7.0.517.44~r64615 -> 8.0.552.215~r67652 security update
Bug #684502 reported by
Fabien Tassin
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
chromium-browser (Ubuntu) |
Fix Released
|
High
|
Fabien Tassin | ||
Lucid |
Fix Released
|
High
|
Unassigned | ||
Maverick |
Fix Released
|
High
|
Unassigned | ||
Natty |
Fix Released
|
High
|
Fabien Tassin |
Bug Description
Binary package hint: chromium-browser
Upstream just released a new major security update: 8.0.552.215~r67652
needed in natty, maverick and lucid.
description: | updated |
summary: |
- 7.0.517.44~r64615 -> 8.0.552.210~r66730 security update + 7.0.517.44~r64615 -> 8.0.552.215~r67652 security update |
Changed in chromium-browser (Ubuntu Natty): | |
assignee: | nobody → Fabien Tassin (fta) |
status: | New → In Progress |
Changed in chromium-browser (Ubuntu Maverick): | |
status: | New → In Progress |
Changed in chromium-browser (Ubuntu Lucid): | |
status: | New → In Progress |
Changed in chromium-browser (Ubuntu Natty): | |
importance: | Undecided → High |
Changed in chromium-browser (Ubuntu Maverick): | |
importance: | Undecided → High |
Changed in chromium-browser (Ubuntu Lucid): | |
importance: | Undecided → High |
assignee: | nobody → Fabien Tassin (fta) |
Changed in chromium-browser (Ubuntu Maverick): | |
assignee: | nobody → Fabien Tassin (fta) |
To post a comment you must log in.
This bug was fixed in the package chromium-browser - 8.0.552. 215~r67652- 0ubuntu1
--------------- 215~r67652- 0ubuntu1) natty; urgency=high
chromium-browser (8.0.552.
* New upstream Major release from the Stable Channel (LP: #684502), also patches/ gcc-4.5- build-workaroun d.patch patches/ series handler/ http and x-scheme- handler/ https to the MimeType chromium- browser. desktop
fixing the following security issues:
- [17655] Low, Possible pop-up blocker bypass. Credit to Google Chrome
Security Team (SkyLined).
- [55745] Medium, Cross-origin video theft with canvas. Credit to Nirankush
Panchbhai and Microsoft Vulnerability Research (MSVR).
- [56237] Low, Browser crash with HTML5 databases. Credit to Google Chrome
Security Team (Inferno).
- [58319] Low, Prevent excessive file dialogs, possibly leading to browser
crash. Credit to Cezary Tomczak (gosu.pl).
- [59554] High, Use after free in history handling. Credit to Stefan
Troger.
- [59817] Medium, Make sure the “dangerous file types” list is uptodate
with the Windows platforms. Credit to Billy Rios of the Google Security
Team.
- [61701] Low, Browser crash with HTTP proxy authentication. Credit to
Mohammed Bouhlel.
- [61653] Medium, Out-of-bounds read regression in WebM video support.
Credit to Google Chrome Security Team (Chris Evans), based on earlier
testcases from Mozilla and Microsoft (MSVR).
- [62127] High, Crash due to bad indexing with malformed video. Credit to
miaubiz.
- [62168] Medium, Possible browser memory corruption via malicious
privileged extension. Credit to kuzzcc.
- [62401] High, Use after free with SVG animations. Credit to Sławomir
Błażek.
- [63051] Medium, Use after free in mouse dragging event handling. Credit
to kuzzcc.
- [63444] High, Double free in XPath handling. Credit to Yang Dingning from
NCNIPC, Graduate University of Chinese Academy of Sciences.
* Work-around a gcc 4.5 miscompilation bug causing regression in the
omnibar, breaking searches (LP: #664584)
- add debian/
- update debian/
* Automatically merge Launchpad translations with the upstream grit files and
produce patches in the source tarball. Apply those patches at build time
during configure
- update debian/rules
* Add x-scheme-
entry of the desktop file (needed on Natty where handlers are no longer
searched for in gconf)
- update debian/
-- Fabien Tassin <email address hidden> Thu, 02 Dec 2010 20:32:06 +0100