Ubuntu
chromium-browser package

chromium-browser 17.0.963.56~r121963-0ubuntu0.10.10.1 source package in Ubuntu

Changelog

chromium-browser (17.0.963.56~r121963-0ubuntu0.10.10.1) maverick-security; urgency=low

  * New upstream release from the Stable Channel (LP: #931905, #933262)
    This release fixes the following security issues from 17.0.963.56:
    - [105803] High CVE-2011-3015: Integer overflows in PDF codecs. Credit to
      Google Chrome Security Team (scarybeasts).
    - [106336] Medium CVE-2011-3016: Read-after-free with counter nodes. Credit
      to miaubiz.
    - [108695] High CVE-2011-3017: Possible use-after-free in database handling.
      Credit to miaubiz.
    - [110172] High CVE-2011-3018: Heap overflow in path rendering. Credit to
      Aki Helin of OUSPG.
    - [110849] High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit
      to Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk of the
      Google Security Team.
    - [111575] Medium CVE-2011-3020: Native client validator error. Credit to
      Nick Bray of the Chromium development community.
    - [111779] High CVE-2011-3021: Use-after-free in subframe loading. Credit to
      Arthur Gerkis.
    - [112236] Medium CVE-2011-3022: Inappropriate use of http for translation
      script. Credit to Google Chrome Security Team (Jorge Obes).
    - [112259] Medium CVE-2011-3023: Use-after-free with drag and drop. Credit
      to pa_kt.
    - [112451] Low CVE-2011-3024: Browser crash with empty x509 certificate.
      Credit to chrometot.
    - [112670] Medium CVE-2011-3025: Out-of-bounds read in h.264 parsing. Credit
      to Sławomir Błażek.
    - [112822] High CVE-2011-3026: Integer overflow / truncation in libpng.
      Credit to Jüri Aedla.
    - [112847] High CVE-2011-3027: Bad cast in column handling. Credit to
      miaubiz.

    This release fixes the following security issues from 17.0.963.46:
    - [73478] Low CVE-2011-3953: Avoid clipboard monitoring after paste event.
      Credit to Daniel Cheng of the Chromium development community.
    - [92550] Low CVE-2011-3954: Crash with excessive database usage. Credit to
      Collin Payne.
    - [93106] High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit
      to David Grogan of the Chromium development community.
    - [103630] Low CVE-2011-3956: Incorrect handling of sandboxed origins inside
      extensions. Credit to Devdatta Akhawe, UC Berkeley.
    - [104056] High CVE-2011-3957: Use-after-free in PDF garbage collection.
      Credit to Aki Helin of OUSPG.
    - [105459] High CVE-2011-3958: Bad casts with column spans. Credit to
      miaubiz.
    - [106441] High CVE-2011-3959: Buffer overflow in locale handling. Credit to
      Aki Helin of OUSPG.
    - [108416] Medium CVE-2011-3960: Out-of-bounds read in audio decoding.
      Credit to Aki Helin of OUSPG.
    - [108871] Critical CVE-2011-3961: Race condition after crash of utility
      process. Credit to Shawn Goertzen.
    - [108901] Medium CVE-2011-3962: Out-of-bounds read in path clipping. Credit
      to Aki Helin of OUSPG.
    - [109094] Medium CVE-2011-3963: Out-of-bounds read in PDF fax image
      handling. Credit to Atte Kettunen of OUSPG.
    - [109245] Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to
      Code Audit Labs of VulnHunt.com.
    - [109664] Low CVE-2011-3965: Crash in signature check. Credit to Sławomir
      Błażek.
    - [109716] High CVE-2011-3966: Use-after-free in stylesheet error handling.
      Credit to Aki Helin of OUSPG.
    - [109717] Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben
      Carrillo.
    - [109743] High CVE-2011-3968: Use-after-free in CSS handling. Credit to
      Arthur Gerkis.
    - [110112] High CVE-2011-3969: Use-after-free in SVG layout. Credit to
      Arthur Gerkis.
    - [110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to
      Aki Helin of OUSPG.
    - [110374] High CVE-2011-3971: Use-after-free with mousemove events. Credit
      to Arthur Gerkis.
    - [110559] Medium CVE-2011-3972: Out-of-bounds read in shader translator.
      Credit to Google Chrome Security Team (Inferno).

  * Rebase patch
    - update debian/patches/disable_dlog_and_dcheck_in_release_builds.patch
  * Update .install file to just install all .pak files instead of listing them
    by name
    - update debian/chromium-browser.install
 -- Micah Gersten <email address hidden>   Tue, 21 Feb 2012 01:26:46 -0600

Upload details

Uploaded by:
Micah Gersten
Uploaded to:
Maverick
Original maintainer:
Fabien Tassin
Architectures:
i386 amd64 all
Section:
web
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Maverick: [FULLYBUILT] amd64 [FULLYBUILT] i386

Downloads

File Size SHA-256 Checksum
chromium-browser_17.0.963.56~r121963.orig.tar.gz 265.4 MiB 4b3eb30316037fd96be39e6eb950307946c70e7980689522424bce949dcd6394
chromium-browser_17.0.963.56~r121963-0ubuntu0.10.10.1.diff.gz 194.4 KiB cfe098fb600b563a3de92f90f81694a49cefebeab4eec78588eb674c0338d2c6
chromium-browser_17.0.963.56~r121963-0ubuntu0.10.10.1.dsc 2.6 KiB d761a4d9cec116821a558ba0859bc8115ec4723cf8a4e8551d993918d60e80a7

View changes file

Binary packages built by this source

chromium-browser: No summary available for chromium-browser in ubuntu maverick.

No description available for chromium-browser in ubuntu maverick.

chromium-browser-dbg: No summary available for chromium-browser-dbg in ubuntu maverick.

No description available for chromium-browser-dbg in ubuntu maverick.

chromium-browser-inspector: No summary available for chromium-browser-inspector in ubuntu maverick.

No description available for chromium-browser-inspector in ubuntu maverick.

chromium-browser-l10n: No summary available for chromium-browser-l10n in ubuntu maverick.

No description available for chromium-browser-l10n in ubuntu maverick.

chromium-codecs-ffmpeg: No summary available for chromium-codecs-ffmpeg in ubuntu maverick.

No description available for chromium-codecs-ffmpeg in ubuntu maverick.

chromium-codecs-ffmpeg-dbg: No summary available for chromium-codecs-ffmpeg-dbg in ubuntu maverick.

No description available for chromium-codecs-ffmpeg-dbg in ubuntu maverick.

chromium-codecs-ffmpeg-extra: No summary available for chromium-codecs-ffmpeg-extra in ubuntu maverick.

No description available for chromium-codecs-ffmpeg-extra in ubuntu maverick.

chromium-codecs-ffmpeg-extra-dbg: No summary available for chromium-codecs-ffmpeg-extra-dbg in ubuntu maverick.

No description available for chromium-codecs-ffmpeg-extra-dbg in ubuntu maverick.

chromium-codecs-ffmpeg-nonfree: No summary available for chromium-codecs-ffmpeg-nonfree in ubuntu maverick.

No description available for chromium-codecs-ffmpeg-nonfree in ubuntu maverick.

chromium-codecs-ffmpeg-nonfree-dbg: No summary available for chromium-codecs-ffmpeg-nonfree-dbg in ubuntu maverick.

No description available for chromium-codecs-ffmpeg-nonfree-dbg in ubuntu maverick.