chromium-browser 16.0.912.77~r118311-0ubuntu0.10.10.1 source package in Ubuntu
Changelog
chromium-browser (16.0.912.77~r118311-0ubuntu0.10.10.1) maverick-security; urgency=low * New upstream release from the Stable Channel (LP: #923602) This release fixes the following security issues: - [106484] High CVE-2011-3924: Use-after-free in DOM selections. Credit to Arthur Gerkis. - [107182] Critical CVE-2011-3925: Use-after-free in Safe Browsing navigation. Credit to Chamal de Silva. - [108461] High CVE-2011-3928: Use-after-free in DOM handling. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1415). - [108605] High CVE-2011-3927: Uninitialized value in Skia. Credit to miaubiz. - [109556] High CVE-2011-3926: Heap-buffer-overflow in tree builder. Credit to Arthur Gerkis. chromium-browser (16.0.912.75~r116452-0ubuntu0.10.10.1) maverick-security; urgency=low * New upstream release from the Stable Channel (LP: #914648, #889711) This release fixes the following security issues: - [106672] High CVE-2011-3921: Use-after-free in animation frames. Credit to Boris Zbarsky of Mozilla. - [107128] High CVE-2011-3919: Heap-buffer-overflow in libxml. Credit to Jüri Aedla. - [108006] High CVE-2011-3922: Stack-buffer-overflow in glyph handling. Credit to Google Chrome Security Team (Cris Neckar). This upload also includes the following security fixes from 16.0.912.63: - [81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to David Holloway of the Chromium development community. - [95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team (Inferno). - [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit to Aki Helin of OUSPG. - [99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit to Luka Treiber of ACROS Security. - [100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to Aki Helin of OUSPG. - [101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property array. Credit to Google Chrome Security Team (scarybeasts) and Chu. - [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling. Credit to Google Chrome Security Team (Cris Neckar). - [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF. Credit to Google Chrome Security Team (scarybeasts) and Robert Swiecki of the Google Security Team. - [102359] High CVE-2011-3912: Use-after-free in SVG filters. Credit to Arthur Gerkis. - [103921] High CVE-2011-3913: Use-after-free in Range handling. Credit to Arthur Gerkis. - [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling. Credit to Sławomir Błażek. - [104529] High CVE-2011-3915: Buffer overflow in PDF font handling. Credit to Atte Kettunen of OUSPG. - [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross references. Credit to Atte Kettunen of OUSPG. - [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to Google Chrome Security Team (Marty Barbella). - [107258] High CVE-2011-3904: Use-after-free in bidi handling. Credit to Google Chrome Security Team (Inferno) and miaubiz. This upload also includes the following security fixes from 15.0.874.121: - [103259] High CVE-2011-3900: Out-of-bounds write in v8. Credit to Christian Holler. This upload also includes the following security fixes from 15.0.874.120: - [100465] High CVE-2011-3892: Double free in Theora decoder. Credit to Aki Helin of OUSPG. - [100492] [100543] Medium CVE-2011-3893: Out of bounds reads in MKV and Vorbis media handlers. Credit to Aki Helin of OUSPG. - [101172] High CVE-2011-3894: Memory corruption regression in VP8 decoding. Credit to Andrew Scherkus of the Chromium development community. - [101458] High CVE-2011-3895: Heap overflow in Vorbis decoder. Credit to Aki Helin of OUSPG. - [101624] High CVE-2011-3896: Buffer overflow in shader variable mapping. Credit to Ken “strcpy” Russell of the Chromium development community. - [102242] High CVE-2011-3897: Use-after-free in editing. Credit to pa_kt reported through ZDI (ZDI-CAN-1416). [ Brandon Snider <email address hidden> ] * Refresh patch - update debian/patches/chromium_useragent.patch.in chromium-browser (15.0.874.106~r107270-0ubuntu0.10.10.1) maverick-security; urgency=low * New upstream release from the Stable Channel (LP: #881786) This release fixes the following security issues: - [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi Chancel. - [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to Jordi Chancel. - [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of download filenames. Credit to Marc Novak. - [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to Google Chrome Security