[ubuntu/oneiric] chromium-browser 13.0.782.107~r94237-0ubuntu1 (Accepted)

Fabien Tassin fta at ubuntu.com
Tue Aug 2 19:05:30 UTC 2011


chromium-browser (13.0.782.107~r94237-0ubuntu1) oneiric; urgency=high

  * New Major upstream release from the Stable Channel
    This release fixes the following security issues:
    + Chromium issues:
     - [75821] Medium, CVE-2011-2358: Always confirm an extension install via a
       browser dialog. Credit to Sergey Glazunov.
     - [79266] Low, CVE-2011-2360: Potential bypass of dangerous file prompt.
       Credit to kuzzcc.
     - [79426] Low, CVE-2011-2361: Improve designation of strings in the basic
       auth dialog. Credit to kuzzcc.
     - [81307] Medium, CVE-2011-2782: File permissions error with drag and
       drop. Credit to Evan Martin of the Chromium development community.
     - [83273] Medium, CVE-2011-2783: Always confirm a developer mode NPAPI
       extension install via a browser dialog. Credit to Sergey Glazunov.
     - [84402] Low, CVE-2011-2785: Sanitize the homepage URL in extensions.
       Credit to kuzzcc.
     - [84805] Medium, CVE-2011-2787: Browser crash due to GPU lock re-entrancy
       issue. Credit to kuzzcc.
     - [85808] Medium, CVE-2011-2789: Use after free in Pepper plug-in
       instantiation. Credit to Mario Gomes and kuzzcc.
     - [87815] Low, CVE-2011-2798: Prevent a couple of internal schemes from
       being web accessible. Credit to sirdarckcat of the Google Security Team.
     - [88827] Medium, CVE-2011-2803: Out-of-bounds read in Skia paths. Credit
       to Google Chrome Security Team (Inferno).
    + Webkit issues:
     - [78841] High, CVE-2011-2359: Stale pointer due to bad line box tracking
       in rendering. Credit to miaubiz and Martin Barbella.
     - [83841] Low, CVE-2011-2784: Local file path disclosure via GL program
       log. Credit to kuzzcc.
     - [84600] Low, CVE-2011-2786: Make sure the speech input bubble is always
       on-screen. Credit to Olli Pettay of Mozilla.
     - [85559] Low, CVE-2011-2788: Buffer overflow in inspector serialization.
       Credit to Mikołaj Małecki.
     - [86502] High, CVE-2011-2790: Use-after-free with floating styles. Credit
       to miaubiz.
     - [87148] High, CVE-2011-2792: Use-after-free with float removal. Credit
       to miaubiz.
     - [87227] High, CVE-2011-2793: Use-after-free in media selectors. Credit
       to miaubiz.
     - [87298] Medium, CVE-2011-2794: Out-of-bounds read in text iteration.
       Credit to miaubiz.
     - [87339] Medium, CVE-2011-2795: Cross-frame function leak. Credit to Shih
       Wei-Long.
     - [87548] High, CVE-2011-2796: Use-after-free in Skia. Credit to Google
       Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium
       development community.
     - [87729] High, CVE-2011-2797: Use-after-free in resource caching. Credit
       to miaubiz.
     - [87925] High, CVE-2011-2799: Use-after-free in HTML range handling.
       Credit to miaubiz.
     - [88337] Medium, CVE-2011-2800: Leak of client-side redirect target.
       Credit to Juho Nurminen.
     - [88591] High, CVE-2011-2802: v8 crash with const lookups. Credit to
       Christian Holler.
     - [88846] High, CVE-2011-2801: Use-after-free in frame loader. Credit to
       miaubiz.
     - [88889] High, CVE-2011-2818: Use-after-free in display box rendering.
       Credit to Martin Barbella.
     - [89520] High, CVE-2011-2805: Cross-origin script injection. Credit to
       Sergey Glazunov.
     - [90222] High, CVE-2011-2819: Cross-origin violation in base URI
       handling. Credit to Sergey Glazunov.
    + ICU 4.6 issue:
     - [86900] High, CVE-2011-2791: Out-of-bounds write in ICU. Credit to Yang
       Dingning from NCNIPC, Graduate University of Chinese Academy of
       Sciences.
  Packaging changes:
  * Add a "Conflicts" with -inspector so that it gets removed
    - update debian/control
  * Disable PIE for ARM on Oneiric too
    - update debian/rules
  * Run the gclient hooks when creating the source tarball, as we need files
    from the Native Client's integrated runtime (IRT) library.
    Install the NaCL IRT files in the main deb
    - update debian/rules
    - update debian/chromium-browser.install
  * Drop obsolete patches
    - remove debian/patches/cups_cleanup_cr6883221.patch
    - update debian/patches/series

