Ubuntu
chromium-browser package

new upstream release: 5.0.375.125~r53311

Bug #612109 reported by Fabien Tassin
14
This bug affects 1 person
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Fix Released
Undecided
Fabien Tassin
Lucid
Fix Released
High
Fabien Tassin

Bug Description

Binary package hint: chromium-browser

Upstream released 5.0.375.125~r53311 with a bunch of security fixes

Fabien Tassin (fta)
Changed in chromium-browser (Ubuntu):
assignee: nobody → Fabien Tassin (fta)
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 5.0.375.125~r53311-0ubuntu1

---------------
chromium-browser (5.0.375.125~r53311-0ubuntu1) maverick; urgency=low

  * New upstream release from the Stable Channel (LP: #612109)
    This release fixes the following security issues:
    - [42736] Medium Memory contents disclosure in layout code. Credit to
      Michail Nikolaev.
    - [43813] High Issue with large canvases. Credit to sp3x of
      SecurityReason.com.
    - [47866] High Memory corruption in rendering code. Credit to Jose A.
      Vazquez.
    - [48284] High Memory corruption in SVG handling. Credit to Aki Helin of
      OUSPG.
    - [48597] Low Avoid hostname truncation and incorrect eliding. Credit to
      Google Chrome Security Team (Inferno).
  * lsb_release is slow so try to source the static file /etc/lsb-release
    instead, and fallback to lsb_release if we didn't get the information we need
    for about:version (LP: #608253). Thanks to pitti for the idea.
    - update debian/chromium-browser.sh.in
 -- Fabien Tassin <email address hidden> Tue, 27 Jul 2010 12:03:40 +0200

Changed in chromium-browser (Ubuntu):
status: In Progress → Fix Released
Jamie Strandboge (jdstrand)
Changed in chromium-browser (Ubuntu Lucid):
assignee: nobody → Fabien Tassin (fta)
importance: Undecided → High
status: New → Confirmed
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Uploaded to ubuntu-security-proposed PPA.

Changed in chromium-browser (Ubuntu Lucid):
status: Confirmed → In Progress
tags: added: security-verification
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Pocket copied chromium-browser to proposed. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

tags: added: verification-needed
removed: security-verification
Changed in chromium-browser (Ubuntu Lucid):
status: In Progress → Fix Committed
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

To ubuntu-sru: if this passes the verification process, please also pocket copy to security. Thanks!

Fabien Tassin (fta)
Changed in chromium-browser (Ubuntu):
status: Fix Released → Fix Committed
Fabien Tassin (fta)
Changed in chromium-browser (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Tested 5.0.375.125~r53311-0ubuntu0.10.04.1 from -proposed and it works great.

Martin Pitt (pitti)
tags: added: verification-done
removed: verification-needed
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

I just verified bug #608253 and this has been in proposed for 2 weeks.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 5.0.375.125~r53311-0ubuntu0.10.04.1

---------------
chromium-browser (5.0.375.125~r53311-0ubuntu0.10.04.1) lucid-security; urgency=low

  * New upstream release from the Stable Channel (LP: #612109)
    This release fixes the following security issues:
    - [42736] Medium Memory contents disclosure in layout code. Credit to
      Michail Nikolaev.
    - [43813] High Issue with large canvases. Credit to sp3x of
      SecurityReason.com.
    - [47866] High Memory corruption in rendering code. Credit to Jose A.
      Vazquez.
    - [48284] High Memory corruption in SVG handling. Credit to Aki Helin of
      OUSPG.
    - [48597] Low Avoid hostname truncation and incorrect eliding. Credit to
      Google Chrome Security Team (Inferno).
  * lsb_release is slow so try to source the static file /etc/lsb-release
    instead, and fallback to lsb_release if we didn't get the information we need
    for about:version (LP: #608253). Thanks to pitti for the idea.
    - update debian/chromium-browser.sh.in
 -- Fabien Tassin <email address hidden> Tue, 27 Jul 2010 12:03:40 +0200

Changed in chromium-browser (Ubuntu Lucid):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.