Viewing all changes in revision 741.
- Committer: Micah Gersten
- Date: 2012-12-06 06:01:52 UTC
- Revision ID: micahg@ubuntu.com-20121206060152-60j4v5x14fvowbe1
(merge from chromium-browser.oneiric r696..700)
* New upstream version 23.0.1271.95 (LP: #1086613)
- CVE-2012-5138: Incorrect file path handling.
- CVE-2012-5137: Use-after-free in media source handling.
* Hardcode Ubuntu in Chromium user agent patch; Drop release specific part
similar to what was done with Firefox; Drop from subst_files in rules
- rename debian/patches/chromium_useragent.patch.in => debian/patches/chromium_useragent.patch
- update debian/patches/chromium_useragent.patch
- update debian/rules
* Disable user agent patch for the moment as it doesn't apply cleanly
- update debian/patches/series
* Switch to xz binary packages, use Pre-Depends on dpkg (>= 1.15.6~)
- update debian/control
* Add localization support for ast, bs, en-AU, eo, hy, ia, ka, ku, kw, ms.
* No longer include Launchpad-generated translations.
* No longer expect unpacked tarball to contain "build-tree".
* Fix build warning about missing debian/source/format. Set to "3.0
(quilt)".
* Make system-v8 patch use "type none" instead of "type settings".; Leave
Patch disabled
* Manually set DEB_{BUILD,HOST}_ARCH when not already set, like when the
executing program is not dpkg-buildpackage.
* Make rules file generate LASTCHANGE file at new location.
* Change get-sources command to kill script when it fails to disable
gyp-chromium run from DEPS. Never fail silently again.
* Drop SCM revision from the version.
* New upstream version 23.0.1271.91
- CVE-2012-5133: Use-after-free in SVG filters.
- CVE-2012-5130: Out-of-bounds read in Skia.
- CVE-2012-5132: Browser crash with chunked encoding.
- CVE-2012-5134: Buffer underflow in libxml.
- CVE-2012-5135: Use-after-free with printing.
- CVE-2012-5136: Bad cast in input element handling.
* Includes CVE fixes for 23.0.1271.64
- CVE-2012-5127: Integer overflow leading to out-of-bounds read in WebP
handling.
- CVE-2012-5120: Out-of-bounds array access in v8.
- CVE-2012-5116: Use-after-free in SVG filter handling.
- CVE-2012-5121: Use-after-free in video layout.
- CVE-2012-5117: Inappropriate load of SVG subresource in img context.
- CVE-2012-5119: Race condition in Pepper buffer handling.
- CVE-2012-5122: Bad cast in input handling.
- CVE-2012-5123: Out-of-bounds reads in Skia.
- CVE-2012-5124: Memory corruption in texture handling.
- CVE-2012-5125: Use-after-free in extension tab handling.
- CVE-2012-5126: Use-after-free in plug-in placeholder handling.
- CVE-2012-5128: Bad write in v8.
* Includes CVE fixes for 22.0.1229.94
- CVE-2012-5112: SVG use-after-free and IPC arbitrary file write.
* Includes CVE fixes for 22.0.1229.92
- CVE-2012-2900: Crash in Skia text rendering.
- CVE-2012-5108: Race condition in audio device handling.
- CVE-2012-5109: OOB read in ICU regex.
- CVE-2012-5110: Out-of-bounds read in compositor.
- CVE-2012-5111: Plug-in crash monitoring was missing for Pepper plug-ins.
* Includes CVE fixes for 22.0.1229.79
- CVE-2012-2889: UXSS in frame handling.
- CVE-2012-2886: UXSS in v8 bindings.
- CVE-2012-2881: DOM tree corruption with plug-ins.
- CVE-2012-2876: Buffer overflow in SSE2 optimizations.
- CVE-2012-2883: Out-of-bounds write in Skia.
- CVE-2012-2887: Use-after-free in onclick handling.
- CVE-2012-2888: Use-after-free in SVG text references.
- CVE-2012-2894: Crash in graphics context handling.
- CVE-2012-2877: Browser crash with extensions and modal dialogs.
- CVE-2012-2879: DOM topology corruption.
- CVE-2012-2884: Out-of-bounds read in Skia.
- CVE-2012-2874: Out-of-bounds write in Skia.
- CVE-2012-2878: Use-after-free in plug-in handling.
- CVE-2012-2880: Race condition in plug-in paint buffer.
- CVE-2012-2882: Wild pointer in OGG container handling.
