[ubuntu/trusty-security] chromium-browser 41.0.2272.76-0ubuntu0.14.04.1.1076 (Accepted)

Chris Coulson chris.coulson at canonical.com
Mon Mar 9 16:39:15 UTC 2015


chromium-browser (41.0.2272.76-0ubuntu0.14.04.1.1076) trusty-security; urgency=medium

  * Upstream release 41.0.2272.76:
    - CVE-2015-1212: Out-of-bounds write in media.
    - CVE-2015-1213: Out-of-bounds write in skia filters. 
    - CVE-2015-1214: Out-of-bounds write in skia filters. 
    - CVE-2015-1215: Out-of-bounds write in skia filters. 
    - CVE-2015-1216: Use-after-free in v8 bindings.
    - CVE-2015-1217: Type confusion in v8 bindings.
    - CVE-2015-1218: Use-after-free in dom.
    - CVE-2015-1219: Integer overflow in webgl.
    - CVE-2015-1220: Use-after-free in gif decoder.
    - CVE-2015-1221: Use-after-free in web databases.
    - CVE-2015-1222: Use-after-free in service workers.
    - CVE-2015-1223: Use-after-free in dom.
    - CVE-2015-1230: Type confusion in v8.
    - CVE-2015-1224: Out-of-bounds read in vpxdecoder.
    - CVE-2015-1225: Out-of-bounds read in pdfium.
    - CVE-2015-1226: Validation issue in debugger.
    - CVE-2015-1227: Uninitialized value in blink.
    - CVE-2015-1228: Uninitialized value in rendering.
    - CVE-2015-1229: Cookie injection via proxies.
    - CVE-2015-1231: Various fixes from internal audits, fuzzing and other
      initiatives.
  * Upstream release 40.0.2214.115.
  * debian/patches/coordinate-space-map: Backport v43 and unofficial
    coordinate mapping to fix some high-dpi problems in popup menu placement.
  * debian/apport/chromium-browser.py: Simplify. Use more standard functions
    from apport utility. Add CPU usage information. Add bargraph of "running"
    processes, so bugpatterns can sort away busy machines, and then classify
    remainder according to procline "gpu-vendor=id" param.
  * debian/patches/gpu-hangs: Extend the GPU watchdog to 30 seconds. If the
    GPU is really hung, the extra time matters little. It's probably not
    recoverable. Reviews of apport reports find no common thread among GPUs
    vendors. Notes at  crbug.com/221882  suggest busy CPUs could trigger hang.
    Will additionally use apport bugpatterns to comb dmesg for actual crashes
    and route to specific GPU-driver bugs.

Date: 2015-03-06 17:32:15.066969+00:00
Changed-By: Chad Miller <chad.miller at canonical.com>
Signed-By: Chris Coulson <chris.coulson at canonical.com>
https://launchpad.net/ubuntu/+source/chromium-browser/41.0.2272.76-0ubuntu0.14.04.1.1076
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list