[ubuntu/trusty-security] chromium-browser 39.0.2171.65-0ubuntu0.14.04.1.1064 (Accepted)
Chris Coulson
chris.coulson at canonical.com
Wed Nov 26 11:30:23 UTC 2014
chromium-browser (39.0.2171.65-0ubuntu0.14.04.1.1064) trusty-security; urgency=medium
* Upstream release 39.0.2171.65:
- CVE-2014-7899: Address bar spoofing.
- CVE-2014-7900: Use-after-free in pdfium.
- CVE-2014-7901: Integer overflow in pdfium.
- CVE-2014-7902: Use-after-free in pdfium.
- CVE-2014-7903: Buffer overflow in pdfium.
- CVE-2014-7904: Buffer overflow in Skia.
- CVE-2014-7905: Flaw allowing navigation to intents that do not have the
BROWSABLE category.
- CVE-2014-7906: Use-after-free in pepper plugins.
- CVE-2014-0574: Double-free in Flash.
- CVE-2014-7907: Use-after-free in blink.
- CVE-2014-7908: Integer overflow in media.
- CVE-2014-7909: Uninitialized memory read in Skia.
- CVE-2014-7910: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/patches/search-credit.patch: Include "client" in google search
prepopulated template's parameters.
* debian/tests/testdata/9-search-credit.sikuli: Verify search URL has
parameter.
* debian/source/lintian-overrides: Ignore android tools we don't use.
* debian/chromium-browser-dbg.lintian-overrides: Ignore libraries that we
configure to have no symbols in builder (because they are humongous
otherwise).
* debian/control: Bump standards version. Version dep "bash". Remove
duplicate language from package descriptions.
* debian/tests/testdata/1-normal-extension-active.sikuli/: Destroy test
for dead NPAPI unity-webapps extension.
Date: 2014-11-22 19:36:14.238985+00:00
Changed-By: Chad Miller <chad.miller at canonical.com>
Signed-By: Chris Coulson <chris.coulson at canonical.com>
https://launchpad.net/ubuntu/+source/chromium-browser/39.0.2171.65-0ubuntu0.14.04.1.1064
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list