* New upstream release from the Stable Channel (LP: #638736)
This release fixes the following security issues:
- [50250] High, Use-after-free when using document APIs during parse.
Credit to David Weston of Microsoft + Microsoft Vulnerability Research
(MSVR) and wushi of team 509 (independent discoveries).
- [50712] High, Use-after-free in SVG styles. Credit to kuzzcc.
- [51252] High, Use-after-free with nested SVG elements. Credit to kuzzcc.
- [51709] Low, Possible browser assert in cursor handling. Credit to
“magnusmorton”.
- [51919] High, Race condition in console handling. Credit to kuzzcc.
- [53176] Low, Unlikely browser crash in pop-up blocking. Credit to kuzzcc.
- [53394] High, Memory corruption in Geolocation. Credit to kuzzcc.
- [53930] High, Memory corruption in Khmer handling. Credit to Google
Chrome Security Team (Chris Evans).
- [54006] Low, Failure to prompt for extension history access. Credit to
“adriennefelt”.
* Don't build with PIE on armel for now, it fails to link.
- update debian/rules
-- Fabien Tassin <email address hidden> Wed, 15 Sep 2010 07:20:49 +0200
This bug was fixed in the package chromium-browser - 6.0.472. 59~r59126- 0ubuntu1
--------------- 59~r59126- 0ubuntu1) maverick; urgency=low
chromium-browser (6.0.472.
* New upstream release from the Stable Channel (LP: #638736) magnusmorton” . adriennefelt” .
This release fixes the following security issues:
- [50250] High, Use-after-free when using document APIs during parse.
Credit to David Weston of Microsoft + Microsoft Vulnerability Research
(MSVR) and wushi of team 509 (independent discoveries).
- [50712] High, Use-after-free in SVG styles. Credit to kuzzcc.
- [51252] High, Use-after-free with nested SVG elements. Credit to kuzzcc.
- [51709] Low, Possible browser assert in cursor handling. Credit to
“
- [51919] High, Race condition in console handling. Credit to kuzzcc.
- [53176] Low, Unlikely browser crash in pop-up blocking. Credit to kuzzcc.
- [53394] High, Memory corruption in Geolocation. Credit to kuzzcc.
- [53930] High, Memory corruption in Khmer handling. Credit to Google
Chrome Security Team (Chris Evans).
- [54006] Low, Failure to prompt for extension history access. Credit to
“
* Don't build with PIE on armel for now, it fails to link.
- update debian/rules
-- Fabien Tassin <email address hidden> Wed, 15 Sep 2010 07:20:49 +0200