabien Tassin <email address hidden> Mon, 13 Dec 2010 21:21:39 +0100
Available diffs
chromium-browser (8.0.552.224~r68599-0ubuntu0.10.04.1) lucid-security; urgency=high * New upstream release from the Stable Channel (LP: #689849) This release fixes the following security issues: - [64-bit Linux only] [56449] High Bad validation for message deserialization on 64-bit builds. Credit to Lei Zhang of the Chromium development community. - [60761] Medium, Bad extension can cause browser crash in tab handling. Credit to kuzzcc. - [63529] Low, Browser crash with NULL pointer in web worker handling. Credit to Nathan Weizenbaum of Google. - [63866] Medium, Out-of-bounds read in CSS parsing. Credit to Chris Rohlf. - [64959] High, Stale pointers in cursor handling. Credit to Sławomir Błażek and Sergey Glazunov. -- Fabien Tassin <email address hidden> Mon, 13 Dec 2010 21:21:39 +0100
Available diffs
| Superseded in natty-release |
chromium-browser (8.0.552.224~r68599-0ubuntu1) natty; urgency=high * New upstream release from the Stable Channel (LP: #689849) This release fixes the following security issues: - [64-bit Linux only] [56449] High Bad validation for message deserialization on 64-bit builds. Credit to Lei Zhang of the Chromium development community. - [60761] Medium, Bad extension can cause browser crash in tab handling. Credit to kuzzcc. - [63529] Low, Browser crash with NULL pointer in web worker handling. Credit to Nathan Weizenbaum of Google. - [63866] Medium, Out-of-bounds read in CSS parsing. Credit to Chris Rohlf. - [64959] High, Stale pointers in cursor handling. Credit to Sławomir Błażek and Sergey Glazunov. * Don't build with PIE on Natty/armel, for the same reason as for Maverick - update debian/rules -- Fabien Tassin <email address hidden> Mon, 13 Dec 2010 21:21:39 +0100
Available diffs
chromium-browser (8.0.552.215~r67652-0ubuntu0.10.10.1) maverick-security; urgency=high * New upstream Major release from the Stable Channel (LP: #684502), also fixing the following security issues: - [17655] Low, Possible pop-up blocker bypass. Credit to Google Chrome Security Team (SkyLined). - [55745] Medium, Cross-origin video theft with canvas. Credit to Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR). - [56237] Low, Browser crash with HTML5 databases. Credit to Google Chrome Security Team (Inferno). - [58319] Low, Prevent excessive file dialogs, possibly leading to browser crash. Credit to Cezary Tomczak (gosu.pl). - [59554] High, Use after free in history handling. Credit to Stefan Troger. - [59817] Medium, Make sure the “dangerous file types” list is uptodate with the Windows platforms. Credit to Billy Rios of the Google Security Team. - [61701] Low, Browser crash with HTTP proxy authentication. Credit to Mohammed Bouhlel. - [61653] Medium, Out-of-bounds read regression in WebM video support. Credit to Google Chrome Security Team (Chris Evans), based on earlier testcases from Mozilla and Microsoft (MSVR). - [62127] High, Crash due to bad indexing with malformed video. Credit to miaubiz. - [62168] Medium, Possible browser memory corruption via malicious privileged extension. Credit to kuzzcc. - [62401] High, Use after free with SVG animations. Credit to Sławomir Błażek. - [63051] Medium, Use after free in mouse dragging event handling. Credit to kuzzcc. - [63444] High, Double free in XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences. * Automatically merge Launchpad translations with the upstream grit files and produce patches in the source tarball. Apply those patches at build time during configure - update debian/rules -- Fabien Tassin <email address hidden> Thu, 02 Dec 2010 20:32:06 +0100
Available diffs
chromium-browser (8.0.552.215~r67652-0ubuntu0.10.04.1) lucid-security; urgency=high * New upstream Major release from the Stable Channel (LP: #684502), also fixing the following security issues: - [17655] Low, Possible pop-up blocker bypass. Credit to Google Chrome Security Team (SkyLined). - [55745] Medium, Cross-origin video theft with canvas. Credit to Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR). - [56237] Low, Browser crash with HTML5 databases. Credit to Google Chrome Security Team (Inferno). - [58319] Low, Prevent excessive file dialogs, possibly leading to browser crash. Credit to Cezary Tomczak (gosu.pl). - [59554] High, Use after free in history handling. Credit to Stefan Troger. - [59817] Medium, Make sure the “dangerous file types” list is uptodate with the Windows platforms. Credit to Billy Rios of the Google Security Team. - [61701] Low, Browser crash with HTTP proxy authentication. Credit to Mohammed Bouhlel. - [61653] Medium, Out-of-bounds read regression in WebM video support. Credit to Google Chrome Security Team (Chris Evans), based on earlier testcases from Mozilla and Microsoft (MSVR). - [62127] High, Crash due to bad indexing with malformed video. Credit to miaubiz. - [62168] Medium, Possible browser memory corruption via malicious privileged extension. Credit to kuzzcc. - [62401] High, Use after free with SVG animations. Credit to Sławomir Błażek. - [63051] Medium, Use after free in mouse dragging event handling. Credit to kuzzcc. - [63444] High, Double free in XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences. * Automatically merge Launchpad translations with the upstream grit files and produce patches in the source tarball. Apply those patches at build time during configure - update debian/rules -- Fabien Tassin <email address hidden> Thu, 02 Dec 2010 20:32:06 +0100
Available diffs
| Superseded in natty-release |
