Comment 1 for bug 961831

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 17.0.963.83~r127885-0ubuntu1

---------------
chromium-browser (17.0.963.83~r127885-0ubuntu1) precise; urgency=low

  * New upstream release from the Stable Channel (LP: #961831)
    This release fixes the following security issues:
    - [113902] High CVE-2011-3050: Use-after-free with first-letter handling.
      Credit to miaubiz.
    - [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit
      to Glenn Randers-Pehrson of the libpng project.
    - [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling.
      Credit to Arthur Gerkis.
    - [116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling.
      Credit to Ben Vanik of Google.
    - [116746] High CVE-2011-3053: Use-after-free in block splitting.
      Credit to miaubiz.
    - [117418] Low CVE-2011-3054: Apply additional isolations to webui
      privileges. Credit to Sergey Glazunov.
    - [117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked
      extension installation. Credit to PinkiePie.
    - [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”.
      Credit to Sergey Glazunov.
    - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
      Holler.
 -- Micah Gersten <email address hidden> Wed, 21 Mar 2012 21:31:34 -0500