Chromium-browser package is outdated and poses a security risk
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
chromium-browser (Ubuntu) |
Triaged
|
Medium
|
Micah Gersten |
Bug Description
The current chromium-browser version in 12.04 is outdated (http://
That were most probably security vulnerabilities that where fixed between these 2 versions, which Ubuntu chromium-browser users are still vulnerable to.
The Quantal package is at version 22: http://
I see that the firefox package keeps the same version betweeen Precise and Quantal, since running an outdated browser version has security implications.
The same logic should be applied to chromium-browser.
Futhermore; there is a (formerly) "official" PPA at https:/
I believe it is best to delete this PPA, to avoid users thinking that their browsers are up-to-date when they are not.
no longer affects: | nautilus (Ubuntu) |
affects: | chromium-browser → chromium-browser (Ubuntu) |
information type: | Private Security → Public Security |
Changed in chromium-browser (Ubuntu): | |
assignee: | nobody → Micah Gersten (micahg) |
status: | New → Triaged |
The 'official' PPA's are in the process of being re-started. In the mean time, there is a workaround at https:/ /help.ubuntu. com/community/ Lubuntu/ Documentation/ FAQ/Workarounds #Chromium_ not_Updating