10.0.648.204 -> 10.0.648.205

Bug #762275 reported by Fabien Tassin
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Fix Released
High
Fabien Tassin
Lucid
Fix Released
High
Unassigned
Maverick
Fix Released
High
Micah Gersten
Natty
Fix Released
High
Fabien Tassin

Bug Description

Binary package hint: chromium-browser

Upstream just released a new Minor (stable) release fixing two security issues.

Needed in natty, maverick and lucid.

Fabien Tassin (fta)
visibility: private → public
Changed in chromium-browser (Ubuntu Lucid):
status: New → In Progress
importance: Undecided → High
Changed in chromium-browser (Ubuntu Maverick):
importance: Undecided → High
Changed in chromium-browser (Ubuntu Natty):
importance: Undecided → High
status: New → Fix Committed
Changed in chromium-browser (Ubuntu Maverick):
status: New → In Progress
Changed in chromium-browser (Ubuntu Natty):
assignee: nobody → Fabien Tassin (fta)
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 10.0.648.205~r81283-0ubuntu1

---------------
chromium-browser (10.0.648.205~r81283-0ubuntu1) natty; urgency=high

  * New upstream minor release from the Stable Channel (LP: #762275)
    This release fixes the following security issues:
    - [75629] Critical, CVE-2011-1301: Use-after-free in the GPU process.
      Credit to Google Chrome Security Team (Inferno).
    - [78524] Critical, CVE-2011-1302: Heap overflow in the GPU process. Credit
      to Christoph Diehl.
  * Make the default mail client and browser settings work with the
    x-scheme-handler method of registering URI handlers in gnome3.
    This is based on the xdg-utils 1.1.0~rc1-2ubuntu3 fix by Chris Coulson
    <email address hidden>, itself based on Bastien Nocera <email address hidden>
    upstream fix (LP: #670128)
    - add debian/patches/xdg-utils_gnome3_lp670128_for_natty.patch
    - update debian/patches/series
  * Fix the apport hooks to pass the expected 'ui' to add_info(), needed when
    called from apport/ubuntu-bug (LP: #759635)
    - update debian/apport/chromium-browser.py
  * Report a dedicated WMClass per webapp, needed by Unity/bamf.
    (backported from trunk) (LP: #692462)
    - add debian/patches/webapps-wm-class-lp692462.patch
    - update debian/patches/series
 -- Fabien Tassin <email address hidden> Thu, 14 Apr 2011 22:36:16 +0200

Changed in chromium-browser (Ubuntu Natty):
status: Fix Committed → Fix Released
Fabien Tassin (fta)
Changed in chromium-browser (Ubuntu Lucid):
status: In Progress → Fix Committed
Changed in chromium-browser (Ubuntu Maverick):
status: In Progress → Fix Committed
Revision history for this message
Micah Gersten (micahg) wrote :

Lucid and maverick packages uploaded to ubuntu-security proposed PPA.

Changed in chromium-browser (Ubuntu Maverick):
assignee: nobody → Micah Gersten (micahg)
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Per micahg via irc, maverick was tested via QRT and works as well as the previous release (excepting bug #743494, as mentioned in the NEWS file).

tags: added: verification-done-maverick
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Copied 10.0.648.205~r81283-0ubuntu0.10.10.1 to maverick-proposed.

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

iLucid i386 and amd64 tested via QRT and works as well as the previous release (excepting bug #743494).

tags: added: verification-done-lucid
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 10.0.648.205~r81283-0ubuntu0.10.10.1

---------------
chromium-browser (10.0.648.205~r81283-0ubuntu0.10.10.1) maverick-security; urgency=high

