This bug was fixed in the package chromium-browser - 18.0.1025.142~r129054-0ubuntu0.11.10.1

---------------
chromium-browser (18.0.1025.142~r129054-0ubuntu0.11.10.1) oneiric-security; urgency=low

  * New upstream release from the Stable Channel (LP: #968901)
    This release fixes the following security issues:
    - [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in
      EUC-JP. Credit to Masato Kinugawa.
    - [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling.
      Credit to Arthur Gerkis.
    - [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment
      handling. Credit to miaubiz.
    - [116398] Medium CVE-2011-3061: SPDY proxy certificate checking error.
      Credit to Leonidas Kontothanassis of Google.
    - [116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to
      Mateusz Jurczyk of the Google Security Team.
    - [117417] Low CVE-2011-3063: Validate navigation requests from the renderer
      more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie and
      scarybeasts (Google Chrome Security Team).
    - [117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to
      Atte Kettunen of OUSPG.
    - [117588] High CVE-2011-3065: Memory corruption in Skia. Credit to Omair.
    - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
      Holler.

  * Add build dependency on libudev-dev to allow for gamepad detection; see
    http://code.google.com/p/chromium/issues/detail?id=79050
    - update debian/control
  * Drop dlopen_libgnutls patch as it's been implemented upstream
     - drop debian/patches/dlopen_libgnutls.patch
     - update debian/patches/series
  * Start removing *.so and *.so.* from the upstream tarball creation
    - update debian/rules
  * Strip almost the entire third_party/openssl directory as it's needed only
    on android, but is used by the build system
    - update debian/rules
  * Use tar's --exclude-vcs flag instead of just excluding .svn
    - update debian/rules

chromium-browser (17.0.963.83~r127885-0ubuntu0.11.10.1) oneiric-security; urgency=low

  * New upstream release from the Stable Channel (LP: #961831)
    This release fixes the following security issues:
    - [113902] High CVE-2011-3050: Use-after-free with first-letter handling.
      Credit to miaubiz.
    - [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit
      to Glenn Randers-Pehrson of the libpng project.
    - [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling.
      Credit to Arthur Gerkis.
    - [116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling.
      Credit to Ben Vanik of Google.
    - [116746] High CVE-2011-3053: Use-after-free in block splitting.
      Credit to miaubiz.
    - [117418] Low CVE-2011-3054: Apply additional isolations to webui
      privileges. Credit to Sergey Glazunov.
    - [117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked
      extension installation. Credit to PinkiePie.
    - [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”.
      Credit to Sergey Glazunov.
    - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
      Holler.
 -- Micah Gersten <email address hidden>   Mon, 02 Apr 2012 11:29:42 -0500