Date: Tue, 02 Aug 2011 17:33:23 +0200
Changed-By: Fabien Tassin <fta at ubuntu.com>
https://launchpad.net/ubuntu/oneiric/+source/chromium-browser/13.0.782.107~r94237-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 02 Aug 2011 17:33:23 +0200
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg
Architecture: source
Version: 13.0.782.107~r94237-0ubuntu1
Distribution: oneiric
Urgency: high
Maintainer: Fabien Tassin <fta at ubuntu.com>
Changed-By: Fabien Tassin <fta at ubuntu.com>
Description: 
 chromium-browser - Chromium browser
 chromium-browser-dbg - chromium-browser debug symbols
 chromium-browser-l10n - chromium-browser language packages
 chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
 chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
Changes: 
 chromium-browser (13.0.782.107~r94237-0ubuntu1) oneiric; urgency=high
 .
   * New Major upstream release from the Stable Channel
     This release fixes the following security issues:
     + Chromium issues:
      - [75821] Medium, CVE-2011-2358: Always confirm an extension install via a
        browser dialog. Credit to Sergey Glazunov.
      - [79266] Low, CVE-2011-2360: Potential bypass of dangerous file prompt.
        Credit to kuzzcc.
      - [79426] Low, CVE-2011-2361: Improve designation of strings in the basic
        auth dialog. Credit to kuzzcc.
      - [81307] Medium, CVE-2011-2782: File permissions error with drag and
        drop. Credit to Evan Martin of the Chromium development community.
      - [83273] Medium, CVE-2011-2783: Always confirm a developer mode NPAPI
        extension install via a browser dialog. Credit to Sergey Glazunov.
      - [84402] Low, CVE-2011-2785: Sanitize the homepage URL in extensions.
        Credit to kuzzcc.
      - [84805] Medium, CVE-2011-2787: Browser crash due to GPU lock re-entrancy
        issue. Credit to kuzzcc.
      - [85808] Medium, CVE-2011-2789: Use after free in Pepper plug-in
        instantiation. Credit to Mario Gomes and kuzzcc.
      - [87815] Low, CVE-2011-2798: Prevent a couple of internal schemes from
        being web accessible. Credit to sirdarckcat of the Google Security Team.
      - [88827] Medium, CVE-2011-2803: Out-of-bounds read in Skia paths. Credit
        to Google Chrome Security Team (Inferno).
     + Webkit issues:
      - [78841] High, CVE-2011-2359: Stale pointer due to bad line box tracking
        in rendering. Credit to miaubiz and Martin Barbella.
      - [83841] Low, CVE-2011-2784: Local file path disclosure via GL program
        log. Credit to kuzzcc.
      - [84600] Low, CVE-2011-2786: Make sure the speech input bubble is always
        on-screen. Credit to Olli Pettay of Mozilla.
      - [85559] Low, CVE-2011-2788: Buffer overflow in inspector serialization.
        Credit to Mikołaj Małecki.
      - [86502] High, CVE-2011-2790: Use-after-free with floating styles. Credit
        to miaubiz.
      - [87148] High, CVE-2011-2792: Use-after-free with float removal. Credit
        to miaubiz.
      - [87227] High, CVE-2011-2793: Use-after-free in media selectors. Credit
        to miaubiz.
      - [87298] Medium, CVE-2011-2794: Out-of-bounds read in text iteration.
