[ubuntu/natty] chromium-browser 7.0.517.41~r62167-0ubuntu1 (Accepted)

Fabien Tassin fta at ubuntu.com
Wed Oct 20 12:50:57 BST 2010


chromium-browser (7.0.517.41~r62167-0ubuntu1) natty; urgency=high

  * New upstream Major release from the Stable Channel (LP: #663523), also
    fixing the following security issues:
    - [48225] [51727] Medium, Possible autofill / autocomplete profile
      spamming. Credit to Google Chrome Security Team (Inferno).
    - [48857] High, Crash with forms. Credit to the Chromium development
      community.
    - [50428] Critical, Browser crash with form autofill. Credit to the
      Chromium development community.
    - [51680] High, Possible URL spoofing on page unload. Credit to kuzzcc;
      plus independent discovery by Jordi Chancel.
    - [53002] Low, Pop-up block bypass. Credit to kuzzcc.
    - [53985] Medium, Crash on shutdown with Web Sockets. Credit to the
      Chromium development community.
    - [54132] Low, Bad construction of PATH variable. Credit to Dan Rosenberg,
      Virtual Security Research.
    - [54500] High, Possible memory corruption with animated GIF. Credit to
      Simon Schaak.
    - [54794] High, Failure to sandbox worker processes on Linux. Credit to
      Google Chrome Security Team (Chris Evans).
    - [56451] High, Stale elements in an element map. Credit to Michal Zalewski
      of the Google Security Team.
  * Drop the -fno-tree-sink workaround for the armel gcc inlining bug now that the
    strict-aliasing issue in dtoa has been fixed
    - drop debian/patches/no_tree_sink_v8.patch
    - update debian/patches/series
  * Drop the xdg-mime patch now that we catched up with v7
    - drop debian/patches/xdg-utils-update.patch
  * Disable -Werror when building with gcc 4.5 until
    http://code.google.com/p/chromium/issues/detail?id=49533 gets fixed
    - update debian/rules
  * Fix the apport hook crash when the use_system key is unset (LP: #660579)
    - update debian/apport/chromium-browser.py

Date: Tue, 19 Oct 2010 22:36:19 +0200
Changed-By: Fabien Tassin <fta at ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/chromium-browser/7.0.517.41~r62167-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 19 Oct 2010 22:36:19 +0200
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-browser-inspector
Architecture: source
Version: 7.0.517.41~r62167-0ubuntu1
Distribution: natty
Urgency: high
Maintainer: Fabien Tassin <fta at ubuntu.com>
Changed-By: Fabien Tassin <fta at ubuntu.com>
Description: 
 chromium-browser - Chromium browser
 chromium-browser-dbg - chromium-browser debug symbols
 chromium-browser-inspector - page inspector for the chromium-browser
 chromium-browser-l10n - chromium-browser language packages
Launchpad-Bugs-Fixed: 660579 663523
Changes: 
 chromium-browser (7.0.517.41~r62167-0ubuntu1) natty; urgency=high
 .
   * New upstream Major release from the Stable Channel (LP: #663523), also
     fixing the following security issues:
     - [48225] [51727] Medium, Possible autofill / autocomplete profile
       spamming. Credit to Google Chrome Security Team (Inferno).
     - [48857] High, Crash with forms. Credit to the Chromium development
       community.
     - [50428] Critical, Browser crash with form autofill. Credit to the
       Chromium development community.
     - [51680] High, Possible URL spoofing on page unload. Credit to kuzzcc;
       plus independent discovery by Jordi Chancel.
     - [53002] Low, Pop-up block bypass. Credit to kuzzcc.
     - [53985] Medium, Crash on shutdown with Web Sockets. Credit to the
       Chromium development community.
     - [54132] Low, Bad construction of PATH variable. Credit to Dan Rosenberg,
       Virtual Security Research.
     - [54500] High, Possible memory corruption with animated GIF. Credit to
       Simon Schaak.
     - [54794] High, Failure to sandbox worker processes on Linux. Credit to
       Google Chrome Security Team (Chris Evans).
     - [56451] High, Stale elements in an element map. Credit to Michal Zalewski
       of the Google Security Team.
   * Drop the -fno-tree-sink workaround for the armel gcc inlining bug now that the
     strict-aliasing issue in dtoa has been fixed
     - drop debian/patches/no_tree_sink_v8.patch
     - update debian/patches/series
   * Drop the xdg-mime patch now that we catched up with v7
     - drop debian/patches/xdg-utils-update.patch
   * Disable -Werror when building with gcc 4.5 until
     http://code.google.com/p/chromium/issues/detail?id=49533 gets fixed
     - update debian/rules
   * Fix the apport hook crash when the use_system key is unset (LP: #660579)
     - update debian/apport/chromium-browser.py
Checksums-Sha1: 
 9ab684b0e5867b1308216f811604a5a7cd252077 1940 chromium-browser_7.0.517.41~r62167-0ubuntu1.dsc
 5ec4f69f5801083cece5760812366bf8fb5883b0 179018979 chromium-browser_7.0.517.41~r62167.orig.tar.gz
 077b9959b08affdea985cf73878caba5c3ce8029 189568 chromium-browser_7.0.517.41~r62167-0ubuntu1.diff.gz
Checksums-Sha256: 
 92fa5bae6768a6ccf4b1e4ddb592ffc7dc34c486537ea4126d8da727e54b3521 1940 chromium-browser_7.0.517.41~r62167-0ubuntu1.dsc
 cd36ea3bc600b0d965b105578c111bd0b5c8308b3093b9cd1cda546361104d7d 179018979 chromium-browser_7.0.517.41~r62167.orig.tar.gz
 0a3d7342883ab5034f504e786b5eefa8b87e9904c183f8838a37d9a7e8321ce6 189568 chromium-browser_7.0.517.41~r62167-0ubuntu1.diff.gz
Files: 
 a86d6c00f6148e786592f45b4c3a27eb 1940 web optional chromium-browser_7.0.517.41~r62167-0ubuntu1.dsc
 7cc4d8430ae6e39fef91eb3092257d9f 179018979 web optional chromium-browser_7.0.517.41~r62167.orig.tar.gz
 96127dd5507b7306601477197928900a 189568 web optional chromium-browser_7.0.517.41~r62167-0ubuntu1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAky+1scACgkQaOfNHbbuIOgyhgCcD2HxeTiTR8cRzRFK8G4bL499
jaYAoJHCcqahCdUb6+WUXlq1t+VatbDS
=zbHN
-----END PGP SIGNATURE-----


More information about the Natty-changes mailing list