8.0.552.215~r67652 -> 8.0.552.224~r68599 security update

Bug #689849 reported by Fabien Tassin on 2010-12-13
168
This bug affects 1 person
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
High
Fabien Tassin
Lucid
High
Unassigned
Maverick
High
Unassigned
Natty
High
Fabien Tassin

Bug Description

Binary package hint: chromium-browser

Upstream just released a new minor security update: 8.0.552.224~r68599
needed in natty, maverick and lucid.

it qualifies for the SRU exception.

Fabien Tassin (fta) on 2010-12-13
Changed in chromium-browser (Ubuntu Lucid):
assignee: nobody → Fabien Tassin (fta)
importance: Undecided → High
status: New → In Progress
Fabien Tassin (fta) on 2010-12-13
Changed in chromium-browser (Ubuntu Natty):
assignee: nobody → Fabien Tassin (fta)
importance: Undecided → High
status: New → In Progress
Changed in chromium-browser (Ubuntu Lucid):
assignee: Fabien Tassin (fta) → nobody
status: In Progress → Confirmed
Changed in chromium-browser (Ubuntu Maverick):
importance: Undecided → High
status: New → Confirmed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 8.0.552.224~r68599-0ubuntu1

---------------
chromium-browser (8.0.552.224~r68599-0ubuntu1) natty; urgency=high

  * New upstream release from the Stable Channel (LP: #689849)
    This release fixes the following security issues:
    - [64-bit Linux only] [56449] High Bad validation for message
      deserialization on 64-bit builds. Credit to Lei Zhang of the Chromium
      development community.
    - [60761] Medium, Bad extension can cause browser crash in tab handling.
      Credit to kuzzcc.
    - [63529] Low, Browser crash with NULL pointer in web worker handling.
      Credit to Nathan Weizenbaum of Google.
    - [63866] Medium, Out-of-bounds read in CSS parsing. Credit to Chris Rohlf.
    - [64959] High, Stale pointers in cursor handling. Credit to Sławomir
      Błażek and Sergey Glazunov.
  * Don't build with PIE on Natty/armel, for the same reason as for Maverick
    - update debian/rules
 -- Fabien Tassin <email address hidden> Mon, 13 Dec 2010 21:21:39 +0100

Changed in chromium-browser (Ubuntu Natty):
status: In Progress → Fix Released
Jamie Strandboge (jdstrand) wrote :
Changed in chromium-browser (Ubuntu Lucid):
status: Confirmed → In Progress
Changed in chromium-browser (Ubuntu Maverick):
status: Confirmed → In Progress
Jamie Strandboge (jdstrand) wrote :

Uploaded 8.0.552.224~r68599-0ubuntu0.10.04.1 and 8.0.552.224~r68599-0ubuntu0.10.10.1 to the ubuntu-security-proposed PPA.

tags: added: security-verification
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 8.0.552.224~r68599-0ubuntu0.10.04.1

---------------
chromium-browser (8.0.552.224~r68599-0ubuntu0.10.04.1) lucid-security; urgency=high

  * New upstream release from the Stable Channel (LP: #689849)
    This release fixes the following security issues:
    - [64-bit Linux only] [56449] High Bad validation for message
      deserialization on 64-bit builds. Credit to Lei Zhang of the Chromium
      development community.
    - [60761] Medium, Bad extension can cause browser crash in tab handling.
      Credit to kuzzcc.
    - [63529] Low, Browser crash with NULL pointer in web worker handling.
      Credit to Nathan Weizenbaum of Google.
    - [63866] Medium, Out-of-bounds read in CSS parsing. Credit to Chris Rohlf.
    - [64959] High, Stale pointers in cursor handling. Credit to Sławomir
      Błażek and Sergey Glazunov.
 -- Fabien Tassin <email address hidden> Mon, 13 Dec 2010 21:21:39 +0100

Changed in chromium-browser (Ubuntu Lucid):
status: In Progress → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 8.0.552.224~r68599-0ubuntu0.10.10.1

---------------
chromium-browser (8.0.552.224~r68599-0ubuntu0.10.10.1) maverick-security; urgency=high

  * New upstream release from the Stable Channel (LP: #689849)
    This release fixes the following security issues:
    - [64-bit Linux only] [56449] High Bad validation for message
      deserialization on 64-bit builds. Credit to Lei Zhang of the Chromium
      development community.
    - [60761] Medium, Bad extension can cause browser crash in tab handling.
      Credit to kuzzcc.
    - [63529] Low, Browser crash with NULL pointer in web worker handling.
      Credit to Nathan Weizenbaum of Google.
    - [63866] Medium, Out-of-bounds read in CSS parsing. Credit to Chris Rohlf.
    - [64959] High, Stale pointers in cursor handling. Credit to Sławomir
      Błażek and Sergey Glazunov.
 -- Fabien Tassin <email address hidden> Mon, 13 Dec 2010 21:21:39 +0100

Changed in chromium-browser (Ubuntu Maverick):
status: In Progress → Fix Released
Jamie Strandboge (jdstrand) wrote :

Built in ubuntu-security-proposed. Tested lucid and maverick on i386 and amd64 in QRT:scripts/test-browser.py and no regressions.

tags: added: verification-done
removed: security-verification
MadhuSoodanan (mt-madhu) on 2010-12-19
visibility: public → private
Fabien Tassin (fta) wrote :

it's not meant to be private, please don't change it without asking first.

visibility: private → public
rusdy fadilah (perancu234) wrote :

PLEASE HELP ME

Changed in chromium-browser (Ubuntu Maverick):
assignee: nobody → rusdy fadilah (perancu234)
Micah Gersten (micahg) wrote :

@rusdy fadilah

Please file a request at https://answers.launchpad.net/ubuntu/+source/chromium-browser if you need support help.

Changed in chromium-browser (Ubuntu Maverick):
assignee: rusdy fadilah (perancu234) → nobody
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers