chromium-browser 24.0.1312.56-0ubuntu0.12.10.3 source package in Ubuntu

Changelog

chromium-browser (24.0.1312.56-0ubuntu0.12.10.3) quantal-security; urgency=low

  * Add comment-markers to debian/patches/series file to make patch import
    easier.
  * debian/chromium-browser.install
    - Install remoting locales
  * debian/patches/gyp-config-root.patch
    - Added. Avoids compilation bug on (at least) ARM.
  * debian/patches/arm-neon.patch
    - Added function to determine NEON functionality in ARM at runtime for
      WebRt library in WebKit.
  * Disable lintian warnings about outdated autoconf files in source tree.
  * New upstream version 24.0.1312.56:  (LP: #1099075)
    - CVE-2013-0839: Use-after-free in canvas font handling.
    - CVE-2013-0840: Missing URL validation when opening new windows.
    - CVE-2013-0841: Unchecked array index in content blocking.
    - CVE-2013-0842: Problems with NULL characters embedded in paths.
  * New upstream version 24.0.1312.52:
    - CVE-2012-5145: Use-after-free in SVG layout. Credit to Atte Kettunen of
      OUSPG.
    - CVE-2012-5146: Same origin policy bypass with malformed URL. Credit to
      Erling A Ellingsen and Subodh Iyengar, both of Facebook.
    - CVE-2012-5147: Use-after-free in DOM handling. Credit to José A. Vázquez.
    - CVE-2012-5148: Missing filename sanitization in hyphenation support.
      Credit to Google Chrome Security Team (Justin Schuh).
    - CVE-2012-5149: Integer overflow in audio IPC handling. Credit to Google
      Chrome Security Team (Chris Evans).
    - CVE-2012-5150: Use-after-free when seeking video. Credit to Google Chrome
      Security Team (Inferno).
    - CVE-2012-5151: Integer overflow in PDF JavaScript. Credit to Mateusz
      Jurczyk, with contribution from Gynvael Coldwind, both of Google Security
      Team.
    - CVE-2012-5152: Out-of-bounds read when seeking video. Credit to Google
      Chrome Security Team (Inferno).
    - CVE-2012-5153: Out-of-bounds stack access in v8. Credit to Andreas
      Rossberg of the Chromium development community.
    - CVE-2012-5156: Use-after-free in PDF fields. Credit to Mateusz Jurczyk,
      with contribution from Gynvael Coldwind, both of Google Security Team.
    - CVE-2012-5157: Out-of-bounds reads in PDF image handling. Credit to
      Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google
      Security Team.
    - CVE-2013-0828: Bad cast in PDF root handling. Credit to Mateusz Jurczyk,
      with contribution from Gynvael Coldwind, both of Google Security Team.
    - CVE-2013-0829: Corruption of database metadata leading to incorrect file
      access. Credit to Google Chrome Security Team (Jüri Aedla).
    - CVE-2013-0830: Missing NUL termination in IPC. Credit to Google Chrome
      Security Team (Justin Schuh).
    - CVE-2013-0831: Possible path traversal from extension process. Credit to
      Google Chrome Security Team (Tom Sepez).
    - CVE-2013-0832: Use-after-free with printing. Credit to Google Chrome
      Security Team (Cris Neckar).
    - CVE-2013-0833: Out-of-bounds read with printing. Credit to Google Chrome
      Security Team (Cris Neckar).
    - CVE-2013-0834: Out-of-bounds read with glyph handling. Credit to Google
      Chrome Security Team (Cris Neckar).
    - CVE-2013-0835: Browser crash with geolocation. Credit to Arthur Gerkis.
    - CVE-2013-0836: Crash in v8 garbage collection. Credit to Google Chrome
      Security Team (Cris Neckar).
    - CVE-2013-0837: Crash in extension tab handling. Credit to Tom Nielsen.
    - CVE-2013-0838: Tighten permissions on shared memory segments. Credit to
      Google Chrome Security Team (Chris Palmer).
  * debian/rules
    - Ensure get-original-source creates tarballs without revision number.
  * Update all webapps patches for 24.0.1312.52. (LP: #1099828)
    - Additionally update
      debian/patches/7-npapi-permission-not-defaults-to-unauthorized.patch
      to fix a problem where the auth status of the webapps plugin
      would get reset when the online list of allowed plugins (from GOOG)
      was updated.
 -- Chad Miller <email address hidden>   Fri, 01 Feb 2013 12:44:02 -0500

Upload details

Uploaded by:
Chad Miller on 2013-02-01
Sponsored by:
Jamie Strandboge
Uploaded to:
Quantal
Original maintainer:
Ubuntu Developers
Architectures:
armhf armel i386 amd64 all
Section:
web
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
chromium-browser_24.0.1312.56.orig.tar.xz 309.4 MiB 03506562d70892230772f3dc29b2c28782764854ee4766ea639f4afcc2ffc689
chromium-browser_24.0.1312.56-0ubuntu0.12.10.3.debian.tar.gz 234.4 KiB 0adb1d4bbefd991068e406cfd1e456fade74664224dc9b949667d1ce69181fa0
chromium-browser_24.0.1312.56-0ubuntu0.12.10.3.dsc 3.2 KiB 016e4bd0f63e8ba3b78d0ce3645bca581157c8710ee8948c93e6264052e3aee8

View changes file

Binary packages built by this source

chromium-browser: No summary available for chromium-browser in ubuntu quantal.

No description available for chromium-browser in ubuntu quantal.

chromium-browser-dbg: No summary available for chromium-browser-dbg in ubuntu quantal.

No description available for chromium-browser-dbg in ubuntu quantal.

chromium-browser-l10n: No summary available for chromium-browser-l10n in ubuntu quantal.

No description available for chromium-browser-l10n in ubuntu quantal.

chromium-codecs-ffmpeg: No summary available for chromium-codecs-ffmpeg in ubuntu quantal.

No description available for chromium-codecs-ffmpeg in ubuntu quantal.

chromium-codecs-ffmpeg-dbg: No summary available for chromium-codecs-ffmpeg-dbg in ubuntu quantal.

No description available for chromium-codecs-ffmpeg-dbg in ubuntu quantal.

chromium-codecs-ffmpeg-extra: No summary available for chromium-codecs-ffmpeg-extra in ubuntu quantal.

No description available for chromium-codecs-ffmpeg-extra in ubuntu quantal.

chromium-codecs-ffmpeg-extra-dbg: No summary available for chromium-codecs-ffmpeg-extra-dbg in ubuntu quantal.

No description available for chromium-codecs-ffmpeg-extra-dbg in ubuntu quantal.