« back to all changes in this revision
Viewing changes to debian/changelog
- browse files at revision 1
- compare with another revision
- download diff
- download tarball
- view history from revision 1
- Committer: Saikrishna Arcot
- Date: 2013-03-08 22:57:16 UTC
- Revision ID: saiarcot895@gmail.com-20130308225716-1c60fatbyjqc4d2j
Initial commit
- files added:
- debian
- debian/apport
- debian/cdbs
- debian/licenses
- debian/patches
- debian/source
added
removed
debian/changelog
1
chromium-browser (27.0.1431.0~svn20130306r186371-0ubuntuppa1~unstable1) unstable; urgency=low
2
3
* New upstream release.
4
* Doesn't include many translations.
5
6
-- Saikrishna Arcot <saiarcot895@gmail.com> Mon, 04 Mar 2013 18:46:48 -0600
7
8
chromium-browser (22.0.1229.94~r161065-0ubuntu1) unstable; urgency=low
9
10
* New upstream release from the Stable Channel
11
- [154983][154987] Critical CVE-2012-5112: SVG use-after-free and IPC
12
arbitrary file write
13
14
-- Ken VanDine <ken.vandine@canonical.com> Sat, 13 Oct 2012 00:24:57 -0400
15
16
chromium-browser (22.0.1229.79~r158531-0ubuntu1) unstable; urgency=low
17
18
* New upstream release from the Stable Channel
19
* debian/control
20
- fixed typo in description for chromium-codecs-ffmpeg
21
* debian/patches/fix-armhf-ftbfs.patch
22
- Dropped, no longer needed
23
* debian/chromium-browser.install
24
- Install demo extension
25
* debian/rules
26
- Updated INSTALL_EXCLUDE_FILES
27
- build with gcc 4.7
28
* debian/patches/1-infobars.patch,
29
debian/patches/2-get-domain-tld.patch,
30
debian/patches/3-chrome-xid.patch,
31
debian/patches/4-chromeless-window-launch-option.patch,
32
debian/patches/5-desktop-integration-settings.patch,
33
debian/patches/fix-1034541.patch
34
- Updated for v22
35
* debian/patches/6-passwordless-install-support.patch
36
- Webapp package installation (LP: #1059460)
37
* debian/patches/7-plugin-status.patch
38
- Don't block npapi plugins on linux, which is required by
39
unity-chromium-extension
40
41
-- Ken VanDine <ken.vandine@canonical.com> Fri, 12 Oct 2012 09:31:11 -0400
42
43
chromium-browser (20.0.1132.47~r144678-0ubuntu6) unstable; urgency=low
44
45
* debian/patches/5-desktop-integration-settings.patch
46
- Updated to match libunity-webapps.so.0
47
48
-- Ken VanDine <ken.vandine@canonical.com> Wed, 19 Sep 2012 11:44:21 -0400
49
50
chromium-browser (20.0.1132.47~r144678-0ubuntu5) unstable; urgency=low
51
52
* debian/patches/fix-1034541.patch
53
- fix chromeless issues if chromeless window is launched before a
54
regular browser window (LP: #1034541)
55
56
-- Ken VanDine <ken.vandine@canonical.com> Tue, 14 Aug 2012 14:45:16 -0400
57
58
chromium-browser (20.0.1132.47~r144678-0ubuntu4) unstable; urgency=low
59
60
* debian/patches/4-chromeless-window-launch-option.patch
61
- updated to latest from webapps
62
* debian/patches/5-desktop-integration-settings.patch
63
- updated to latest from webapps
64
65
-- Ken VanDine <ken.vandine@canonical.com> Mon, 13 Aug 2012 22:53:46 -0400
66
67
chromium-browser (20.0.1132.47~r144678-0ubuntu3) unstable; urgency=low
68
69
* debian/patches/1-infobars.patch
70
- moved infobars out of experimental, used for webapps
71
* debian/patches/2-get-domain-tld.patch
72
- Adds API for getting the base domain of a URI, used for webapps
73
* debian/patches/3-chrome-xid.patch
74
- Get xid, used for webapps
75
* debian/patches/chromeless-window-launch-option.patch
76
- Adds optional chromeless mode, used for webapps
77
* debian/patches/desktop-integration-settings.patch
78
- Adds settings for managing sites integrated with the desktop, used
79
for webapps
80
81
-- Ken VanDine <ken.vandine@canonical.com> Mon, 06 Aug 2012 13:40:57 -0400
82
83
chromium-browser (20.0.1132.47~r144678-0ubuntu2) unstable; urgency=low
84
85
* debian/control
86
- Dropped build depends for libvpx-dev
87
* -debian/patches/vpx.patch
88
- dropped, build with internal vpx
89
90
[ Matthieu Baerts ]
91
* debian/apport:
92
- Update apport hook for python3 (LP: #1013171)
93
patch made with the help of Edward Donovan
94
95
-- Ken VanDine <ken.vandine@canonical.com> Thu, 12 Jul 2012 15:56:59 -0400
96
97
chromium-browser (20.0.1132.47~r144678-0ubuntu1) unstable; urgency=low
98
99
* New upstream release from the Stable Channel
100
* debian/control
101
- Added build depends binutils-gold, libvpx-dev,libssl-dev and subversion
102
- Bumped standards version to 3.9.3
103
- don't build depend on binutils-gold for armel
104
* debian/rules
105
- explicitly set arm_float_abi=hard for armhf builds and let the rest
106
fallback to softfp
107
- do not use third_party/gold as the linker.
108
- enable compile-time dependency on gnome-keyring
109
* -debian/patches/ubuntu_dont_overwrite_default_download_directory.patch
110
- no longer needed
111
* debian/patches/grd_parse_fix.patch
112
- Patched to fix broken XML until we can get a proper fix for
113
chromium-translation-tools.
114
* debian/patches/vpx.patch
115
- patch from debian to fix FTBFS on armel
116
* debian/patches/arm.patch
117
- patch from debian to fix FTBFS on armel
118
119
-- Ken VanDine <ken.vandine@canonical.com> Thu, 12 Jul 2012 14:02:44 -0400
120
121
chromium-browser (18.0.1025.168~r134367-0ubuntu2) unstable; urgency=low
122
123
* debian/rules
124
- force to build with gcc 4.6 to fix ftbfs (LP: #992212)
125
- don't build with -Werror
126
* debian/control
127
- add build depends for g++-4.6-multilib
128
129
-- Ken VanDine <ken.vandine@canonical.com> Fri, 06 Jul 2012 13:51:59 -0400
130
131
chromium-browser (18.0.1025.168~r134367-0ubuntu1) unstable; urgency=low
132
133
* debian/rules
134
- include armv7 in GYP_DEFINES for 11.10, 12.04 and 12.10. Fixes
135
FTBFS on arm (LP: #993080)
136
137
-- Ken VanDine <ken.vandine@canonical.com> Mon, 18 Jun 2012 10:04:59 -0400
138
139
chromium-browser (18.0.1025.168~r134367-0ubuntu0.12.04.1) unstable-security; urgency=low
140
141
* New upstream release from the Stable Channel (LP: #992352)
142
- [106413] High CVE-2011-3078: Use after free in floats handling. Credit to
143
Google Chrome Security Team (Marty Barbella) and independent later
144
discovery by miaubiz.
145
- [117110] High CVE-2012-1521: Use after free in xml parser. Credit to
146
Google Chrome Security Team (SkyLined) and independent later discovery by
147
wushi of team509 reported through iDefense VCP (V-874rcfpq7z).
148
- [117627] Medium CVE-2011-3079: IPC validation failure. Credit to PinkiePie
149
- [121726] Medium CVE-2011-3080: Race condition in sandbox IPC. Credit to
150
Willem Pinckaers of Matasano.
151
- [121899] High CVE-2011-3081: Use after free in floats handling.
152
Credit to miaubiz.