- CVE-2012-2885: Possible double free on exit.
- CVE-2012-2891: Address leak over IPC.
- CVE-2012-2892: Pop-up block bypass.
- CVE-2012-2893: Double free in XSL transforms.
* Includes CVE fixes for 21.0.1180.89
- CVE-2012-2865: Out-of-bounds read in line breaking.
- CVE-2012-2866: Bad cast with run-ins.
- CVE-2012-2867: Browser crash with SPDY.
- CVE-2012-2868: Race condition with workers and XHR.
- CVE-2012-2869: Avoid stale buffer in URL loading.
- CVE-2012-2870: Lower severity memory management issues in XPath.
- CVE-2012-2871: Bad cast in XSL transforms.
- CVE-2012-2872: XSS in SSL interstitial.
* Includes CVE fixes for 21.0.1180.57
- CVE-2012-2846: Cross-process interference in renderers.
- CVE-2012-2847: Missing re-prompt to user upon excessive downloads.
- CVE-2012-2848: Overly broad file access granted after drag+drop.
- CVE-2012-2849: Off-by-one read in GIF decoder.
- CVE-2012-2853: webRequest can interfere with the Chrome Web Store.
- CVE-2012-2854: Leak of pointer values to WebUI renderers.
- CVE-2012-2857: Use-after-free in CSS DOM.
- CVE-2012-2858: Buffer overflow in WebP decoder.
- CVE-2012-2859: Crash in tab handling.
- CVE-2012-2860: Out-of-bounds access when clicking in date picker.
* Includes CVE fixes for 20.0.1132.57
- CVE-2012-2842: Use-after-free in counter handling.
- CVE-2012-2843: Use-after-free in layout height tracking.
* Includes CVE fixes for 20.0.1132.43
- CVE-2012-2815: Leak of iframe fragment id.
- CVE-2012-2817: Use-after-free in table section handling.
- CVE-2012-2818: Use-after-free in counter layout.
- CVE-2012-2819: Crash in texture handling.
- CVE-2012-2820: Out-of-bounds read in SVG filter handling.
- CVE-2012-2821: Autofill display problem.
- CVE-2012-2823: Use-after-free in SVG resource handling.
- CVE-2012-2824: Use-after-free in SVG painting.
- CVE-2012-2826: Out-of-bounds read in texture conversion.
- CVE-2012-2829: Use-after-free in first-letter handling
- CVE-2012-2830: Wild pointer in array value setting.
- CVE-2012-2831: Use-after-free in SVG reference handling.
- CVE-2012-2834: Integer overflow in Matroska container.
- CVE-2012-2825: Wild read in XSL handling.
- CVE-2012-2807: Integer overflows in libxml.
* Includes CVE fixes for 19.0.1084.52:
- CVE-2011-3103: Crashes in v8 garbage collection.
- CVE-2011-3104: Out-of-bounds read in Skia.
- CVE-2011-3105: Use-after-free in first-letter handling.
- CVE-2011-3106: Browser memory corruption with websockets over SSL.
- CVE-2011-3107: Crashes in the plug-in JavaScript bindings.
- CVE-2011-3108: Use-after-free in browser cache.
- CVE-2011-3109: Bad cast in GTK UI.
- CVE-2011-3111: Invalid read in v8.
- CVE-2011-3115: Type corruption in v8.
* Includes CVE fixes for initial Chromium 19 release:
- CVE-2011-3083: Browser crash with video + FTP.
- CVE-2011-3084: Load links from internal pages in their own process.
- CVE-2011-3085: UI corruption with long autofilled values.
- CVE-2011-3086: Use-after-free with style element.
- CVE-2011-3087: Incorrect window navigation.
- CVE-2011-3088: Out-of-bounds read in hairline drawing.
- CVE-2011-3089: Use-after-free in table handling.
- CVE-2011-3090: Race condition with workers.
- CVE-2011-3091: Use-after-free with indexed DB.
- CVE-2011-3092: Invalid write in v8 regex.
- CVE-2011-3093: Out-of-bounds read in glyph handling.
- CVE-2011-3094: Out-of-bounds read in Tibetan handling.
- CVE-2011-3095: Out-of-bounds write in OGG container.
- CVE-2011-3096: Use-after-free in GTK omnibox handling.
- CVE-2011-3100: Out-of-bounds read drawing dash paths.
- CVE-2011-3101: Work around Linux Nvidia driver bug.
- CVE-2011-3102: Off-by-one out-of-bounds write in libxml.
