chromium-browser 14.0.835.202~r103287-0ubuntu1 source package in Ubuntu
Changelog
chromium-browser (14.0.835.202~r103287-0ubuntu1) oneiric; urgency=low * New upstream release from the Stable Channel (LP: #858744) This release fixes the following security issues: + Chromium issues (13.0.782.220): - Trust in Diginotar Intermediate CAs revoked + Chromium issues (14.0.835.163): - [49377] High CVE-2011-2835: Race condition in the certificate cache. Credit to Ryan Sleevi. - [57908] Low CVE-2011-2837: Use PIC / pie compiler flags. Credit to wbrana. - [75070] Low CVE-2011-2838: Treat MIME type more authoritatively when loading plug-ins. Credit to Michal Zalewski. - [78639] High CVE-2011-2841: Garbage collection error in PDF. Credit to Mario Gomes. - [82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers. Credit to Kostya Serebryany. - [85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files. Credit to Mario Gomes. - [89564] Medium CVE-2011-2848: URL bar spoof with forward button. Credit to Jordi Chancel. - [89795] Low CVE-2011-2849: Browser NULL pointer crash with WebSockets. Credit to Arthur Gerkis. - [90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer characters. Credit to miaubiz. - [90173] Medium CVE-2011-2851: Out-of-bounds read in video handling. Credit to Google Chrome Security Team (Inferno). - [91197] High CVE-2011-2853: Use-after-free in plug-in handling. Credit to Google Chrome Security Team (SkyLined). - [93497] Medium CVE-2011-2859: Incorrect permissions assigned to non-gallery pages. Credit to Bernhard ‘Bruhns’ Brehm - [93596] Medium CVE-2011-2861: Bad string read in PDF. Credit to Aki Helin of OUSPG. - [95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan characters. Credit to Google Chrome Security Team (Inferno). - [95625] Medium CVE-2011-2858: Out-of-bounds read with triangle arrays. Credit to Google Chrome Security Team (Inferno). - [95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a session. Credit to Nishant Yadant and Craig Chamberlain (@randomuserid). + Chromium issues (14.0.835.202): - [95671] High CVE-2011-2878: Inappropriate cross-origin access to the window prototype. Credit to Sergey Glazunov. - [96150] High CVE-2011-2879: Lifetime and threading issues in audio node handling. Credit to Google Chrome Security Team (Inferno). - [98089] Critical CVE-2011-3873: Memory corruption in shader translator. Credit to Zhenyao Mo. + Webkit issues (14.0.835.163): - [78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with unusual user interaction. Credit to kuzzcc. - [89219] High CVE-2011-2846: Use-after-free in unload event handling. Credit to Arthur Gerkis. - [89330] High CVE-2011-2847: Use-after-free in document loader. Credit to miaubiz. - [89991] Medium CVE-2011-3234: Out-of-bounds read in box handling. Credit to miaubiz. - [92651] [94800] High CVE-2011-2854: Use-after-free in ruby / table style handing. Credit to Sławomir Błażek, and independent later discoveries by miaubiz and Google Chrome Security Team (Inferno). - [92959] High CVE-2011-2855: Stale node in stylesheet handling. Credit to Arthur Gerkis. - [93420] High CVE-2011-2857: Use-after-free in focus controller. Credit to miaubiz. - [93587] High CVE-2011-2860: Use-after-free in table style handling. Credit to miaubiz. + Webkit issues (14.0.835.202): - [93788] High CVE-2011-2876: Use-after-free in text line box handling. Credit to miaubiz. - [95072] High CVE-2011-2877: Stale font in SVG text handling. Credit to miaubiz. + LibXML issue (14.0.835.163): - [93472] High CVE-2011-2834: Double free in libxml XPath handling. Credit to Yang Dingning + V8 issues (14.0.835.163): - [76771] High CVE-2011-2839: Crash in v8 script object wrappers. Credit to Kostya Serebryany - [91120] High CVE-2011-2852: Off-by-one in v8. Credit to Christian Holler - [93416] High CVE-2011-2856: Cross-origin bypass in v8. Credit to Daniel Divricean. - [93906] High CVE-2011-2862: Unintended access to v8 built-in objects. Credit to Sergey Glazunov. - [95920] High CVE-2011-2875: Type confusion in v8 object sealing. Credit to Christian Holler. + V8 issues (14.0.835.202): - [97451] [97520] [97615] High CVE-2011-2880: Use-after-free in the v8 bindings. Credit to Sergey Glazunov. - [97784] High CVE-2011-2881: Memory corruption with v8 hidden objects. Credit to Sergey Glazunov. [ Fabien Tassin ] * Add libpulse-dev to Build-Depends, needed for WebRTC - update debian/control * Drop the HTML5 video patch, now committed upstream - remove debian/patches/html5-codecs-fix.patch - update debian/patches/series * Rename ui/base/strings/app_strings.grd to ui_strings.grd following the upstream rename, and add a mapping flag to the grit converter - update debian/rules * Add a "Conflicts" with -inspector so that it gets removed - update debian/control * Build with the default gcc-4.6 on Oneiric - update debian/control - update debian/rules * Refresh Patches -- Micah Gersten <email address hidden> Wed, 05 Oct 2011 04:06:44 -0500
Upload details
- Uploaded by:
- Micah Gersten
- Uploaded to:
- Oneiric
- Original maintainer:
- Fabien Tassin
- Architectures:
- any
- Section:
- web
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
chromium-browser_14.0.835.202~r103287.orig.tar.gz | 185.4 MiB | 7e355e016b099e0f8af76c3e886abe4bca58df040fb718396a9aa6b58fd5ca84 |
chromium-browser_14.0.835.202~r103287-0ubuntu1.diff.gz | 201.9 KiB | 4cb67e39422a5e66e159effd0c3b70e4c5d2cfcf65565d57d65cfba3924ae93a |
chromium-browser_14.0.835.202~r103287-0ubuntu1.dsc | 2.1 KiB | a6658f53ae270dea32dd72bf7933a68aae461f08d66f88ff42633365ff8620f6 |
Available diffs
Binary packages built by this source
- chromium-browser: No summary available for chromium-browser in ubuntu oneiric.
No description available for chromium-browser in ubuntu oneiric.
- chromium-browser-dbg: No summary available for chromium-browser-dbg in ubuntu oneiric.
No description available for chromium-
browser- dbg in ubuntu oneiric.
- chromium-browser-l10n: No summary available for chromium-browser-l10n in ubuntu oneiric.
No description available for chromium-
browser- l10n in ubuntu oneiric.
- chromium-codecs-ffmpeg: No summary available for chromium-codecs-ffmpeg in ubuntu oneiric.
No description available for chromium-
codecs- ffmpeg in ubuntu oneiric.
- chromium-codecs-ffmpeg-dbg: chromium-codecs-ffmpeg debug symbols
Debug symbols for the free ffmpeg-mt codecs
- chromium-codecs-ffmpeg-extra: No summary available for chromium-codecs-ffmpeg-extra in ubuntu oneiric.
No description available for chromium-
codecs- ffmpeg- extra in ubuntu oneiric.
- chromium-codecs-ffmpeg-extra-dbg: No summary available for chromium-codecs-ffmpeg-extra-dbg in ubuntu oneiric.
No description available for chromium-
codecs- ffmpeg- extra-dbg in ubuntu oneiric.