Ubuntu
chromium-browser package

  1. Bug #1232575
  2. Comment #25

Comment 25 for bug 1232575

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 30.0.1599.114-0ubuntu0.13.10.2

---------------
chromium-browser (30.0.1599.114-0ubuntu0.13.10.2) saucy-security; urgency=low

  * Test the compiler for "-m32" support as the canonical test of support.
    Only a problem on ARM.

chromium-browser (30.0.1599.114-0ubuntu0.13.10.1) saucy-updates; urgency=low

  * New release 30.0.1599.114.
  * New release 30.0.1599.101:
    - CVE-2013-2925: Use after free in XHR.
    - CVE-2013-2926: Use after free in editing.
    - CVE-2013-2927: Use after free in forms.
  * New release 29.0.1547.76.
  * New release 30.0.1599.66:
    - CVE-2013-2906: Races in Web Audio.
    - CVE-2013-2907: Out of bounds read in Window.prototype object.
    - CVE-2013-2908: Address bar spoofing related to the “204 No Content”
      status code.
    - CVE-2013-2909: Use after free in inline-block rendering.
    - CVE-2013-2910: Use-after-free in Web Audio.
    - CVE-2013-2911: Use-after-free in XSLT.
    - CVE-2013-2912: Use-after-free in PPAPI.
    - CVE-2013-2913: Use-after-free in XML document parsing.
    - CVE-2013-2914: Use after free in the Windows color chooser dialog.
    - CVE-2013-2915: Address bar spoofing via a malformed scheme.
    - CVE-2013-2916: Address bar spoofing related to the “204 No Content”
      status code.
    - CVE-2013-2917: Out of bounds read in Web Audio.
    - CVE-2013-2918: Use-after-free in DOM.
    - CVE-2013-2919: Memory corruption in V8.
    - CVE-2013-2920: Out of bounds read in URL parsing.
    - CVE-2013-2921: Use-after-free in resource loader.
    - CVE-2013-2922: Use-after-free in template element.
    - CVE-2013-2923: Various fixes from internal audits, fuzzing and other
      initiatives (Chrome 30).
    - CVE-2013-2924: Use-after-free in ICU.
  * debian/tests/...: Make first real tests using sikuli. Probably quite
    fragile on changes to upstream. (LP: #1222895)
  * debian/patches/4-chromeless-window-launch-option.patch: Make new windows
    use their own state instead of checking the parameters of the instance that
    started all processes for whether a window has chrome or not. (LP: #1223855)
  * Update autopkgtest tests.
  * debian/patches/series: Drop comment references to old patches. Remove
    files.
  * debian/rules: Don't build 'reliability_tests' any more. It's deprecated
    upstream and we don't use it anyway.
  * debian/rules: debian/chromium-browser.install: Handle sandbox compilation
    configuration changes by stopping our special handling and using the default,
    and "you have to change the underscore from the build target into a hyphen".
  * debian/rules: Process rpath of files in debian/tmp* BEFORE we copy them out.
    (LP: #1226143)
  * debian/testing/driver: Cheap run test to make sure chromedriver runs.
    (LP: #1226143)
  * debian/patches/4-chromeless-window-launch-option.patch: Fix syntax that
    caused extensions to fail. (LP: #1232575)
  * debian/rules: Use runtime linker for all architectures, not just 64-bit.
    Component builds everywhere, now. More than 4GB is too much to expect.
  * debian/rules: clean up packaging comparison code.
 -- Chad MILLER <email address hidden> Sun, 27 Oct 2013 13:08:11 -0400