chromium-browser (8.0.552.215~r67652-0ubuntu1) natty; urgency=high * New upstream Major release from the Stable Channel (LP: #684502), also fixing the following security issues: - [17655] Low, Possible pop-up blocker bypass. Credit to Google Chrome Security Team (SkyLined). - [55745] Medium, Cross-origin video theft with canvas. Credit to Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR). - [56237] Low, Browser crash with HTML5 databases. Credit to Google Chrome Security Team (Inferno). - [58319] Low, Prevent excessive file dialogs, possibly leading to browser crash. Credit to Cezary Tomczak (gosu.pl). - [59554] High, Use after free in history handling. Credit to Stefan Troger. - [59817] Medium, Make sure the “dangerous file types” list is uptodate with the Windows platforms. Credit to Billy Rios of the Google Security Team. - [61701] Low, Browser crash with HTTP proxy authentication. Credit to Mohammed Bouhlel. - [61653] Medium, Out-of-bounds read regression in WebM video support. Credit to Google Chrome Security Team (Chris Evans), based on earlier testcases from Mozilla and Microsoft (MSVR). - [62127] High, Crash due to bad indexing with malformed video. Credit to miaubiz. - [62168] Medium, Possible browser memory corruption via malicious privileged extension. Credit to kuzzcc. - [62401] High, Use after free with SVG animations. Credit to Sławomir Błażek. - [63051] Medium, Use after free in mouse dragging event handling. Credit to kuzzcc. - [63444] High, Double free in XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences. * Work-around a gcc 4.5 miscompilation bug causing regression in the omnibar, breaking searches (LP: #664584) - add debian/patches/gcc-4.5-build-workaround.patch - update debian/patches/series * Automatically merge Launchpad translations with the upstream grit files and produce patches in the source tarball. Apply those patches at build time during configure - update debian/rules * Add x-scheme-handler/http and x-scheme-handler/https to the MimeType entry of the desktop file (needed on Natty where handlers are no longer searched for in gconf) - update debian/chromium-browser.desktop -- Fabien Tassin <email address hidden> Thu, 02 Dec 2010 20:32:06 +0100
Available diffs
| Superseded in maverick-security |
| Superseded in maverick-updates |
| Deleted in maverick-proposed (Reason: moved to -updates) |
| Superseded in maverick-proposed |
chromium-browser (7.0.517.44~r64615-0ubuntu0.10.10.1) maverick-security; urgency=high * New upstream Major release from the Stable Channel (LP: #671420), also fixing the following security issues: - [51602] High, Use-after-free in text editing. Credit to David Bloom of the Google Security Team, Google Chrome Security Team (Inferno) and Google Chrome Security Team (Cris Neckar). - [55257] High, Memory corruption with enormous text area. Credit to wushi of team509. - [58657] High, Bad cast with the SVG use element. Credit to the kuzzcc. - [58731] High, Invalid memory read in XPath handling. Credit to Bui Quang Minh from Bkis (www.bkis.com). - [58741] High, Use-after-free in text control selections. Credit to “vkouchna”. - [59320] High, Integer overflows in font handling. Credit to Aki Helin of OUSPG. - [60055] High, Memory corruption in libvpx. Credit to Christoph Diehl. - [60238] High, Bad use of destroyed frame object. Credit to various developers, including “gundlach”. - [60327] [60769] [61255] High, Type confusions with event objects. Credit to “fam.lam” and Google Chrome Security Team (Inferno). - [60688] High, Out-of-bounds array access in SVG handling. Credit to wushi of team509. -- Fabien Tassin <email address hidden> Thu, 04 Nov 2010 20:53:09 +0100
Available diffs
| Superseded in lucid-security |
| Superseded in lucid-updates |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-proposed |
chromium-browser (7.0.517.44~r64615-0ubuntu0.10.04.1) lucid-security; urgency=high * New upstream Major release from the Stable Channel (LP: #671420), also fixing the following security issues: - [51602] High, Use-after-free in text editing. Credit to David Bloom of the Google Security Team, Google Chrome Security Team (Inferno) and Google Chrome Security Team (Cris Neckar). - [55257] High, Memory corruption with enormous text area. Credit to wushi of team509. - [58657] High, Bad cast with the SVG use element. Credit to the kuzzcc. - [58731] High, Invalid memory read in XPath handling. Credit to Bui Quang Minh from Bkis (www.bkis.com). - [58741] High, Use-after-free in text control selections. Credit to “vkouchna”. - [59320] High, Integer overflows in font handling. Credit to Aki Helin of OUSPG. - [60055] High, Memory corruption in libvpx. Credit to Christoph Diehl. - [60238] High, Bad use of destroyed frame object. Credit to various developers, including “gundlach”. - [60327] [60769] [61255] High, Type confusions with event objects. Credit to “fam.lam” and Google Chrome Security Team (Inferno). - [60688] High, Out-of-bounds array access in SVG handling. Credit to wushi of team509. -- Fabien Tassin <email address hidden> Thu, 04 Nov 2010 20:53:09 +0100
Available diffs
| Superseded in natty-release |
chromium-browser (7.0.517.44~r64615-0ubuntu1) natty; urgency=high * New upstream Major release from the Stable Channel (LP: #671420), also fixing the following security issues: - [51602] High, Use-after-free in text editing. Credit to David Bloom of the Google Security Team, Google Chrome Security Team (Inferno) and Google Chrome Security Team (Cris Neckar). - [55257] High, Memory corruption with enormous text area. Credit to wushi of team509. - [58657] High, Bad cast with the SVG use element. Credit to the kuzzcc. - [58731] High, Invalid memory read in XPath handling. Credit to Bui Quang Minh from Bkis (www.bkis.com). - [58741] High, Use-after-free in text control selections. Credit to “vkouchna”. - [59320] High, Integer overflows in font handling. Credit to Aki Helin of OUSPG. - [60055] High, Memory corruption in libvpx. Credit to Christoph Diehl. - [60238] High, Bad use of destroyed frame object. Credit to various developers, including “gundlach”. - [60327] [60769] [61255] High, Type confusions with event objects. Credit to “fam.lam” and Google Chrome Security Team (Inferno). - [60688] High, Out-of-bounds array access in SVG handling. Credit to wushi of team509. * Work-around a gcc 4.5 miscompilation bug causing a regression in the omnibar, breaking searches (LP: #664584) - add debian/patches/gcc-4.5-build-workaround.patch - update debian/patches/series -- Fabien Tassin <email address hidden> Thu, 04 Nov 2010 20:53:09 +0100