153
154
-- Micah Gersten <micahg@ubuntu.com> Tue, 01 May 2012 00:02:53 -0500
155
156
chromium-browser (18.0.1025.151~r130497-0ubuntu1) unstable; urgency=low
157
158
* New upstream release from the Stable Channel (LP: #977502)
159
- black screen on Hybrid Graphics system with GPU accelerated compositing
160
enabled (Issue: 117371)
161
- CSS not applied to <content> element (Issue: 114667)
162
- Regression rendering a div with background gradient and borders
163
(Issue: 113726)
164
- Canvas 2D line drawing bug with GPU acceleration (Issue: 121285)
165
- Multiple crashes (Issues: 72235, 116825 and 92998)
166
- Pop-up dialog is at wrong position (Issue: 116045)
167
- HTML Canvas patterns are broken if you change the transformation matrix
168
(Issue: 112165)
169
- SSL interstitial error "proceed anyway" / "back to safety" buttons don't
170
work (Issue: 119252)
171
This release fixes the following security issues:
172
- [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping.
173
Credit to miaubiz.
174
- [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to
175
Sergey Glazunov.
176
- [117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to
177
miaubiz.
178
- [117728] High CVE-2011-3069: Use-after-free in line box handling. Credit
179
to miaubiz.
180
- [118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to
181
Google Chrome Security Team (SkyLined).
182
- [118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit
183
to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).
184
- [118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up
185
window. Credit to Sergey Glazunov.
186
- [118593] High CVE-2011-3073: Use-after-free in SVG resource handling.
187
Credit to Arthur Gerkis.
188
- [119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit
189
to Sławomir Błażek.
190
- [119525] High CVE-2011-3075: Use-after-free applying style command.
191
Credit to miaubiz.
192
- [120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to
193
miaubiz.
194
- [120189] Medium CVE-2011-3077: Read-after-free in script bindings. Credit
195
to Google Chrome Security Team (Inferno).
196
197
-- Micah Gersten <micahg@ubuntu.com> Mon, 09 Apr 2012 16:21:40 -0500
198
199
chromium-browser (18.0.1025.142~r129054-0ubuntu1) unstable; urgency=low
200
201
* New upstream release from the Stable Channel (LP: #968901)
202
This release fixes the following security issues:
203
- [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in
204
EUC-JP. Credit to Masato Kinugawa.
205
- [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling.
206
Credit to Arthur Gerkis.
207
- [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment
208
handling. Credit to miaubiz.
209
- [116398] Medium CVE-2011-3061: SPDY proxy certificate checking error.
210
Credit to Leonidas Kontothanassis of Google.
211
- [116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to
212
Mateusz Jurczyk of the Google Security Team.
213
- [117417] Low CVE-2011-3063: Validate navigation requests from the renderer
214
more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie and
215
scarybeasts (Google Chrome Security Team).
216
- [117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to
217
Atte Kettunen of OUSPG.
218
- [117588] High CVE-2011-3065: Memory corruption in Skia. Credit to Omair.
219
- [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
220
Holler.
221
222
* Add build dependency on libudev-dev to allow for gamepad detection; see
223
http://code.google.com/p/chromium/issues/detail?id=79050
224
- update debian/control
225
* Drop dlopen_libgnutls patch as it's been implemented upstream
226
- drop debian/patches/dlopen_libgnutls.patch
227
- update debian/patches/series
228
* Start removing *.so and *.so.* from the upstream tarball creation
229
- update debian/rules
230
* Strip almost the entire third_party/openssl directory as it's needed only
231
on android, but is used by the build system
232
- update debian/rules
233
* Use tar's --exclude-vcs flag instead of just excluding .svn
234
- update debian/rules
235
236
-- Micah Gersten <micahg@ubuntu.com> Sun, 01 Apr 2012 22:17:11 -0500
237
238
chromium-browser (17.0.963.83~r127885-0ubuntu1) unstable; urgency=low
239
240
* New upstream release from the Stable Channel (LP: #961831)
241
This release fixes the following security issues:
242
- [113902] High CVE-2011-3050: Use-after-free with first-letter handling.
243
Credit to miaubiz.
244
- [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit
245
to Glenn Randers-Pehrson of the libpng project.
246
- [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling.
247
Credit to Arthur Gerkis.
248
- [116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling.
249
Credit to Ben Vanik of Google.
250
- [116746] High CVE-2011-3053: Use-after-free in block splitting.
251
Credit to miaubiz.
252
- [117418] Low CVE-2011-3054: Apply additional isolations to webui
253
privileges. Credit to Sergey Glazunov.
254
- [117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked
255
extension installation. Credit to PinkiePie.
256
- [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”.
257
Credit to Sergey Glazunov.
258
- [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
259
Holler.
260
261
-- Micah Gersten <micahg@ubuntu.com> Wed, 21 Mar 2012 21:31:34 -0500
262
263
chromium-browser (17.0.963.79~r125985-0ubuntu1) unstable; urgency=low
264
265
* New upstream release from the Stable Channel (LP: #952711)
266
This release fixes the following security issue:
267
- [117620] [117656] Critical CVE-2011-3047: Errant plug-in load and GPU
268
process memory corruption. Credit to PinkiePie.
269
270
-- Micah Gersten <micahg@ubuntu.com> Mon, 12 Mar 2012 00:01:07 -0500
271
272
chromium-browser (17.0.963.78~r125577-0ubuntu1) unstable; urgency=low
273
274
* New upstream release from the Stable Channel (LP: #950174)
275
This release fixes the following security issue:
276
- [117226] [117230] Critical CVE-2011-3046: UXSS and bad history navigation.
277
Credit to Sergey Glazunov.
278
279
* Add libgles2-mesa-dev build dependency on armhf as well; Hopefully really
280
fix LP: #943281; Thanks to Christian Dywan for the tip
281
- update debian/control
282
283
-- Micah Gersten <micahg@ubuntu.com> Fri, 09 Mar 2012 00:40:23 -0600
284
285
chromium-browser (17.0.963.66~r124982-0ubuntu1) unstable; urgency=low
286
287
* New upstream release from the Stable Channel (LP: #948749)
288
- fixes regression in the DOM [116789]
289
290
[ Micah Gersten <micahg@ubuntu.com> ]
291
* Revert manual changes to v8 build system since we're using the gyp flag now
292
- update debian/patches/fix-armhf-ftbfs.patch
293
294
[ Jani Monoses <jani@ubuntu.com> ]
295
* Attempt to fix armhf build again (LP: #943281)
296
- update debian/rules
297
298
-- Micah Gersten <micahg@ubuntu.com> Wed, 07 Mar 2012 02:00:53 -0600
299
300
chromium-browser (17.0.963.65~r124586-0ubuntu1) unstable; urgency=low
301
302
* New upstream release from the Stable Channel (LP: #946914)
303
- Cursors and backgrounds sometimes do not load [111218]
304
- Plugins not loading on some pages [108228]
305
- Text paste includes trailing spaces [106551]
306
- Websites using touch controls break [110332]
307
This release fixes the following security issues:
308
- [105867] High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit
309
to Chamal de Silva.
310
- [108037] High CVE-2011-3032: Use-after-free in SVG value handling. Credit
311
to Arthur Gerkis.
312
- [108406] [115471] High CVE-2011-3033: Buffer overflow in the Skia drawing
313
library. Credit to Aki Helin of OUSPG.
314
- [111748] High CVE-2011-3034: Use-after-free in SVG document handling.
315
Credit to Arthur Gerkis.
316
- [112212] High CVE-2011-3035: Use-after-free in SVG use handling. Credit to
317
Arthur Gerkis.
318
- [113258] High CVE-2011-3036: Bad cast in line box handling. Credit to
319
miaubiz.
320
- [113439] [114924] [115028] High CVE-2011-3037: Bad casts in anonymous
321
block splitting. Credit to miaubiz.
