11.0.696.77 -> 12.0.742.91

Bug #794197 reported by Fabien Tassin on 2011-06-07
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
High
Fabien Tassin
Lucid
High
Micah Gersten
Maverick
High
Micah Gersten
Natty
High
Micah Gersten
Oneiric
High
Fabien Tassin

Bug Description

Binary package hint: chromium-browser

Upstream just released a new Major (stable) release, also fixing a bunch of security issues.

Needed in oneiric, natty, maverick and lucid.

Fabien Tassin (fta) on 2011-06-07
Changed in chromium-browser (Ubuntu Oneiric):
status: New → Fix Committed
importance: Undecided → High
Changed in chromium-browser (Ubuntu Natty):
importance: Undecided → High
Changed in chromium-browser (Ubuntu Maverick):
importance: Undecided → High
Changed in chromium-browser (Ubuntu Lucid):
importance: Undecided → High
Changed in chromium-browser (Ubuntu Oneiric):
assignee: nobody → Fabien Tassin (fta)
visibility: private → public
Launchpad Janitor (janitor) wrote :
Download full text (3.9 KiB)

This bug was fixed in the package chromium-browser - 12.0.742.91~r87961-0ubuntu1

---------------
chromium-browser (12.0.742.91~r87961-0ubuntu1) oneiric; urgency=high

  * New upstream release from the Stable Channel (LP: #794197)
    It includes:
    - Hardware accelerated 3D CSS
    - New Safe Browsing protection against downloading malicious files
    - Ability to delete Flash cookies from inside Chrome
    - Launch Apps by name from the Omnibox
    - Integrated Sync into new settings pages
    - Improved screen reader support
    - New warning when hitting Command-Q on Mac
    - Removal of Google Gears
    This release fixes the following security issues:
    + WebKit issues:
      - [73962] [79746] High CVE-2011-1808: Use-after-free due to integer
        issues in float handling. Credit to miaubiz.
      - [75496] Medium CVE-2011-1809: Use-after-free in accessibility support.
        Credit to Google Chrome Security Team (SkyLined).
      - [75643] Low CVE-2011-1810: Visit history information leak in CSS.
        Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability
        Research (MSVR).
      - [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit
        to kuzzcc.
      - [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to
        miaubiz.
      - [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey
        Glazunov.
    + Chromium issues:
      - [76034] Low CVE-2011-1811: Browser crash with lots of form submissions.
        Credit to “DimitrisV22”.
      - [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to
        kuzzcc.
      - [78516] High CVE-2011-1813: Stale pointer in extension framework.
        Credit to Google Chrome Security Team (Inferno).
      - [79862] Low CVE-2011-1815: Extension script injection into new tab
        page. Credit to kuzzcc.
      - [81916] Medium CVE-2011-1817: Browser memory corruption in history
        deletion. Credit to Collin Payne.
      - [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages.
        Credit to Vladislavas Jarmalis, plus subsequent independent discovery
        by Sergey Glazunov.
      - [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey
        Glazunov.
  Packaging changes:
  * Provide a batch of translations for the Unity quicklists, and update
    the regular desktop translations
    - update debian/chromium-browser.desktop
  * Add a keep-alive script preventing the builders from killing the build
    when it's not echoing anything for too long (useful when linking
    the main binary with ld-bfd)
    - add debian/keep-alive.sh
    - update debian/rules
  * Drop the gtk resize patch, now that upstream does it for us
    - remove debian/patches/disable_gtk_resize_grip_on_natty.patch
    - update debian/patches/series
  * Drop the xdg-utils patch and use the system xdg tools when we
    detect that xdg-setting is present on the system (ensuring it's a recent
    enough xdg-utils)
    - update debian/chromium-browser.sh.in
    - remove debian/patches/xdg-utils_gnome3_lp670128_for_natty.patch
    - update debian/patches/series
  * Drop the stored passw...

Read more...

Changed in chromium-browser (Ubuntu Oneiric):
status: Fix Committed → Fix Released
Micah Gersten (micahg) wrote :

Lucid and Maverick are built for i386 and amd64 in the security-proposed PPA

Changed in chromium-browser (Ubuntu Lucid):
assignee: nobody → Micah Gersten (micahg)
status: New → Fix Committed
Changed in chromium-browser (Ubuntu Maverick):
status: New → Fix Committed
assignee: nobody → Micah Gersten (micahg)
Changed in chromium-browser (Ubuntu Natty):
assignee: nobody → Micah Gersten (micahg)
status: New → In Progress
Jamie Strandboge (jdstrand) wrote :

Lucid - Natty copied to -proposed.

