[ubuntu/precise] chromium-browser 17.0.963.65~r124586-0ubuntu1 (Accepted)
Micah Gersten
micahg at ubuntu.com
Mon Mar 5 10:11:00 UTC 2012
chromium-browser (17.0.963.65~r124586-0ubuntu1) precise; urgency=low
* New upstream release from the Stable Channel (LP: #946914)
- Cursors and backgrounds sometimes do not load [111218]
- Plugins not loading on some pages [108228]
- Text paste includes trailing spaces [106551]
- Websites using touch controls break [110332]
This release fixes the following security issues:
- [105867] High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit
to Chamal de Silva.
- [108037] High CVE-2011-3032: Use-after-free in SVG value handling. Credit
to Arthur Gerkis.
- [108406] [115471] High CVE-2011-3033: Buffer overflow in the Skia drawing
library. Credit to Aki Helin of OUSPG.
- [111748] High CVE-2011-3034: Use-after-free in SVG document handling.
Credit to Arthur Gerkis.
- [112212] High CVE-2011-3035: Use-after-free in SVG use handling. Credit to
Arthur Gerkis.
- [113258] High CVE-2011-3036: Bad cast in line box handling. Credit to
miaubiz.
- [113439] [114924] [115028] High CVE-2011-3037: Bad casts in anonymous
block splitting. Credit to miaubiz.
- [113497] High CVE-2011-3038: Use-after-free in multi-column handling.
Credit to miaubiz.
- [113707] High CVE-2011-3039: Use-after-free in quote handling. Credit to
miaubiz.
- [114054] High CVE-2011-3040: Out-of-bounds read in text handling. Credit
to miaubiz.
- [114068] High CVE-2011-3041: Use-after-free in class attribute handling.
Credit to miaubiz.
- [114219] High CVE-2011-3042: Use-after-free in table section handling.
Credit to miaubiz.
- [115681] High CVE-2011-3043: Use-after-free in flexbox with floats. Credit
to miaubiz.
- [116093] High CVE-2011-3044: Use-after-free with SVG animation elements.
Credit to Arthur Gerkis.
[ Jani Monoses <jani at ubuntu.com> ]
* Fix FTBFS on armhf (LP: #943281)
- add debian/patches/fix-armhf-ftbfs.patch
- update debian/patches/series
Date: Mon, 05 Mar 2012 03:48:05 -0600
Changed-By: Micah Gersten <micahg at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/chromium-browser/17.0.963.65~r124586-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 05 Mar 2012 03:48:05 -0600
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg
Architecture: source
Version: 17.0.963.65~r124586-0ubuntu1
Distribution: precise
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Micah Gersten <micahg at ubuntu.com>
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-l10n - chromium-browser language packages
chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
Launchpad-Bugs-Fixed: 943281 946914
Changes:
chromium-browser (17.0.963.65~r124586-0ubuntu1) precise; urgency=low
.
* New upstream release from the Stable Channel (LP: #946914)
- Cursors and backgrounds sometimes do not load [111218]
- Plugins not loading on some pages [108228]
- Text paste includes trailing spaces [106551]
- Websites using touch controls break [110332]
This release fixes the following security issues:
- [105867] High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit
to Chamal de Silva.
- [108037] High CVE-2011-3032: Use-after-free in SVG value handling. Credit
to Arthur Gerkis.
- [108406] [115471] High CVE-2011-3033: Buffer overflow in the Skia drawing
library. Credit to Aki Helin of OUSPG.
- [111748] High CVE-2011-3034: Use-after-free in SVG document handling.
Credit to Arthur Gerkis.
- [112212] High CVE-2011-3035: Use-after-free in SVG use handling. Credit to
Arthur Gerkis.
- [113258] High CVE-2011-3036: Bad cast in line box handling. Credit to
miaubiz.
- [113439] [114924] [115028] High CVE-2011-3037: Bad casts in anonymous
block splitting. Credit to miaubiz.
- [113497] High CVE-2011-3038: Use-after-free in multi-column handling.
Credit to miaubiz.
- [113707] High CVE-2011-3039: Use-after-free in quote handling. Credit to
miaubiz.
- [114054] High CVE-2011-3040: Out-of-bounds read in text handling. Credit
to miaubiz.
- [114068] High CVE-2011-3041: Use-after-free in class attribute handling.
Credit to miaubiz.
- [114219] High CVE-2011-3042: Use-after-free in table section handling.
Credit to miaubiz.
- [115681] High CVE-2011-3043: Use-after-free in flexbox with floats. Credit
to miaubiz.
- [116093] High CVE-2011-3044: Use-after-free with SVG animation elements.
Credit to Arthur Gerkis.
.
[ Jani Monoses <jani at ubuntu.com> ]
* Fix FTBFS on armhf (LP: #943281)
- add debian/patches/fix-armhf-ftbfs.patch
- update debian/patches/series
Checksums-Sha1:
ba33e573f9189fa1fe553c079a203cb2e5b91212 2442 chromium-browser_17.0.963.65~r124586-0ubuntu1.dsc
99c2580ced9a5c1815411d494dfdb89959be4fd1 278913895 chromium-browser_17.0.963.65~r124586.orig.tar.gz
3372334e193843b119b574f25b77bc44bbb79500 205703 chromium-browser_17.0.963.65~r124586-0ubuntu1.diff.gz
Checksums-Sha256:
ac58cc778d20ec66fb10783d2f07b0a48684ae95bb2d318083bc7596ed216a95 2442 chromium-browser_17.0.963.65~r124586-0ubuntu1.dsc
b710d251f00565ec98ea85ea6a80f4301b36e4f0f62eb6f59c30da95888decc2 278913895 chromium-browser_17.0.963.65~r124586.orig.tar.gz
937efaa94e89ad4d911168a4717d0cb7b9a39291e592123714a82a6e74c57078 205703 chromium-browser_17.0.963.65~r124586-0ubuntu1.diff.gz
Files:
10cce13b324228ced9cee82d994b1f22 2442 web optional chromium-browser_17.0.963.65~r124586-0ubuntu1.dsc
e5affdf0aab2b389f6a66c8ad5507372 278913895 web optional chromium-browser_17.0.963.65~r124586.orig.tar.gz
77b246e2feae40730f8a314ad952d1b7 205703 web optional chromium-browser_17.0.963.65~r124586-0ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk9UjB0ACgkQTniv4aqX/VlSswCeIakBuq7zFBQmNIa3KcuGVGIl
KpsAn1mXPV00+esLcAt/+y5NzASCquhZ
=/fbs
-----END PGP SIGNATURE-----
More information about the Precise-changes
mailing list