-
Committer:
Bazaar Package Importer
-
Author(s):
Fabien Tassin
-
Date:
2010-07-02 01:05:06 UTC
-
mfrom:
(1.1.14 upstream)
-
Revision ID:
james.westby@ubuntu.com-20100702010506-95f0s8siz3zr3fy9
Tags: 5.0.375.99~r51029-0ubuntu1
* New upstream release from the Stable Channel (LP: #602142)
This release fixes the following security issues:
- [42396] Low OOB read with WebGL. Credit to Sergey Glazunov; Google Chrome
Security Team (SkyLined).
- [42575] [42980] Medium Isolate sandboxed iframes more strongly. Credit to
sirdarckcat of Google Security Team.
- [43488] High Memory corruption with invalid SVGs. Credit to Aki Hekin of
OUSPG; wushi of team509.
- [44424] High Memory corruption in bidi algorithm. Credit to wushi of
team509.
- [45164] Low Crash with invalid image. Credit to Jose A. Vazquez.
- [45983] High Memory corruption with invalid PNG (libpng bug). Credit to
Aki Helin of OUSPG.
- [46360] High Memory corruption in CSS style rendering. Credit to wushi of
team509.
- [46575] Low Annoyance with print dialogs. Credit to Mats Ahlgren.
- [47056] Low Crash with modal dialogs. Credit to Aki Helin of OUSPG.