* New upstream release from the Stable Channel (LP: #726895)
This release fixes the following security issues:
+ Webkit bugs:
- [54262] High, URL bar spoof with history interaction. Credit to Jordi
Chancel.
- [68263] High, Stylesheet node stale pointer. Credit to Sergey Glazunov.
- [68741] High, Stale pointer with key frame rule. Credit to Sergey
Glazunov.
- [70078] High, Crash with forms controls. Credit to Stefan van Zanden.
- [70244] High, Crash in SVG rendering. Credit to Sławomir Błażek.
- [71114] High, Stale node in table child handling. Credit to Martin
Barbella.
- [71115] High, Stale pointer in table rendering. Credit to Martin
Barbella.
- [71296] High, Stale pointer in SVG animations. Credit to miaubiz.
- [71386] High, Stale nodes in XHTML. Credit to wushi of team509.
- [71388] High, Crash in textarea handling. Credit to wushi of team509.
- [71595] High, Stale pointer in device orientation. Credit to Sergey
Glazunov.
- [71855] High, Integer overflow in textarea handling. Credit to miaubiz.
- [71960] Medium, Out-of-bounds read in WebGL. Credit to Google Chrome
Security Team (Inferno).
- [73235] High, Stale pointer in layout. Credit to Martin Barbella.
+ Chromium bugs:
- [63732] High, Crash with javascript dialogs. Credit to Sergey
Radchenko.
- [64-bit only] [70376] Medium, Out-of-bounds read in pickle deserialization. Credit to Evgeniy Stepanov of the Chromium development
community.
- [71717] Medium, Out-of-bounds read in WebGL. Credit to miaubiz.
- [72214] High, Accidental exposure of internal extension functions.
Credit to Tavis Ormandy of the Google Security Team.
- [72437] High, Use-after-free with blocked plug-ins. Credit to Chamal de
Silva.
* Bump the lang-pack package from Suggests to Recommends (LP: #689267)
- update debian/control
* Disable PIE on Armel/Lucid (LP: #716703)
- update debian/rules
* Add the disk usage to the Apport hooks
- update debian/apport/chromium-browser.py
* Drop gyp from Build-Depends, use in-source gyp instead
- update debian/control
* Merge back the ffmpeg codecs (from the chromium-codecs-ffmpeg source package)
- update debian/rules
- update debian/control
- add debian/chromium-codecs-ffmpeg-extra.install
- add debian/chromium-codecs-ffmpeg.install
-- Fabien Tassin <email address hidden> Tue, 01 Mar 2011 00:14:02 +0100
This bug was fixed in the package chromium-browser - 9.0.597. 107~r75357- 0ubuntu1
--------------- 107~r75357- 0ubuntu1) natty; urgency=high
chromium-browser (9.0.597.
* New upstream release from the Stable Channel (LP: #726895)
deserializatio n. Credit to Evgeniy Stepanov of the Chromium development apport/ chromium- browser. py codecs- ffmpeg source package) chromium- codecs- ffmpeg- extra.install chromium- codecs- ffmpeg. install
This release fixes the following security issues:
+ Webkit bugs:
- [54262] High, URL bar spoof with history interaction. Credit to Jordi
Chancel.
- [68263] High, Stylesheet node stale pointer. Credit to Sergey Glazunov.
- [68741] High, Stale pointer with key frame rule. Credit to Sergey
Glazunov.
- [70078] High, Crash with forms controls. Credit to Stefan van Zanden.
- [70244] High, Crash in SVG rendering. Credit to Sławomir Błażek.
- [71114] High, Stale node in table child handling. Credit to Martin
Barbella.
- [71115] High, Stale pointer in table rendering. Credit to Martin
Barbella.
- [71296] High, Stale pointer in SVG animations. Credit to miaubiz.
- [71386] High, Stale nodes in XHTML. Credit to wushi of team509.
- [71388] High, Crash in textarea handling. Credit to wushi of team509.
- [71595] High, Stale pointer in device orientation. Credit to Sergey
Glazunov.
- [71855] High, Integer overflow in textarea handling. Credit to miaubiz.
- [71960] Medium, Out-of-bounds read in WebGL. Credit to Google Chrome
Security Team (Inferno).
- [73235] High, Stale pointer in layout. Credit to Martin Barbella.
+ Chromium bugs:
- [63732] High, Crash with javascript dialogs. Credit to Sergey
Radchenko.
- [64-bit only] [70376] Medium, Out-of-bounds read in pickle
community.
- [71717] Medium, Out-of-bounds read in WebGL. Credit to miaubiz.
- [72214] High, Accidental exposure of internal extension functions.
Credit to Tavis Ormandy of the Google Security Team.
- [72437] High, Use-after-free with blocked plug-ins. Credit to Chamal de
Silva.
* Bump the lang-pack package from Suggests to Recommends (LP: #689267)
- update debian/control
* Disable PIE on Armel/Lucid (LP: #716703)
- update debian/rules
* Add the disk usage to the Apport hooks
- update debian/
* Drop gyp from Build-Depends, use in-source gyp instead
- update debian/control
* Merge back the ffmpeg codecs (from the chromium-
- update debian/rules
- update debian/control
- add debian/
- add debian/
-- Fabien Tassin <email address hidden> Tue, 01 Mar 2011 00:14:02 +0100