11.0.696.68 -> 11.0.696.71

Bug #787846 reported by Fabien Tassin on 2011-05-24
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
High
Fabien Tassin
Lucid
High
Micah Gersten
Maverick
High
Micah Gersten
Natty
High
Micah Gersten
Oneiric
High
Fabien Tassin
Fabien Tassin (fta) on 2011-05-24
Changed in chromium-browser (Ubuntu Oneiric):
status: New → Fix Committed
assignee: nobody → Fabien Tassin (fta)
importance: Undecided → High
Changed in chromium-browser (Ubuntu Natty):
importance: Undecided → High
Changed in chromium-browser (Ubuntu Maverick):
importance: Undecided → High
Changed in chromium-browser (Ubuntu Lucid):
importance: Undecided → High
security vulnerability: no → yes
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 11.0.696.71~r86024-0ubuntu1

---------------
chromium-browser (11.0.696.71~r86024-0ubuntu1) oneiric; urgency=low

  * New Minor upstream release from the Stable Channel (LP: #787846)
    This release fixes the following security issues:
    + WebKit issues:
      - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De
        Silva.
      - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit
        to Martin Barbella.
      - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling.
        Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany
        of the Chromium development community.
      - other issues covered by CVE-2011-1802, CVE-2011-1803, CVE-2011-1805
    + GPU/WebGL issue:
      - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command
        buffer. Credit to Google Chrome Security Team (Cris Neckar).
  * Update the svg icon once again, the previous one contained an embedded png
    (LP: #748881)
    - update debian/chromium-browser.svg
  * Don't build with libjpeg-turbo on armel, to prevent a FTBFS
    - update debian/rules
 -- Fabien Tassin <email address hidden> Thu, 24 May 2011 23:42:08 +0200

Changed in chromium-browser (Ubuntu Oneiric):
status: Fix Committed → Fix Released
Micah Gersten (micahg) on 2011-05-25
Changed in chromium-browser (Ubuntu Lucid):
status: New → In Progress
Changed in chromium-browser (Ubuntu Maverick):
status: New → In Progress
Changed in chromium-browser (Ubuntu Natty):
status: New → In Progress
Changed in chromium-browser (Ubuntu Lucid):
assignee: nobody → Micah Gersten (micahg)
Changed in chromium-browser (Ubuntu Maverick):
assignee: nobody → Micah Gersten (micahg)
Changed in chromium-browser (Ubuntu Natty):
assignee: nobody → Micah Gersten (micahg)
Jamie Strandboge (jdstrand) wrote :

Lucid - Natty copied to -proposed (this actually happened about 12 hours ago).

Changed in chromium-browser (Ubuntu Lucid):
status: In Progress → Fix Committed
Changed in chromium-browser (Ubuntu Maverick):
status: In Progress → Fix Committed
Changed in chromium-browser (Ubuntu Natty):
status: In Progress → Fix Committed
Micah Gersten (micahg) wrote :

Tested with QRT on i386 and amd64 Lucid-Natty. No regressions found over previous versions in each release.

tags: added: security-verification verification-done
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 11.0.696.71~r86024-0ubuntu0.10.04.1

---------------
chromium-browser (11.0.696.71~r86024-0ubuntu0.10.04.1) lucid-security; urgency=low

  [ Fabien Tassin <email address hidden> ]
  * New Minor upstream release from the Stable Channel (LP: #787846)
    This release fixes the following security issues:
    + WebKit issues:
      - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De
        Silva.
      - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit
        to Martin Barbella.
      - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling.
        Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany
        of the Chromium development community.
    + GPU/WebGL issue:
      - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command
        buffer. Credit to Google Chrome Security Team (Cris Neckar).
  * Update the svg icon once again, the previous one contained an embedded png
    (LP: #748881)
    - update debian/chromium-browser.svg
 -- Micah Gersten <email address hidden> Wed, 25 May 2011 15:24:22 -0500

Changed in chromium-browser (Ubuntu Lucid):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 11.0.696.71~r86024-0ubuntu0.10.10.1

---------------
chromium-browser (11.0.696.71~r86024-0ubuntu0.10.10.1) maverick-security; urgency=low

  [ Fabien Tassin <email address hidden> ]
  * New Minor upstream release from the Stable Channel (LP: #787846)
    This release fixes the following security issues:
    + WebKit issues:
      - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De
        Silva.
      - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit
        to Martin Barbella.
      - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling.
        Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany
        of the Chromium development community.
    + GPU/WebGL issue:
      - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command
        buffer. Credit to Google Chrome Security Team (Cris Neckar).
  * Update the svg icon once again, the previous one contained an embedded png
    (LP: #748881)
    - update debian/chromium-browser.svg
 -- Micah Gersten <email address hidden> Wed, 25 May 2011 17:12:59 -0500

Changed in chromium-browser (Ubuntu Maverick):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 11.0.696.71~r86024-0ubuntu0.11.04.1

---------------
chromium-browser (11.0.696.71~r86024-0ubuntu0.11.04.1) natty-security; urgency=low

  [ Fabien Tassin <email address hidden> ]
  * New Minor upstream release from the Stable Channel (LP: #787846)
    This release fixes the following security issues:
    + WebKit issues:
      - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De
        Silva.
      - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit
        to Martin Barbella.
      - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling.
        Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany
        of the Chromium development community.
    + GPU/WebGL issue:
      - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command
        buffer. Credit to Google Chrome Security Team (Cris Neckar).
  * Update the svg icon once again, the previous one contained an embedded png
    (LP: #748881)
    - update debian/chromium-browser.svg
 -- Micah Gersten <email address hidden> Wed, 25 May 2011 18:01:58 -0500

Changed in chromium-browser (Ubuntu Natty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers