[ubuntu/precise] chromium-browser 17.0.963.56~r121963-0ubuntu1 (Accepted)
Micah Gersten
micahg at ubuntu.com
Thu Feb 16 05:16:07 UTC 2012
chromium-browser (17.0.963.56~r121963-0ubuntu1) precise; urgency=low
* New upstream release from the Stable Channel (LP: #933262)
This release fixes the following security issues:
- [105803] High CVE-2011-3015: Integer overflows in PDF codecs. Credit to
Google Chrome Security Team (scarybeasts).
- [106336] Medium CVE-2011-3016: Read-after-free with counter nodes. Credit
to miaubiz.
- [108695] High CVE-2011-3017: Possible use-after-free in database handling.
Credit to miaubiz.
- [110172] High CVE-2011-3018: Heap overflow in path rendering. Credit to
Aki Helin of OUSPG.
- [110849] High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit
to Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk of the
Google Security Team.
- [111575] Medium CVE-2011-3020: Native client validator error. Credit to
Nick Bray of the Chromium development community.
- [111779] High CVE-2011-3021: Use-after-free in subframe loading. Credit to
Arthur Gerkis.
- [112236] Medium CVE-2011-3022: Inappropriate use of http for translation
script. Credit to Google Chrome Security Team (Jorge Obes).
- [112259] Medium CVE-2011-3023: Use-after-free with drag and drop. Credit
to pa_kt.
- [112451] Low CVE-2011-3024: Browser crash with empty x509 certificate.
Credit to chrometot.
- [112670] Medium CVE-2011-3025: Out-of-bounds read in h.264 parsing. Credit
to Sławomir Błażek.
- [112822] High CVE-2011-3026: Integer overflow / truncation in libpng.
Credit to Jüri Aedla.
- [112847] High CVE-2011-3027: Bad cast in column handling. Credit to
miaubiz.
Date: Wed, 15 Feb 2012 22:55:08 -0600
Changed-By: Micah Gersten <micahg at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/chromium-browser/17.0.963.56~r121963-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 15 Feb 2012 22:55:08 -0600
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg
Architecture: source
Version: 17.0.963.56~r121963-0ubuntu1
Distribution: precise
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Micah Gersten <micahg at ubuntu.com>
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-l10n - chromium-browser language packages
chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
Launchpad-Bugs-Fixed: 933262
Changes:
chromium-browser (17.0.963.56~r121963-0ubuntu1) precise; urgency=low
.
* New upstream release from the Stable Channel (LP: #933262)
This release fixes the following security issues:
- [105803] High CVE-2011-3015: Integer overflows in PDF codecs. Credit to
Google Chrome Security Team (scarybeasts).
- [106336] Medium CVE-2011-3016: Read-after-free with counter nodes. Credit
to miaubiz.
- [108695] High CVE-2011-3017: Possible use-after-free in database handling.
Credit to miaubiz.
- [110172] High CVE-2011-3018: Heap overflow in path rendering. Credit to
Aki Helin of OUSPG.
- [110849] High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit
to Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk of the
Google Security Team.
- [111575] Medium CVE-2011-3020: Native client validator error. Credit to
Nick Bray of the Chromium development community.
- [111779] High CVE-2011-3021: Use-after-free in subframe loading. Credit to
Arthur Gerkis.
- [112236] Medium CVE-2011-3022: Inappropriate use of http for translation
script. Credit to Google Chrome Security Team (Jorge Obes).
- [112259] Medium CVE-2011-3023: Use-after-free with drag and drop. Credit
to pa_kt.
- [112451] Low CVE-2011-3024: Browser crash with empty x509 certificate.
Credit to chrometot.
- [112670] Medium CVE-2011-3025: Out-of-bounds read in h.264 parsing. Credit
to Sławomir Błażek.
- [112822] High CVE-2011-3026: Integer overflow / truncation in libpng.
Credit to Jüri Aedla.
- [112847] High CVE-2011-3027: Bad cast in column handling. Credit to
miaubiz.
Checksums-Sha1:
bdd221bd141b8784574469b88c4566c3e4e26547 2445 chromium-browser_17.0.963.56~r121963-0ubuntu1.dsc
d1111e55e2e1042bf6fff2512da768b9a65d26a2 278291425 chromium-browser_17.0.963.56~r121963.orig.tar.gz
ed3fa861791f70265c6747415362db3c87acfbef 204638 chromium-browser_17.0.963.56~r121963-0ubuntu1.diff.gz
Checksums-Sha256:
d517439de45808ef84970db5ef5d0bae203aeb2d1148695d0821022b50e3ae91 2445 chromium-browser_17.0.963.56~r121963-0ubuntu1.dsc
4b3eb30316037fd96be39e6eb950307946c70e7980689522424bce949dcd6394 278291425 chromium-browser_17.0.963.56~r121963.orig.tar.gz
d72732adfb8703bc032411ca8e47e039321688283ffe432f3dc8f5199360e071 204638 chromium-browser_17.0.963.56~r121963-0ubuntu1.diff.gz
Files:
9e59339d290325a55d38b48bc41d35e9 2445 web optional chromium-browser_17.0.963.56~r121963-0ubuntu1.dsc
d1fb818954bd95a37d23f7b570ebc8b2 278291425 web optional chromium-browser_17.0.963.56~r121963.orig.tar.gz
94867a89356a2320ad0401b698bb0fb1 204638 web optional chromium-browser_17.0.963.56~r121963-0ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk88jIQACgkQTniv4aqX/Vm23gCfbE7haKAVW2pQMyxU+NehLUuq
jOoAniPbf0/mPAwZRUaONy9RVnhYaYIh
=I+BT
-----END PGP SIGNATURE-----
More information about the Precise-changes
mailing list