* New upstream release from the Stable Channel (LP: #591474)
Fixes the following security issues:
- [15766] Medium Cross-origin keystroke redirection. Credit to Michal
Zalewski of Google Security Team.
- [39985] High Cross-origin bypass in DOM methods. Credit to Sergey
Glazunov.
- [42723] High Memory error in table layout. Credit to wushi of team509.
- [43304] High Linux sandbox escape. Credit to Mark Dowd under contract to
Google Chrome Security Team.
- [43307] High Bitmap stale pointer. Credit to Mark Dowd under contract to
Google Chrome Security Team.
- [43315] High Memory corruption in DOM node normalization. Credit to Mark
Dowd under contract to Google Chrome Security Team.
- [43487] High Memory corruption in text transforms. Credit to wushi of
team509.
- [43902] Medium XSS in innerHTML property of textarea. Credit to
sirdarckcat of Google Security Team.
- [44740] High Memory corruption in font handling. Credit: Apple.
- [44868] High Geolocation events fire after document deletion. Credit to
Google Chrome Security Team (Justin Schuh).
- [44955] High Memory corruption in rendering of list markers. Credit:
Apple.
* Add a --temp-profile knob to the launcher script starting Chromium with
a new profile which will last only for the duration of the session
- update debian/chromium-browser.sh
* Change StartupWMClass to Chromium-browser in the desktop launcher so
cairo-dock does the right thing (LP: #587664)
- update debian/chromium-browser.desktop
* Set XLIB_SKIP_ARGB_VISUALS=1 in the wrapper to prevent flash from dying
with a Gdk-ERROR when gtk2 is built with RGBA support (like in Maverick).
(LP: #584959)
- update debian/chromium-browser.sh
* Unbreak get-orig-source when it needs to drop its cache after a channel jump
(replace brace expansion - which is a bashism - with proper $(wildcard))
- update debian/rules
-- Fabien Tassin <email address hidden> Wed, 09 Jun 2010 07:30:50 +0200
This bug was fixed in the package chromium-browser - 5.0.375. 70~r48679- 0ubuntu0. 10.04.1
--------------- 70~r48679- 0ubuntu0. 10.04.1) lucid-security; urgency=low
chromium-browser (5.0.375.
* New upstream release from the Stable Channel (LP: #591474) chromium- browser. sh chromium- browser. desktop ARGB_VISUALS= 1 in the wrapper to prevent flash from dying chromium- browser. sh
Fixes the following security issues:
- [15766] Medium Cross-origin keystroke redirection. Credit to Michal
Zalewski of Google Security Team.
- [39985] High Cross-origin bypass in DOM methods. Credit to Sergey
Glazunov.
- [42723] High Memory error in table layout. Credit to wushi of team509.
- [43304] High Linux sandbox escape. Credit to Mark Dowd under contract to
Google Chrome Security Team.
- [43307] High Bitmap stale pointer. Credit to Mark Dowd under contract to
Google Chrome Security Team.
- [43315] High Memory corruption in DOM node normalization. Credit to Mark
Dowd under contract to Google Chrome Security Team.
- [43487] High Memory corruption in text transforms. Credit to wushi of
team509.
- [43902] Medium XSS in innerHTML property of textarea. Credit to
sirdarckcat of Google Security Team.
- [44740] High Memory corruption in font handling. Credit: Apple.
- [44868] High Geolocation events fire after document deletion. Credit to
Google Chrome Security Team (Justin Schuh).
- [44955] High Memory corruption in rendering of list markers. Credit:
Apple.
* Add a --temp-profile knob to the launcher script starting Chromium with
a new profile which will last only for the duration of the session
- update debian/
* Change StartupWMClass to Chromium-browser in the desktop launcher so
cairo-dock does the right thing (LP: #587664)
- update debian/
* Set XLIB_SKIP_
with a Gdk-ERROR when gtk2 is built with RGBA support (like in Maverick).
(LP: #584959)
- update debian/
* Unbreak get-orig-source when it needs to drop its cache after a channel jump
(replace brace expansion - which is a bashism - with proper $(wildcard))
- update debian/rules
-- Fabien Tassin <email address hidden> Wed, 09 Jun 2010 07:30:50 +0200