322
- [113497] High CVE-2011-3038: Use-after-free in multi-column handling.
323
Credit to miaubiz.
324
- [113707] High CVE-2011-3039: Use-after-free in quote handling. Credit to
325
miaubiz.
326
- [114054] High CVE-2011-3040: Out-of-bounds read in text handling. Credit
327
to miaubiz.
328
- [114068] High CVE-2011-3041: Use-after-free in class attribute handling.
329
Credit to miaubiz.
330
- [114219] High CVE-2011-3042: Use-after-free in table section handling.
331
Credit to miaubiz.
332
- [115681] High CVE-2011-3043: Use-after-free in flexbox with floats. Credit
333
to miaubiz.
334
- [116093] High CVE-2011-3044: Use-after-free with SVG animation elements.
335
Credit to Arthur Gerkis.
336
337
[ Jani Monoses <jani@ubuntu.com> ]
338
* Fix FTBFS on armhf (LP: #943281)
339
- add debian/patches/fix-armhf-ftbfs.patch
340
- update debian/patches/series
341
342
-- Micah Gersten <micahg@ubuntu.com> Mon, 05 Mar 2012 03:48:05 -0600
343
344
chromium-browser (17.0.963.56~r121963-0ubuntu3) unstable; urgency=low
345
346
* Fix arm specific flags again; Use findstring instead of filter as arm
347
isn't the entire build arch name
348
- update debian/rules
349
350
-- Micah Gersten <micahg@ubuntu.com> Mon, 20 Feb 2012 00:59:09 -0600
351
352
chromium-browser (17.0.963.56~r121963-0ubuntu2) unstable; urgency=low
353
354
* Add arm specific flags for arm*, not just armel; This allows building on
355
armhf successfully (we hope)
356
- update debian/rules
357
* Change chromium-browser-dbg to Priority: extra, Section: debug per lintian
358
- update debian/control
359
* Fix line endings in debian/copyright per lintian
360
- update debian/copyright
361
* Make copyright file UTF-8 per lintian
362
- update debian/copyright
363
364
-- Micah Gersten <micahg@ubuntu.com> Mon, 20 Feb 2012 00:23:47 -0600
365
366
chromium-browser (17.0.963.56~r121963-0ubuntu1) unstable; urgency=low
367
368
* New upstream release from the Stable Channel (LP: #933262)
369
This release fixes the following security issues:
370
- [105803] High CVE-2011-3015: Integer overflows in PDF codecs. Credit to
371
Google Chrome Security Team (scarybeasts).
372
- [106336] Medium CVE-2011-3016: Read-after-free with counter nodes. Credit
373
to miaubiz.
374
- [108695] High CVE-2011-3017: Possible use-after-free in database handling.
375
Credit to miaubiz.
376
- [110172] High CVE-2011-3018: Heap overflow in path rendering. Credit to
377
Aki Helin of OUSPG.
378
- [110849] High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit
379
to Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk of the
380
Google Security Team.
381
- [111575] Medium CVE-2011-3020: Native client validator error. Credit to
382
Nick Bray of the Chromium development community.
383
- [111779] High CVE-2011-3021: Use-after-free in subframe loading. Credit to
384
Arthur Gerkis.
385
- [112236] Medium CVE-2011-3022: Inappropriate use of http for translation
386
script. Credit to Google Chrome Security Team (Jorge Obes).
387
- [112259] Medium CVE-2011-3023: Use-after-free with drag and drop. Credit
388
to pa_kt.
389
- [112451] Low CVE-2011-3024: Browser crash with empty x509 certificate.
390
Credit to chrometot.
391
- [112670] Medium CVE-2011-3025: Out-of-bounds read in h.264 parsing. Credit
392
to Sławomir Błażek.
393
- [112822] High CVE-2011-3026: Integer overflow / truncation in libpng.
394
Credit to Jüri Aedla.
395
- [112847] High CVE-2011-3027: Bad cast in column handling. Credit to
396
miaubiz.
397
398
-- Micah Gersten <micahg@ubuntu.com> Wed, 15 Feb 2012 22:55:08 -0600
399
400
chromium-browser (17.0.963.46~r119351-0ubuntu1) unstable; urgency=low
401
402
* New upstream release from the Stable Channel (LP: #931905)
403
This release fixes the following security issues:
404
- [73478] Low CVE-2011-3953: Avoid clipboard monitoring after paste event.
405
Credit to Daniel Cheng of the Chromium development community.
406
- [92550] Low CVE-2011-3954: Crash with excessive database usage. Credit to
407
Collin Payne.
408
- [93106] High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit
409
to David Grogan of the Chromium development community.
410
- [103630] Low CVE-2011-3956: Incorrect handling of sandboxed origins inside
411
extensions. Credit to Devdatta Akhawe, UC Berkeley.
412
- [104056] High CVE-2011-3957: Use-after-free in PDF garbage collection.
413
Credit to Aki Helin of OUSPG.
414
- [105459] High CVE-2011-3958: Bad casts with column spans. Credit to
415
miaubiz.
416
- [106441] High CVE-2011-3959: Buffer overflow in locale handling. Credit to
417
Aki Helin of OUSPG.
418
- [108416] Medium CVE-2011-3960: Out-of-bounds read in audio decoding.
419
Credit to Aki Helin of OUSPG.
420
- [108871] Critical CVE-2011-3961: Race condition after crash of utility
421
process. Credit to Shawn Goertzen.
422
- [108901] Medium CVE-2011-3962: Out-of-bounds read in path clipping. Credit
423
to Aki Helin of OUSPG.
424
- [109094] Medium CVE-2011-3963: Out-of-bounds read in PDF fax image
425
handling. Credit to Atte Kettunen of OUSPG.
426
- [109245] Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to
427
Code Audit Labs of VulnHunt.com.
428
- [109664] Low CVE-2011-3965: Crash in signature check. Credit to Sławomir
429
Błażek.
430
- [109716] High CVE-2011-3966: Use-after-free in stylesheet error handling.
431
Credit to Aki Helin of OUSPG.
432
- [109717] Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben
433
Carrillo.
434
- [109743] High CVE-2011-3968: Use-after-free in CSS handling. Credit to
435
Arthur Gerkis.
436
- [110112] High CVE-2011-3969: Use-after-free in SVG layout. Credit to
437
Arthur Gerkis.
438
- [110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to
439
Aki Helin of OUSPG.
440
- [110374] High CVE-2011-3971: Use-after-free with mousemove events. Credit
441
to Arthur Gerkis.
442
- [110559] Medium CVE-2011-3972: Out-of-bounds read in shader translator.
443
Credit to Google Chrome Security Team (Inferno).
444
445
* Rebase patch
446
- update debian/patches/disable_dlog_and_dcheck_in_release_builds.patch
447
* Update .install file to just install all .pak files instead of listing them
448
by name
449
- update debian/chromium-browser.install
450
451
-- Micah Gersten <micahg@ubuntu.com> Wed, 15 Feb 2012 01:32:50 -0600
452
453
chromium-browser (16.0.912.77~r118311-0ubuntu1) unstable; urgency=low
454
455
* New upstream release from the Stable Channel (LP: #923602, #897389)
456
(LP: #914648, #889711)
457
This release fixes the following security issues:
458
- [106484] High CVE-2011-3924: Use-after-free in DOM selections. Credit to
459
Arthur Gerkis.
460
- [107182] Critical CVE-2011-3925: Use-after-free in Safe Browsing
461
navigation. Credit to Chamal de Silva.
462
- [108461] High CVE-2011-3928: Use-after-free in DOM handling. Credit to
463
wushi of team509 reported through ZDI (ZDI-CAN-1415).
464
- [108605] High CVE-2011-3927: Uninitialized value in Skia. Credit to
465
miaubiz.
466
- [109556] High CVE-2011-3926: Heap-buffer-overflow in tree builder.