Changed in chromium-browser (Ubuntu Natty):
status: In Progress → Fix Committed
Micah Gersten (micahg) wrote :

Tested lucid i386 and amd64 with QRT. Found regressions of low importance over previous functionality (Bug #795786 and Bug #795787), but these should not block the higher priority security updates. However, a previous regression of bug 784561 has been fixed.

tags: added: security-verification verification-needed
tags: added: lucid maverick natty
Launchpad Janitor (janitor) wrote :
Download full text (3.2 KiB)

This bug was fixed in the package chromium-browser - 12.0.742.91~r87961-0ubuntu0.10.04.1

---------------
chromium-browser (12.0.742.91~r87961-0ubuntu0.10.04.1) lucid-security; urgency=low

  [ Fabien Tassin <email address hidden> ]
  * New upstream release from the Stable Channel (LP: #794197)
    It includes:
    - Hardware accelerated 3D CSS
    - New Safe Browsing protection against downloading malicious files
    - Integrated Sync into new settings pages
    This release fixes the following security issues:
    + WebKit issues:
      - [73962] [79746] High CVE-2011-1808: Use-after-free due to integer
        issues in float handling. Credit to miaubiz.
      - [75496] Medium CVE-2011-1809: Use-after-free in accessibility support.
        Credit to Google Chrome Security Team (SkyLined).
      - [75643] Low CVE-2011-1810: Visit history information leak in CSS.
        Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability
        Research (MSVR).
      - [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit
        to kuzzcc.
      - [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to
        miaubiz.
      - [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey
        Glazunov.
    + Chromium issues:
      - [76034] Low CVE-2011-1811: Browser crash with lots of form submissions.
        Credit to “DimitrisV22”.
      - [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to
        kuzzcc.
      - [78516] High CVE-2011-1813: Stale pointer in extension framework.
        Credit to Google Chrome Security Team (Inferno).
      - [79862] Low CVE-2011-1815: Extension script injection into new tab
        page. Credit to kuzzcc.
      - [81916] Medium CVE-2011-1817: Browser memory corruption in history
        deletion. Credit to Collin Payne.
      - [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages.
        Credit to Vladislavas Jarmalis, plus subsequent independent discovery
        by Sergey Glazunov.
      - [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey
        Glazunov.
  * Drop the stored passwords patch (fixed upstream)
    - remove debian/patches/stored_passwords_lp743494.patch
    - update debian/patches/series
  * Empty the -inspector package now that it has been merged into the main
    resources.pak file (so that the Inspector remains usable after an upgrade
    until the next browser restart). Also remove the resources directory,
    now empty
    - remove debian/chromium-browser-inspector.install
    - update debian/chromium-browser.dirs
    - update debian/rules
  * Update the location of the app_strings templates
    - update debian/rules
  * Don't build with libjpeg-turbo on armel, to prevent a FTBFS
    - update debian/rules
  * Rebase the GL dlopen patch
    - update debian/patches/dlopen_sonamed_gl.patch

  [ Micah Gersten <email address hidden> ]
  * Don't have chromium-browser depend on chromium-browser-inspector anymore
    it's now a transitional package; Change text of chromium-browser-inspector
    to reflect its transitional nature
    - update debian/control
  * Re-enable armel builds
    - update de...

Read more...

Changed in chromium-browser (Ubuntu Lucid):
status: Fix Committed → Fix Released
Micah Gersten (micahg) wrote :

Tested maverick i386 and amd64 with QRT. Found regressions of low importance over previous functionality (Bug #795786 and Bug #795787), but these should not block the higher priority security updates. However, a previous regression of bug 784561 has been fixed.

Micah Gersten (micahg) wrote :

Tested natty i386 and amd64 with QRT. Found regressions of low importance over previous functionality (Bug #795786 and Bug #795787), but these should not block the higher priority security updates. However, a previous regression of bug 784561 has been fixed.

ubuntu-archive, please copy to -security and -updates for maverick and natty

tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :
Download full text (3.2 KiB)

This bug was fixed in the package chromium-browser - 12.0.742.91~r87961-0ubuntu0.10.10.1

---------------
chromium-browser (12.0.742.91~r87961-0ubuntu0.10.10.1) maverick-security; urgency=low