Available diffs
| Superseded in maverick-security |
| Superseded in maverick-updates |
| Deleted in maverick-proposed (Reason: moved to -updates) |
| Superseded in maverick-proposed |
chromium-browser (7.0.517.41~r62167-0ubuntu0.10.10.1) maverick-security; urgency=high * New upstream Major release from the Stable Channel (LP: #663523), also fixing the following security issues: - [48225] [51727] Medium, Possible autofill / autocomplete profile spamming. Credit to Google Chrome Security Team (Inferno). - [48857] High, Crash with forms. Credit to the Chromium development community. - [50428] Critical, Browser crash with form autofill. Credit to the Chromium development community. - [51680] High, Possible URL spoofing on page unload. Credit to kuzzcc; plus independent discovery by Jordi Chancel. - [53002] Low, Pop-up block bypass. Credit to kuzzcc. - [53985] Medium, Crash on shutdown with Web Sockets. Credit to the Chromium development community. - [54132] Low, Bad construction of PATH variable. Credit to Dan Rosenberg, Virtual Security Research. - [54500] High, Possible memory corruption with animated GIF. Credit to Simon Schaak. - [54794] High, Failure to sandbox worker processes on Linux. Credit to Google Chrome Security Team (Chris Evans). - [56451] High, Stale elements in an element map. Credit to Michal Zalewski of the Google Security Team. * Drop the -fno-tree-sink workaround for the armel gcc inlining bug now that the strict-aliasing issue in dtoa has been fixed - drop debian/patches/no_tree_sink_v8.patch - update debian/patches/series * Drop the xdg-mime patch now that we catched up with v7 - drop debian/patches/xdg-utils-update.patch * Disable -Werror when building with gcc 4.5 until http://code.google.com/p/chromium/issues/detail?id=49533 gets fixed - update debian/rules * Fix the apport hook crash when the use_system key is unset (LP: #660579) - update debian/apport/chromium-browser.py -- Fabien Tassin <email address hidden> Tue, 19 Oct 2010 22:36:19 +0200
Available diffs
| Superseded in lucid-updates |
| Superseded in lucid-security |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-proposed |
chromium-browser (7.0.517.41~r62167-0ubuntu0.10.04.1) lucid-security; urgency=high * New upstream Major release from the Stable Channel (LP: #663523), also fixing the following security issues: - [48225] [51727] Medium, Possible autofill / autocomplete profile spamming. Credit to Google Chrome Security Team (Inferno). - [48857] High, Crash with forms. Credit to the Chromium development community. - [50428] Critical, Browser crash with form autofill. Credit to the Chromium development community. - [51680] High, Possible URL spoofing on page unload. Credit to kuzzcc; plus independent discovery by Jordi Chancel. - [53002] Low, Pop-up block bypass. Credit to kuzzcc. - [53985] Medium, Crash on shutdown with Web Sockets. Credit to the Chromium development community. - [54132] Low, Bad construction of PATH variable. Credit to Dan Rosenberg, Virtual Security Research. - [54500] High, Possible memory corruption with animated GIF. Credit to Simon Schaak. - [54794] High, Failure to sandbox worker processes on Linux. Credit to Google Chrome Security Team (Chris Evans). - [56451] High, Stale elements in an element map. Credit to Michal Zalewski of the Google Security Team. * Drop the -fno-tree-sink workaround for the armel gcc inlining bug now that the strict-aliasing issue in dtoa has been fixed - drop debian/patches/no_tree_sink_v8.patch - update debian/patches/series * Disable -Werror when building with gcc 4.5 until http://code.google.com/p/chromium/issues/detail?id=49533 gets fixed - update debian/rules * Fix the apport hook crash when the use_system key is unset (LP: #660579) - update debian/apport/chromium-browser.py * Set CHROME_DESKTOP in the wrapper to help the default browser checker (LP: #513133) - update debian/chromium-browser.sh.in -- Fabien Tassin <email address hidden> Tue, 19 Oct 2010 22:36:19 +0200
Available diffs
| Superseded in natty-release |
chromium-browser (7.0.517.41~r62167-0ubuntu1) natty; urgency=high * New upstream Major release from the Stable Channel (LP: #663523), also fixing the following security issues: - [48225] [51727] Medium, Possible autofill / autocomplete profile spamming. Credit to Google Chrome Security Team (Inferno). - [48857] High, Crash with forms. Credit to the Chromium development community. - [50428] Critical, Browser crash with form autofill. Credit to the Chromium development community. - [51680] High, Possible URL spoofing on page unload. Credit to kuzzcc; plus independent discovery by Jordi Chancel. - [53002] Low, Pop-up block bypass. Credit to kuzzcc. - [53985] Medium, Crash on shutdown with Web Sockets. Credit to the Chromium development community. - [54132] Low, Bad construction of PATH variable. Credit to Dan Rosenberg, Virtual Security Research. - [54500] High, Possible memory corruption with animated GIF. Credit to Simon Schaak. - [54794] High, Failure to sandbox worker processes on Linux. Credit to Google Chrome Security Team (Chris Evans). - [56451] High, Stale elements in an element map. Credit to Michal Zalewski of the Google Security Team. * Drop the -fno-tree-sink workaround for the armel gcc inlining bug now that the strict-aliasing issue in dtoa has been fixed - drop debian/patches/no_tree_sink_v8.patch - update debian/patches/series * Drop the xdg-mime patch now that we catched up with v7 - drop debian/patches/xdg-utils-update.patch * Disable -Werror when building with gcc 4.5 until http://code.google.com/p/chromium/issues/detail?id=49533 gets fixed - update debian/rules * Fix the apport hook crash when the use_system key is unset (LP: #660579) - update debian/apport/chromium-browser.py -- Fabien Tassin <email address hidden> Tue, 19 Oct 2010 22:36:19 +0200
Available diffs
chromium-browser (6.0.472.63~r59945-0ubuntu2) maverick; urgency=low
* Fix the default browser selection on KDE4 by bringing in a fresher
xdg-mime (See http://crbug.com/18106) and ship it in the main deb
- add debian/patches/xdg-utils-update.patch
- update debian/chromium-browser.install
* Set CHROME_DESKTOP in the wrapper to help the default browser
checker (LP: #513133)
- update debian/chromium-browser.sh.in
-- Fabien Tassin <email address hidden> Wed, 29 Sep 2010 20:40:05 +0200
Available diffs
| Superseded in maverick-release |
chromium-browser (6.0.472.63~r59945-0ubuntu1) maverick; urgency=low
* New upstream release from the Stable Channel
* Set CHROME_WRAPPER to the real name of the wrapper now that upstream
use its value
- update debian/chromium-browser.sh.in
* Add some apport hooks adding useful information to the bugs
- add debian/apport/chromium-browser.py
- update debian/chromium-browser.install
* Update the Desktop translations for ast/ca/pt_BR
- update debian/chromium-browser.desktop
-- Fabien Tassin <email address hidden> Fri, 24 Sep 2010 07:54:08 +0200
Available diffs
| Superseded in lucid-updates |
| Superseded in lucid-security |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-updates |
| Superseded in lucid-security |
| Superseded in lucid-proposed |
chromium-browser (6.0.472.62~r59676-0ubuntu0.10.04.1) lucid-security; urgency=high * New upstream release from the Stable Channel (LP: #641699) This release fixes the following security issues: - [55114] High, Bad cast with malformed SVG. Credit to wushi of team 509. - [55119] Critical, Buffer mismanagement in the SPDY protocol. Credit to Mike Belshe of the Chromium development community. - [55350] High, Cross-origin property pollution. Credit to Stefano Di Paola of MindedSecurity. Also includes the following security issues from 6.0.472.59 (LP: #638736) - [50250] High, Use-after-free when using document APIs during parse. Credit to David Weston of Microsoft + Microsoft Vulnerability Research (MSVR) and wushi of team 509 (independent discoveries). - [50712] High, Use-after-free in SVG styles. Credit to kuzzcc. - [51252] High, Use-after-free with nested SVG elements. Credit to kuzzcc. - [51709] Low, Possible browser assert in cursor handling. Credit to “magnusmorton”. - [51919] High, Race condition in console handling. Credit to kuzzcc. - [53176] Low, Unlikely browser crash in pop-up blocking. Credit to kuzzcc. - [53394] High, Memory corruption in Geolocation. Credit to kuzzcc. - [53930] High, Memory corruption in Khmer handling. Credit to Google Chrome Security Team (Chris Evans). - [54006] Low, Failure to prompt for extension history access. Credit to “adriennefelt”. * Don't build with PIE on armel for now, it fails to link. - update debian/rules * Add some translations for the "Name" field in the desktop file, and fix some "Comment" / "GenericName". Thanks to the Ubuntu translation team. See https://wiki.ubuntu.com/Translations/Wanted/ChromiumDesktop to contribute more translations (LP: #631670) -- Fabien Tassin <email address hidden> Fri, 17 Sep 2010 22:25:54 +0200
Available diffs
| Superseded in maverick-release |
chromium-browser (6.0.472.62~r59676-0ubuntu1) maverick; urgency=high * New upstream release from the Stable Channel (LP: #641699) This release fixes the following security issues: - [55114] High, Bad cast with malformed SVG. Credit to wushi of team 509. - [55119] Critical, Buffer mismanagement in the SPDY protocol. Credit to Mike Belshe of the Chromium development community. - [55350] High, Cross-origin property pollution. Credit to Stefano Di Paola of MindedSecurity. * Add some translations for the "Name" field in the desktop file, and fix some "Comment" / "GenericName". Thanks to the Ubuntu translation team. See https://wiki.ubuntu.com/Translations/Wanted/ChromiumDesktop to contribute more translations (LP: #631670) -- Fabien Tassin <email address hidden> Fri, 17 Sep 2010 22:25:54 +0200
Available diffs
| Superseded in maverick-release |
chromium-browser (6.0.472.59~r59126-0ubuntu1) maverick; urgency=low * New upstream release from the Stable Channel (LP: #638736) This release fixes the following security issues: - [50250] High, Use-after-free when using document APIs during parse. Credit to David Weston of Microsoft + Microsoft Vulnerability Research (MSVR) and wushi of team 509 (independent discoveries). - [50712] High, Use-after-free in SVG styles. Credit to kuzzcc. - [51252] High, Use-after-free with nested SVG elements. Credit to kuzzcc. - [51709] Low, Possible browser assert in cursor handling. Credit to “magnusmorton”. - [51919] High, Race condition in console handling. Credit to kuzzcc. - [53176] Low, Unlikely browser crash in pop-up blocking. Credit to kuzzcc. - [53394] High, Memory corruption in Geolocation. Credit to kuzzcc. - [53930] High, Memory corruption in Khmer handling. Credit to Google Chrome Security Team (Chris Evans). - [54006] Low, Failure to prompt for extension history access. Credit to “adriennefelt”. * Don't build with PIE on armel for now, it fails to link. - update debian/rules -- Fabien Tassin <email address hidden> Wed, 15 Sep 2010 07:20:49 +0200
Available diffs
chromium-browser (6.0.472.55~r58392-0ubuntu0.10.04.1) lucid-security; urgency=low * New upstream release from the Stable Channel (LP: #635949) This release fixes the following issues/regressions: - [51727] [52940] Failures when using autocomplete - [10913] Default search engine settings wiped out - [1906] Shift reload not working * Build with the Hardening Wrapper (to gain PIE), adding another layer of protection (See https://wiki.ubuntu.com/Security/HardeningWrapper) - update debian/control - update debian/rules * On Armel, when checking for armv7, also test for Maverick version - update debian/rules -- Fabien Tassin <email address hidden> Wed, 08 Sep 2010 09:12:35 +0200
Available diffs
| Superseded in maverick-release |
