[ubuntu/quantal-updates] chromium-browser 31.0.1650.63-0ubuntu0.12.10.1~20131204.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Dec 10 19:32:15 UTC 2013


chromium-browser (31.0.1650.63-0ubuntu0.12.10.1~20131204.1) quantal-security; urgency=low

  * Release to stage at ppa:canonical-chromium-builds/stage

chromium-browser (31.0.1650.63-0ubuntu0.12.10.1) quantal-security; urgency=low

  * New release 31.0.1650.63:
    - CVE-2013-6634: Session fixation in sync related to 302 redirects.
    - CVE-2013-6635: Use-after-free in editing.
    - CVE-2013-6636: Address bar spoofing related to modal dialogs.
    - CVE-2013-6637: Various fixes from internal audits, fuzzing and other
      initiatives.
    - CVE-2013-6638: Buffer overflow in v8. This issue was fixed in v8 version
      3.22.24.7.
    - CVE-2013-6639: Out of bounds write in v8. This issue was fixed in v8
      version 3.22.24.7.
    - CVE-2013-6640: Out of bounds read in v8. This issue was fixed in v8
      version 3.22.24.7.

chromium-browser (31.0.1650.57-0ubuntu0.12.10.3) quantal-security; urgency=low

  * debian/control: Drop libnss version number in Depends. We only need to
    recompile. (LP: #1251454)

chromium-browser (31.0.1650.57-0ubuntu0.12.10.2) quantal-security; urgency=low

  * debian/apport/chromium-browser.py: Include dmesg events mentioning chromium
    in apport reports.
  * debian/control: Abandon nss transitional package as Dependency, and add
    real package with epoch version number.

chromium-browser (31.0.1650.57-0ubuntu0.12.10.1) quantal-security; urgency=low

  * New release 31.0.1650.57:
    - CVE-2013-6632: Multiple memory corruption issues.
  * New release 31.0.1650.48:  (LP: #1250579)
    - CVE-2013-6621: Use after free related to speech input elements.
    - CVE-2013-6622: Use after free related to media elements.
    - CVE-2013-6623: Out of bounds read in SVG.
    - CVE-2013-6624: Use after free related to "id" attribute strings.
    - CVE-2013-6625: Use after free in DOM ranges.
    - CVE-2013-6626: Address bar spoofing related to interstitial warnings.
    - CVE-2013-6627: Out of bounds read in HTTP parsing.
    - CVE-2013-6628: Issue with certificates not being checked during TLS
      renegotiation.
    - CVE-2013-2931: Various fixes from internal audits, fuzzing and other
      initiatives.
    - CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo.
    - CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo.
    - CVE-2013-6631: Use after free in libjingle.
  * Update webapps patches.
  * Drop base_unittests and automated_ui_tests build and automatic test and
    from installation exclusion.
  * Include wildcat package 'pepflashplugin-nonfree' in apport reportting.

chromium-browser (30.0.1599.114-0ubuntu0.12.10.3) quantal-security; urgency=low

  * debian/patches/menu-bar-visible.patch: Don't treat object as object
    reference.
  * debian/patches/4-chromeless-window-launch-option.patch: Don't fix problem
    introduced in menu-bar-visible patch.
  * debian/rules: Fix typo of Precise conditional.
  * debian/patches/cr30-sandbox-async-signal-safe.patch: Backport to make
    SIGSYS handler in sandbox safe and never call itself. (LP: #1195797)
  * debian/rules, debian/control: Use standard hardening flags, not
    hardening-wrapper.
  * debian/control: Build-depend on binutils, which already includes gold
    linker.
  * debian/control: Drop some unused build-deps: autotools-dev, binutils,
       flex, g++-multilib [amd64], libbz2-dev, libc6-dev-i386 [amd64],
       libdbus-glib-1-dev, libgl1-mesa-dev, libgl1-mesa-dri, libglib2.0-dev,
       libglu1-mesa-dev, libhunspell-dev, libjpeg-dev, libnspr4-dev,
       libpam0g-dev, libpango1.0-dev, libspeechd-dev, libssl-dev, libxi-dev,
       libxml2-dev, libxslt1-dev, libxt-dev, mesa-common-dev, 
       patchutils (>= 0.2.25), python-simplejson, yasm zlib1g-dev,
  * debian/patches/cr31-pango-tab-titles.patch: Backport a fix that makes
    tab titles disappear due to a pango bug.
  * debian/tests/control: Drop Depends on obselete package 
    libunity-webapps-chromium.

Date: 2013-12-10 03:43:41.917192+00:00
Changed-By: Chad Miller <chad.miller at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/quantal/+source/chromium-browser/31.0.1650.63-0ubuntu0.12.10.1~20131204.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Quantal-changes mailing list