Format: 1.8
Date: Wed, 23 Jan 2013 14:49:29 -0500
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-browser-inspector chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg
Architecture: amd64 amd64_translations
Version: 24.0.1312.56-0ubuntu0.10.04.1
Distribution: lucid
Urgency: low
Maintainer: Ubuntu/amd64 Build Daemon <buildd@allspice.buildd>
Changed-By: Chad Miller <chad.miller@canonical.com>
Description: 
 chromium-browser - Chromium browser
 chromium-browser-dbg - chromium-browser debug symbols
 chromium-browser-inspector - page inspector for the chromium-browser - transitional package
 chromium-browser-l10n - chromium-browser language packages
 chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
 chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
Launchpad-Bugs-Fixed: 1099075
Changes: 
 chromium-browser (24.0.1312.56-0ubuntu0.10.04.1) lucid-security; urgency=low
 .
   * debian/chromium-browser.install
     - Install remoting locales
   * Disable lintian warnings about outdated autoconf files in source tree.
   * New upstream version 24.0.1312.56:  (LP: #1099075)
     - CVE-2013-0839: Use-after-free in canvas font handling.
     - CVE-2013-0840: Missing URL validation when opening new windows.
     - CVE-2013-0841: Unchecked array index in content blocking.
     - CVE-2013-0842: Problems with NULL characters embedded in paths.
   * New upstream version 24.0.1312.52:
     - CVE-2012-5145: Use-after-free in SVG layout. Credit to Atte Kettunen of
       OUSPG.
     - CVE-2012-5146: Same origin policy bypass with malformed URL. Credit to
       Erling A Ellingsen and Subodh Iyengar, both of Facebook.
     - CVE-2012-5147: Use-after-free in DOM handling. Credit to José A. Vázquez.
     - CVE-2012-5148: Missing filename sanitization in hyphenation support.
       Credit to Google Chrome Security Team (Justin Schuh).
     - CVE-2012-5149: Integer overflow in audio IPC handling. Credit to Google
       Chrome Security Team (Chris Evans).
     - CVE-2012-5150: Use-after-free when seeking video. Credit to Google Chrome
       Security Team (Inferno).
     - CVE-2012-5151: Integer overflow in PDF JavaScript. Credit to Mateusz
       Jurczyk, with contribution from Gynvael Coldwind, both of Google Security
       Team.
     - CVE-2012-5152: Out-of-bounds read when seeking video. Credit to Google
       Chrome Security Team (Inferno).
     - CVE-2012-5153: Out-of-bounds stack access in v8. Credit to Andreas
       Rossberg of the Chromium development community.
     - CVE-2012-5156: Use-after-free in PDF fields. Credit to Mateusz Jurczyk,
       with contribution from Gynvael Coldwind, both of Google Security Team.
     - CVE-2012-5157: Out-of-bounds reads in PDF image handling. Credit to
       Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google
       Security Team.
     - CVE-2013-0828: Bad cast in PDF root handling. Credit to Mateusz Jurczyk,
       with contribution from Gynvael Coldwind, both of Google Security Team.
     - CVE-2013-0829: Corruption of database metadata leading to incorrect file
       access. Credit to Google Chrome Security Team (Jüri Aedla).
     - CVE-2013-0830: Missing NUL termination in IPC. Credit to Google Chrome
       Security Team (Justin Schuh).
     - CVE-2013-0831: Possible path traversal from extension process. Credit to
       Google Chrome Security Team (Tom Sepez).
     - CVE-2013-0832: Use-after-free with printing. Credit to Google Chrome
       Security Team (Cris Neckar).
     - CVE-2013-0833: Out-of-bounds read with printing. Credit to Google Chrome
       Security Team (Cris Neckar).
     - CVE-2013-0834: Out-of-bounds read with glyph handling. Credit to Google
       Chrome Security Team (Cris Neckar).
     - CVE-2013-0835: Browser crash with geolocation. Credit to Arthur Gerkis.
     - CVE-2013-0836: Crash in v8 garbage collection. Credit to Google Chrome
       Security Team (Cris Neckar).
     - CVE-2013-0837: Crash in extension tab handling. Credit to Tom Nielsen.
     - CVE-2013-0838: Tighten permissions on shared memory segments. Credit to
       Google Chrome Security Team (Chris Palmer).
   * debian/patches/gyp-config-root.patch
     - Added. Avoids compilation bug on (at least) ARM.
   * debian/patches/arm-neon.patch
     - Added function to determine NEON functionality in ARM at runtime for
       WebRt library in WebKit.
Checksums-Sha1: 
 8c42369cfc6da8ec673527027398fcdf9f2ff8e5 32368014 chromium-browser_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 3937b30a3404b2b47f64506d67d33659dd91b932 288683 chromium-browser_24.0.1312.56-0ubuntu0.10.04.1_amd64_translations.tar.gz
 ead32b552e9e9cb69e6628c8955e6dc1abd38397 4828300 chromium-browser-dbg_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 c95ca3a38f77c6c36906c8e5011e182e40224266 641884 chromium-codecs-ffmpeg_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 841d1a3b64ffbce737a47334fbd1c3e688b76234 1316738 chromium-codecs-ffmpeg-dbg_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 f1b031856804f084bf4d165a370a7fb488501f81 990944 chromium-codecs-ffmpeg-extra_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 6b31f1a4c5dbbee2bfd8a4d32956e0059036473b 2137404 chromium-codecs-ffmpeg-extra-dbg_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
Checksums-Sha256: 
 ff009f778a25a4421b33f39488bd04467bcc722ac87d9d011f6bcbdcceea04e6 32368014 chromium-browser_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 e271291b93f575e4ac4c69a4648b768dd42ba20c1b9c6027c83bb14f922126da 288683 chromium-browser_24.0.1312.56-0ubuntu0.10.04.1_amd64_translations.tar.gz
 12fac418491624e53c4fe699cf2c21144e083f5b26fac5b7088f56602cca9fd3 4828300 chromium-browser-dbg_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 28af36fb048ec292a4d47215bb9cf74e1a900e591880295a16cf2290d9185d3d 641884 chromium-codecs-ffmpeg_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 940a08a2b275efe9eb86ec998e0f0941e74766c996e044907fbf9008e347993f 1316738 chromium-codecs-ffmpeg-dbg_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 96fd3e94ed77642edfbcb855ead2cd2f38793a927afc8a23640d933962000f99 990944 chromium-codecs-ffmpeg-extra_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 d9d0f6dd7960e84c369a5c25c4082df24d33c1ee246aa10a94c713420349ad91 2137404 chromium-codecs-ffmpeg-extra-dbg_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
Files: 
 7ee250746e8af5559941a773ef3944b1 32368014 web optional chromium-browser_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 25d0e8fa2c919d8fb2c3fefc03cf1f7a 288683 raw-translations - chromium-browser_24.0.1312.56-0ubuntu0.10.04.1_amd64_translations.tar.gz
 f351ed5a7723e8c4e4da329cd98e1447 4828300 devel optional chromium-browser-dbg_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 d8309fbb4449fec2b151f9c5874cf6d8 641884 web optional chromium-codecs-ffmpeg_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 396d102ef059ea6e22dc104c9ccf032d 1316738 debug extra chromium-codecs-ffmpeg-dbg_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 66df9f6d98d4ac454a91e03b28c64bd3 990944 web optional chromium-codecs-ffmpeg-extra_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb
 bf864d686f4b1709d841062c07a41909 2137404 debug extra chromium-codecs-ffmpeg-extra-dbg_24.0.1312.56-0ubuntu0.10.04.1_amd64.deb