[ubuntu/precise] chromium-browser 15.0.874.120~r108895-0ubuntu1 (Accepted)
Micah Gersten
micahg at ubuntu.com
Sun Nov 13 06:46:10 UTC 2011
chromium-browser (15.0.874.120~r108895-0ubuntu1) precise; urgency=low
* New upstream release from the Stable Channel (LP: #889711)
This release fixes the following security issues:
- [100465] High CVE-2011-3892: Double free in Theora decoder. Credit to Aki
Helin of OUSPG.
- [100492] [100543] Medium CVE-2011-3893: Out of bounds reads in MKV and
Vorbis media handlers. Credit to Aki Helin of OUSPG.
- [101172] High CVE-2011-3894: Memory corruption regression in VP8 decoding.
Credit to Andrew Scherkus of the Chromium development community.
- [101458] High CVE-2011-3895: Heap overflow in Vorbis decoder. Credit to
Aki Helin of OUSPG.
- [101624] High CVE-2011-3896: Buffer overflow in shader variable mapping.
Credit to Ken “strcpy” Russell of the Chromium development community.
- [102242] High CVE-2011-3897: Use-after-free in editing. Credit to pa_kt
reported through ZDI (ZDI-CAN-1416).
Date: Sun, 13 Nov 2011 00:11:03 -0600
Changed-By: Micah Gersten <micahg at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/chromium-browser/15.0.874.120~r108895-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 13 Nov 2011 00:11:03 -0600
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg
Architecture: source
Version: 15.0.874.120~r108895-0ubuntu1
Distribution: precise
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Micah Gersten <micahg at ubuntu.com>
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-l10n - chromium-browser language packages
chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
Launchpad-Bugs-Fixed: 889711
Changes:
chromium-browser (15.0.874.120~r108895-0ubuntu1) precise; urgency=low
.
* New upstream release from the Stable Channel (LP: #889711)
This release fixes the following security issues:
- [100465] High CVE-2011-3892: Double free in Theora decoder. Credit to Aki
Helin of OUSPG.
- [100492] [100543] Medium CVE-2011-3893: Out of bounds reads in MKV and
Vorbis media handlers. Credit to Aki Helin of OUSPG.
- [101172] High CVE-2011-3894: Memory corruption regression in VP8 decoding.
Credit to Andrew Scherkus of the Chromium development community.
- [101458] High CVE-2011-3895: Heap overflow in Vorbis decoder. Credit to
Aki Helin of OUSPG.
- [101624] High CVE-2011-3896: Buffer overflow in shader variable mapping.
Credit to Ken “strcpy” Russell of the Chromium development community.
- [102242] High CVE-2011-3897: Use-after-free in editing. Credit to pa_kt
reported through ZDI (ZDI-CAN-1416).
Checksums-Sha1:
86fff36143766a2b6b6be9580e16758a255dd52f 2135 chromium-browser_15.0.874.120~r108895-0ubuntu1.dsc
3d4c21803b0a79ee9039a119af3f860baf15df39 213661646 chromium-browser_15.0.874.120~r108895.orig.tar.gz
4f8c0bf632e9f843143721a8fc47dcb6ffa0e81c 207922 chromium-browser_15.0.874.120~r108895-0ubuntu1.diff.gz
Checksums-Sha256:
046f9864e49b48a90ff87590eaffc67bfaa5cb62cb9e6688413caa269d2321d9 2135 chromium-browser_15.0.874.120~r108895-0ubuntu1.dsc
542e5d2f3223ebaca5aad8cff00fe268f1c10616566d23b4a2fbd90ae8afee8d 213661646 chromium-browser_15.0.874.120~r108895.orig.tar.gz
93b6674ba690316044ea64e1860d8530e1a47d2b716215a6eecc66bf9cb24256 207922 chromium-browser_15.0.874.120~r108895-0ubuntu1.diff.gz
Files:
8a625baeec7f7d5077ca9d880374a952 2135 web optional chromium-browser_15.0.874.120~r108895-0ubuntu1.dsc
abeae5e0e2f9a543631d6c7d451d32af 213661646 web optional chromium-browser_15.0.874.120~r108895.orig.tar.gz
8977fbd8a5904f9673ab304e446ede26 207922 web optional chromium-browser_15.0.874.120~r108895-0ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk6/YnUACgkQTniv4aqX/VkIYACaAhaQ8rvnJKnq3kuMBzZJyEfu
x6wAmwZhCPtseXQ9DjGdONJYOp3RHdFL
=I6FK
-----END PGP SIGNATURE-----
More information about the Precise-changes
mailing list