467
Credit to Arthur Gerkis.
468
469
This upload also includes the following security fixes from 16.0.912.75:
470
- [106672] High CVE-2011-3921: Use-after-free in animation frames. Credit to
471
Boris Zbarsky of Mozilla.
472
- [107128] High CVE-2011-3919: Heap-buffer-overflow in libxml. Credit to
473
Jüri Aedla.
474
- [108006] High CVE-2011-3922: Stack-buffer-overflow in glyph handling.
475
Credit to Google Chrome Security Team (Cris Neckar).
476
477
This upload also includes the following security fixes from 16.0.912.63:
478
- [81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit
479
to David Holloway of the Chromium development community.
480
- [95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google
481
Chrome Security Team (Inferno).
482
- [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit to
483
Aki Helin of OUSPG.
484
- [99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit to
485
Luka Treiber of ACROS Security.
486
- [100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to
487
Aki Helin of OUSPG.
488
- [101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS
489
property array. Credit to Google Chrome Security Team (scarybeasts) and
490
Chu.
491
- [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame
492
handling. Credit to Google Chrome Security Team (Cris Neckar).
493
- [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF. Credit to Google
494
Chrome Security Team (scarybeasts) and Robert Swiecki of the Google
495
Security Team.
496
- [102359] High CVE-2011-3912: Use-after-free in SVG filters. Credit to
497
Arthur Gerkis.
498
- [103921] High CVE-2011-3913: Use-after-free in Range handling. Credit to
499
Arthur Gerkis.
500
- [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling.
501
Credit to Sławomir Błażek.
502
- [104529] High CVE-2011-3915: Buffer overflow in PDF font handling. Credit
503
to Atte Kettunen of OUSPG.
504
- [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross
505
references. Credit to Atte Kettunen of OUSPG.
506
- [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher.
507
Credit to Google Chrome Security Team (Marty Barbella).
508
509
This upload also includes the following fixes from 15.0.874.121:
510
- fix to a regression: SVG in iframe doesn't use specified dimensions
511
- [103259] High CVE-2011-3900: Out-of-bounds write in v8. Credit to
512
Christian Holler
513
514
[ Micah Gersten <micahg@ubuntu.com> ]
515
* Add patch to build with glib 2.31 (single entry header inclusion)
516
- add debian/patches/glib-header-single-entry.patch
517
- update debian/patches/series
518
519
[ Brandon Snider <brandonsnider@ubuntu.com> ]
520
* Refresh user agent patch
521
- update debian/patches/chromium_useragent.patch.in
522
523
-- Micah Gersten <micahg@ubuntu.com> Mon, 30 Jan 2012 14:43:06 -0600
524
525
chromium-browser (15.0.874.120~r108895-0ubuntu1) unstable; urgency=low
526
527
* New upstream release from the Stable Channel (LP: #889711)
528
This release fixes the following security issues:
529
- [100465] High CVE-2011-3892: Double free in Theora decoder. Credit to Aki
530
Helin of OUSPG.
531
- [100492] [100543] Medium CVE-2011-3893: Out of bounds reads in MKV and
532
Vorbis media handlers. Credit to Aki Helin of OUSPG.
533
- [101172] High CVE-2011-3894: Memory corruption regression in VP8 decoding.
534
Credit to Andrew Scherkus of the Chromium development community.
535
- [101458] High CVE-2011-3895: Heap overflow in Vorbis decoder. Credit to
536
Aki Helin of OUSPG.
537
- [101624] High CVE-2011-3896: Buffer overflow in shader variable mapping.
538
Credit to Ken “strcpy” Russell of the Chromium development community.
539
- [102242] High CVE-2011-3897: Use-after-free in editing. Credit to pa_kt
540
reported through ZDI (ZDI-CAN-1416).
541
542
-- Micah Gersten <micahg@ubuntu.com> Sun, 13 Nov 2011 00:11:03 -0600
543
544
chromium-browser (15.0.874.106~r107270-0ubuntu1) unstable; urgency=low
545
546
* New upstream release from the Stable Channel (LP: #881786)
547
- This release fixes a regression with regard to logging into certain
548
websites
549
550
-- Micah Gersten <micahg@ubuntu.com> Wed, 26 Oct 2011 23:19:00 -0500
551
552
chromium-browser (15.0.874.102~r106587-0ubuntu1) unstable; urgency=low
553
554
* New upstream release from the Stable Channel (LP: #881786)
555
- fix LP: #881607 - Error initializing NSS without a persistent database
556
This release fixes the following security issues:
557
- [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to
558
Jordi Chancel.
559
- [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit
560
to Jordi Chancel.
561
- [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of
562
download filenames. Credit to Marc Novak.
563
- [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to
564
Google Chrome Security Team (Tom Sepez) plus independent discovery by
565
Juho Nurminen.
566
- [94487] Medium CVE-2011-3878: Race condition in worker process
567
initialization. Credit to miaubiz.
568
- [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to
569
Masato Kinugawa.
570
- [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit
571
to Vladimir Vorontsov, ONsec company.
572
- [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin
573
policy violations. Credit to Sergey Glazunov.
574
- [96292] High CVE-2011-3882: Use-after-free in media buffer handling.
575
Credit to Google Chrome Security Team (Inferno).
576
- [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to
577
miaubiz.
578
- [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to
579
Brian Ryner of the Chromium development community.
580
- [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale
581
style bugs leading to use-after-free. Credit to miaubiz.
582
- [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to
583
Christian Holler.
584
- [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to
585
Sergey Glazunov.
586
- [99138] High CVE-2011-3888: Use-after-free with plug-in and editing.
587
Credit to miaubiz.
588
- [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
589
- [99553] High CVE-2011-3890: Use-after-free in video source handling.
590
Credit to Ami Fischman of the Chromium development community.
591
- [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to
592
Steven Keuchel of the Chromium development community plus independent
593
discovery by Daniel Divricean.
594
595
[ Micah Gersten <micahg@ubuntu.com> ]
596
* Switch to xz debs; Add Pre-Depends on dpkg >= 1.15.6 which is needed
597
until after unstable
598
- update debian/rules
599
- update debian/control
600
601
[ Chris Coulson <chris.coulson@canonical.com> ]
602
* Refresh patches
603
- update debian/patches/dlopen_sonamed_gl.patch
604
- update debian/patches/webkit_rev_parser.patch
605
* Dropped patches, fixed upstream
606
- remove debian/patches/cups_1.5_build_fix.patch
607
- update debian/patches/series
608
* Don't depend on cdbs being installed to create a tarball
609
- update debian/rules
610
- update debian/cdbs/tarball.mk
611
612
[ Fabien Tassin ]
613
* Disable NaCl until we figure out what to do with the private toolchain
614
- update debian/rules
615
* Do not install the pseudo_locales files in the debs
616
- update debian/rules
617
* Add python-simplejson to Build-depends. This is needed by NaCl even with
618
NaCl disabled, so this is a temporary workaround to unbreak the build, it
619
must be fixed upstream
620
- update debian/control
621
622
-- Micah Gersten <micahg@ubuntu.com> Wed, 26 Oct 2011 02:52:39 -0500
623
624
chromium-browser (14.0.835.202~r103287-0ubuntu2) unstable; urgency=low
625
626
* Switch maintainer to Ubuntu Developers; Thanks to Fabien Tassin for all
627
his work on this package
628
- update debian/control
629
* Switch to internal libvpx; This makes updating easier after release
630
- update debian/rules
631
* Drop build dependency on libvpx due to the switch to internal libvpx
632
- update debian/control
633
* Switch to default libjpeg
634
- update debian/control
635
* Update Vcs-Bzr for unstable
636
- update debian/control
637
638
-- Micah Gersten <micahg@ubuntu.com> Tue, 18 Oct 2011 02:50:27 -0500
639
640
chromium-browser (14.0.835.202~r103287-0ubuntu1) unstable; urgency=low
641
642
* New upstream release from the Stable Channel (LP: #858744)
643
This release fixes the following security issues:
644
+ Chromium issues (13.0.782.220):
645
- Trust in Diginotar Intermediate CAs revoked
646
+ Chromium issues (14.0.835.163):
647
- [49377] High CVE-2011-2835: Race condition in the certificate cache.
648
Credit to Ryan Sleevi.
649
- [57908] Low CVE-2011-2837: Use PIC / pie compiler flags. Credit to
650
wbrana.
651
- [75070] Low CVE-2011-2838: Treat MIME type more authoritatively when
652
loading plug-ins. Credit to Michal Zalewski.
653
- [78639] High CVE-2011-2841: Garbage collection error in PDF. Credit to
654
Mario Gomes.
655
- [82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers.
656
Credit to Kostya Serebryany.
657
- [85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files. Credit
658
to Mario Gomes.
659
- [89564] Medium CVE-2011-2848: URL bar spoof with forward button. Credit
660
to Jordi Chancel.
661
- [89795] Low CVE-2011-2849: Browser NULL pointer crash with WebSockets.
662
Credit to Arthur Gerkis.
663
- [90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer characters.
664
Credit to miaubiz.
665
- [90173] Medium CVE-2011-2851: Out-of-bounds read in video handling.
666
Credit to Google Chrome Security Team (Inferno).
667
- [91197] High CVE-2011-2853: Use-after-free in plug-in handling. Credit
668
to Google Chrome Security Team (SkyLined).
669
- [93497] Medium CVE-2011-2859: Incorrect permissions assigned to
670
non-gallery pages. Credit to Bernhard ‘Bruhns’ Brehm
671
- [93596] Medium CVE-2011-2861: Bad string read in PDF. Credit to Aki
672
Helin of OUSPG.
673
- [95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan
674
characters. Credit to Google Chrome Security Team (Inferno).
675
- [95625] Medium CVE-2011-2858: Out-of-bounds read with triangle arrays.
676
Credit to Google Chrome Security Team (Inferno).
677
- [95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a
678
session. Credit to Nishant Yadant and Craig Chamberlain (@randomuserid).
679
+ Chromium issues (14.0.835.202):
680
- [95671] High CVE-2011-2878: Inappropriate cross-origin access to the
681
window prototype. Credit to Sergey Glazunov.
682
- [96150] High CVE-2011-2879: Lifetime and threading issues in audio node
683
handling. Credit to Google Chrome Security Team (Inferno).
684
- [98089] Critical CVE-2011-3873: Memory corruption in shader translator.
685
Credit to Zhenyao Mo.
686
+ Webkit issues (14.0.835.163):
687
- [78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with unusual
688
user interaction. Credit to kuzzcc.
689
- [89219] High CVE-2011-2846: Use-after-free in unload event handling.
690
Credit to Arthur Gerkis.
691
- [89330] High CVE-2011-2847: Use-after-free in document loader. Credit to
692
miaubiz.
693
- [89991] Medium CVE-2011-3234: Out-of-bounds read in box handling. Credit
694
to miaubiz.
695
- [92651] [94800] High CVE-2011-2854: Use-after-free in ruby / table style
696
handing. Credit to Sławomir Błażek, and independent later discoveries by
697
miaubiz and Google Chrome Security Team (Inferno).
698
- [92959] High CVE-2011-2855: Stale node in stylesheet handling. Credit to
699
Arthur Gerkis.
700
- [93420] High CVE-2011-2857: Use-after-free in focus controller. Credit
701
to miaubiz.
702
- [93587] High CVE-2011-2860: Use-after-free in table style handling.
703
Credit to miaubiz.
704
+ Webkit issues (14.0.835.202):
705
- [93788] High CVE-2011-2876: Use-after-free in text line box handling.
706
Credit to miaubiz.
707
- [95072] High CVE-2011-2877: Stale font in SVG text handling. Credit to
708
miaubiz.
709
+ LibXML issue (14.0.835.163):
710
- [93472] High CVE-2011-2834: Double free in libxml XPath handling. Credit
711
to Yang Dingning
712
+ V8 issues (14.0.835.163):
713
- [76771] High CVE-2011-2839: Crash in v8 script object wrappers. Credit
714
to Kostya Serebryany
715
- [91120] High CVE-2011-2852: Off-by-one in v8. Credit to Christian Holler
716
- [93416] High CVE-2011-2856: Cross-origin bypass in v8. Credit to Daniel
717
Divricean.
718
- [93906] High CVE-2011-2862: Unintended access to v8 built-in objects.
719
Credit to Sergey Glazunov.
720
- [95920] High CVE-2011-2875: Type confusion in v8 object sealing. Credit
721
to Christian Holler.
722
+ V8 issues (14.0.835.202):
723
- [97451] [97520] [97615] High CVE-2011-2880: Use-after-free in the v8
724
bindings. Credit to Sergey Glazunov.
725
- [97784] High CVE-2011-2881: Memory corruption with v8 hidden objects.
726
Credit to Sergey Glazunov.
727
728
[ Fabien Tassin ]
729
* Add libpulse-dev to Build-Depends, needed for WebRTC
730
- update debian/control
731
* Drop the HTML5 video patch, now committed upstream
732
- remove debian/patches/html5-codecs-fix.patch
733
- update debian/patches/series
734
* Rename ui/base/strings/app_strings.grd to ui_strings.grd following
735
the upstream rename, and add a mapping flag to the grit converter
736
- update debian/rules
737
* Add a "Conflicts" with -inspector so that it gets removed
738
- update debian/control
739
* Build with the default gcc-4.6 on unstable
740
- update debian/control
741
- update debian/rules
742
* Refresh Patches
743
744
-- Micah Gersten <micahg@ubuntu.com> Wed, 05 Oct 2011 04:06:44 -0500
745
746
chromium-browser (13.0.782.215~r97094-0ubuntu2) unstable; urgency=low
747
748
* Enable hardening on armel. LP: #641126.
749
750
-- Matthias Klose <doko@ubuntu.com> Wed, 21 Sep 2011 23:47:00 +0200
751
752
chromium-browser (13.0.782.215~r97094-0ubuntu1) unstable; urgency=high
753
754
* New upstream release from the Stable Channel
755
This release fixes the following security issues:
756
+ Chromium issues:
757
- [91517] High, CVE-2011-2828: Out-of-bounds write in v8. Credit to Google
758
Chrome Security Team (SkyLined).
759
+ Webkit issues:
760
- [82552] High, CVE-2011-2823: Use-after-free in line box handling. Credit
761
to Google Chrome Security Team (SkyLined) and independent later
762
discovery by miaubiz.
763
- [88216] High, CVE-2011-2824: Use-after-free with counter nodes. Credit
764
to miaubiz.
765
- [88670] High, CVE-2011-2825: Use-after-free with custom fonts. Credit to
766
wushi of team509 reported through ZDI (ZDI-CAN-1283), plus indepdendent
767
later discovery by miaubiz.
768
- [87453] High, CVE-2011-2826: Cross-origin violation with empty origins.
769
Credit to Sergey Glazunov.
770
- [90668] High, CVE-2011-2827: Use-after-free in text searching. Credit to
771
miaubiz.
772
- [32-bit only] [91598] High, CVE-2011-2829: Integer overflow in uniform
773
arrays. Credit to Sergey Glazunov.
774
+ libxml2 issue:
775
- [89402] High, CVE-2011-2821: Double free in libxml XPath handling.
776
Credit to Yang Dingning from NCNIPC, Graduate University of Chinese
777
Academy of Sciences.
