[ubuntu/oneiric] chromium-browser 12.0.742.112~r90304-0ubuntu1 (Accepted)

Tue Jun 28 21:35:51 UTC 2011

chromium-browser (12.0.742.112~r90304-0ubuntu1) oneiric; urgency=high

  * New Minor upstream release from the Stable Channel (LP: #803107)
    This release fixes the following security issues:
    + WebKit issues:
      - [84355] High, CVE-2011-2346: Use-after-free in SVG font handling.
        Credit to miaubiz.
      - [85003] High, CVE-2011-2347: Memory corruption in CSS parsing. Credit
        to miaubiz.
      - [85102] High, CVE-2011-2350: Lifetime and re-entrancy issues in the
        HTML parser. Credit to miaubiz.
      - [85211] High, CVE-2011-2351: Use-after-free with SVG use element.
        Credit to miaubiz.
      - [85418] High, CVE-2011-2349: Use-after-free in text selection. Credit
        to miaubiz.
    + Chromium issues:
      - [77493] Medium, CVE-2011-2345: Out-of-bounds read in NPAPI string
        handling. Credit to Philippe Arteau.
      - [85177] High, CVE-2011-2348: Bad bounds check in v8. Credit to Aki
        Helin of OUSPG.
  Packaging changes:
  * Add Valencian (ca at valencia) to the list of supported langs for the
    lang-packs
    - update debian/rules
    - update debian/control
  * Add support for language variants in Grit, backported from trunk.
    This is needed to support lang-codes like ca at valencia
    - add debian/patches/grit_language_variants.patch
    - update debian/patches/series
  * Add a WANT_ONLY_WHITELISTED_NEW_LANGS knob to make it easier to
    sync translations of new langs between all the branches
    - update debian/rules
  * Properly stop the keep-alive when the build fails
    - update debian/rules
  * Fix the HTML5 <video> tag regression in Oneiric by properly linking
    libvpx so it's not being dropped from libffmpegsumo.so (LP: #795171)
    - add debian/patches/html5-codecs-fix.patch
    - update debian/patches/series
  * Drop the -inspector package, its content has been merged into the main deb
    in M12 and the deb remained empty since.
    Also drop chromium-codecs-ffmpeg-nonfree, renamed in M5 to -extra
    - update debian/control
    - update debian/rules
  * Backport of http://codereview.chromium.org/6883221 from M13 presumably
    fixing the ARM ftbfs from the last update, and set use_cups=0 on armel
    - add debian/patches/cups_cleanup_cr6883221.patch
    - update debian/patches/series
    - update debian/rules

Date: Tue, 28 Jun 2011 07:17:52 +0200
Changed-By: Fabien Tassin <fta at ubuntu.com>
https://launchpad.net/ubuntu/oneiric/+source/chromium-browser/12.0.742.112~r90304-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 28 Jun 2011 07:17:52 +0200
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg
Architecture: source
Version: 12.0.742.112~r90304-0ubuntu1
Distribution: oneiric
Urgency: high
Maintainer: Fabien Tassin <fta at ubuntu.com>
Changed-By: Fabien Tassin <fta at ubuntu.com>
Description: 
 chromium-browser - Chromium browser
 chromium-browser-dbg - chromium-browser debug symbols
 chromium-browser-l10n - chromium-browser language packages
 chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
 chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
Launchpad-Bugs-Fixed: 795171 803107
Changes: 
 chromium-browser (12.0.742.112~r90304-0ubuntu1) oneiric; urgency=high
 .
   * New Minor upstream release from the Stable Channel (LP: #803107)
     This release fixes the following security issues:
     + WebKit issues:
       - [84355] High, CVE-2011-2346: Use-after-free in SVG font handling.
         Credit to miaubiz.
       - [85003] High, CVE-2011-2347: Memory corruption in CSS parsing. Credit
         to miaubiz.
       - [85102] High, CVE-2011-2350: Lifetime and re-entrancy issues in the
         HTML parser. Credit to miaubiz.
       - [85211] High, CVE-2011-2351: Use-after-free with SVG use element.
         Credit to miaubiz.
       - [85418] High, CVE-2011-2349: Use-after-free in text selection. Credit
         to miaubiz.
     + Chromium issues:
       - [77493] Medium, CVE-2011-2345: Out-of-bounds read in NPAPI string
         handling. Credit to Philippe Arteau.
       - [85177] High, CVE-2011-2348: Bad bounds check in v8. Credit to Aki
         Helin of OUSPG.
   Packaging changes:
   * Add Valencian (ca at valencia) to the list of supported langs for the
     lang-packs
     - update debian/rules
     - update debian/control
   * Add support for language variants in Grit, backported from trunk.
     This is needed to support lang-codes like ca at valencia
     - add debian/patches/grit_language_variants.patch
     - update debian/patches/series
   * Add a WANT_ONLY_WHITELISTED_NEW_LANGS knob to make it easier to
     sync translations of new langs between all the branches
     - update debian/rules
   * Properly stop the keep-alive when the build fails
     - update debian/rules
   * Fix the HTML5 <video> tag regression in Oneiric by properly linking
     libvpx so it's not being dropped from libffmpegsumo.so (LP: #795171)
     - add debian/patches/html5-codecs-fix.patch
     - update debian/patches/series
   * Drop the -inspector package, its content has been merged into the main deb
     in M12 and the deb remained empty since.
     Also drop chromium-codecs-ffmpeg-nonfree, renamed in M5 to -extra
     - update debian/control
     - update debian/rules
   * Backport of http://codereview.chromium.org/6883221 from M13 presumably
     fixing the ARM ftbfs from the last update, and set use_cups=0 on armel
     - add debian/patches/cups_cleanup_cr6883221.patch
     - update debian/patches/series
     - update debian/rules
Checksums-Sha1: 
 91c60bbb34cfaf7a0a119edc81c0b2a6c31e84af 2064 chromium-browser_12.0.742.112~r90304-0ubuntu1.dsc
 1bf3d60d878beed36c9e3f96dd1f6c59afdb808a 190702716 chromium-browser_12.0.742.112~r90304.orig.tar.gz
 02e000cdba5bec527e03914d752425750b342a39 204827 chromium-browser_12.0.742.112~r90304-0ubuntu1.diff.gz
Checksums-Sha256: 
 007d62d171c5b860a776918c64cf05735e2fc65296d294efb56d2aba2b37c367 2064 chromium-browser_12.0.742.112~r90304-0ubuntu1.dsc
 650541822b97e14d6a740e7c40bcecbc19c64fa8238b0db0800788194e9b8a9d 190702716 chromium-browser_12.0.742.112~r90304.orig.tar.gz
 8d690ee2d197045b8b8347fcf23f14a57b84c0580e86950fe64adb1082eb6c83 204827 chromium-browser_12.0.742.112~r90304-0ubuntu1.diff.gz
Files: 
 341ddfff2cd86c1e316e34384c068e83 2064 web optional chromium-browser_12.0.742.112~r90304-0ubuntu1.dsc
 f2a8fbdbac328f7f78b85f37a2fbe35d 190702716 web optional chromium-browser_12.0.742.112~r90304.orig.tar.gz
 12090cdaec89202253fc6ba9e6ddfa84 204827 web optional chromium-browser_12.0.742.112~r90304-0ubuntu1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk4KSL8ACgkQaOfNHbbuIOiz0gCePuXVDbu7R7FswhLSZ6oAT1Ob
XrsAnRc6eEhAC0iWUdRJvc5oH/7P/dXE
=u2UJ
-----END PGP SIGNATURE-----