6.0.472.59~r59126 -> 6.0.472.62~r59676 upgrade

Bug #641699 reported by Fabien Tassin on 2010-09-17
262
This bug affects 1 person
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Critical
Fabien Tassin
Lucid
Critical
Fabien Tassin
Maverick
Critical
Fabien Tassin

Bug Description

Binary package hint: chromium-browser

Upstream just released a new security update, fixing 3 bugs (2 high, 1 critical).

http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_17.html

needed in lucid and maverick.

Fabien Tassin (fta) wrote :

For lucid, i'll collapse the last 3 updates (.55, .59 and this .62) as .55 is still waiting in -proposed and still needs to wait a few more days.

visibility: private → public
Changed in chromium-browser (Ubuntu Lucid):
assignee: nobody → Fabien Tassin (fta)
importance: Undecided → Critical
status: New → In Progress
Changed in chromium-browser (Ubuntu Maverick):
assignee: nobody → Fabien Tassin (fta)
importance: Undecided → Critical
status: New → In Progress
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 6.0.472.62~r59676-0ubuntu1

---------------
chromium-browser (6.0.472.62~r59676-0ubuntu1) maverick; urgency=high

  * New upstream release from the Stable Channel (LP: #641699)
    This release fixes the following security issues:
    - [55114] High, Bad cast with malformed SVG. Credit to wushi of team 509.
    - [55119] Critical, Buffer mismanagement in the SPDY protocol. Credit to
      Mike Belshe of the Chromium development community.
    - [55350] High, Cross-origin property pollution. Credit to Stefano Di Paola
      of MindedSecurity.
  * Add some translations for the "Name" field in the desktop file, and fix
    some "Comment" / "GenericName". Thanks to the Ubuntu translation team.
    See https://wiki.ubuntu.com/Translations/Wanted/ChromiumDesktop to
    contribute more translations (LP: #631670)
 -- Fabien Tassin <email address hidden> Fri, 17 Sep 2010 22:25:54 +0200

Changed in chromium-browser (Ubuntu Maverick):
status: In Progress → Fix Released
Jamie Strandboge (jdstrand) wrote :

I uploaded 6.0.472.62~r59676-0ubuntu0.10.04.1 to the ubuntu-sepcurity-proposed PPA last night. armel is still building, but I will pocket copy to lucid-proposed when it is done.

tags: added: security-verification
Jamie Strandboge (jdstrand) wrote :

Pocket copied chromium-browser to proposed. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Changed in chromium-browser (Ubuntu Lucid):
status: In Progress → Fix Committed
tags: added: verification-needed
removed: security-verification
Jamie Strandboge (jdstrand) wrote :

To ubuntu-sru: if this passes the verification process, please also pocket copy to security. Thanks!

Jamie Strandboge (jdstrand) wrote :

Confirmed 6.0.472.62~r59676-0ubuntu0.10.04.1 works fine. Used QRT and the new version introduced no regressions.

tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 6.0.472.62~r59676-0ubuntu0.10.04.1

---------------
chromium-browser (6.0.472.62~r59676-0ubuntu0.10.04.1) lucid-security; urgency=high

  * New upstream release from the Stable Channel (LP: #641699)
    This release fixes the following security issues:
    - [55114] High, Bad cast with malformed SVG. Credit to wushi of team 509.
    - [55119] Critical, Buffer mismanagement in the SPDY protocol. Credit to
      Mike Belshe of the Chromium development community.
    - [55350] High, Cross-origin property pollution. Credit to Stefano Di Paola
      of MindedSecurity.
    Also includes the following security issues from 6.0.472.59 (LP: #638736)
    - [50250] High, Use-after-free when using document APIs during parse.
      Credit to David Weston of Microsoft + Microsoft Vulnerability Research
      (MSVR) and wushi of team 509 (independent discoveries).
    - [50712] High, Use-after-free in SVG styles. Credit to kuzzcc.
    - [51252] High, Use-after-free with nested SVG elements. Credit to kuzzcc.
    - [51709] Low, Possible browser assert in cursor handling. Credit to
      “magnusmorton”.
    - [51919] High, Race condition in console handling. Credit to kuzzcc.
    - [53176] Low, Unlikely browser crash in pop-up blocking. Credit to kuzzcc.
    - [53394] High, Memory corruption in Geolocation. Credit to kuzzcc.
    - [53930] High, Memory corruption in Khmer handling. Credit to Google
      Chrome Security Team (Chris Evans).
    - [54006] Low, Failure to prompt for extension history access. Credit to
      “adriennefelt”.
  * Don't build with PIE on armel for now, it fails to link.
    - update debian/rules
  * Add some translations for the "Name" field in the desktop file, and fix
    some "Comment" / "GenericName". Thanks to the Ubuntu translation team.
    See https://wiki.ubuntu.com/Translations/Wanted/ChromiumDesktop to
    contribute more translations (LP: #631670)
 -- Fabien Tassin <email address hidden> Fri, 17 Sep 2010 22:25:54 +0200

Changed in chromium-browser (Ubuntu Lucid):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers