Please update to 26.0.1410.63

Bug #1161296 reported by ilf on 2013-03-28
288
This bug affects 6 people
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Undecided
Chad Miller

Bug Description

And again a new stable release with lots of security fixes: http://googlechromereleases.blogspot.de/2013/03/stable-channel-update_26.html

Here are the CVEs:

[$1000] [172342] High CVE-2013-0916: Use-after-free in Web Audio. Credit to Atte Kettunen of OUSPG.
[180909] Low CVE-2013-0917: Out-of-bounds read in URL loader. Credit to Google Chrome Security Team (Cris Neckar).
[180555] Low CVE-2013-0918: Do not navigate dev tools upon drag and drop. Credit to Vsevolod Vlasov of the Chromium development community.
[Linux only] [178760] Medium CVE-2013-0919: Use-after-free with pop-up windows in extensions. Credit to Google Chrome Security Team (Mustafa Emre Acer).
[177410] Medium CVE-2013-0920: Use-after-free in extension bookmarks API. Credit to Google Chrome Security Team (Mustafa Emre Acer).
[174943] High CVE-2013-0921: Ensure isolated web sites run in their own processes.
[174129] Low CVE-2013-0922: Avoid HTTP basic auth brute force attempts. Credit to “t3553r”.
[169981] [169972] [169765] Medium CVE-2013-0923: Memory safety issues in the USB Apps API. Credit to Google Chrome Security Team (Mustafa Emre Acer).
[169632] Low CVE-2013-0924: Check an extension’s permissions API usage again file permissions. Credit to Benjamin Kalman of the Chromium development community.
[168442] Low CVE-2013-0925: Avoid leaking URLs to extensions without the tabs permissions. Credit to Michael Vrable of Google.
[112325] Medium CVE-2013-0926: Avoid pasting active tags in certain situations. Credit to Subho Halder, Aditya Gupta, and Dev Kar of xys3c (xysec.com).

ilf (ilf) on 2013-03-28
information type: Private Security → Public Security
Changed in chromium-browser (Ubuntu):
assignee: nobody → Chad Miller (cmiller)
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in chromium-browser (Ubuntu):
status: New → Confirmed
ilf (ilf) wrote :
summary: - Please update to 26.0.1410.43
+ Please update to 26.0.1410.63
Chad Miller (cmiller) on 2013-04-24
Changed in chromium-browser (Ubuntu):
status: Confirmed → Fix Committed
Changed in chromium-browser (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Duplicates of this bug

Other bug subscribers