[ubuntu/maverick] chromium-browser 5.0.375.70~r48679-0ubuntu1 (Accepted)
Fabien Tassin
fta at ubuntu.com
Wed Jun 9 10:10:27 BST 2010
chromium-browser (5.0.375.70~r48679-0ubuntu1) maverick; urgency=low
* New upstream release from the Stable Channel (LP: #591474)
Fixes the following security issues:
- [15766] Medium Cross-origin keystroke redirection. Credit to Michal
Zalewski of Google Security Team.
- [39985] High Cross-origin bypass in DOM methods. Credit to Sergey
Glazunov.
- [42723] High Memory error in table layout. Credit to wushi of team509.
- [43304] High Linux sandbox escape. Credit to Mark Dowd under contract to
Google Chrome Security Team.
- [43307] High Bitmap stale pointer. Credit to Mark Dowd under contract to
Google Chrome Security Team.
- [43315] High Memory corruption in DOM node normalization. Credit to Mark
Dowd under contract to Google Chrome Security Team.
- [43487] High Memory corruption in text transforms. Credit to wushi of
team509.
- [43902] Medium XSS in innerHTML property of textarea. Credit to
sirdarckcat of Google Security Team.
- [44740] High Memory corruption in font handling. Credit: Apple.
- [44868] High Geolocation events fire after document deletion. Credit to
Google Chrome Security Team (Justin Schuh).
- [44955] High Memory corruption in rendering of list markers. Credit:
Apple.
* Add a --temp-profile knob to the launcher script starting Chromium with
a new profile which will last only for the duration of the session
- update debian/chromium-browser.sh
* Change StartupWMClass to Chromium-browser in the desktop launcher so
cairo-dock does the right thing (LP: #587664)
- update debian/chromium-browser.desktop
* Set XLIB_SKIP_ARGB_VISUALS=1 in the wrapper to prevent flash from dying
with a Gdk-ERROR when gtk2 is built with RGBA support (like in Maverick).
(LP: #584959)
- update debian/chromium-browser.sh
* Unbreak get-orig-source when it needs to drop its cache after a channel jump
(replace brace expansion - which is a bashism - with proper $(wildcard))
- update debian/rules
Date: Wed, 09 Jun 2010 07:30:50 +0200
Changed-By: Fabien Tassin <fta at ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/chromium-browser/5.0.375.70~r48679-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 09 Jun 2010 07:30:50 +0200
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-browser-inspector
Architecture: source
Version: 5.0.375.70~r48679-0ubuntu1
Distribution: maverick
Urgency: low
Maintainer: Fabien Tassin <fta at ubuntu.com>
Changed-By: Fabien Tassin <fta at ubuntu.com>
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page inspector for the chromium-browser
chromium-browser-l10n - chromium-browser language packages
Launchpad-Bugs-Fixed: 584959 587664 591474
Changes:
chromium-browser (5.0.375.70~r48679-0ubuntu1) maverick; urgency=low
.
* New upstream release from the Stable Channel (LP: #591474)
Fixes the following security issues:
- [15766] Medium Cross-origin keystroke redirection. Credit to Michal
Zalewski of Google Security Team.
- [39985] High Cross-origin bypass in DOM methods. Credit to Sergey
Glazunov.
- [42723] High Memory error in table layout. Credit to wushi of team509.
- [43304] High Linux sandbox escape. Credit to Mark Dowd under contract to
Google Chrome Security Team.
- [43307] High Bitmap stale pointer. Credit to Mark Dowd under contract to
Google Chrome Security Team.
- [43315] High Memory corruption in DOM node normalization. Credit to Mark
Dowd under contract to Google Chrome Security Team.
- [43487] High Memory corruption in text transforms. Credit to wushi of
team509.
- [43902] Medium XSS in innerHTML property of textarea. Credit to
sirdarckcat of Google Security Team.
- [44740] High Memory corruption in font handling. Credit: Apple.
- [44868] High Geolocation events fire after document deletion. Credit to
Google Chrome Security Team (Justin Schuh).
- [44955] High Memory corruption in rendering of list markers. Credit:
Apple.
* Add a --temp-profile knob to the launcher script starting Chromium with
a new profile which will last only for the duration of the session
- update debian/chromium-browser.sh
* Change StartupWMClass to Chromium-browser in the desktop launcher so
cairo-dock does the right thing (LP: #587664)
- update debian/chromium-browser.desktop
* Set XLIB_SKIP_ARGB_VISUALS=1 in the wrapper to prevent flash from dying
with a Gdk-ERROR when gtk2 is built with RGBA support (like in Maverick).
(LP: #584959)
- update debian/chromium-browser.sh
* Unbreak get-orig-source when it needs to drop its cache after a channel jump
(replace brace expansion - which is a bashism - with proper $(wildcard))
- update debian/rules
Checksums-Sha1:
bfded8b3c411e5e9bc2b9e0ee831ecb5a0f2ddf0 1956 chromium-browser_5.0.375.70~r48679-0ubuntu1.dsc
ef824a5bf9ffacf9113bd5f1c67425febc20a606 96633381 chromium-browser_5.0.375.70~r48679.orig.tar.gz
b613d3492d71fc30afbbeb127d3a5dccfb294726 179118 chromium-browser_5.0.375.70~r48679-0ubuntu1.diff.gz
Checksums-Sha256:
6b6e7b26bf859164dd9bba4645a80797d65bf713248a272753dd7af58f6fe534 1956 chromium-browser_5.0.375.70~r48679-0ubuntu1.dsc
5e26d2e645f8ebdb55711f439d2abc29c9963c817aca1335948e0ffc1a8eadc4 96633381 chromium-browser_5.0.375.70~r48679.orig.tar.gz
0e71b406c7e9f7d3d71356593a145fd0fe01f6459052cd3fc0d0880a894dc8ee 179118 chromium-browser_5.0.375.70~r48679-0ubuntu1.diff.gz
Files:
b523064685182395005f4ffd53e14d22 1956 web optional chromium-browser_5.0.375.70~r48679-0ubuntu1.dsc
3a2e271d7328bae1ebcd45194d8e6a06 96633381 web optional chromium-browser_5.0.375.70~r48679.orig.tar.gz
7b0dc40ea06864ced4c37449fb85f2f4 179118 web optional chromium-browser_5.0.375.70~r48679-0ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkwPWaIACgkQaOfNHbbuIOjDLACeKnNvRYRQ51/av2AgtShS1p+h
fx0Anj0VymWOW5UutExw2M+Vrwdec+6S
=aLBk
-----END PGP SIGNATURE-----
More information about the Maverick-changes
mailing list