  [ Fabien Tassin <email address hidden> ]
  * New upstream release from the Stable Channel (LP: #794197)
    It includes:
    - Hardware accelerated 3D CSS
    - New Safe Browsing protection against downloading malicious files
    - Integrated Sync into new settings pages
    This release fixes the following security issues:
    + WebKit issues:
      - [73962] [79746] High CVE-2011-1808: Use-after-free due to integer
        issues in float handling. Credit to miaubiz.
      - [75496] Medium CVE-2011-1809: Use-after-free in accessibility support.
        Credit to Google Chrome Security Team (SkyLined).
      - [75643] Low CVE-2011-1810: Visit history information leak in CSS.
        Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability
        Research (MSVR).
      - [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit
        to kuzzcc.
      - [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to
        miaubiz.
      - [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey
        Glazunov.
    + Chromium issues:
      - [76034] Low CVE-2011-1811: Browser crash with lots of form submissions.
        Credit to “DimitrisV22”.
      - [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to
        kuzzcc.
      - [78516] High CVE-2011-1813: Stale pointer in extension framework.
        Credit to Google Chrome Security Team (Inferno).
      - [79862] Low CVE-2011-1815: Extension script injection into new tab
        page. Credit to kuzzcc.
      - [81916] Medium CVE-2011-1817: Browser memory corruption in history
        deletion. Credit to Collin Payne.
      - [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages.
        Credit to Vladislavas Jarmalis, plus subsequent independent discovery
        by Sergey Glazunov.
      - [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey
        Glazunov.
  * Drop the stored passwords patch (fixed upstream)
    - remove debian/patches/stored_passwords_lp743494.patch
    - update debian/patches/series
  * Empty the -inspector package now that it has been merged into the main
    resources.pak file (so that the Inspector remains usable after an upgrade
    until the next browser restart). Also remove the resources directory,
    now empty
    - remove debian/chromium-browser-inspector.install
    - update debian/chromium-browser.dirs
    - update debian/rules
  * Update the location of the app_strings templates
    - update debian/rules
  * Don't build with libjpeg-turbo on armel, to prevent a FTBFS
    - update debian/rules
  * Rebase the GL dlopen patch
    - update debian/patches/dlopen_sonamed_gl.patch

  [ Micah Gersten <email address hidden> ]
  * Don't have chromium-browser depend on chromium-browser-inspector anymore
    it's now a transitional package; Change text of chromium-browser-inspector
    to reflect its transitional nature
    - update debian/control
  * Re-enable armel builds
    - update...

Read more...

Changed in chromium-browser (Ubuntu Maverick):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (3.7 KiB)

This bug was fixed in the package chromium-browser - 12.0.742.91~r87961-0ubuntu0.11.04.1

---------------
chromium-browser (12.0.742.91~r87961-0ubuntu0.11.04.1) natty-security; urgency=low

  [ Fabien Tassin <email address hidden> ]
  * New upstream release from the Stable Channel (LP: #794197)
    It includes:
    - Hardware accelerated 3D CSS
    - New Safe Browsing protection against downloading malicious files
    - Integrated Sync into new settings pages
    This release fixes the following security issues:
    + WebKit issues:
      - [73962] [79746] High CVE-2011-1808: Use-after-free due to integer
        issues in float handling. Credit to miaubiz.
      - [75496] Medium CVE-2011-1809: Use-after-free in accessibility support.
        Credit to Google Chrome Security Team (SkyLined).
      - [75643] Low CVE-2011-1810: Visit history information leak in CSS.
        Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability
        Research (MSVR).
      - [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit
        to kuzzcc.
      - [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to
        miaubiz.
      - [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey
        Glazunov.
    + Chromium issues:
      - [76034] Low CVE-2011-1811: Browser crash with lots of form submissions.
        Credit to “DimitrisV22”.
      - [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to
        kuzzcc.
      - [78516] High CVE-2011-1813: Stale pointer in extension framework.
        Credit to Google Chrome Security Team (Inferno).
      - [79862] Low CVE-2011-1815: Extension script injection into new tab
        page. Credit to kuzzcc.
      - [81916] Medium CVE-2011-1817: Browser memory corruption in history
        deletion. Credit to Collin Payne.
      - [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages.
        Credit to Vladislavas Jarmalis, plus subsequent independent discovery
        by Sergey Glazunov.
      - [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey
        Glazunov.
  * Drop the stored passwords patch (fixed upstream)
    - remove debian/patches/stored_passwords_lp743494.patch
    - update debian/patches/series
  * Empty the -inspector package now that it has been merged into the main
    resources.pak file (so that the Inspector remains usable after an upgrade
    until the next browser restart). Also remove the resources directory,
    now empty
    - remove debian/chromium-browser-inspector.install
    - update debian/chromium-browser.dirs
    - update debian/rules
  * Update the location of the app_strings templates
    - update debian/rules
  * Rebase the GL dlopen patch
    - update debian/patches/dlopen_sonamed_gl.patch
  * Drop the gtk resize patch, now that upstream does it for us
    - remove debian/patches/disable_gtk_resize_grip_on_natty.patch
    - update debian/patches/series
  * Drop the xdg-utils patch and use the system xdg tools when we
    detect that xdg-setting is present on the system (ensuring it's a recent
    enough xdg-utils)
    - update debian/chromium-browser.sh.in
    - remove debian/pa...

Read more...

Changed in chromium-browser (Ubuntu Natty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers