I'm using a dev ppa and am only on Version 27.0.1453.6 Ubuntu
Regards,
Phill.
On 22 May 2013 21:20, ilf <email address hidden> wrote:
> *** This bug is a security vulnerability ***
>
> Public security bug reported:
>
> And again a new stable release with lots of security fixes:
> http://googlechromereleases.blogspot.de/2013/05/stable-channel-
> release.html
>
> Here are the CVEs:
>
> CVE-2013-2837: Use-after-free in SVG.
> CVE-2013-2838: Out-of-bounds read in v8.
> CVE-2013-2839: Bad cast in clipboard handling.
> CVE-2013-2840: Use-after-free in media loader.
> CVE-2013-2841: Use-after-free in Pepper resource handling.
> CVE-2013-2842: Use-after-free in widget handling.
> CVE-2013-2843: Use-after-free in speech handling.
> CVE-2013-2844: Use-after-free in style resolution.
> CVE-2013-2845: Memory safety issues in Web Audio.
> CVE-2013-2846: Use-after-free in media loader.
> CVE-2013-2847: Use-after-free race condition with workers.
> CVE-2013-2848: Possible data extraction with XSS Auditor.
> CVE-2013-2849: Possible XSS with drag+drop or copy+paste.
>
> Please update and keep current. Thanks.
>
> ** Affects: chromium-browser (Ubuntu)
> Importance: Undecided
> Status: New
>
> ** Information type changed from Private Security to Public Security
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2013-2837
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2013-2838
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2013-2839
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2013-2840
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2013-2841
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2013-2842
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2013-2843
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2013-2844
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2013-2847
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2013-2848
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2013-2845
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2013-2846
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2013-2849
>
> --
> You received this bug notification because you are a member of Lubuntu
> Packages Team, which is subscribed to chromium-browser in Ubuntu.
> https://bugs.launchpad.net/bugs/1183086
>
> Title:
> Please update to 27.0.1453.93
>
> Status in “chromium-browser” package in Ubuntu:
> New
>
> Bug description:
> And again a new stable release with lots of security fixes:
> http://googlechromereleases.blogspot.de/2013/05/stable-channel-
> release.html
>
> Here are the CVEs:
>
> CVE-2013-2837: Use-after-free in SVG.
> CVE-2013-2838: Out-of-bounds read in v8.
> CVE-2013-2839: Bad cast in clipboard handling.
> CVE-2013-2840: Use-after-free in media loader.
> CVE-2013-2841: Use-after-free in Pepper resource handling.
> CVE-2013-2842: Use-after-free in widget handling.
> CVE-2013-2843: Use-after-free in speech handling.
> CVE-2013-2844: Use-after-free in style resolution.
> CVE-2013-2845: Memory safety issues in Web Audio.
> CVE-2013-2846: Use-after-free in media loader.
> CVE-2013-2847: Use-after-free race condition with workers.
> CVE-2013-2848: Possible data extraction with XSS Auditor.
> CVE-2013-2849: Possible XSS with drag+drop or copy+paste.
>
> Please update and keep current. Thanks.
>
> To manage notifications about this bug go to:
>
> https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1183086/+subscriptions
>
Crikey!
I'm using a dev ppa and am only on Version 27.0.1453.6 Ubuntu
Regards,
Phill.
On 22 May 2013 21:20, ilf <email address hidden> wrote:
> *** This bug is a security vulnerability *** googlechromerel eases.blogspot. de/2013/ 05/stable- channel- www.cve. mitre.org/ cgi- cgi?name= 2013-2837 www.cve. mitre.org/ cgi- cgi?name= 2013-2838 www.cve. mitre.org/ cgi- cgi?name= 2013-2839 www.cve. mitre.org/ cgi- cgi?name= 2013-2840 www.cve. mitre.org/ cgi- cgi?name= 2013-2841 www.cve. mitre.org/ cgi- cgi?name= 2013-2842 www.cve. mitre.org/ cgi- cgi?name= 2013-2843 www.cve. mitre.org/ cgi- cgi?name= 2013-2844 www.cve. mitre.org/ cgi- cgi?name= 2013-2847 www.cve. mitre.org/ cgi- cgi?name= 2013-2848 www.cve. mitre.org/ cgi- cgi?name= 2013-2845 www.cve. mitre.org/ cgi- cgi?name= 2013-2846 www.cve. mitre.org/ cgi- cgi?name= 2013-2849 /bugs.launchpad .net/bugs/ 1183086 googlechromerel eases.blogspot. de/2013/ 05/stable- channel- /bugs.launchpad .net/ubuntu/ +source/ chromium- browser/ +bug/1183086/ +subscriptions
>
> Public security bug reported:
>
> And again a new stable release with lots of security fixes:
> http://
> release.html
>
> Here are the CVEs:
>
> CVE-2013-2837: Use-after-free in SVG.
> CVE-2013-2838: Out-of-bounds read in v8.
> CVE-2013-2839: Bad cast in clipboard handling.
> CVE-2013-2840: Use-after-free in media loader.
> CVE-2013-2841: Use-after-free in Pepper resource handling.
> CVE-2013-2842: Use-after-free in widget handling.
> CVE-2013-2843: Use-after-free in speech handling.
> CVE-2013-2844: Use-after-free in style resolution.
> CVE-2013-2845: Memory safety issues in Web Audio.
> CVE-2013-2846: Use-after-free in media loader.
> CVE-2013-2847: Use-after-free race condition with workers.
> CVE-2013-2848: Possible data extraction with XSS Auditor.
> CVE-2013-2849: Possible XSS with drag+drop or copy+paste.
>
> Please update and keep current. Thanks.
>
> ** Affects: chromium-browser (Ubuntu)
> Importance: Undecided
> Status: New
>
> ** Information type changed from Private Security to Public Security
>
> ** CVE added: http://
> bin/cvename.
>
> ** CVE added: http://
> bin/cvename.
>
> ** CVE added: http://
> bin/cvename.
>
> ** CVE added: http://
> bin/cvename.
>
> ** CVE added: http://
> bin/cvename.
>
> ** CVE added: http://
> bin/cvename.
>
> ** CVE added: http://
> bin/cvename.
>
> ** CVE added: http://
> bin/cvename.
>
> ** CVE added: http://
> bin/cvename.
>
> ** CVE added: http://
> bin/cvename.
>
> ** CVE added: http://
> bin/cvename.
>
> ** CVE added: http://
> bin/cvename.
>
> ** CVE added: http://
> bin/cvename.
>
> --
> You received this bug notification because you are a member of Lubuntu
> Packages Team, which is subscribed to chromium-browser in Ubuntu.
> https:/
>
> Title:
> Please update to 27.0.1453.93
>
> Status in “chromium-browser” package in Ubuntu:
> New
>
> Bug description:
> And again a new stable release with lots of security fixes:
> http://
> release.html
>
> Here are the CVEs:
>
> CVE-2013-2837: Use-after-free in SVG.
> CVE-2013-2838: Out-of-bounds read in v8.
> CVE-2013-2839: Bad cast in clipboard handling.
> CVE-2013-2840: Use-after-free in media loader.
> CVE-2013-2841: Use-after-free in Pepper resource handling.
> CVE-2013-2842: Use-after-free in widget handling.
> CVE-2013-2843: Use-after-free in speech handling.
> CVE-2013-2844: Use-after-free in style resolution.
> CVE-2013-2845: Memory safety issues in Web Audio.
> CVE-2013-2846: Use-after-free in media loader.
> CVE-2013-2847: Use-after-free race condition with workers.
> CVE-2013-2848: Possible data extraction with XSS Auditor.
> CVE-2013-2849: Possible XSS with drag+drop or copy+paste.
>
> Please update and keep current. Thanks.
>
> To manage notifications about this bug go to:
>
> https:/
>
-- /wiki.ubuntu. com/phillw
https:/