* New upstream version 23.0.1271.95 (LP: #1086613)
- CVE-2012-5138: Incorrect file path handling.
- CVE-2012-5137: Use-after-free in media source handling.
* Hardcode Ubuntu in Chromium user agent patch; Drop release specific part
similar to what was done with Firefox; Drop from subst_files in rules
- rename debian/patches/chromium_useragent.patch.in => debian/patches/chromium_useragent.patch
- update debian/patches/chromium_useragent.patch
- update debian/rules
* Disable user agent patch for the moment as it doesn't apply cleanly
- update debian/patches/series
* Switch to xz binary packages, use Pre-Depends on dpkg (>= 1.15.6~)
- update debian/control
* Add localization support for ast, bs, en-AU, eo, hy, ia, ka, ku, kw, ms.
* No longer include Launchpad-generated translations.
* No longer expect unpacked tarball to contain "build-tree".
* Fix build warning about missing debian/source/format. Set to "3.0
(quilt)".
* Make system-v8 patch use "type none" instead of "type settings".; Leave
Patch disabled
* Manually set DEB_{BUILD,HOST}_ARCH when not already set, like when the
executing program is not dpkg-buildpackage.
* Make rules file generate LASTCHANGE file at new location.
* Change get-sources command to kill script when it fails to disable
gyp-chromium run from DEPS. Never fail silently again.
* Drop SCM revision from the version.
* New upstream version 23.0.1271.91
- CVE-2012-5133: Use-after-free in SVG filters.
- CVE-2012-5130: Out-of-bounds read in Skia.
- CVE-2012-5132: Browser crash with chunked encoding.
- CVE-2012-5134: Buffer underflow in libxml.
- CVE-2012-5135: Use-after-free with printing.
- CVE-2012-5136: Bad cast in input element handling.
* Includes CVE fixes for 23.0.1271.64
- CVE-2012-5127: Integer overflow leading to out-of-bounds read in WebP
handling.
- CVE-2012-5120: Out-of-bounds array access in v8.
- CVE-2012-5116: Use-after-free in SVG filter handling.
- CVE-2012-5121: Use-after-free in video layout.
- CVE-2012-5117: Inappropriate load of SVG subresource in img context.
- CVE-2012-5119: Race condition in Pepper buffer handling.
- CVE-2012-5122: Bad cast in input handling.
- CVE-2012-5123: Out-of-bounds reads in Skia.
- CVE-2012-5124: Memory corruption in texture handling.
- CVE-2012-5125: Use-after-free in extension tab handling.
- CVE-2012-5126: Use-after-free in plug-in placeholder handling.
- CVE-2012-5128: Bad write in v8.
* Includes CVE fixes for 22.0.1229.94
- CVE-2012-5112: SVG use-after-free and IPC arbitrary file write.
* Includes CVE fixes for 22.0.1229.92
- CVE-2012-2900: Crash in Skia text rendering.
- CVE-2012-5108: Race condition in audio device handling.
- CVE-2012-5109: OOB read in ICU regex.
- CVE-2012-5110: Out-of-bounds read in compositor.
- CVE-2012-5111: Plug-in crash monitoring was missing for Pepper plug-ins.
* Includes CVE fixes for 22.0.1229.79
- CVE-2012-2889: UXSS in frame handling.
- CVE-2012-2886: UXSS in v8 bindings.
- CVE-2012-2881: DOM tree corruption with plug-ins.
- CVE-2012-2876: Buffer overflow in SSE2 optimizations.
- CVE-2012-2883: Out-of-bounds write in Skia.
- CVE-2012-2887: Use-after-free in onclick handling.
- CVE-2012-2888: Use-after-free in SVG text references.
- CVE-2012-2894: Crash in graphics context handling.
- CVE-2012-2877: Browser crash with extensions and modal dialogs.
- CVE-2012-2879: DOM topology corruption.
- CVE-2012-2884: Out-of-bounds read in Skia.
- CVE-2012-2874: Out-of-bounds write in Skia.
- CVE-2012-2878: Use-after-free in plug-in handling.
- CVE-2012-2880: Race condition in plug-in paint buffer.
- CVE-2012-2882: Wild pointer in OGG container handling.
- CVE-2012-2885: Possible double free on exit.
- CVE-2012-2891: Address leak over IPC.
- CVE-2012-2892: Pop-up block bypass.
- CVE-2012-2893: Double free in XSL transforms.
* Includes CVE fixes for 21.0.1180.89
- CVE-2012-2865: Out-of-bounds read in line breaking.
- CVE-2012-2866: Bad cast with run-ins.
- CVE-2012-2867: Browser crash with SPDY.
- CVE-2012-2868: Race condition with workers and XHR.
- CVE-2012-2869: Avoid stale buffer in URL loading.
- CVE-2012-2870: Lower severity memory management issues in XPath.
- CVE-2012-2871: Bad cast in XSL transforms.
- CVE-2012-2872: XSS in SSL interstitial.
* Includes CVE fixes for 21.0.1180.57
- CVE-2012-2846: Cross-process interference in renderers.
- CVE-2012-2847: Missing re-prompt to user upon excessive downloads.
- CVE-2012-2848: Overly broad file access granted after drag+drop.
- CVE-2012-2849: Off-by-one read in GIF decoder.
- CVE-2012-2853: webRequest can interfere with the Chrome Web Store.
- CVE-2012-2854: Leak of pointer values to WebUI renderers.
- CVE-2012-2857: Use-after-free in CSS DOM.
- CVE-2012-2858: Buffer overflow in WebP decoder.
- CVE-2012-2859: Crash in tab handling.
- CVE-2012-2860: Out-of-bounds access when clicking in date picker.
* Includes CVE fixes for 20.0.1132.57
- CVE-2012-2842: Use-after-free in counter handling.
- CVE-2012-2843: Use-after-free in layout height tracking.
* Includes CVE fixes for 20.0.1132.43
- CVE-2012-2815: Leak of iframe fragment id.
- CVE-2012-2817: Use-after-free in table section handling.
- CVE-2012-2818: Use-after-free in counter layout.
- CVE-2012-2819: Crash in texture handling.
- CVE-2012-2820: Out-of-bounds read in SVG filter handling.
- CVE-2012-2821: Autofill display problem.
- CVE-2012-2823: Use-after-free in SVG resource handling.
- CVE-2012-2824: Use-after-free in SVG painting.
- CVE-2012-2826: Out-of-bounds read in texture conversion.
- CVE-2012-2829: Use-after-free in first-letter handling
- CVE-2012-2830: Wild pointer in array value setting.
- CVE-2012-2831: Use-after-free in SVG reference handling.
- CVE-2012-2834: Integer overflow in Matroska container.
- CVE-2012-2825: Wild read in XSL handling.
- CVE-2012-2807: Integer overflows in libxml.
* Includes CVE fixes for 19.0.1084.52:
- CVE-2011-3103: Crashes in v8 garbage collection.
- CVE-2011-3104: Out-of-bounds read in Skia.
- CVE-2011-3105: Use-after-free in first-letter handling.
- CVE-2011-3106: Browser memory corruption with websockets over SSL.
- CVE-2011-3107: Crashes in the plug-in JavaScript bindings.
- CVE-2011-3108: Use-after-free in browser cache.
- CVE-2011-3109: Bad cast in GTK UI.
- CVE-2011-3111: Invalid read in v8.
- CVE-2011-3115: Type corruption in v8.
* Includes CVE fixes for initial Chromium 19 release:
- CVE-2011-3083: Browser crash with video + FTP.
- CVE-2011-3084: Load links from internal pages in their own process.
- CVE-2011-3085: UI corruption with long autofilled values.
- CVE-2011-3086: Use-after-free with style element.
- CVE-2011-3087: Incorrect window navigation.
- CVE-2011-3088: Out-of-bounds read in hairline drawing.
- CVE-2011-3089: Use-after-free in table handling.
- CVE-2011-3090: Race condition with workers.
- CVE-2011-3091: Use-after-free with indexed DB.
- CVE-2011-3092: Invalid write in v8 regex.
- CVE-2011-3093: Out-of-bounds read in glyph handling.
- CVE-2011-3094: Out-of-bounds read in Tibetan handling.
- CVE-2011-3095: Out-of-bounds write in OGG container.
- CVE-2011-3096: Use-after-free in GTK omnibox handling.
- CVE-2011-3100: Out-of-bounds read drawing dash paths.
- CVE-2011-3101: Work around Linux Nvidia driver bug.
- CVE-2011-3102: Off-by-one out-of-bounds write in libxml.
- files added:
- debian/patches/arm.patch
- debian/source
- files removed:
- debian/patches/arm.patch
- files renamed:
- debian/patches/chromium_useragent.patch.in => debian/patches/chromium_useragent.patch
- files modified:
- debian/README.source
expand all
collapse all
added
removed
