Ubuntu

11.0.696.65 -> 11.0.696.68

Reported by Fabien Tassin on 2011-05-12
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
High
Fabien Tassin
Lucid
High
Micah Gersten
Maverick
High
Micah Gersten
Natty
High
Micah Gersten
Oneiric
High
Fabien Tassin

Bug Description

Binary package hint: chromium-browser

Another security upgrade, needed in oneiric, natty, maverick and lucid

Fabien Tassin (fta) on 2011-05-12
Changed in chromium-browser (Ubuntu Oneiric):
status: New → Triaged
status: Triaged → In Progress
Changed in chromium-browser (Ubuntu Natty):
status: New → Triaged
Changed in chromium-browser (Ubuntu Maverick):
status: New → Triaged
Changed in chromium-browser (Ubuntu Lucid):
status: New → Triaged
importance: Undecided → High
Changed in chromium-browser (Ubuntu Maverick):
importance: Undecided → High
Changed in chromium-browser (Ubuntu Natty):
importance: Undecided → High
Changed in chromium-browser (Ubuntu Oneiric):
importance: Undecided → High
assignee: nobody → Fabien Tassin (fta)
visibility: private → public
Fabien Tassin (fta) wrote :

note that oneiric/armel is very likely to FTBFS, like for the previous upgrade:

https://launchpadlibrarian.net/71495944/buildlog_ubuntu-oneiric-armel.chromium-browser_11.0.696.65~r84435-0ubuntu1_FAILEDTOBUILD.txt.gz

  CXX(host) out/Release/obj.host/protoc/third_party/protobuf/src/google/protobuf/compiler/main.o
  LINK(host) out/Release/protoc
collect2: ld terminated with signal 11 [Segmentation fault]
make[1]: *** [out/Release/protoc] Error 1

reproducible crash in the toolchain.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 11.0.696.68~r84545-0ubuntu1

---------------
chromium-browser (11.0.696.68~r84545-0ubuntu1) oneiric; urgency=high

  * New Minor upstream release from the Stable Channel (LP: #781822)
    This release fixes the following security issues:
    + WebKit issues:
      - [64046] High, CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit
        to Google Chrome Security Team (SkyLined).
      - [80608] High, CVE-2011-1800: Integer overflows in SVG filters. Credit
        to Google Chrome Security Team (Cris Neckar).
 -- Fabien Tassin <email address hidden> Thu, 12 May 2011 19:37:35 +0200

Changed in chromium-browser (Ubuntu Oneiric):
status: In Progress → Fix Released
Micah Gersten (micahg) on 2011-05-14
Changed in chromium-browser (Ubuntu Lucid):
status: Triaged → In Progress
Changed in chromium-browser (Ubuntu Maverick):
status: Triaged → In Progress
Changed in chromium-browser (Ubuntu Natty):
status: Triaged → In Progress
Changed in chromium-browser (Ubuntu Lucid):
assignee: nobody → Micah Gersten (micahg)
Changed in chromium-browser (Ubuntu Maverick):
assignee: nobody → Micah Gersten (micahg)
Changed in chromium-browser (Ubuntu Natty):
assignee: nobody → Micah Gersten (micahg)
Micah Gersten (micahg) wrote :

Asked slangasek to pocket copy lucid, maverick, and natty updates from ubuntu-security-proposed to -proposed for testing

tags: added: security-verification verification-needed
Changed in chromium-browser (Ubuntu Lucid):
status: In Progress → Fix Committed
Changed in chromium-browser (Ubuntu Maverick):
status: In Progress → Fix Committed
Changed in chromium-browser (Ubuntu Natty):
status: In Progress → Fix Committed
Micah Gersten (micahg) wrote :

Tested lucid-natty with QRT on amd64 and i386, no regressions over previous functionality in each release.

tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 11.0.696.68~r84545-0ubuntu0.10.04.1

---------------
chromium-browser (11.0.696.68~r84545-0ubuntu0.10.04.1) lucid-security; urgency=low

  [ Fabien Tassin <email address hidden> ]
  * New Minor upstream release from the Stable Channel (LP: #781822)
    This release fixes the following security issues:
    + WebKit issues:
      - [64046] High, CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit
        to Google Chrome Security Team (SkyLined).
      - [80608] High, CVE-2011-1800: Integer overflows in SVG filters. Credit
        to Google Chrome Security Team (Cris Neckar).
 -- Micah Gersten <email address hidden> Sat, 14 May 2011 22:35:25 +0200

Changed in chromium-browser (Ubuntu Lucid):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 11.0.696.68~r84545-0ubuntu0.10.10.1

---------------
chromium-browser (11.0.696.68~r84545-0ubuntu0.10.10.1) maverick-security; urgency=low

  [ Fabien Tassin <email address hidden> ]
  * New Minor upstream release from the Stable Channel (LP: #781822)
    This release fixes the following security issues:
    + WebKit issues:
      - [64046] High, CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit
        to Google Chrome Security Team (SkyLined).
      - [80608] High, CVE-2011-1800: Integer overflows in SVG filters. Credit
        to Google Chrome Security Team (Cris Neckar).
 -- Micah Gersten <email address hidden> Sat, 14 May 2011 22:38:30 +0200

Changed in chromium-browser (Ubuntu Maverick):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 11.0.696.68~r84545-0ubuntu0.11.04.1

---------------
chromium-browser (11.0.696.68~r84545-0ubuntu0.11.04.1) natty-security; urgency=low

  [ Fabien Tassin <email address hidden> ]
  * New Minor upstream release from the Stable Channel (LP: #781822)
    This release fixes the following security issues:
    + WebKit issues:
      - [64046] High, CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit
        to Google Chrome Security Team (SkyLined).
      - [80608] High, CVE-2011-1800: Integer overflows in SVG filters. Credit
        to Google Chrome Security Team (Cris Neckar).
 -- Micah Gersten <email address hidden> Sat, 14 May 2011 22:44:46 +0200

Changed in chromium-browser (Ubuntu Natty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers