Comment 1 for bug 1215361

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 29.0.1547.65-0ubuntu1

chromium-browser (29.0.1547.65-0ubuntu1) saucy; urgency=low

  * New release 29.0.1547.65.
  * New release 29.0.1547.62.
  * New release 29.0.1547.57: (LP: #1215361)
    - CVE-2013-2900: Incomplete path sanitization in file handling.
    - CVE-2013-2905: Information leak via overly broad permissions on shared
      memory files.
    - CVE-2013-2901: Integer overflow in ANGLE.
    - CVE-2013-2902: Use after free in XSLT.
    - CVE-2013-2903: Use after free in media element.
    - CVE-2013-2904: Use after free in document parsing.
    - CVE-2013-2887: Various fixes from internal audits, fuzzing and other
      initiatives (Chrome 29).
  * debian/patches/duckduckgo.patch: Include DuckDuckGo in search-engine
    list. [Caine Tighe <~caine>]
  * debian/patches/search-credit.patch: Update URLs.
  * debian/patches/disable_dlog_and_dcheck_in_release_builds.patch,
      No longer necessary. Deleted.
  * debian/ Include command-line parameters for
    registered plugins.
  * Since we include remoting locales too, also split its locales info
    into the -l10n package correctly.
  * debian/rules: Disable arm_neon_optional. Impossible with sandbox, AND
    breaks build right now.
  * debian/rules: Fix packaging-completeness checker.
  * debian/rules: Break long expressions into discrete parts in packaging
    completeness checker.
  * Update webapps patches.
  * debian/chromium-browser.dirs: Add reference to /usr/share/chromium-browser,
    expmplary for extension placement.
  * debian/patches/extensions-directory.patch: Use a /usr/share/ directory that
    is named with our package, not "chromium". Withouth this, we force global
    extensions to violate FHS.
 -- Chad MILLER <email address hidden> Thu, 05 Sep 2013 16:47:55 -0400