Format: 1.8
Date: Mon, 09 Apr 2012 19:13:33 -0500
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-browser-inspector chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg chromium-codecs-ffmpeg-nonfree chromium-codecs-ffmpeg-nonfree-dbg
Architecture: source
Version: 18.0.1025.151~r130497-0ubuntu0.10.10.1
Distribution: maverick-security
Urgency: low
Maintainer: Fabien Tassin <fta@ubuntu.com>
Changed-By: Micah Gersten <micahg@ubuntu.com>
Description: 
 chromium-browser - Chromium browser
 chromium-browser-dbg - chromium-browser debug symbols
 chromium-browser-inspector - page inspector for the chromium-browser - transitional package
 chromium-browser-l10n - chromium-browser language packages
 chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
 chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
 chromium-codecs-ffmpeg-nonfree - dummy upgrade package
 chromium-codecs-ffmpeg-nonfree-dbg - dummy upgrade package
Launchpad-Bugs-Fixed: 961831 968901 977502
Changes: 
 chromium-browser (18.0.1025.151~r130497-0ubuntu0.10.10.1) maverick-security; urgency=low
 .
   * New upstream release from the Stable Channel (LP: #977502)
     - black screen on Hybrid Graphics system with GPU accelerated compositing
       enabled (Issue: 117371)
     - CSS not applied to <content> element (Issue: 114667)
     - Regression rendering a div with background gradient and borders
       (Issue: 113726)
     - Canvas 2D line drawing bug with GPU acceleration (Issue: 121285)
     - Multiple crashes (Issues: 72235, 116825 and 92998)
     - Pop-up dialog is at wrong position (Issue: 116045)
     - HTML Canvas patterns are broken if you change the transformation matrix
       (Issue: 112165)
     - SSL interstitial error "proceed anyway" / "back to safety" buttons don't
       work (Issue: 119252)
     This release fixes the following security issues:
     - [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping.
       Credit to miaubiz.
     - [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to
       Sergey Glazunov.
     - [117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to
       miaubiz.
     - [117728] High CVE-2011-3069: Use-after-free in line box handling. Credit
       to miaubiz.
     - [118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to
       Google Chrome Security Team (SkyLined).
     - [118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit
       to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).
     - [118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up
       window. Credit to Sergey Glazunov.
     - [118593] High CVE-2011-3073: Use-after-free in SVG resource handling.
       Credit to Arthur Gerkis.
     - [119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit
       to Sławomir Błażek.
     - [119525] High CVE-2011-3075: Use-after-free applying style command.
       Credit to miaubiz.
     - [120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to
       miaubiz.
     - [120189] Medium CVE-2011-3077: Read-after-free in script bindings. Credit
       to Google Chrome Security Team (Inferno).
 .
 chromium-browser (18.0.1025.142~r129054-0ubuntu0.10.10.1) maverick-security; urgency=low
 .
   * New upstream release from the Stable Channel (LP: #968901)
     This release fixes the following security issues:
     - [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in
       EUC-JP. Credit to Masato Kinugawa.
     - [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling.
       Credit to Arthur Gerkis.
     - [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment
       handling. Credit to miaubiz.
     - [116398] Medium CVE-2011-3061: SPDY proxy certificate checking error.
       Credit to Leonidas Kontothanassis of Google.
     - [116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to
       Mateusz Jurczyk of the Google Security Team.
     - [117417] Low CVE-2011-3063: Validate navigation requests from the renderer
       more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie and
       scarybeasts (Google Chrome Security Team).
     - [117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to
       Atte Kettunen of OUSPG.
     - [117588] High CVE-2011-3065: Memory corruption in Skia. Credit to Omair.
     - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
       Holler.
 .
   * Add build dependency on libudev-dev to allow for gamepad detection; see
     http://code.google.com/p/chromium/issues/detail?id=79050
     - update debian/control
   * Drop dlopen_libgnutls patch as it's been implemented upstream
      - drop debian/patches/dlopen_libgnutls.patch
      - update debian/patches/series
   * Start removing *.so and *.so.* from the upstream tarball creation
     - update debian/rules
   * Strip almost the entire third_party/openssl directory as it's needed only
     on android, but is used by the build system
     - update debian/rules
   * Use tar's --exclude-vcs flag instead of just excluding .svn
     - update debian/rules
 .
 chromium-browser (17.0.963.83~r127885-0ubuntu0.10.10.1) maverick-security; urgency=low
 .
   * New upstream release from the Stable Channel (LP: #961831)
     This release fixes the following security issues:
     - [113902] High CVE-2011-3050: Use-after-free with first-letter handling.
       Credit to miaubiz.
     - [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit
       to Glenn Randers-Pehrson of the libpng project.
     - [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling.
       Credit to Arthur Gerkis.
     - [116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling.
       Credit to Ben Vanik of Google.
     - [116746] High CVE-2011-3053: Use-after-free in block splitting.
       Credit to miaubiz.
     - [117418] Low CVE-2011-3054: Apply additional isolations to webui
       privileges. Credit to Sergey Glazunov.
     - [117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked
       extension installation. Credit to PinkiePie.
     - [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”.
       Credit to Sergey Glazunov.
     - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
       Holler.
Checksums-Sha1: 
 75843cd661bff38bf376487f56a8ff150be80ac8 2703 chromium-browser_18.0.1025.151~r130497-0ubuntu0.10.10.1.dsc
 86392bfdb32f5841f08bf2f442406ca4a17629b3 200234 chromium-browser_18.0.1025.151~r130497-0ubuntu0.10.10.1.diff.gz
Checksums-Sha256: 
 4f22eddcebe5584f6f7cad4379fafb1cd561e5f4abaa72193641f757a38c2b6d 2703 chromium-browser_18.0.1025.151~r130497-0ubuntu0.10.10.1.dsc
 0810086b173272cad88eb28720ed277f8694c637a7f9f3119ead38e656459888 200234 chromium-browser_18.0.1025.151~r130497-0ubuntu0.10.10.1.diff.gz
Files: 
 7c0a6a2fbad844ca0eba2518fc3f759f 2703 web optional chromium-browser_18.0.1025.151~r130497-0ubuntu0.10.10.1.dsc
 db0e49de976605d4c30f56a491430710 200234 web optional chromium-browser_18.0.1025.151~r130497-0ubuntu0.10.10.1.diff.gz