chromium-browser (6.0.472.55~r58392-0ubuntu1) maverick; urgency=low * New upstream release from the Stable Channel (LP: #635949) This release fixes the following issues/regressions: - [51727] [52940] Failures when using autocomplete - [10913] Default search engine settings wiped out - [1906] Shift reload not working * Build with the Hardening Wrapper (to gain PIE), adding another layer of protection (See https://wiki.ubuntu.com/Security/HardeningWrapper) - update debian/control - update debian/rules * On Armel, when checking for armv7, also test for Maverick version - update debian/rules -- Fabien Tassin <email address hidden> Wed, 08 Sep 2010 09:12:35 +0200
Available diffs
| Superseded in lucid-updates |
| Superseded in lucid-security |
| Superseded in lucid-proposed |
| Superseded in lucid-proposed |
chromium-browser (6.0.472.53~r57914-0ubuntu0.10.04.1) lucid-security; urgency=low * New upstream release from the Stable Channel (LP: #628924) This release fixes the following security issues: - [34414] Low, Pop-up blocker bypass with blank frame target. Credit to Google Chrome Security Team (Inferno) and “ironfist99”. - [37201] Medium, URL bar visual spoofing with homographic sequences. Credit to Chris Weber of Casaba Security. - [41654] Medium, Apply more restrictions on setting clipboard content. Credit to Brook Novak. - [45659] High, Stale pointer with SVG filters. Credit to Tavis Ormandy of the Google Security Team. - [45876] Medium, Possible installed extension enumeration. Credit to Lostmon. - [46750] [51846] Low, Browser NULL crash with WebSockets. Credit to Google Chrome Security Team (SkyLined), Google Chrome Security Team (Justin Schuh) and Keith Campbell. - [50386] High, Use-after-free in Notifications presenter. Credit to Sergey Glazunov. - [50839] High, Notification permissions memory corruption. Credit to Michal Zalewski of the Google Security Team and Google Chrome Security Team (SkyLined). - [51630] [51739] High, Integer errors in WebSockets. Credit to Keith Campbell and Google Chrome Security Team (Cris Neckar). - [51653] High, Memory corruption with counter nodes. Credit to kuzzcc. - [51727] Low, Avoid storing excessive autocomplete entries. Credit to Google Chrome Security Team (Inferno). - [52443] High, Stale pointer in focus handling. Credit to VUPEN Vulnerability Research Team (VUPEN-SR-2010-249). - [52682] High, Sandbox parameter deserialization error. Credit to Ashutosh Mehra and Vineet Batra of the Adobe Reader Sandbox Team. - [53001] Medium, Cross-origin image theft. Credit to Isaac Dawson. * Enable all codecs for HTML5 in Chromium, depending on which ffmpeg sumo lib is installed, the set of usable codecs (at runtime) will still vary. This is now done by setting proprietary_codecs=1 so we can drop our patch - update debian/rules - drop debian/patches/html5_video_mimetypes.patch - update debian/patches/series * Bump the Dependencies on chromium-codecs-ffmpeg to >= 0.6, needed for the new API - update debian/control * Add "libcups2-dev | libcupsys2-dev" (the latter for Hardy) to Build-Depends. This is needed for Cloud Printing - update debian/control * Add libppapi_tests.so and linker.lock to INSTALL_EXCLUDE_FILES and DumpRenderTree_resources/ to INSTALL_EXCLUDE_DIRS - update debian/rules * Install resources.pak in the main deb, and remove all resources/ accordingly - update debian/chromium-browser.install * Add libgnome-keyring-dev to Build-Depends. This is needed for the GNOME Keyring and KWallet integration. See http://crbug.com/12351 - update debian/control * Ship empty policy dirs (for now) in /etc/chromium-browser/policies - update debian/rules - update debian/chromium-browser.dirs * Bump build-deps for gyp to >= 0.1~svn837 - update debian/control * Drop the icedtea6-plugin workaround, it's no longer needed and it may cause troubles when the default xulrunner contains older nss/nspr libs - update debian/chromium-browser.sh.in -- Fabien Tassin <email address hidden> Thu, 02 Sep 2010 17:03:41 +0200
Available diffs
| Superseded in maverick-release |
chromium-browser (6.0.472.53~r57914-0ubuntu1) maverick; urgency=low * New upstream release from the Stable Channel (LP: #628924) This release fixes the following security issues: - [34414] Low, Pop-up blocker bypass with blank frame target. Credit to Google Chrome Security Team (Inferno) and “ironfist99”. - [37201] Medium, URL bar visual spoofing with homographic sequences. Credit to Chris Weber of Casaba Security. - [41654] Medium, Apply more restrictions on setting clipboard content. Credit to Brook Novak. - [45659] High, Stale pointer with SVG filters. Credit to Tavis Ormandy of the Google Security Team. - [45876] Medium, Possible installed extension enumeration. Credit to Lostmon. - [46750] [51846] Low, Browser NULL crash with WebSockets. Credit to Google Chrome Security Team (SkyLined), Google Chrome Security Team (Justin Schuh) and Keith Campbell. - [50386] High, Use-after-free in Notifications presenter. Credit to Sergey Glazunov. - [50839] High, Notification permissions memory corruption. Credit to Michal Zalewski of the Google Security Team and Google Chrome Security Team (SkyLined). - [51630] [51739] High, Integer errors in WebSockets. Credit to Keith Campbell and Google Chrome Security Team (Cris Neckar). - [51653] High, Memory corruption with counter nodes. Credit to kuzzcc. - [51727] Low, Avoid storing excessive autocomplete entries. Credit to Google Chrome Security Team (Inferno). - [52443] High, Stale pointer in focus handling. Credit to VUPEN Vulnerability Research Team (VUPEN-SR-2010-249). - [52682] High, Sandbox parameter deserialization error. Credit to Ashutosh Mehra and Vineet Batra of the Adobe Reader Sandbox Team. - [53001] Medium, Cross-origin image theft. Credit to Isaac Dawson. * Enable all codecs for HTML5 in Chromium, depending on which ffmpeg sumo lib is installed, the set of usable codecs (at runtime) will still vary. This is now done by setting proprietary_codecs=1 so we can drop our patch - update debian/rules - drop debian/patches/html5_video_mimetypes.patch - update debian/patches/series * Bump the Dependencies on chromium-codecs-ffmpeg to >= 0.6, needed for the new API - update debian/control * Add "libcups2-dev | libcupsys2-dev" (the latter for Hardy) to Build-Depends. This is needed for Cloud Printing - update debian/control * Add libppapi_tests.so and linker.lock to INSTALL_EXCLUDE_FILES and DumpRenderTree_resources/ to INSTALL_EXCLUDE_DIRS - update debian/rules * Install resources.pak in the main deb, and remove all resources/ accordingly - update debian/chromium-browser.install * Add libgnome-keyring-dev to Build-Depends. This is needed for the GNOME Keyring and KWallet integration. See http://crbug.com/12351 - update debian/control * Ship empty policy dirs (for now) in /etc/chromium-browser/policies - update debian/rules - update debian/chromium-browser.dirs * Bump build-deps for gyp to >= 0.1~svn837 - update debian/control * Drop the icedtea6-plugin workaround, it's no longer needed and it may cause troubles when the default xulrunner contains older nss/nspr libs - update debian/chromium-browser.sh.in -- Fabien Tassin <email address hidden> Thu, 02 Sep 2010 17:03:41 +0200
Available diffs
| Superseded in lucid-security |
| Superseded in lucid-updates |
| Superseded in lucid-proposed |
| Superseded in lucid-proposed |
chromium-browser (5.0.375.127~r55887-0ubuntu0.10.04.1) lucid-security; urgency=low * New upstream release from the Stable Channel (LP: #622823) This release fixes the following security issues: - [45400] Critical, Memory corruption with file dialog. Credit to Sergey Glazunov. - [49596] High, Memory corruption with SVGs. Credit to wushi of team509. - [49628] High, Bad cast with text editing. Credit to wushi of team509. - [49964] High, Possible address bar spoofing with history bug. Credit to Mike Taylor. - [50515] [51835] High, Memory corruption in MIME type handling. Credit to Sergey Glazunov. - [50553] Critical, Crash on shutdown due to notifications bug. Credit to Sergey Glazunov. - [51146] Medium, Stop omnibox autosuggest if the user might be about to type a password. Credit to Robert Hansen. - [51654] High, Memory corruption with Ruby support. Credit to kuzzcc. - [51670] High, Memory corruption with Geolocation support. Credit to kuzzcc. * Add the xul libdir to LD_LIBRARY_PATH in the wrapper to help icedtea6-plugin (LP: #529242). This is needed at least for openjdk-6 6b18. - update debian/chromium-browser.sh * No longer use tar --lzma in get-orig-source now that it silently uses xz (since tar 1.23-2) which is not available in the backports. Use "tar | lzma" instead so the embedded tarball is always a lzma file - update debian/rules * Tweak the user agent to include Chromium and the Distro's name and version. - add debian/patches/chromium_useragent.patch.in - update debian/patches/series - update debian/rules * Fix a typo in the subst_files rule - update debian/rules * Fix a gyp file that triggers an error with newer gyp (because of dead code) - add debian/patches/drop_unused_rules_to_please_newer_gyp.patch - update debian/patches/series * Bump gyp Build-Depends to >= 0.1~svn810 to match upstream requirement - update debian/control -- Fabien Tassin <email address hidden> Fri, 20 Aug 2010 14:09:16 +0200
Available diffs
| Superseded in maverick-release |
chromium-browser (5.0.375.127~r55887-0ubuntu1) maverick; urgency=low * New upstream release from the Stable Channel (LP: #622823) This release fixes the following security issues: - [45400] Critical, Memory corruption with file dialog. Credit to Sergey Glazunov. - [49596] High, Memory corruption with SVGs. Credit to wushi of team509. - [49628] High, Bad cast with text editing. Credit to wushi of team509. - [49964] High, Possible address bar spoofing with history bug. Credit to Mike Taylor. - [50515] [51835] High, Memory corruption in MIME type handling. Credit to Sergey Glazunov. - [50553] Critical, Crash on shutdown due to notifications bug. Credit to Sergey Glazunov. - [51146] Medium, Stop omnibox autosuggest if the user might be about to type a password. Credit to Robert Hansen. - [51654] High, Memory corruption with Ruby support. Credit to kuzzcc. - [51670] High, Memory corruption with Geolocation support. Credit to kuzzcc. * Add the xul libdir to LD_LIBRARY_PATH in the wrapper to help icedtea6-plugin (LP: #529242). This is needed at least for openjdk-6 6b18. - update debian/chromium-browser.sh * No longer use tar --lzma in get-orig-source now that it silently uses xz (since tar 1.23-2) which is not available in the backports. Use "tar | lzma" instead so the embedded tarball is always a lzma file - update debian/rules * Tweak the user agent to include Chromium and the Distro's name and version. - add debian/patches/chromium_useragent.patch.in - update debian/patches/series - update debian/rules * Fix a typo in the subst_files rule - update debian/rules * Fix a gyp file that triggers an error with newer gyp (because of dead code) - add debian/patches/drop_unused_rules_to_please_newer_gyp.patch - update debian/patches/series * Bump gyp Build-Depends to >= 0.1~svn810 to match upstream requirement - update debian/control -- Fabien Tassin <email address hidden> Fri, 20 Aug 2010 14:09:16 +0200
Available diffs
| Superseded in lucid-security |
| Superseded in lucid-updates |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-proposed |
chromium-browser (5.0.375.125~r53311-0ubuntu0.10.04.1) lucid-security; urgency=low * New upstream release from the Stable Channel (LP: #612109) This release fixes the following security issues: - [42736] Medium Memory contents disclosure in layout code. Credit to Michail Nikolaev. - [43813] High Issue with large canvases. Credit to sp3x of SecurityReason.com. - [47866] High Memory corruption in rendering code. Credit to Jose A. Vazquez. - [48284] High Memory corruption in SVG handling. Credit to Aki Helin of OUSPG. - [48597] Low Avoid hostname truncation and incorrect eliding. Credit to Google Chrome Security Team (Inferno). * lsb_release is slow so try to source the static file /etc/lsb-release instead, and fallback to lsb_release if we didn't get the information we need for about:version (LP: #608253). Thanks to pitti for the idea. - update debian/chromium-browser.sh.in -- Fabien Tassin <email address hidden> Tue, 27 Jul 2010 12:03:40 +0200
