Comment 8 for bug 702542

This bug was fixed in the package chromium-browser - 8.0.552.237~r70801-0ubuntu0.10.04.1

---------------
chromium-browser (8.0.552.237~r70801-0ubuntu0.10.04.1) lucid-security; urgency=high

  * New upstream release from the Stable Channel (LP: #702542)
    This release fixes the following security issues:
    - [58053] Medium, Browser crash in extensions notification handling. Credit
      to Eric Roman of the Chromium development community.
    - [65764] High, Bad pointer handling in node iteration. Credit to Sergey
      Glazunov.
    - [66560] High, Stale pointer with CSS + canvas. Credit to Sergey Glazunov.
    - [66748] High, Stale pointer with CSS + cursors. Credit to Jan Tošovský.
    - [67303] High, Bad memory access with mismatched video frame sizes. Credit
      to Aki Helin of OUSPG; plus independent discovery by Google Chrome
      Security Team (SkyLined) and David Warren of CERT.
    - [67363] High, Stale pointer with SVG use element. Credited anonymously;
      plus indepdent discovery by miaubiz.
    - [67393] Medium, Uninitialized pointer in the browser triggered by rogue
      extension. Credit to kuzzcc.
    - [68115] High, Vorbis decoder buffer overflows. Credit to David Warren of
      CERT.
    - [68178] High, Bad cast in anchor handling. Credit to Sergey Glazunov.
    - [68181] High, Bad cast in video handling. Credit to Sergey Glazunov.
    - [68439] High, Stale rendering node after DOM node removal. Credit to
      Martin Barbella; plus independent discovery by Google Chrome Security
      Team (SkyLined).
    - [68666] Critical, Stale pointer in speech handling. Credit to Sergey
      Glazunov.
  * Add the chrome/app/policy/policy_templates.grd template to the list
    of templates translated in Launchpad
    - update debian/rules
  * Add Basque and Galician to the list of supported langs for the lang-packs
    (translations from Launchpad/Rosetta)
    - update debian/rules
 -- Fabien Tassin <email address hidden> Thu, 13 Jan 2011 07:31:05 +0100