[ubuntu/trusty-updates] chromium-browser 39.0.2171.65-0ubuntu0. (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Nov 26 12:33:42 UTC 2014

chromium-browser (39.0.2171.65-0ubuntu0. trusty-security; urgency=medium

  * Upstream release 39.0.2171.65:
    - CVE-2014-7899: Address bar spoofing.
    - CVE-2014-7900: Use-after-free in pdfium.
    - CVE-2014-7901: Integer overflow in pdfium.
    - CVE-2014-7902: Use-after-free in pdfium.
    - CVE-2014-7903: Buffer overflow in pdfium.
    - CVE-2014-7904: Buffer overflow in Skia.
    - CVE-2014-7905: Flaw allowing navigation to intents that do not have the
      BROWSABLE category.
    - CVE-2014-7906: Use-after-free in pepper plugins.
    - CVE-2014-0574: Double-free in Flash.
    - CVE-2014-7907: Use-after-free in blink.
    - CVE-2014-7908: Integer overflow in media.
    - CVE-2014-7909: Uninitialized memory read in Skia.
    - CVE-2014-7910: Various fixes from internal audits, fuzzing and other
  * debian/patches/search-credit.patch: Include "client" in google search
    prepopulated template's parameters.
  * debian/tests/testdata/9-search-credit.sikuli: Verify search URL has
  * debian/source/lintian-overrides: Ignore android tools we don't use.
  * debian/chromium-browser-dbg.lintian-overrides: Ignore libraries that we 
    configure to have no symbols in builder (because they are humongous
  * debian/control: Bump standards version. Version dep "bash". Remove
    duplicate language from package descriptions.
  * debian/tests/testdata/1-normal-extension-active.sikuli/: Destroy test 
    for dead NPAPI unity-webapps extension.

Date: 2014-11-22 19:36:14.238985+00:00
Changed-By: Chad Miller <chad.miller at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list