Ubuntu
chromium-browser package

chromium-browser 15.0.874.106~r107270-0ubuntu0.10.04.1 source package in Ubuntu

Changelog

chromium-browser (15.0.874.106~r107270-0ubuntu0.10.04.1) lucid-security; urgency=low

  * New upstream release from the Stable Channel (LP: #881786)
    This release fixes the following security issues:
    - [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to
      Jordi Chancel.
    - [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit
      to Jordi Chancel.
    - [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of
      download filenames. Credit to Marc Novak.
    - [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to
      Google Chrome Security Team (Tom Sepez) plus independent discovery by
      Juho Nurminen.
    - [94487] Medium CVE-2011-3878: Race condition in worker process
      initialization. Credit to miaubiz.
    - [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to
      Masato Kinugawa.
    - [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit
      to Vladimir Vorontsov, ONsec company.
    - [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin
      policy violations. Credit to Sergey Glazunov.
    - [96292] High CVE-2011-3882: Use-after-free in media buffer handling.
      Credit to Google Chrome Security Team (Inferno).
    - [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to
      miaubiz.
    - [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to
      Brian Ryner of the Chromium development community.
    - [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale
      style bugs leading to use-after-free. Credit to miaubiz.
    - [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to
      Christian Holler.
    - [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to
      Sergey Glazunov.
    - [99138] High CVE-2011-3888: Use-after-free with plug-in and editing.
      Credit to miaubiz.
    - [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
    - [99553] High CVE-2011-3890: Use-after-free in video source handling.
      Credit to Ami Fischman of the Chromium development community.
    - [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to
      Steven Keuchel of the Chromium development community plus independent
      discovery by Daniel Divricean.

  [ Chris Coulson <email address hidden> ]
  * Refresh patches
    - update debian/patches/dlopen_sonamed_gl.patch
    - update debian/patches/webkit_rev_parser.patch

  [ Fabien Tassin ]
  * Disable NaCl until we figure out what to do with the private toolchain
    - update debian/rules
  * Do not install the pseudo_locales files in the debs
    - update debian/rules
  * Add python-simplejson to Build-depends. This is needed by NaCl even with
    NaCl disabled, so this is a temporary workaround to unbreak the build, it
    must be fixed upstream
    - update debian/control
 -- Micah Gersten <email address hidden>   Thu, 27 Oct 2011 00:23:10 -0500

Upload details

Uploaded by:
Micah Gersten
Uploaded to:
Lucid
Original maintainer:
Fabien Tassin
Architectures:
i386 amd64 all
Section:
web
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Lucid: [FULLYBUILT] amd64 [FULLYBUILT] i386

Downloads

File Size SHA-256 Checksum
chromium-browser_15.0.874.106~r107270.orig.tar.gz 204.0 MiB eb69f520131900cdbe2f2659a7e6b54df59359585c9f47020965dd9b486b6b96
chromium-browser_15.0.874.106~r107270-0ubuntu0.10.04.1.diff.gz 197.6 KiB f45e82a070bd8c056aabb5b9db788f7aceba52b47227acad812ec783c1d5dbae
chromium-browser_15.0.874.106~r107270-0ubuntu0.10.04.1.dsc 2.2 KiB b67dede4bdccc1daace0193192f0bfc04bf91b07048ed2f1556d57b2e46aa155

View changes file

Binary packages built by this source

chromium-browser: No summary available for chromium-browser in ubuntu lucid.

No description available for chromium-browser in ubuntu lucid.

chromium-browser-dbg: No summary available for chromium-browser-dbg in ubuntu lucid.

No description available for chromium-browser-dbg in ubuntu lucid.

chromium-browser-inspector: No summary available for chromium-browser-inspector in ubuntu lucid.

No description available for chromium-browser-inspector in ubuntu lucid.

chromium-browser-l10n: No summary available for chromium-browser-l10n in ubuntu lucid.

No description available for chromium-browser-l10n in ubuntu lucid.

chromium-codecs-ffmpeg: No summary available for chromium-codecs-ffmpeg in ubuntu lucid.

No description available for chromium-codecs-ffmpeg in ubuntu lucid.

chromium-codecs-ffmpeg-dbg: No summary available for chromium-codecs-ffmpeg-dbg in ubuntu lucid.

No description available for chromium-codecs-ffmpeg-dbg in ubuntu lucid.

chromium-codecs-ffmpeg-extra: No summary available for chromium-codecs-ffmpeg-extra in ubuntu lucid.

No description available for chromium-codecs-ffmpeg-extra in ubuntu lucid.

chromium-codecs-ffmpeg-extra-dbg: No summary available for chromium-codecs-ffmpeg-extra-dbg in ubuntu lucid.

No description available for chromium-codecs-ffmpeg-extra-dbg in ubuntu lucid.

chromium-codecs-ffmpeg-nonfree: No summary available for chromium-codecs-ffmpeg-nonfree in ubuntu lucid.

No description available for chromium-codecs-ffmpeg-nonfree in ubuntu lucid.

chromium-codecs-ffmpeg-nonfree-dbg: No summary available for chromium-codecs-ffmpeg-nonfree-dbg in ubuntu lucid.

No description available for chromium-codecs-ffmpeg-nonfree-dbg in ubuntu lucid.