[ubuntu/natty] chromium-browser 9.0.597.107~r75357-0ubuntu1 (Accepted)

Fabien Tassin fta at ubuntu.com
Tue Mar 1 13:40:51 UTC 2011 

chromium-browser (9.0.597.107~r75357-0ubuntu1) natty; urgency=high

  * New upstream release from the Stable Channel (LP: #726895)
    This release fixes the following security issues:
    + Webkit bugs:
      - [54262] High, URL bar spoof with history interaction. Credit to Jordi
        Chancel.
      - [68263] High, Stylesheet node stale pointer. Credit to Sergey Glazunov.
      - [68741] High, Stale pointer with key frame rule. Credit to Sergey
        Glazunov.
      - [70078] High, Crash with forms controls. Credit to Stefan van Zanden.
      - [70244] High, Crash in SVG rendering. Credit to Sławomir Błażek.
      - [71114] High, Stale node in table child handling. Credit to Martin
        Barbella.
      - [71115] High, Stale pointer in table rendering. Credit to Martin
        Barbella.
      - [71296] High, Stale pointer in SVG animations. Credit to miaubiz.
      - [71386] High, Stale nodes in XHTML. Credit to wushi of team509.
      - [71388] High, Crash in textarea handling. Credit to wushi of team509.
      - [71595] High, Stale pointer in device orientation. Credit to Sergey
        Glazunov.
      - [71855] High, Integer overflow in textarea handling. Credit to miaubiz.
      - [71960] Medium, Out-of-bounds read in WebGL. Credit to Google Chrome
        Security Team (Inferno).
      - [73235] High, Stale pointer in layout. Credit to Martin Barbella.
    + Chromium bugs:
      - [63732] High, Crash with javascript dialogs. Credit to Sergey
        Radchenko.
      - [64-bit only] [70376] Medium, Out-of-bounds read in pickle
        deserialization. Credit to Evgeniy Stepanov of the Chromium development
        community.
      - [71717] Medium, Out-of-bounds read in WebGL. Credit to miaubiz.
      - [72214] High, Accidental exposure of internal extension functions.
        Credit to Tavis Ormandy of the Google Security Team.
      - [72437] High, Use-after-free with blocked plug-ins. Credit to Chamal de
        Silva.
  * Bump the lang-pack package from Suggests to Recommends (LP: #689267)
    - update debian/control
  * Disable PIE on Armel/Lucid (LP: #716703)
    - update debian/rules
  * Add the disk usage to the Apport hooks
    - update debian/apport/chromium-browser.py
  * Drop gyp from Build-Depends, use in-source gyp instead
    - update debian/control
  * Merge back the ffmpeg codecs (from the chromium-codecs-ffmpeg source package)
    - update debian/rules
    - update debian/control
    - add debian/chromium-codecs-ffmpeg-extra.install
    - add debian/chromium-codecs-ffmpeg.install

Date: Tue, 01 Mar 2011 00:14:02 +0100
Changed-By: Fabien Tassin <fta at ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/chromium-browser/9.0.597.107~r75357-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 01 Mar 2011 00:14:02 +0100
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-browser-inspector chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg chromium-codecs-ffmpeg-nonfree chromium-codecs-ffmpeg-nonfree-dbg
Architecture: source
Version: 9.0.597.107~r75357-0ubuntu1
Distribution: natty
Urgency: high
Maintainer: Fabien Tassin <fta at ubuntu.com>
Changed-By: Fabien Tassin <fta at ubuntu.com>
Description: 
 chromium-browser - Chromium browser
 chromium-browser-dbg - chromium-browser debug symbols
 chromium-browser-inspector - page inspector for the chromium-browser
 chromium-browser-l10n - chromium-browser language packages
 chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
 chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
 chromium-codecs-ffmpeg-nonfree - dummy upgrade package
 chromium-codecs-ffmpeg-nonfree-dbg - dummy upgrade package
Launchpad-Bugs-Fixed: 689267 716703 726895
Changes: 
 chromium-browser (9.0.597.107~r75357-0ubuntu1) natty; urgency=high
 .
   * New upstream release from the Stable Channel (LP: #726895)
     This release fixes the following security issues:
     + Webkit bugs:
       - [54262] High, URL bar spoof with history interaction. Credit to Jordi
         Chancel.
       - [68263] High, Stylesheet node stale pointer. Credit to Sergey Glazunov.
       - [68741] High, Stale pointer with key frame rule. Credit to Sergey
         Glazunov.
       - [70078] High, Crash with forms controls. Credit to Stefan van Zanden.
       - [70244] High, Crash in SVG rendering. Credit to Sławomir Błażek.
       - [71114] High, Stale node in table child handling. Credit to Martin
         Barbella.
       - [71115] High, Stale pointer in table rendering. Credit to Martin
         Barbella.
       - [71296] High, Stale pointer in SVG animations. Credit to miaubiz.
       - [71386] High, Stale nodes in XHTML. Credit to wushi of team509.
       - [71388] High, Crash in textarea handling. Credit to wushi of team509.
       - [71595] High, Stale pointer in device orientation. Credit to Sergey
         Glazunov.
       - [71855] High, Integer overflow in textarea handling. Credit to miaubiz.
       - [71960] Medium, Out-of-bounds read in WebGL. Credit to Google Chrome
         Security Team (Inferno).
       - [73235] High, Stale pointer in layout. Credit to Martin Barbella.
     + Chromium bugs:
       - [63732] High, Crash with javascript dialogs. Credit to Sergey
         Radchenko.
       - [64-bit only] [70376] Medium, Out-of-bounds read in pickle
         deserialization. Credit to Evgeniy Stepanov of the Chromium development
         community.
       - [71717] Medium, Out-of-bounds read in WebGL. Credit to miaubiz.
       - [72214] High, Accidental exposure of internal extension functions.
         Credit to Tavis Ormandy of the Google Security Team.
       - [72437] High, Use-after-free with blocked plug-ins. Credit to Chamal de
         Silva.
   * Bump the lang-pack package from Suggests to Recommends (LP: #689267)
     - update debian/control
   * Disable PIE on Armel/Lucid (LP: #716703)
     - update debian/rules
   * Add the disk usage to the Apport hooks
     - update debian/apport/chromium-browser.py
   * Drop gyp from Build-Depends, use in-source gyp instead
     - update debian/control
   * Merge back the ffmpeg codecs (from the chromium-codecs-ffmpeg source package)
     - update debian/rules
     - update debian/control
     - add debian/chromium-codecs-ffmpeg-extra.install
     - add debian/chromium-codecs-ffmpeg.install
Checksums-Sha1: 
 54f303d3d8d8667110d3197961eddd16375a838f 2117 chromium-browser_9.0.597.107~r75357-0ubuntu1.dsc
 8e79682df99be6e4e91a85e9a4f1da568a4c5e2a 186597473 chromium-browser_9.0.597.107~r75357.orig.tar.gz
 9055207e58fac316406a6dcbb88a0be2a57afa95 197272 chromium-browser_9.0.597.107~r75357-0ubuntu1.diff.gz
Checksums-Sha256: 
 ece53a6e5363ca574485539e6001c10e8483e0d02c06840898df4e601fa756ad 2117 chromium-browser_9.0.597.107~r75357-0ubuntu1.dsc
 d58da6492d4f7e8049aa3afb4cdc477b2c4f28c60ce96a530662604e8afce997 186597473 chromium-browser_9.0.597.107~r75357.orig.tar.gz
 e93f34fcc0637ab7a57dc288b8b272e757421cdc2967d797d964be77c61bc5b0 197272 chromium-browser_9.0.597.107~r75357-0ubuntu1.diff.gz
Files: 
 8499505da765ef8b2faafce52541dd1e 2117 web optional chromium-browser_9.0.597.107~r75357-0ubuntu1.dsc
 59c0836018840ae17f693202dcb6ea31 186597473 web optional chromium-browser_9.0.597.107~r75357.orig.tar.gz
 f3a847dfacfaa88481ce5e297192a303 197272 web optional chromium-browser_9.0.597.107~r75357-0ubuntu1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk1s9kkACgkQaOfNHbbuIOhnwACeLOXk6zo/HFPycztz7Rv84Rta
PooAn1XAhDQiWovYe5NlaxrlL+0YkOZf
=crNi
-----END PGP SIGNATURE-----

More information about the Natty-changes mailing list