[ubuntu/precise] chromium-browser 18.0.1025.151~r130497-0ubuntu1 (Accepted)

Micah Gersten micahg at ubuntu.com
Mon Apr 9 23:05:05 UTC 2012 

chromium-browser (18.0.1025.151~r130497-0ubuntu1) precise; urgency=low

  * New upstream release from the Stable Channel (LP: #977502)
    - black screen on Hybrid Graphics system with GPU accelerated compositing
      enabled (Issue: 117371)
    - CSS not applied to <content> element (Issue: 114667)
    - Regression rendering a div with background gradient and borders
      (Issue: 113726)
    - Canvas 2D line drawing bug with GPU acceleration (Issue: 121285)
    - Multiple crashes (Issues: 72235, 116825 and 92998)
    - Pop-up dialog is at wrong position (Issue: 116045)
    - HTML Canvas patterns are broken if you change the transformation matrix
      (Issue: 112165)
    - SSL interstitial error "proceed anyway" / "back to safety" buttons don't
      work (Issue: 119252)
    This release fixes the following security issues:
    - [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping.
      Credit to miaubiz.
    - [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to
      Sergey Glazunov.
    - [117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to
      miaubiz.
    - [117728] High CVE-2011-3069: Use-after-free in line box handling. Credit
      to miaubiz.
    - [118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to
      Google Chrome Security Team (SkyLined).
    - [118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit
      to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).
    - [118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up
      window. Credit to Sergey Glazunov.
    - [118593] High CVE-2011-3073: Use-after-free in SVG resource handling.
      Credit to Arthur Gerkis.
    - [119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit
      to Sławomir Błażek.
    - [119525] High CVE-2011-3075: Use-after-free applying style command.
      Credit to miaubiz.
    - [120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to
      miaubiz.
    - [120189] Medium CVE-2011-3077: Read-after-free in script bindings. Credit
      to Google Chrome Security Team (Inferno).

Date: Mon, 09 Apr 2012 16:21:40 -0500
Changed-By: Micah Gersten <micahg at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/chromium-browser/18.0.1025.151~r130497-0ubuntu1
-------------- next part --------------
Format: 1.8
Date: Mon, 09 Apr 2012 16:21:40 -0500
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg
Architecture: source
Version: 18.0.1025.151~r130497-0ubuntu1
Distribution: precise
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Micah Gersten <micahg at ubuntu.com>
Description: 
 chromium-browser - Chromium browser
 chromium-browser-dbg - chromium-browser debug symbols
 chromium-browser-l10n - chromium-browser language packages
 chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
 chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
Launchpad-Bugs-Fixed: 977502
Changes: 
 chromium-browser (18.0.1025.151~r130497-0ubuntu1) precise; urgency=low
 .
   * New upstream release from the Stable Channel (LP: #977502)
     - black screen on Hybrid Graphics system with GPU accelerated compositing
       enabled (Issue: 117371)
     - CSS not applied to <content> element (Issue: 114667)
     - Regression rendering a div with background gradient and borders
       (Issue: 113726)
     - Canvas 2D line drawing bug with GPU acceleration (Issue: 121285)
     - Multiple crashes (Issues: 72235, 116825 and 92998)
     - Pop-up dialog is at wrong position (Issue: 116045)
     - HTML Canvas patterns are broken if you change the transformation matrix
       (Issue: 112165)
     - SSL interstitial error "proceed anyway" / "back to safety" buttons don't
       work (Issue: 119252)
     This release fixes the following security issues:
     - [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping.
       Credit to miaubiz.
     - [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to
       Sergey Glazunov.
     - [117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to
       miaubiz.
     - [117728] High CVE-2011-3069: Use-after-free in line box handling. Credit
       to miaubiz.
     - [118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to
       Google Chrome Security Team (SkyLined).
     - [118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit
       to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).
     - [118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up
       window. Credit to Sergey Glazunov.
     - [118593] High CVE-2011-3073: Use-after-free in SVG resource handling.
       Credit to Arthur Gerkis.
     - [119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit
       to Sławomir Błażek.
     - [119525] High CVE-2011-3075: Use-after-free applying style command.
       Credit to miaubiz.
     - [120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to
       miaubiz.
     - [120189] Medium CVE-2011-3077: Read-after-free in script bindings. Credit
       to Google Chrome Security Team (Inferno).
Checksums-Sha1: 
 85aac60b4b5231e7512edfc69e63d6a7097eb22c 2475 chromium-browser_18.0.1025.151~r130497-0ubuntu1.dsc
 82abfbc1d0a48aa8cdc2f5dc5fb2c8f010a5bb56 390470286 chromium-browser_18.0.1025.151~r130497.orig.tar.gz
 797ffc38a676b994768f1ee40b1d00747daed707 206924 chromium-browser_18.0.1025.151~r130497-0ubuntu1.diff.gz
Checksums-Sha256: 
 a61c194ab2e693f1e741914f93445fd0edde0b7cedeb46b650e4be7db5dc20fd 2475 chromium-browser_18.0.1025.151~r130497-0ubuntu1.dsc
 107f38528d7de20bdc832683bbb3eaffd48c23a7a7bb6c89fdcc71178244ac6e 390470286 chromium-browser_18.0.1025.151~r130497.orig.tar.gz
 c75c071ef98f278dcd457903f66c347be2cd0d11af04f0853f08bc12e9e36bab 206924 chromium-browser_18.0.1025.151~r130497-0ubuntu1.diff.gz
Files: 
 6948c69a9bda75667275f1fb7fd14c9d 2475 web optional chromium-browser_18.0.1025.151~r130497-0ubuntu1.dsc
 6387833d40c08a3b562436b468e1793f 390470286 web optional chromium-browser_18.0.1025.151~r130497.orig.tar.gz
 eefb43d763b69f641276a221673e390e 206924 web optional chromium-browser_18.0.1025.151~r130497-0ubuntu1.diff.gz

More information about the Precise-changes mailing list