Team (Tom Sepez) plus independent discovery by Juho Nurminen. - [94487] Medium CVE-2011-3878: Race condition in worker process initialization. Credit to miaubiz. - [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to Masato Kinugawa. - [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit to Vladimir Vorontsov, ONsec company. - [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin policy violations. Credit to Sergey Glazunov. - [96292] High CVE-2011-3882: Use-after-free in media buffer handling. Credit to Google Chrome Security Team (Inferno). - [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to miaubiz. - [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian Ryner of the Chromium development community. - [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale style bugs leading to use-after-free. Credit to miaubiz. - [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler. - [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to Sergey Glazunov. - [99138] High CVE-2011-3888: Use-after-free with plug-in and editing. Credit to miaubiz. - [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz. - [99553] High CVE-2011-3890: Use-after-free in video source handling. Credit to Ami Fischman of the Chromium development community. - [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to Steven Keuchel of the Chromium development community plus independent discovery by Daniel Divricean. [ Chris Coulson <email address hidden> ] * Refresh patches - update debian/patches/dlopen_sonamed_gl.patch - update debian/patches/webkit_rev_parser.patch [ Fabien Tassin ] * Disable NaCl until we figure out what to do with the private toolchain - update debian/rules * Do not install the pseudo_locales files in the debs - update debian/rules * Add python-simplejson to Build-depends. This is needed by NaCl even with NaCl disabled, so this is a temporary workaround to unbreak the build, it must be fixed upstream - update debian/control -- Micah Gersten <email address hidden> Sun, 29 Jan 2012 23:47:21 -0600
Upload details
- Uploaded by:
- Micah Gersten
- Uploaded to:
- Maverick
- Original maintainer:
- Fabien Tassin
- Architectures:
- i386 amd64 all
- Section:
- web
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
chromium-browser_16.0.912.77~r118311.orig.tar.gz | 211.3 MiB | 5fa2c773c6d1308fcd080ec1c7068bfdb7c61da34e8e381e38cd5003f4fb3b20 |
chromium-browser_16.0.912.77~r118311-0ubuntu0.10.10.1.diff.gz | 193.3 KiB | 45fe1f09dacf4a40d33b2ff3cc731b806d25f4cff42e62901998557624d31f88 |
chromium-browser_16.0.912.77~r118311-0ubuntu0.10.10.1.dsc | 2.6 KiB | 07b661ea8e65fabc6755877a85462d736235891e9c93efdf61c736fb58446d34 |
Available diffs
Binary packages built by this source
- chromium-browser: No summary available for chromium-browser in ubuntu maverick.
No description available for chromium-browser in ubuntu maverick.
- chromium-browser-dbg: No summary available for chromium-browser-dbg in ubuntu maverick.
No description available for chromium-
browser- dbg in ubuntu maverick.
- chromium-browser-inspector: No summary available for chromium-browser-inspector in ubuntu maverick.
No description available for chromium-
browser- inspector in ubuntu maverick.
- chromium-browser-l10n: No summary available for chromium-browser-l10n in ubuntu maverick.
No description available for chromium-
browser- l10n in ubuntu maverick.
- chromium-codecs-ffmpeg: No summary available for chromium-codecs-ffmpeg in ubuntu maverick.
No description available for chromium-
codecs- ffmpeg in ubuntu maverick.
- chromium-codecs-ffmpeg-dbg: No summary available for chromium-codecs-ffmpeg-dbg in ubuntu maverick.
No description available for chromium-
codecs- ffmpeg- dbg in ubuntu maverick.
- chromium-codecs-ffmpeg-extra: No summary available for chromium-codecs-ffmpeg-extra in ubuntu maverick.
No description available for chromium-
codecs- ffmpeg- extra in ubuntu maverick.
- chromium-codecs-ffmpeg-extra-dbg: No summary available for chromium-codecs-ffmpeg-extra-dbg in ubuntu maverick.
No description available for chromium-
codecs- ffmpeg- extra-dbg in ubuntu maverick.
- chromium-codecs-ffmpeg-nonfree: No summary available for chromium-codecs-ffmpeg-nonfree in ubuntu maverick.
No description available for chromium-
codecs- ffmpeg- nonfree in ubuntu maverick.
- chromium-codecs-ffmpeg-nonfree-dbg: No summary available for chromium-codecs-ffmpeg-nonfree-dbg in ubuntu maverick.
No description available for chromium-
codecs- ffmpeg- nonfree- dbg in ubuntu maverick.