[ubuntu/natty] chromium-browser 7.0.517.41~r62167-0ubuntu1 (Accepted)
Fabien Tassin
fta at ubuntu.com
Wed Oct 20 12:50:57 BST 2010
chromium-browser (7.0.517.41~r62167-0ubuntu1) natty; urgency=high
* New upstream Major release from the Stable Channel (LP: #663523), also
fixing the following security issues:
- [48225] [51727] Medium, Possible autofill / autocomplete profile
spamming. Credit to Google Chrome Security Team (Inferno).
- [48857] High, Crash with forms. Credit to the Chromium development
community.
- [50428] Critical, Browser crash with form autofill. Credit to the
Chromium development community.
- [51680] High, Possible URL spoofing on page unload. Credit to kuzzcc;
plus independent discovery by Jordi Chancel.
- [53002] Low, Pop-up block bypass. Credit to kuzzcc.
- [53985] Medium, Crash on shutdown with Web Sockets. Credit to the
Chromium development community.
- [54132] Low, Bad construction of PATH variable. Credit to Dan Rosenberg,
Virtual Security Research.
- [54500] High, Possible memory corruption with animated GIF. Credit to
Simon Schaak.
- [54794] High, Failure to sandbox worker processes on Linux. Credit to
Google Chrome Security Team (Chris Evans).
- [56451] High, Stale elements in an element map. Credit to Michal Zalewski
of the Google Security Team.
* Drop the -fno-tree-sink workaround for the armel gcc inlining bug now that the
strict-aliasing issue in dtoa has been fixed
- drop debian/patches/no_tree_sink_v8.patch
- update debian/patches/series
* Drop the xdg-mime patch now that we catched up with v7
- drop debian/patches/xdg-utils-update.patch
* Disable -Werror when building with gcc 4.5 until
http://code.google.com/p/chromium/issues/detail?id=49533 gets fixed
- update debian/rules
* Fix the apport hook crash when the use_system key is unset (LP: #660579)
- update debian/apport/chromium-browser.py
Date: Tue, 19 Oct 2010 22:36:19 +0200
Changed-By: Fabien Tassin <fta at ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/chromium-browser/7.0.517.41~r62167-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 19 Oct 2010 22:36:19 +0200
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-browser-inspector
Architecture: source
Version: 7.0.517.41~r62167-0ubuntu1
Distribution: natty
Urgency: high
Maintainer: Fabien Tassin <fta at ubuntu.com>
Changed-By: Fabien Tassin <fta at ubuntu.com>
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-inspector - page inspector for the chromium-browser
chromium-browser-l10n - chromium-browser language packages
Launchpad-Bugs-Fixed: 660579 663523
Changes:
chromium-browser (7.0.517.41~r62167-0ubuntu1) natty; urgency=high
.
* New upstream Major release from the Stable Channel (LP: #663523), also
fixing the following security issues:
- [48225] [51727] Medium, Possible autofill / autocomplete profile
spamming. Credit to Google Chrome Security Team (Inferno).
- [48857] High, Crash with forms. Credit to the Chromium development
community.
- [50428] Critical, Browser crash with form autofill. Credit to the
Chromium development community.
- [51680] High, Possible URL spoofing on page unload. Credit to kuzzcc;
plus independent discovery by Jordi Chancel.
- [53002] Low, Pop-up block bypass. Credit to kuzzcc.
- [53985] Medium, Crash on shutdown with Web Sockets. Credit to the
Chromium development community.
- [54132] Low, Bad construction of PATH variable. Credit to Dan Rosenberg,
Virtual Security Research.
- [54500] High, Possible memory corruption with animated GIF. Credit to
Simon Schaak.
- [54794] High, Failure to sandbox worker processes on Linux. Credit to
Google Chrome Security Team (Chris Evans).
- [56451] High, Stale elements in an element map. Credit to Michal Zalewski
of the Google Security Team.
* Drop the -fno-tree-sink workaround for the armel gcc inlining bug now that the
strict-aliasing issue in dtoa has been fixed
- drop debian/patches/no_tree_sink_v8.patch
- update debian/patches/series
* Drop the xdg-mime patch now that we catched up with v7
- drop debian/patches/xdg-utils-update.patch
* Disable -Werror when building with gcc 4.5 until
http://code.google.com/p/chromium/issues/detail?id=49533 gets fixed
- update debian/rules
* Fix the apport hook crash when the use_system key is unset (LP: #660579)
- update debian/apport/chromium-browser.py
Checksums-Sha1:
9ab684b0e5867b1308216f811604a5a7cd252077 1940 chromium-browser_7.0.517.41~r62167-0ubuntu1.dsc
5ec4f69f5801083cece5760812366bf8fb5883b0 179018979 chromium-browser_7.0.517.41~r62167.orig.tar.gz
077b9959b08affdea985cf73878caba5c3ce8029 189568 chromium-browser_7.0.517.41~r62167-0ubuntu1.diff.gz
Checksums-Sha256:
92fa5bae6768a6ccf4b1e4ddb592ffc7dc34c486537ea4126d8da727e54b3521 1940 chromium-browser_7.0.517.41~r62167-0ubuntu1.dsc
cd36ea3bc600b0d965b105578c111bd0b5c8308b3093b9cd1cda546361104d7d 179018979 chromium-browser_7.0.517.41~r62167.orig.tar.gz
0a3d7342883ab5034f504e786b5eefa8b87e9904c183f8838a37d9a7e8321ce6 189568 chromium-browser_7.0.517.41~r62167-0ubuntu1.diff.gz
Files:
a86d6c00f6148e786592f45b4c3a27eb 1940 web optional chromium-browser_7.0.517.41~r62167-0ubuntu1.dsc
7cc4d8430ae6e39fef91eb3092257d9f 179018979 web optional chromium-browser_7.0.517.41~r62167.orig.tar.gz
96127dd5507b7306601477197928900a 189568 web optional chromium-browser_7.0.517.41~r62167-0ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAky+1scACgkQaOfNHbbuIOgyhgCcD2HxeTiTR8cRzRFK8G4bL499
jaYAoJHCcqahCdUb6+WUXlq1t+VatbDS
=zbHN
-----END PGP SIGNATURE-----
More information about the Natty-changes
mailing list