778
Packaging changes:
779
* Fix a FTBFS with cups 1.5.0 by including individual cups headers
780
- add debian/patches/cups_1.5_build_fix.patch
781
- update debian/patches/series
782
783
-- Fabien Tassin <fta@ubuntu.com> Tue, 23 Aug 2011 07:22:44 +0200
784
785
chromium-browser (13.0.782.107~r94237-0ubuntu2) unstable; urgency=high
786
787
* Add libgles2-mesa-dev to Build-deps for Armel (only), fixing a FTBFS
788
- update debian/control
789
790
-- Fabien Tassin <fta@ubuntu.com> Wed, 03 Aug 2011 21:20:41 +0200
791
792
chromium-browser (13.0.782.107~r94237-0ubuntu1) unstable; urgency=high
793
794
* New Major upstream release from the Stable Channel
795
This release fixes the following security issues:
796
+ Chromium issues:
797
- [75821] Medium, CVE-2011-2358: Always confirm an extension install via a
798
browser dialog. Credit to Sergey Glazunov.
799
- [79266] Low, CVE-2011-2360: Potential bypass of dangerous file prompt.
800
Credit to kuzzcc.
801
- [79426] Low, CVE-2011-2361: Improve designation of strings in the basic
802
auth dialog. Credit to kuzzcc.
803
- [81307] Medium, CVE-2011-2782: File permissions error with drag and
804
drop. Credit to Evan Martin of the Chromium development community.
805
- [83273] Medium, CVE-2011-2783: Always confirm a developer mode NPAPI
806
extension install via a browser dialog. Credit to Sergey Glazunov.
807
- [84402] Low, CVE-2011-2785: Sanitize the homepage URL in extensions.
808
Credit to kuzzcc.
809
- [84805] Medium, CVE-2011-2787: Browser crash due to GPU lock re-entrancy
810
issue. Credit to kuzzcc.
811
- [85808] Medium, CVE-2011-2789: Use after free in Pepper plug-in
812
instantiation. Credit to Mario Gomes and kuzzcc.
813
- [87815] Low, CVE-2011-2798: Prevent a couple of internal schemes from
814
being web accessible. Credit to sirdarckcat of the Google Security Team.
815
- [88827] Medium, CVE-2011-2803: Out-of-bounds read in Skia paths. Credit
816
to Google Chrome Security Team (Inferno).
817
+ Webkit issues:
818
- [78841] High, CVE-2011-2359: Stale pointer due to bad line box tracking
819
in rendering. Credit to miaubiz and Martin Barbella.
820
- [83841] Low, CVE-2011-2784: Local file path disclosure via GL program
821
log. Credit to kuzzcc.
822
- [84600] Low, CVE-2011-2786: Make sure the speech input bubble is always
823
on-screen. Credit to Olli Pettay of Mozilla.
824
- [85559] Low, CVE-2011-2788: Buffer overflow in inspector serialization.
825
Credit to Mikołaj Małecki.
826
- [86502] High, CVE-2011-2790: Use-after-free with floating styles. Credit
827
to miaubiz.
828
- [87148] High, CVE-2011-2792: Use-after-free with float removal. Credit
829
to miaubiz.
830
- [87227] High, CVE-2011-2793: Use-after-free in media selectors. Credit
831
to miaubiz.
832
- [87298] Medium, CVE-2011-2794: Out-of-bounds read in text iteration.
833
Credit to miaubiz.
834
- [87339] Medium, CVE-2011-2795: Cross-frame function leak. Credit to Shih
835
Wei-Long.
836
- [87548] High, CVE-2011-2796: Use-after-free in Skia. Credit to Google
837
Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium
838
development community.
839
- [87729] High, CVE-2011-2797: Use-after-free in resource caching. Credit
840
to miaubiz.
841
- [87925] High, CVE-2011-2799: Use-after-free in HTML range handling.
842
Credit to miaubiz.
843
- [88337] Medium, CVE-2011-2800: Leak of client-side redirect target.
844
Credit to Juho Nurminen.
845
- [88591] High, CVE-2011-2802: v8 crash with const lookups. Credit to
846
Christian Holler.
847
- [88846] High, CVE-2011-2801: Use-after-free in frame loader. Credit to
848
miaubiz.
849
- [88889] High, CVE-2011-2818: Use-after-free in display box rendering.
850
Credit to Martin Barbella.
851
- [89520] High, CVE-2011-2805: Cross-origin script injection. Credit to
852
Sergey Glazunov.
853
- [90222] High, CVE-2011-2819: Cross-origin violation in base URI
854
handling. Credit to Sergey Glazunov.
855
+ ICU 4.6 issue:
856
- [86900] High, CVE-2011-2791: Out-of-bounds write in ICU. Credit to Yang
857
Dingning from NCNIPC, Graduate University of Chinese Academy of
858
Sciences.
859
Packaging changes:
860
* Add a "Conflicts" with -inspector so that it gets removed
861
- update debian/control
862
* Disable PIE for ARM on unstable too
863
- update debian/rules
864
* Run the gclient hooks when creating the source tarball, as we need files
865
from the Native Client's integrated runtime (IRT) library.
866
Install the NaCL IRT files in the main deb
867
- update debian/rules
868
- update debian/chromium-browser.install
869
* Drop obsolete patches
870
- remove debian/patches/cups_cleanup_cr6883221.patch
871
- update debian/patches/series
872
873
-- Fabien Tassin <fta@ubuntu.com> Tue, 02 Aug 2011 17:33:23 +0200
874
875
chromium-browser (12.0.742.112~r90304-0ubuntu1) unstable; urgency=high
876
877
* New Minor upstream release from the Stable Channel (LP: #803107)
878
This release fixes the following security issues:
879
+ WebKit issues:
880
- [84355] High, CVE-2011-2346: Use-after-free in SVG font handling.
881
Credit to miaubiz.
882
- [85003] High, CVE-2011-2347: Memory corruption in CSS parsing. Credit
883
to miaubiz.
884
- [85102] High, CVE-2011-2350: Lifetime and re-entrancy issues in the
885
HTML parser. Credit to miaubiz.
886
- [85211] High, CVE-2011-2351: Use-after-free with SVG use element.
887
Credit to miaubiz.
888
- [85418] High, CVE-2011-2349: Use-after-free in text selection. Credit
889
to miaubiz.
890
+ Chromium issues:
891
- [77493] Medium, CVE-2011-2345: Out-of-bounds read in NPAPI string
892
handling. Credit to Philippe Arteau.
893
- [85177] High, CVE-2011-2348: Bad bounds check in v8. Credit to Aki
894
Helin of OUSPG.
895
Packaging changes:
896
* Add Valencian (ca@valencia) to the list of supported langs for the
897
lang-packs
898
- update debian/rules
899
- update debian/control
900
* Add support for language variants in Grit, backported from trunk.
901
This is needed to support lang-codes like ca@valencia
902
- add debian/patches/grit_language_variants.patch
903
- update debian/patches/series
904
* Add a WANT_ONLY_WHITELISTED_NEW_LANGS knob to make it easier to
905
sync translations of new langs between all the branches
906
- update debian/rules
907
* Properly stop the keep-alive when the build fails
908
- update debian/rules
909
* Fix the HTML5 <video> tag regression in unstable by properly linking
910
libvpx so it's not being dropped from libffmpegsumo.so (LP: #795171)
911
- add debian/patches/html5-codecs-fix.patch
912
- update debian/patches/series
913
* Drop the -inspector package, its content has been merged into the main deb
914
in M12 and the deb remained empty since.