Available diffs
| Superseded in maverick-release |
chromium-browser (5.0.375.125~r53311-0ubuntu1) maverick; urgency=low * New upstream release from the Stable Channel (LP: #612109) This release fixes the following security issues: - [42736] Medium Memory contents disclosure in layout code. Credit to Michail Nikolaev. - [43813] High Issue with large canvases. Credit to sp3x of SecurityReason.com. - [47866] High Memory corruption in rendering code. Credit to Jose A. Vazquez. - [48284] High Memory corruption in SVG handling. Credit to Aki Helin of OUSPG. - [48597] Low Avoid hostname truncation and incorrect eliding. Credit to Google Chrome Security Team (Inferno). * lsb_release is slow so try to source the static file /etc/lsb-release instead, and fallback to lsb_release if we didn't get the information we need for about:version (LP: #608253). Thanks to pitti for the idea. - update debian/chromium-browser.sh.in -- Fabien Tassin <email address hidden> Tue, 27 Jul 2010 12:03:40 +0200
Available diffs
| Superseded in lucid-security |
| Superseded in lucid-updates |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-proposed |
chromium-browser (5.0.375.99~r51029-0ubuntu0.10.04.1) lucid-proposed; urgency=low * New upstream release from the Stable Channel (LP: #602142) This release fixes the following security issues: - [42396] Low OOB read with WebGL. Credit to Sergey Glazunov; Google Chrome Security Team (SkyLined). - [42575] [42980] Medium Isolate sandboxed iframes more strongly. Credit to sirdarckcat of Google Security Team. - [43488] High Memory corruption with invalid SVGs. Credit to Aki Hekin of OUSPG; wushi of team509. - [44424] High Memory corruption in bidi algorithm. Credit to wushi of team509. - [45164] Low Crash with invalid image. Credit to Jose A. Vazquez. - [45983] High Memory corruption with invalid PNG (libpng bug). Credit to Aki Helin of OUSPG. - [46360] High Memory corruption in CSS style rendering. Credit to wushi of team509. - [46575] Low Annoyance with print dialogs. Credit to Mats Ahlgren. - [47056] Low Crash with modal dialogs. Credit to Aki Helin of OUSPG. -- Fabien Tassin <email address hidden> Fri, 02 Jul 2010 01:05:06 +0200
Available diffs
| Superseded in maverick-release |
chromium-browser (5.0.375.99~r51029-0ubuntu1) maverick; urgency=low * New upstream release from the Stable Channel (LP: #602142) This release fixes the following security issues: - [42396] Low OOB read with WebGL. Credit to Sergey Glazunov; Google Chrome Security Team (SkyLined). - [42575] [42980] Medium Isolate sandboxed iframes more strongly. Credit to sirdarckcat of Google Security Team. - [43488] High Memory corruption with invalid SVGs. Credit to Aki Hekin of OUSPG; wushi of team509. - [44424] High Memory corruption in bidi algorithm. Credit to wushi of team509. - [45164] Low Crash with invalid image. Credit to Jose A. Vazquez. - [45983] High Memory corruption with invalid PNG (libpng bug). Credit to Aki Helin of OUSPG. - [46360] High Memory corruption in CSS style rendering. Credit to wushi of team509. - [46575] Low Annoyance with print dialogs. Credit to Mats Ahlgren. - [47056] Low Crash with modal dialogs. Credit to Aki Helin of OUSPG. -- Fabien Tassin <email address hidden> Fri, 02 Jul 2010 01:05:06 +0200
Available diffs
| Superseded in lucid-updates |
| Superseded in lucid-security |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-proposed |
chromium-browser (5.0.375.86~r49890-0ubuntu0.10.04.1) lucid-proposed; urgency=low * New upstream release from the Stable Channel (LP: #598913) Fixes the following security issues: - [38105] Medium XSS via application/json response (regression). Credit to Ben Davis for original discovery and Emanuele Gentili for regression discovery. - [43322] Medium Memory error in video handling. Credit to Mark Dowd under contract to Google Chrome Security Team. - [43967] High Subresource displayed in omnibox loading. Credit to Michal Zalewski of Google Security Team. - [45267] High Memory error in video handling. Credit to Google Chrome Security Team (Cris Neckar). - [46126] High Stale pointer in x509-user-cert response. Credit to Rodrigo Marcos of SECFORCE. * Drop the XLIB_SKIP_ARGB_VISUALS workaround now that the rgba patch has been backed off from gtk2 (LP: #584959) - update debian/chromium-browser.sh * Show in about:version and in the About UI when chromium is running on a different distribution that it has been built on - udpate debian/rules - rename and update debian/chromium-browser.sh => debian/chromium-browser.sh.in * Refresh list of languages in the -l10n package - update debian/control * Stop building and running the testsuite. The builders restricted env makes the results mostly unusable in an automated way and resources to manually exploit them are not available - update debian/control - update debian/rules * Remove duplicates of the main copyright file in order to save space on the CD - update debian/rules * Add support for the Ambiance/Radiance and Dust themes button ordering by reading the gconf pref (LP: #568307) (thanks to Giuseppe Iuculano for importing the patch from trunk) - add debian/patches/gtk-ambiance.patch - update debian/patches/series -- Fabien Tassin <email address hidden> Fri, 25 Jun 2010 02:05:06 +0200
Available diffs
| Superseded in maverick-release |