        Credit to miaubiz.
      - [87339] Medium, CVE-2011-2795: Cross-frame function leak. Credit to Shih
        Wei-Long.
      - [87548] High, CVE-2011-2796: Use-after-free in Skia. Credit to Google
        Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium
        development community.
      - [87729] High, CVE-2011-2797: Use-after-free in resource caching. Credit
        to miaubiz.
      - [87925] High, CVE-2011-2799: Use-after-free in HTML range handling.
        Credit to miaubiz.
      - [88337] Medium, CVE-2011-2800: Leak of client-side redirect target.
        Credit to Juho Nurminen.
      - [88591] High, CVE-2011-2802: v8 crash with const lookups. Credit to
        Christian Holler.
      - [88846] High, CVE-2011-2801: Use-after-free in frame loader. Credit to
        miaubiz.
      - [88889] High, CVE-2011-2818: Use-after-free in display box rendering.
        Credit to Martin Barbella.
      - [89520] High, CVE-2011-2805: Cross-origin script injection. Credit to
        Sergey Glazunov.
      - [90222] High, CVE-2011-2819: Cross-origin violation in base URI
        handling. Credit to Sergey Glazunov.
     + ICU 4.6 issue:
      - [86900] High, CVE-2011-2791: Out-of-bounds write in ICU. Credit to Yang
        Dingning from NCNIPC, Graduate University of Chinese Academy of
        Sciences.
   Packaging changes:
   * Add a "Conflicts" with -inspector so that it gets removed
     - update debian/control
   * Disable PIE for ARM on Oneiric too
     - update debian/rules
   * Run the gclient hooks when creating the source tarball, as we need files
     from the Native Client's integrated runtime (IRT) library.
     Install the NaCL IRT files in the main deb
     - update debian/rules
     - update debian/chromium-browser.install
   * Drop obsolete patches
     - remove debian/patches/cups_cleanup_cr6883221.patch
     - update debian/patches/series
Checksums-Sha1: 
 24bb2b3e274cc5787681a9006fd53a0a95995b9a 2064 chromium-browser_13.0.782.107~r94237-0ubuntu1.dsc
 6f2930ef4a1e741ce35131b29ff06ddf36c8a25c 186057478 chromium-browser_13.0.782.107~r94237.orig.tar.gz
 ba6034d956b3c50df6a6cae96c165bbb68e1a611 204256 chromium-browser_13.0.782.107~r94237-0ubuntu1.diff.gz
Checksums-Sha256: 
 f46619a6f932c20d2d60019aec9b89e237c10423a1b1983455922ae94a1a3cbe 2064 chromium-browser_13.0.782.107~r94237-0ubuntu1.dsc
 ec02bf122f6508f426bd44dd25f7a5467a3e59eb6b7ca3253c9f7cd4e59578ca 186057478 chromium-browser_13.0.782.107~r94237.orig.tar.gz
 eadc9225aec0b598587aee1c01ae3250d77bc2e9e690cc7c9c1bdd7986e66e7f 204256 chromium-browser_13.0.782.107~r94237-0ubuntu1.diff.gz
Files: 
 7d29bb8bfc59a2d2a358363915ebe22d 2064 web optional chromium-browser_13.0.782.107~r94237-0ubuntu1.dsc
 53aea67ea874a812e12144bef799347d 186057478 web optional chromium-browser_13.0.782.107~r94237.orig.tar.gz
 7fbc26cbc644c8347c0e84fdceb86f23 204256 web optional chromium-browser_13.0.782.107~r94237-0ubuntu1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk44SikACgkQaOfNHbbuIOj/RQCgq/nmf6Mr3APsEPcRnyAg03Lh
rYkAn16U3cRPFM6MTCHbGho4Bk83Ai4h
=b46e
-----END PGP SIGNATURE-----


More information about the Oneiric-changes mailing list