  * New upstream minor release from the Stable Channel (LP: #762275)
    This release fixes the following security issues:
    - [75629] Critical, CVE-2011-1301: Use-after-free in the GPU process.
      Credit to Google Chrome Security Team (Inferno).
    - [78524] Critical, CVE-2011-1302: Heap overflow in the GPU process. Credit
      to Christoph Diehl.
    This releasse also contains the security fixes from 10.0.648.204~r79063
    (which has been skipped by the sponsors) (LP: #742118)
    + Webkit bugs:
      - [73216] High, CVE-2011-1292: Use-after-free in the frame loader. Credit
        to Sławomir Błażek.
      - [73595] High, CVE-2011-1293: Use-after-free in HTMLCollection. Credit
        to Sergey Glazunov.
      - [74562] High, CVE-2011-1294: Stale pointer in CSS handling. Credit to
        Sergey Glazunov.
      - [74991] High, CVE-2011-1295: DOM tree corruption with broken node
        parentage. Credit to Sergey Glazunov.
      - [75170] High, CVE-2011-1296: Stale pointer in SVG text handling. Credit
        to Sergey Glazunov.
    + Chromium bugs:
      - [72517] High, CVE-2011-1291: Buffer error in base string handling.
        Credit to Alex Turpin.
  Packaging changes:
  * Set arm_fpu=vfpv3-d16 on arm (less restrictive than the default vfpv3)
    preventing a SIGILL crash on some boards (LP: #735877)
    - update debian/control
  * Install libppGoogleNaClPluginChrome.so (LP: #738331)
    - update debian/rules
    - update debian/chromium-browser.install
  * Fix the apport hooks to pass the expected 'ui' to add_info(), needed when
    called from apport/ubuntu-bug (LP: #759635)
    - update debian/apport/chromium-browser.py
  * NaCL may be blacklisted, so only include it when it's actually been
    built (fixes the ftbfs on arm) (LP: #745854)
    - update debian/rules
    - update debian/chromium-browser.install
  * Harden the apport hooks in the extensions section
    - update debian/apport/chromium-browser.py
 -- Fabien Tassin <email address hidden> Thu, 14 Apr 2011 22:36:16 +0200

Changed in chromium-browser (Ubuntu Maverick):
status: Fix Committed → Fix Released
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Waiting on lucid/armel before pocket copy.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 10.0.648.205~r81283-0ubuntu0.10.04.1

---------------
chromium-browser (10.0.648.205~r81283-0ubuntu0.10.04.1) lucid-security; urgency=high

  * New upstream minor release from the Stable Channel (LP: #762275)
    This release fixes the following security issues:
    - [75629] Critical, CVE-2011-1301: Use-after-free in the GPU process.
      Credit to Google Chrome Security Team (Inferno).
    - [78524] Critical, CVE-2011-1302: Heap overflow in the GPU process. Credit
      to Christoph Diehl.
    This releasse also contains the security fixes from 10.0.648.204~r79063
    (which has been skipped by the sponsors) (LP: #742118)
    + Webkit bugs:
      - [73216] High, CVE-2011-1292: Use-after-free in the frame loader. Credit
        to Sławomir Błażek.
      - [73595] High, CVE-2011-1293: Use-after-free in HTMLCollection. Credit
        to Sergey Glazunov.
      - [74562] High, CVE-2011-1294: Stale pointer in CSS handling. Credit to
        Sergey Glazunov.
      - [74991] High, CVE-2011-1295: DOM tree corruption with broken node
        parentage. Credit to Sergey Glazunov.
      - [75170] High, CVE-2011-1296: Stale pointer in SVG text handling. Credit
        to Sergey Glazunov.
    + Chromium bugs:
      - [72517] High, CVE-2011-1291: Buffer error in base string handling.
        Credit to Alex Turpin.
  Packaging changes:
  * Set arm_fpu=vfpv3-d16 on arm (less restrictive than the default vfpv3)
    preventing a SIGILL crash on some boards (LP: #735877)
    - update debian/control
  * Install libppGoogleNaClPluginChrome.so (LP: #738331)
    - update debian/rules
    - update debian/chromium-browser.install
  * Fix the apport hooks to pass the expected 'ui' to add_info(), needed when
    called from apport/ubuntu-bug (LP: #759635)
    - update debian/apport/chromium-browser.py
  * NaCL may be blacklisted, so only include it when it's actually been
    built (fixes the ftbfs on arm) (LP: #745854)
    - update debian/rules
    - update debian/chromium-browser.install
  * Harden the apport hooks in the extensions section
    - update debian/apport/chromium-browser.py
 -- Fabien Tassin <email address hidden> Thu, 14 Apr 2011 22:36:16 +0200

Changed in chromium-browser (Ubuntu Lucid):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.