[ubuntu/precise] chromium-browser 17.0.963.83~r127885-0ubuntu1 (Accepted)
Micah Gersten
micahg at ubuntu.com
Thu Mar 22 03:00:56 UTC 2012
chromium-browser (17.0.963.83~r127885-0ubuntu1) precise; urgency=low
* New upstream release from the Stable Channel (LP: #961831)
This release fixes the following security issues:
- [113902] High CVE-2011-3050: Use-after-free with first-letter handling.
Credit to miaubiz.
- [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit
to Glenn Randers-Pehrson of the libpng project.
- [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling.
Credit to Arthur Gerkis.
- [116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling.
Credit to Ben Vanik of Google.
- [116746] High CVE-2011-3053: Use-after-free in block splitting.
Credit to miaubiz.
- [117418] Low CVE-2011-3054: Apply additional isolations to webui
privileges. Credit to Sergey Glazunov.
- [117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked
extension installation. Credit to PinkiePie.
- [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”.
Credit to Sergey Glazunov.
- [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
Holler.
Date: Wed, 21 Mar 2012 21:31:34 -0500
Changed-By: Micah Gersten <micahg at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/chromium-browser/17.0.963.83~r127885-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 21 Mar 2012 21:31:34 -0500
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg
Architecture: source
Version: 17.0.963.83~r127885-0ubuntu1
Distribution: precise
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Micah Gersten <micahg at ubuntu.com>
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-l10n - chromium-browser language packages
chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
Launchpad-Bugs-Fixed: 961831
Changes:
chromium-browser (17.0.963.83~r127885-0ubuntu1) precise; urgency=low
.
* New upstream release from the Stable Channel (LP: #961831)
This release fixes the following security issues:
- [113902] High CVE-2011-3050: Use-after-free with first-letter handling.
Credit to miaubiz.
- [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit
to Glenn Randers-Pehrson of the libpng project.
- [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling.
Credit to Arthur Gerkis.
- [116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling.
Credit to Ben Vanik of Google.
- [116746] High CVE-2011-3053: Use-after-free in block splitting.
Credit to miaubiz.
- [117418] Low CVE-2011-3054: Apply additional isolations to webui
privileges. Credit to Sergey Glazunov.
- [117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked
extension installation. Credit to PinkiePie.
- [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”.
Credit to Sergey Glazunov.
- [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
Holler.
Checksums-Sha1:
6f2b92ffdee5c276b77bf1bc680c71fb8dd09994 2448 chromium-browser_17.0.963.83~r127885-0ubuntu1.dsc
3bdcefd46d1782814bc8e17bb371f1fa99ba86f7 278919975 chromium-browser_17.0.963.83~r127885.orig.tar.gz
95ba61e4bbf9b4382296698f37ee87a69546074d 206229 chromium-browser_17.0.963.83~r127885-0ubuntu1.diff.gz
Checksums-Sha256:
f63f771b2ec8876ec44bf16fb367baf68a76cc67195e50fd88c3d5021ebdf3bb 2448 chromium-browser_17.0.963.83~r127885-0ubuntu1.dsc
00649b99af82d2f447cc65eda3854dbaea21adf0a47acc98cb2505cf7f55404c 278919975 chromium-browser_17.0.963.83~r127885.orig.tar.gz
41b86c8617fd8f0337eff75742bd2ffe3a88b793ab86a1e5be6240b874531852 206229 chromium-browser_17.0.963.83~r127885-0ubuntu1.diff.gz
Files:
ddc6676a9d51054b729b61c8fe4b88ec 2448 web optional chromium-browser_17.0.963.83~r127885-0ubuntu1.dsc
7a5996cb0cfc61a86840382b3008f480 278919975 web optional chromium-browser_17.0.963.83~r127885.orig.tar.gz
f821e2440085d0b8e786af1347a30124 206229 web optional chromium-browser_17.0.963.83~r127885-0ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk9qj3QACgkQTniv4aqX/VnzLQCfTYdhnNU8jM05HNVqTTkjszo3
fRgAn0x3x4S680xpfysyFcjmlXWe/eGI
=o2XZ
-----END PGP SIGNATURE-----
More information about the Precise-changes
mailing list