915
Also drop chromium-codecs-ffmpeg-nonfree, renamed in M5 to -extra
916
- update debian/control
917
- update debian/rules
918
* Backport of http://codereview.chromium.org/6883221 from M13 presumably
919
fixing the ARM ftbfs from the last update, and set use_cups=0 on armel
920
- add debian/patches/cups_cleanup_cr6883221.patch
921
- update debian/patches/series
922
- update debian/rules
923
924
-- Fabien Tassin <fta@ubuntu.com> Tue, 28 Jun 2011 07:17:52 +0200
925
926
chromium-browser (12.0.742.91~r87961-0ubuntu1) unstable; urgency=high
927
928
* New upstream release from the Stable Channel (LP: #794197)
929
It includes:
930
- Hardware accelerated 3D CSS
931
- New Safe Browsing protection against downloading malicious files
932
- Ability to delete Flash cookies from inside Chrome
933
- Launch Web Apps by name from the Omnibox
934
- Integrated Sync into new settings pages
935
- Removal of support for Google Gears
936
This release fixes the following security issues:
937
+ WebKit issues:
938
- [73962] [79746] High CVE-2011-1808: Use-after-free due to integer
939
issues in float handling. Credit to miaubiz.
940
- [75496] Medium CVE-2011-1809: Use-after-free in accessibility support.
941
Credit to Google Chrome Security Team (SkyLined).
942
- [75643] Low CVE-2011-1810: Visit history information leak in CSS.
943
Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability
944
Research (MSVR).
945
- [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit
946
to kuzzcc.
947
- [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to
948
miaubiz.
949
- [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey
950
Glazunov.
951
+ Chromium issues:
952
- [76034] Low CVE-2011-1811: Browser crash with lots of form submissions.
953
Credit to “DimitrisV22”.
954
- [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to
955
kuzzcc.
956
- [78516] High CVE-2011-1813: Stale pointer in extension framework.
957
Credit to Google Chrome Security Team (Inferno).
958
- [79862] Low CVE-2011-1815: Extension script injection into new tab
959
page. Credit to kuzzcc.
960
- [81916] Medium CVE-2011-1817: Browser memory corruption in history
961
deletion. Credit to Collin Payne.
962
- [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages.
963
Credit to Vladislavas Jarmalis, plus subsequent independent discovery
964
by Sergey Glazunov.
965
- [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey
966
Glazunov.
967
Packaging changes:
968
* Provide a batch of translations for the Unity quicklists, and update
969
the regular desktop translations
970
- update debian/chromium-browser.desktop
971
* Add a keep-alive script preventing the builders from killing the build
972
when it's not echoing anything for too long (useful when linking
973
the main binary with ld-bfd)
974
- add debian/keep-alive.sh
975
- update debian/rules
976
* Drop the gtk resize patch, now that upstream does it for us
977
- remove debian/patches/disable_gtk_resize_grip_on_natty.patch
978
- update debian/patches/series
979
* Drop the xdg-utils patch and use the system xdg tools when we
980
detect that xdg-setting is present on the system (ensuring it's a recent
981
enough xdg-utils)
982
- update debian/chromium-browser.sh.in
983
- remove debian/patches/xdg-utils_gnome3_lp670128_for_natty.patch
984
- update debian/patches/series
985
* Drop the stored passwords patch
986
- remove debian/patches/stored_passwords_lp743494.patch
987
- update debian/patches/series
988
* Drop the dedicated webapp WMClass patch
989
- remove debian/patches/webapps-wm-class-lp692462.patch
990
- update debian/patches/series
991
* When building with a non-default g++, also link with the same version
992
- update debian/rules
993
* Empty the -inspector package now that it has been merged into the main
994
resources.pak file (so that the Inspector remains usable after an upgrade
995
until the next browser restart). Also remove the resources directory,
996
now empty
997
- remove debian/chromium-browser-inspector.install
998
- update debian/chromium-browser.dirs
999
- update debian/rules
1000
1001
-- Fabien Tassin <fta@ubuntu.com> Thu, 26 May 2011 17:16:41 +0200
1002
1003
chromium-browser (11.0.696.71~r86024-0ubuntu1) unstable; urgency=low
1004
1005
* New Minor upstream release from the Stable Channel (LP: #787846)
1006
This release fixes the following security issues:
1007
+ WebKit issues:
1008
- [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De
1009
Silva.
1010
- [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit
1011
to Martin Barbella.
1012
- [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling.
1013
Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany
1014
of the Chromium development community.
1015
- other issues covered by CVE-2011-1802, CVE-2011-1803, CVE-2011-1805
1016
+ GPU/WebGL issue:
1017
- [82873] Critical, CVE-2011-1806: Memory corruption in GPU command
1018
buffer. Credit to Google Chrome Security Team (Cris Neckar).
1019
* Update the svg icon once again, the previous one contained an embedded png
1020
(LP: #748881)
1021
- update debian/chromium-browser.svg
1022
* Don't build with libjpeg-turbo on armel, to prevent a FTBFS
1023
- update debian/rules
1024
1025
-- Fabien Tassin <fta@ubuntu.com> Thu, 24 May 2011 23:42:08 +0200
1026
1027
chromium-browser (11.0.696.68~r84545-0ubuntu1) unstable; urgency=high
1028
1029
* New Minor upstream release from the Stable Channel (LP: #781822)
1030
This release fixes the following security issues:
1031
+ WebKit issues:
1032
- [64046] High, CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit
1033
to Google Chrome Security Team (SkyLined).
1034
- [80608] High, CVE-2011-1800: Integer overflows in SVG filters. Credit
1035
to Google Chrome Security Team (Cris Neckar).
1036
1037
-- Fabien Tassin <fta@ubuntu.com> Thu, 12 May 2011 19:37:35 +0200
1038
1039
chromium-browser (11.0.696.65~r84435-0ubuntu1) unstable; urgency=high
1040
1041
* New Minor upstream release from the Stable Channel (LP: #778822)
1042
This release fixes the following security issues:
1043
+ WebKit issues:
1044
- [67923] High, CVE-2011-1793: stale pointer in SVG image handling
1045
(credit: Mitz)
1046
- [78327] High, CVE-2011-1794: integer overflow in SVG filters (credit:
1047
Inferno)
1048
- [78948] High, CVE-2011-1795: integer underflow in forms handling
1049
(credit: Cris Neckar)
1050
- [79055] High, CVE-2011-1796: use-after-free in frame handling (credit:
1051
Inferno)
1052
- [79075] High, CVE-2011-1797: stale pointer in table captioning (credit:
1053
wushi)
1054
- [79595] High, CVE-2011-1798: bad cast in SVG text handling (credit:
1055
Inferno)
1056
* Add a static quicklist for Unity allowing to open a new window (either regular
1057
or incognito) or a fresh session with a temporary profile
1058
- update debian/chromium-browser.desktop
1059
* Don't let scour touch the svg files (LP: #748881)
1060
- update debian/rules
1061
* Pass --delete_unversioned_trees to gclient and drop the git.chromium.org
1062
workaround.
1063
- update debian/rules
1064
* Build with gcc-4.5 on unstable for now. It's not ready for 4.6
1065
- update debian/control
1066
- update debian/rules
1067
1068
-- Fabien Tassin <fta@ubuntu.com> Fri, 06 May 2011 23:04:53 +0200
1069
1070
chromium-browser (11.0.696.57~r82915-0ubuntu1) natty-security; urgency=high
1071
1072
* New Major upstream release from the Stable Channel (LP: #771935)
1073
This release fixes the following security issues:
1074
+ WebKit issues:
1075
- [61502] High, CVE-2011-1303: Stale pointer in floating object handling.
1076
Credit to Scott Hess of the Chromium development community and Martin
1077
Barbella.
1078
- [70538] Low, CVE-2011-1304: Pop-up block bypass via plug-ins. Credit to
1079
Chamal De Silva.
1080
- [70589] Medium, CVE-2011-1305: Linked-list race in database handling.
1081
Credit to Kostya Serebryany of the Chromium development community.
1082
- [73526] High, CVE-2011-1437: Integer overflows in float rendering.
1083
Credit to miaubiz.
1084
- [74653] High, CVE-2011-1438: Same origin policy violation with blobs.
1085
Credit to kuzzcc.
