[ubuntu/raring-proposed] chromium-browser 23.0.1271.91-0ubuntu1 (Accepted)

Chad Miller chad.miller at canonical.com
Thu Nov 29 20:47:14 UTC 2012 

chromium-browser (23.0.1271.91-0ubuntu1) raring; urgency=low

  * Add localization support for ast, bs, en-AU, eo, hy, ia, ka, ku, kw, ms.
  * No longer include Launchpad-generated translations.
  * No longer expect unpacked tarball to contain "build-tree".
  * Fix build warning about missing debian/source/format.  Set to "3.0
    (quilt)".
  * Refresh patches from lp:unity-chromium-extension .
  * patches/glib-header-single-entry.patch deleted.
  * patches/7-plugin-status.patch renamed to
  	patches/7-npapi-permission-not-defaults-to-unauthorized.patch
  * patches/struct-siginfo.patch added to work around source bug in
    dereferencing internal stuct instead of public type.
  * Make system-v8 patch use "type none" instead of "type settings".
  * Manually set DEB_{BUILD,HOST}_ARCH when not already set, like when the
    executing program is not dpkg-buildpackage.
  * Make rules file generate LASTCHANGE file at new location.
  * Change get-sources command to kill script when it fails to disable
    gyp-chromium run from DEPS. Never fail silently again.
  * Drop SCM revision from the version.
  * New upstream version 23.0.1271.91
    - CVE-2012-5133: Use-after-free in SVG filters.
    - CVE-2012-5130: Out-of-bounds read in Skia.
    - CVE-2012-5132: Browser crash with chunked encoding.
    - CVE-2012-5134: Buffer underflow in libxml.
    - CVE-2012-5135: Use-after-free with printing.
    - CVE-2012-5136: Bad cast in input element handling.
  * Includes CVE fixes for 23.0.1271.64
    - CVE-2012-5127: Integer overflow leading to out-of-bounds read in WebP
      handling.
    - CVE-2012-5120: Out-of-bounds array access in v8.
    - CVE-2012-5116: Use-after-free in SVG filter handling.
    - CVE-2012-5121: Use-after-free in video layout.
    - CVE-2012-5117: Inappropriate load of SVG subresource in img context.
    - CVE-2012-5119: Race condition in Pepper buffer handling.
    - CVE-2012-5122: Bad cast in input handling.
    - CVE-2012-5123: Out-of-bounds reads in Skia.
    - CVE-2012-5124: Memory corruption in texture handling.
    - CVE-2012-5125: Use-after-free in extension tab handling.
    - CVE-2012-5126: Use-after-free in plug-in placeholder handling.
    - CVE-2012-5128: Bad write in v8.

Date: Wed, 28 Nov 2012 18:15:46 -0500
Changed-By: Chad Miller <chad.miller at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Ken VanDine <ken.vandine at canonical.com>
https://launchpad.net/ubuntu/raring/+source/chromium-browser/23.0.1271.91-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 28 Nov 2012 18:15:46 -0500
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg
Architecture: source
Version: 23.0.1271.91-0ubuntu1
Distribution: raring
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Chad Miller <chad.miller at canonical.com>
Description: 
 chromium-browser - Chromium browser
 chromium-browser-dbg - chromium-browser debug symbols
 chromium-browser-l10n - chromium-browser language packages
 chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
 chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
Changes: 
 chromium-browser (23.0.1271.91-0ubuntu1) raring; urgency=low
 .
   * Add localization support for ast, bs, en-AU, eo, hy, ia, ka, ku, kw, ms.
   * No longer include Launchpad-generated translations.
   * No longer expect unpacked tarball to contain "build-tree".
   * Fix build warning about missing debian/source/format.  Set to "3.0
     (quilt)".
   * Refresh patches from lp:unity-chromium-extension .
   * patches/glib-header-single-entry.patch deleted.
   * patches/7-plugin-status.patch renamed to
   	patches/7-npapi-permission-not-defaults-to-unauthorized.patch
   * patches/struct-siginfo.patch added to work around source bug in
     dereferencing internal stuct instead of public type.
   * Make system-v8 patch use "type none" instead of "type settings".
   * Manually set DEB_{BUILD,HOST}_ARCH when not already set, like when the
     executing program is not dpkg-buildpackage.
   * Make rules file generate LASTCHANGE file at new location.
   * Change get-sources command to kill script when it fails to disable
     gyp-chromium run from DEPS. Never fail silently again.
   * Drop SCM revision from the version.
   * New upstream version 23.0.1271.91
     - CVE-2012-5133: Use-after-free in SVG filters.
     - CVE-2012-5130: Out-of-bounds read in Skia.
     - CVE-2012-5132: Browser crash with chunked encoding.
     - CVE-2012-5134: Buffer underflow in libxml.
     - CVE-2012-5135: Use-after-free with printing.
     - CVE-2012-5136: Bad cast in input element handling.
   * Includes CVE fixes for 23.0.1271.64
     - CVE-2012-5127: Integer overflow leading to out-of-bounds read in WebP
       handling.
     - CVE-2012-5120: Out-of-bounds array access in v8.
     - CVE-2012-5116: Use-after-free in SVG filter handling.
     - CVE-2012-5121: Use-after-free in video layout.
     - CVE-2012-5117: Inappropriate load of SVG subresource in img context.
     - CVE-2012-5119: Race condition in Pepper buffer handling.
     - CVE-2012-5122: Bad cast in input handling.
     - CVE-2012-5123: Out-of-bounds reads in Skia.
     - CVE-2012-5124: Memory corruption in texture handling.
     - CVE-2012-5125: Use-after-free in extension tab handling.
     - CVE-2012-5126: Use-after-free in plug-in placeholder handling.
     - CVE-2012-5128: Bad write in v8.
Checksums-Sha1: 
 024477575957a55227051b0146767a4dda859453 2506 chromium-browser_23.0.1271.91-0ubuntu1.dsc
 fea7ea9e4482f6392c04534e051b68a7d032ae31 682306986 chromium-browser_23.0.1271.91.orig.tar.bz2
 6efb59c34c52b196fe28208aa44ec0e009043174 241692 chromium-browser_23.0.1271.91-0ubuntu1.debian.tar.gz
Checksums-Sha256: 
 742320cc9f56728e170c20a0c5fdfeae0a9286cd416ea1f80f965ad3d78e8486 2506 chromium-browser_23.0.1271.91-0ubuntu1.dsc
 e13e4693689fe64e25b2920d78f0c568d3ee4036d3d9476da206873c6d1bdaa9 682306986 chromium-browser_23.0.1271.91.orig.tar.bz2
 7691edcf228a4715e779233d76c7d7eb975d13d920dcb0170de3b27778ce0782 241692 chromium-browser_23.0.1271.91-0ubuntu1.debian.tar.gz
Files: 
 0d427a70ee89da0a3ecf00b501923f94 2506 web optional chromium-browser_23.0.1271.91-0ubuntu1.dsc
 ed21c99035d347a7b73b05b0c3ce6ed8 682306986 web optional chromium-browser_23.0.1271.91.orig.tar.bz2
 826214171c9e113b1dcf24e37c0a0465 241692 web optional chromium-browser_23.0.1271.91-0ubuntu1.debian.tar.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAlC3yEwACgkQa0J3STIqf5+D6wCghH/6x9txow6e2rYHrg8QW6z+
MRMAoMcQvRqSeNWreyNb3jB9bDtvPJGx
=6HXA
-----END PGP SIGNATURE-----

More information about the Raring-changes mailing list