This bug was fixed in the package chromium-browser - 24.0.1312.56-0ubuntu0.12.10.3 --------------- chromium-browser (24.0.1312.56-0ubuntu0.12.10.3) quantal-security; urgency=low * Add comment-markers to debian/patches/series file to make patch import easier. * debian/chromium-browser.install - Install remoting locales * debian/patches/gyp-config-root.patch - Added. Avoids compilation bug on (at least) ARM. * debian/patches/arm-neon.patch - Added function to determine NEON functionality in ARM at runtime for WebRt library in WebKit. * Disable lintian warnings about outdated autoconf files in source tree. * New upstream version 24.0.1312.56: (LP: #1099075) - CVE-2013-0839: Use-after-free in canvas font handling. - CVE-2013-0840: Missing URL validation when opening new windows. - CVE-2013-0841: Unchecked array index in content blocking. - CVE-2013-0842: Problems with NULL characters embedded in paths. * New upstream version 24.0.1312.52: - CVE-2012-5145: Use-after-free in SVG layout. Credit to Atte Kettunen of OUSPG. - CVE-2012-5146: Same origin policy bypass with malformed URL. Credit to Erling A Ellingsen and Subodh Iyengar, both of Facebook. - CVE-2012-5147: Use-after-free in DOM handling. Credit to José A. Vázquez. - CVE-2012-5148: Missing filename sanitization in hyphenation support. Credit to Google Chrome Security Team (Justin Schuh). - CVE-2012-5149: Integer overflow in audio IPC handling. Credit to Google Chrome Security Team (Chris Evans). - CVE-2012-5150: Use-after-free when seeking video. Credit to Google Chrome Security Team (Inferno). - CVE-2012-5151: Integer overflow in PDF JavaScript. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team. - CVE-2012-5152: Out-of-bounds read when seeking video. Credit to Google Chrome Security Team (Inferno). - CVE-2012-5153: Out-of-bounds stack access in v8. Credit to Andreas Rossberg of the Chromium development community. - CVE-2012-5156: Use-after-free in PDF fields. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team. - CVE-2012-5157: Out-of-bounds reads in PDF image handling. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team. - CVE-2013-0828: Bad cast in PDF root handling. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team. - CVE-2013-0829: Corruption of database metadata leading to incorrect file access. Credit to Google Chrome Security Team (Jüri Aedla). - CVE-2013-0830: Missing NUL termination in IPC. Credit to Google Chrome Security Team (Justin Schuh). - CVE-2013-0831: Possible path traversal from extension process. Credit to Google Chrome Security Team (Tom Sepez). - CVE-2013-0832: Use-after-free with printing. Credit to Google Chrome Security Team (Cris Neckar). - CVE-2013-0833: Out-of-bounds read with printing. Credit to Google Chrome Security Team (Cris Neckar). - CVE-2013-0834: Out-of-bounds read with glyph handling. Credit to Google Chrome Security Team (Cris Neckar). - CVE-2013-0835: Browser crash with geolocation. Credit to Arthur Gerkis. - CVE-2013-0836: Crash in v8 garbage collection. Credit to Google Chrome Security Team (Cris Neckar). - CVE-2013-0837: Crash in extension tab handling. Credit to Tom Nielsen. - CVE-2013-0838: Tighten permissions on shared memory segments. Credit to Google Chrome Security Team (Chris Palmer). * debian/rules - Ensure get-original-source creates tarballs without revision number. * Update all webapps patches for 24.0.1312.52. (LP: #1099828) - Additionally update debian/patches/7-npapi-permission-not-defaults-to-unauthorized.patch to fix a problem where the auth status of the webapps plugin would get reset when the online list of allowed plugins (from GOOG) was updated. -- Chad Miller