chromium-browser (5.0.375.86~r49890-0ubuntu1) maverick; urgency=low * New upstream release from the Stable Channel (LP: #598913) Fixes the following security issues: - [38105] Medium XSS via application/json response (regression). Credit to Ben Davis for original discovery and Emanuele Gentili for regression discovery. - [43322] Medium Memory error in video handling. Credit to Mark Dowd under contract to Google Chrome Security Team. - [43967] High Subresource displayed in omnibox loading. Credit to Michal Zalewski of Google Security Team. - [45267] High Memory error in video handling. Credit to Google Chrome Security Team (Cris Neckar). - [46126] High Stale pointer in x509-user-cert response. Credit to Rodrigo Marcos of SECFORCE. * Drop the XLIB_SKIP_ARGB_VISUALS workaround now that the rgba patch has been backed off from gtk2 (LP: #584959) - update debian/chromium-browser.sh * Show in about:version and in the About UI when chromium is running on a different distribution that it has been built on - udpate debian/rules - rename and update debian/chromium-browser.sh => debian/chromium-browser.sh.in -- Fabien Tassin <email address hidden> Fri, 25 Jun 2010 02:05:06 +0200
Available diffs
| Superseded in maverick-release |
chromium-browser (5.0.375.70~r48679-0ubuntu2) maverick; urgency=low
* Refresh list of languages in the -l10n package
- update debian/control
* Stop building and running the testsuite. The builders restricted env
makes the results mostly unusable in an automated way and resources to
manually exploit them are not available
- update debian/control
- update debian/rules
* Remove duplicates of the main copyright file in order to save space on the CD
- update debian/rules
* Add support for the Ambiance/Radiance and Dust themes button ordering by
reading the gconf pref (LP: #568307)
(thanks to Giuseppe Iuculano for importing the patch from trunk)
- add debian/patches/gtk-ambiance.patch
- update debian/patches/series
-- Fabien Tassin <email address hidden> Sat, 12 Jun 2010 12:27:42 +0200
Available diffs
| Superseded in lucid-security |
| Deleted in lucid-proposed (Reason: moved to -updates) |
| Superseded in lucid-updates |
| Superseded in lucid-updates |
| Superseded in lucid-security |
| Superseded in lucid-proposed |
chromium-browser (5.0.375.70~r48679-0ubuntu0.10.04.1) lucid-security; urgency=low * New upstream release from the Stable Channel (LP: #591474) Fixes the following security issues: - [15766] Medium Cross-origin keystroke redirection. Credit to Michal Zalewski of Google Security Team. - [39985] High Cross-origin bypass in DOM methods. Credit to Sergey Glazunov. - [42723] High Memory error in table layout. Credit to wushi of team509. - [43304] High Linux sandbox escape. Credit to Mark Dowd under contract to Google Chrome Security Team. - [43307] High Bitmap stale pointer. Credit to Mark Dowd under contract to Google Chrome Security Team. - [43315] High Memory corruption in DOM node normalization. Credit to Mark Dowd under contract to Google Chrome Security Team. - [43487] High Memory corruption in text transforms. Credit to wushi of team509. - [43902] Medium XSS in innerHTML property of textarea. Credit to sirdarckcat of Google Security Team. - [44740] High Memory corruption in font handling. Credit: Apple. - [44868] High Geolocation events fire after document deletion. Credit to Google Chrome Security Team (Justin Schuh). - [44955] High Memory corruption in rendering of list markers. Credit: Apple. * Add a --temp-profile knob to the launcher script starting Chromium with a new profile which will last only for the duration of the session - update debian/chromium-browser.sh * Change StartupWMClass to Chromium-browser in the desktop launcher so cairo-dock does the right thing (LP: #587664) - update debian/chromium-browser.desktop * Set XLIB_SKIP_ARGB_VISUALS=1 in the wrapper to prevent flash from dying with a Gdk-ERROR when gtk2 is built with RGBA support (like in Maverick). (LP: #584959) - update debian/chromium-browser.sh * Unbreak get-orig-source when it needs to drop its cache after a channel jump (replace brace expansion - which is a bashism - with proper $(wildcard)) - update debian/rules -- Fabien Tassin <email address hidden> Wed, 09 Jun 2010 07:30:50 +0200
Available diffs
| Superseded in maverick-release |
chromium-browser (5.0.375.70~r48679-0ubuntu1) maverick; urgency=low * New upstream release from the Stable Channel (LP: #591474) Fixes the following security issues: - [15766] Medium Cross-origin keystroke redirection. Credit to Michal Zalewski of Google Security Team. - [39985] High Cross-origin bypass in DOM methods. Credit to Sergey Glazunov. - [42723] High Memory error in table layout. Credit to wushi of team509. - [43304] High Linux sandbox escape. Credit to Mark Dowd under contract to Google Chrome Security Team. - [43307] High Bitmap stale pointer. Credit to Mark Dowd under contract to Google Chrome Security Team. - [43315] High Memory corruption in DOM node normalization. Credit to Mark Dowd under contract to Google Chrome Security Team. - [43487] High Memory corruption in text transforms. Credit to wushi of team509. - [43902] Medium XSS in innerHTML property of textarea. Credit to sirdarckcat of Google Security Team. - [44740] High Memory corruption in font handling. Credit: Apple. - [44868] High Geolocation events fire after document deletion. Credit to Google Chrome Security Team (Justin Schuh). - [44955] High Memory corruption in rendering of list markers. Credit: Apple. * Add a --temp-profile knob to the launcher script starting Chromium with a new profile which will last only for the duration of the session - update debian/chromium-browser.sh * Change StartupWMClass to Chromium-browser in the desktop launcher so cairo-dock does the right thing (LP: #587664) - update debian/chromium-browser.desktop * Set XLIB_SKIP_ARGB_VISUALS=1 in the wrapper to prevent flash from dying with a Gdk-ERROR when gtk2 is built with RGBA support (like in Maverick). (LP: #584959) - update debian/chromium-browser.sh * Unbreak get-orig-source when it needs to drop its cache after a channel jump (replace brace expansion - which is a bashism - with proper $(wildcard)) - update debian/rules -- Fabien Tassin <email address hidden> Wed, 09 Jun 2010 07:30:50 +0200
Available diffs
| 526 → 600 of 614 results | First • Previous • Next • Last |
