chromium-browser 17.0.963.56~r121963-0ubuntu0.11.10.1 source package in Ubuntu
Changelog
chromium-browser (17.0.963.56~r121963-0ubuntu0.11.10.1) oneiric-security; urgency=low * New upstream release from the Stable Channel (LP: #931905, #933262) This release fixes the following security issues from 17.0.963.56: - [105803] High CVE-2011-3015: Integer overflows in PDF codecs. Credit to Google Chrome Security Team (scarybeasts). - [106336] Medium CVE-2011-3016: Read-after-free with counter nodes. Credit to miaubiz. - [108695] High CVE-2011-3017: Possible use-after-free in database handling. Credit to miaubiz. - [110172] High CVE-2011-3018: Heap overflow in path rendering. Credit to Aki Helin of OUSPG. - [110849] High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit to Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk of the Google Security Team. - [111575] Medium CVE-2011-3020: Native client validator error. Credit to Nick Bray of the Chromium development community. - [111779] High CVE-2011-3021: Use-after-free in subframe loading. Credit to Arthur Gerkis. - [112236] Medium CVE-2011-3022: Inappropriate use of http for translation script. Credit to Google Chrome Security Team (Jorge Obes). - [112259] Medium CVE-2011-3023: Use-after-free with drag and drop. Credit to pa_kt. - [112451] Low CVE-2011-3024: Browser crash with empty x509 certificate. Credit to chrometot. - [112670] Medium CVE-2011-3025: Out-of-bounds read in h.264 parsing. Credit to Sławomir Błażek. - [112822] High CVE-2011-3026: Integer overflow / truncation in libpng. Credit to Jüri Aedla. - [112847] High CVE-2011-3027: Bad cast in column handling. Credit to miaubiz. This release fixes the following security issues from 17.0.963.46: - [73478] Low CVE-2011-3953: Avoid clipboard monitoring after paste event. Credit to Daniel Cheng of the Chromium development community. - [92550] Low CVE-2011-3954: Crash with excessive database usage. Credit to Collin Payne. - [93106] High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit to David Grogan of the Chromium development community. - [103630] Low CVE-2011-3956: Incorrect handling of sandboxed origins inside extensions. Credit to Devdatta Akhawe, UC Berkeley. - [104056] High CVE-2011-3957: Use-after-free in PDF garbage collection. Credit to Aki Helin of OUSPG. - [105459] High CVE-2011-3958: Bad casts with column spans. Credit to miaubiz. - [106441] High CVE-2011-3959: Buffer overflow in locale handling. Credit to Aki Helin of OUSPG. - [108416] Medium CVE-2011-3960: Out-of-bounds read in audio decoding. Credit to Aki Helin of OUSPG. - [108871] Critical CVE-2011-3961: Race condition after crash of utility process. Credit to Shawn Goertzen. - [108901] Medium CVE-2011-3962: Out-of-bounds read in path clipping. Credit to Aki Helin of OUSPG. - [109094] Medium CVE-2011-3963: Out-of-bounds read in PDF fax image handling. Credit to Atte Kettunen of OUSPG. - [109245] Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to Code Audit Labs of VulnHunt.com. - [109664] Low CVE-2011-3965: Crash in signature check. Credit to Sławomir Błażek. - [109716] High CVE-2011-3966: Use-after-free in stylesheet error handling. Credit to Aki Helin of OUSPG. - [109717] Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben Carrillo. - [109743] High CVE-2011-3968: Use-after-free in CSS handling. Credit to Arthur Gerkis. - [110112] High CVE-2011-3969: Use-after-free in SVG layout. Credit to Arthur Gerkis. - [110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to Aki Helin of OUSPG. - [110374] High CVE-2011-3971: Use-after-free with mousemove events. Credit to Arthur Gerkis. - [110559] Medium CVE-2011-3972: Out-of-bounds read in shader translator. Credit to Google Chrome Security Team (Inferno). * Rebase patch - update debian/patches/disable_dlog_and_dcheck_in_release_builds.patch * Update .install file to just install all .pak files instead of listing them by name - update debian/chromium-browser.install -- Micah Gersten <email address hidden> Tue, 21 Feb 2012 01:32:50 -0600
Upload details
- Uploaded by:
- Micah Gersten
- Uploaded to:
- Oneiric
- Original maintainer:
- Fabien Tassin
- Architectures:
- any all
- Section:
- web
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| chromium-browser_17.0.963.56~r121963.orig.tar.gz | 265.4 MiB | 4b3eb30316037fd96be39e6eb950307946c70e7980689522424bce949dcd6394 |
| chromium-browser_17.0.963.56~r121963-0ubuntu0.11.10.1.diff.gz | 199.2 KiB | 5aafc8750d8aa471674099cb0f3fd1268356e75eb7c7e064c43b6880d23f6168 |
| chromium-browser_17.0.963.56~r121963-0ubuntu0.11.10.1.dsc | 2.4 KiB | 91ad633a201850c4113fa1bc7e4b57835d4eb680ab2f77bb4ffd03292c3d124c |
Available diffs
Binary packages built by this source
- chromium-browser: No summary available for chromium-browser in ubuntu oneiric.
No description available for chromium-browser in ubuntu oneiric.
- chromium-browser-dbg: No summary available for chromium-browser-dbg in ubuntu oneiric.
No description available for chromium-
browser- dbg in ubuntu oneiric.
- chromium-browser-l10n: No summary available for chromium-browser-l10n in ubuntu oneiric.
No description available for chromium-
browser- l10n in ubuntu oneiric.
- chromium-codecs-ffmpeg: No summary available for chromium-codecs-ffmpeg in ubuntu oneiric.
No description available for chromium-
codecs- ffmpeg in ubuntu oneiric.
- chromium-codecs-ffmpeg-dbg: No summary available for chromium-codecs-ffmpeg-dbg in ubuntu oneiric.
No description available for chromium-
codecs- ffmpeg- dbg in ubuntu oneiric.
- chromium-codecs-ffmpeg-extra: No summary available for chromium-codecs-ffmpeg-extra in ubuntu oneiric.
No description available for chromium-
codecs- ffmpeg- extra in ubuntu oneiric.
- chromium-codecs-ffmpeg-extra-dbg: No summary available for chromium-codecs-ffmpeg-extra-dbg in ubuntu oneiric.
No description available for chromium-
codecs- ffmpeg- extra-dbg in ubuntu oneiric.
