* New upstream Major release from the Stable Channel (LP: #671420), also
fixing the following security issues:
- [51602] High, Use-after-free in text editing. Credit to David Bloom of
the Google Security Team, Google Chrome Security Team (Inferno) and
Google Chrome Security Team (Cris Neckar).
- [55257] High, Memory corruption with enormous text area. Credit to wushi
of team509.
- [58657] High, Bad cast with the SVG use element. Credit to the kuzzcc.
- [58731] High, Invalid memory read in XPath handling. Credit to Bui Quang
Minh from Bkis (www.bkis.com).
- [58741] High, Use-after-free in text control selections. Credit to
“vkouchna”.
- [59320] High, Integer overflows in font handling. Credit to Aki Helin of
OUSPG.
- [60055] High, Memory corruption in libvpx. Credit to Christoph Diehl.
- [60238] High, Bad use of destroyed frame object. Credit to various
developers, including “gundlach”.
- [60327] [60769] [61255] High, Type confusions with event objects. Credit
to “fam.lam” and Google Chrome Security Team (Inferno).
- [60688] High, Out-of-bounds array access in SVG handling. Credit to wushi
of team509.
* Work-around a gcc 4.5 miscompilation bug causing a regression in the
omnibar, breaking searches (LP: #664584)
- add debian/patches/gcc-4.5-build-workaround.patch
- update debian/patches/series
-- Fabien Tassin <email address hidden> Thu, 04 Nov 2010 20:53:09 +0100
This bug was fixed in the package chromium-browser - 7.0.517. 44~r64615- 0ubuntu1
--------------- 44~r64615- 0ubuntu1) natty; urgency=high
chromium-browser (7.0.517.
* New upstream Major release from the Stable Channel (LP: #671420), also patches/ gcc-4.5- build-workaroun d.patch patches/ series
fixing the following security issues:
- [51602] High, Use-after-free in text editing. Credit to David Bloom of
the Google Security Team, Google Chrome Security Team (Inferno) and
Google Chrome Security Team (Cris Neckar).
- [55257] High, Memory corruption with enormous text area. Credit to wushi
of team509.
- [58657] High, Bad cast with the SVG use element. Credit to the kuzzcc.
- [58731] High, Invalid memory read in XPath handling. Credit to Bui Quang
Minh from Bkis (www.bkis.com).
- [58741] High, Use-after-free in text control selections. Credit to
“vkouchna”.
- [59320] High, Integer overflows in font handling. Credit to Aki Helin of
OUSPG.
- [60055] High, Memory corruption in libvpx. Credit to Christoph Diehl.
- [60238] High, Bad use of destroyed frame object. Credit to various
developers, including “gundlach”.
- [60327] [60769] [61255] High, Type confusions with event objects. Credit
to “fam.lam” and Google Chrome Security Team (Inferno).
- [60688] High, Out-of-bounds array access in SVG handling. Credit to wushi
of team509.
* Work-around a gcc 4.5 miscompilation bug causing a regression in the
omnibar, breaking searches (LP: #664584)
- add debian/
- update debian/
-- Fabien Tassin <email address hidden> Thu, 04 Nov 2010 20:53:09 +0100