[ubuntu/precise] chromium-browser 17.0.963.83~r127885-0ubuntu1 (Accepted)

Micah Gersten micahg at ubuntu.com
Thu Mar 22 03:00:56 UTC 2012 

chromium-browser (17.0.963.83~r127885-0ubuntu1) precise; urgency=low

  * New upstream release from the Stable Channel (LP: #961831)
    This release fixes the following security issues:
    - [113902] High CVE-2011-3050: Use-after-free with first-letter handling.
      Credit to miaubiz.
    - [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit
      to Glenn Randers-Pehrson of the libpng project.
    - [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling.
      Credit to Arthur Gerkis.
    - [116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling.
      Credit to Ben Vanik of Google.
    - [116746] High CVE-2011-3053: Use-after-free in block splitting.
      Credit to miaubiz.
    - [117418] Low CVE-2011-3054: Apply additional isolations to webui
      privileges. Credit to Sergey Glazunov.
    - [117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked
      extension installation. Credit to PinkiePie.
    - [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”.
      Credit to Sergey Glazunov.
    - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
      Holler.

Date: Wed, 21 Mar 2012 21:31:34 -0500
Changed-By: Micah Gersten <micahg at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/chromium-browser/17.0.963.83~r127885-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 21 Mar 2012 21:31:34 -0500
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg
Architecture: source
Version: 17.0.963.83~r127885-0ubuntu1
Distribution: precise
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Micah Gersten <micahg at ubuntu.com>
Description: 
 chromium-browser - Chromium browser
 chromium-browser-dbg - chromium-browser debug symbols
 chromium-browser-l10n - chromium-browser language packages
 chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
 chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
Launchpad-Bugs-Fixed: 961831
Changes: 
 chromium-browser (17.0.963.83~r127885-0ubuntu1) precise; urgency=low
 .
   * New upstream release from the Stable Channel (LP: #961831)
     This release fixes the following security issues:
     - [113902] High CVE-2011-3050: Use-after-free with first-letter handling.
       Credit to miaubiz.
     - [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit
       to Glenn Randers-Pehrson of the libpng project.
     - [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling.
       Credit to Arthur Gerkis.
     - [116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling.
       Credit to Ben Vanik of Google.
     - [116746] High CVE-2011-3053: Use-after-free in block splitting.
       Credit to miaubiz.
     - [117418] Low CVE-2011-3054: Apply additional isolations to webui
       privileges. Credit to Sergey Glazunov.
     - [117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked
       extension installation. Credit to PinkiePie.
     - [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”.
       Credit to Sergey Glazunov.
     - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
       Holler.
Checksums-Sha1: 
 6f2b92ffdee5c276b77bf1bc680c71fb8dd09994 2448 chromium-browser_17.0.963.83~r127885-0ubuntu1.dsc
 3bdcefd46d1782814bc8e17bb371f1fa99ba86f7 278919975 chromium-browser_17.0.963.83~r127885.orig.tar.gz
 95ba61e4bbf9b4382296698f37ee87a69546074d 206229 chromium-browser_17.0.963.83~r127885-0ubuntu1.diff.gz
Checksums-Sha256: 
 f63f771b2ec8876ec44bf16fb367baf68a76cc67195e50fd88c3d5021ebdf3bb 2448 chromium-browser_17.0.963.83~r127885-0ubuntu1.dsc
 00649b99af82d2f447cc65eda3854dbaea21adf0a47acc98cb2505cf7f55404c 278919975 chromium-browser_17.0.963.83~r127885.orig.tar.gz
 41b86c8617fd8f0337eff75742bd2ffe3a88b793ab86a1e5be6240b874531852 206229 chromium-browser_17.0.963.83~r127885-0ubuntu1.diff.gz
Files: 
 ddc6676a9d51054b729b61c8fe4b88ec 2448 web optional chromium-browser_17.0.963.83~r127885-0ubuntu1.dsc
 7a5996cb0cfc61a86840382b3008f480 278919975 web optional chromium-browser_17.0.963.83~r127885.orig.tar.gz
 f821e2440085d0b8e786af1347a30124 206229 web optional chromium-browser_17.0.963.83~r127885-0ubuntu1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk9qj3QACgkQTniv4aqX/VnzLQCfTYdhnNU8jM05HNVqTTkjszo3
fRgAn0x3x4S680xpfysyFcjmlXWe/eGI
=o2XZ
-----END PGP SIGNATURE-----

More information about the Precise-changes mailing list