1086
- [75186] High, CVE-2011-1440: Use-after-free with <ruby> tag and CSS.
1087
Credit to Jose A. Vazquez.
1088
- [75347] High, CVE-2011-1441: Bad cast with floating select lists.
1089
Credit to Michael Griffiths.
1090
- [75801] High, CVE-2011-1442: Corrupt node trees with mutation events.
1091
Credit to Sergey Glazunov and wushi of team 509.
1092
- [76001] High, CVE-2011-1443: Stale pointers in layering code. Credit to
1093
Martin Barbella.
1094
- [76646] Medium, CVE-2011-1445: Out-of-bounds read in SVG. Credit to
1095
wushi of team509.
1096
- [76666] [77507] [78031] High, CVE-2011-1446: Possible URL bar spoofs
1097
with navigation errors and interrupted loads. Credit to kuzzcc.
1098
- [76966] High, CVE-2011-1447: Stale pointer in drop-down list handling.
1099
Credit to miaubiz.
1100
- [77130] High, CVE-2011-1448: Stale pointer in height calculations.
1101
Credit to wushi of team509.
1102
- [77346] High, CVE-2011-1449: Use-after-free in WebSockets. Credit to
1103
Marek Majkowski.
1104
- [77463] High, CVE-2011-1451: Dangling pointers in DOM id map. Credit to
1105
Sergey Glazunov.
1106
- [79199] High, CVE-2011-1454: Use-after-free in DOM id handling. Credit
1107
to Sergey Glazunov.
1108
+ Chromium issues:
1109
- [71586] Medium, CVE-2011-1434: Lack of thread safety in MIME handling.
1110
Credit to Aki Helin.
1111
- [72523] Medium, CVE-2011-1435: Bad extension with ‘tabs’ permission can
1112
capture local files. Credit to Cole Snodgrass.
1113
- [72910] Low, CVE-2011-1436: Possible browser crash due to bad
1114
interaction with X. Credit to miaubiz.
1115
- [76542] High, CVE-2011-1444: Race condition in sandbox launcher. Credit
1116
to Dan Rosenberg.
1117
- [77349] Low, CVE-2011-1450: Dangling pointers in file dialogs. Credit
1118
to kuzzcc.
1119
- [77786] Medium, CVE-2011-1452: URL bar spoof with redirect and manual
1120
reload. Credit to Jordi Chancel.
1121
- [74763] High, CVE-2011-1439: Prevent interference between renderer
1122
processes. Credit to Julien Tinnes of the Google Security Team.
1123
* Fix the password store regression from the last Chromium 10 update.
1124
Backport from trunk provided by Elliot Glaysher from upstream (LP: #743494)
1125
- add debian/patches/stored_passwords_lp743494.patch
1126
- update debian/patches/series
1127
* Fix the dedicated webapp WMClass (needed by Unity/bamf).
1128
Don't change the WMClass at all on XFCE where it is displayed to
1129
the user as a title (which it isn't). This is a backport
1130
of upstream revisions 82581 & 82672 (LP: #692462)
1131
- update debian/patches/webapps-wm-class-lp692462.patch
1132
* Update the SVG logo to match the new simplified 2D logo (LP: #748881)
1133
- update debian/chromium-browser.svg
1134
* Ship the app icon in all the sizes provided upstream
1135
- update debian/rules
1136
* Add libpam0g-dev to Build-depends, needed by "Chromoting"
1137
- update debian/control
1138
* Enable the new use_third_party_translations flag at build time (it enables
1139
the Launchpad translations already used in Ubuntu since Chromium 8)
1140
- update debian/rules
1141
1142
-- Fabien Tassin <fta@ubuntu.com> Wed, 27 Apr 2011 17:31:35 +0200
1143
1144
chromium-browser (10.0.648.205~r81283-0ubuntu1) natty; urgency=high
1145
1146
* New upstream minor release from the Stable Channel (LP: #762275)
1147
This release fixes the following security issues:
1148
- [75629] Critical, CVE-2011-1301: Use-after-free in the GPU process.
1149
Credit to Google Chrome Security Team (Inferno).
1150
- [78524] Critical, CVE-2011-1302: Heap overflow in the GPU process. Credit
1151
to Christoph Diehl.
1152
* Make the default mail client and browser settings work with the
1153
x-scheme-handler method of registering URI handlers in gnome3.
1154
This is based on the xdg-utils 1.1.0~rc1-2ubuntu3 fix by Chris Coulson
1155
<chris.coulson@canonical.com>, itself based on Bastien Nocera <hadess@hadess.net>
1156
upstream fix (LP: #670128)
1157
- add debian/patches/xdg-utils_gnome3_lp670128_for_natty.patch
1158
- update debian/patches/series
1159
* Fix the apport hooks to pass the expected 'ui' to add_info(), needed when
1160
called from apport/ubuntu-bug (LP: #759635)
1161
- update debian/apport/chromium-browser.py
1162
* Report a dedicated WMClass per webapp, needed by Unity/bamf.
1163
(backported from trunk) (LP: #692462)
1164
- add debian/patches/webapps-wm-class-lp692462.patch
1165
- update debian/patches/series
1166
1167
-- Fabien Tassin <fta@ubuntu.com> Thu, 14 Apr 2011 22:36:16 +0200
1168
1169
chromium-browser (10.0.648.204~r79063-0ubuntu2) natty; urgency=high
1170
1171
* NaCL may be blacklisted, so only include it when it's actually been
1172
built (fixes the ftbfs on arm) (LP: #745854)
1173
- update debian/rules
1174
- update debian/chromium-browser.install
1175
* Harden the apport hooks in the extensions section
1176
- update debian/apport/chromium-browser.py
1177
1178
-- Fabien Tassin <fta@ubuntu.com> Wed, 30 Mar 2011 19:51:36 +0200
1179
1180
chromium-browser (10.0.648.204~r79063-0ubuntu1) natty; urgency=high
1181
1182
* New upstream minor release from the Stable Channel (LP: #742118)
1183
This release fixes the following security issues:
1184
+ Webkit bugs:
1185
- [73216] High, CVE-2011-1292: Use-after-free in the frame loader. Credit
1186
to Sławomir Błażek.
1187
- [73595] High, CVE-2011-1293: Use-after-free in HTMLCollection. Credit
1188
to Sergey Glazunov.
1189
- [74562] High, CVE-2011-1294: Stale pointer in CSS handling. Credit to
1190
Sergey Glazunov.
1191
- [74991] High, CVE-2011-1295: DOM tree corruption with broken node
1192
parentage. Credit to Sergey Glazunov.
1193
- [75170] High, CVE-2011-1296: Stale pointer in SVG text handling. Credit
1194
to Sergey Glazunov.
1195
+ Chromium bugs:
1196
- [72517] High, CVE-2011-1291: Buffer error in base string handling.
1197
Credit to Alex Turpin.
1198
Packaging changes:
1199
* Set arm_fpu=vfpv3-d16 on arm (less restrictive than the default vfpv3)
1200
preventing a SIGILL crash on some boards (LP: #735877)
1201
- update debian/control
1202
* Install libppGoogleNaClPluginChrome.so (LP: #738331)
1203
- update debian/rules
1204
- update debian/chromium-browser.install
1205
1206
-- Fabien Tassin <fta@ubuntu.com> Thu, 24 Mar 2011 23:05:14 +0100
1207
1208
chromium-browser (10.0.648.133~r77742-0ubuntu1) natty; urgency=high
1209
1210
* New upstream security release from the Stable Channel (LP: #733514)
1211
+ Webkit:
1212
- CVE-2011-1290 [75712] High, Memory corruption in style handling. Credit
1213
to Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers reported
1214
through ZDI.
1215
1216
-- Fabien Tassin <fta@ubuntu.com> Fri, 11 Mar 2011 22:10:11 +0100
1217
1218
chromium-browser (10.0.648.127~r76697-0ubuntu1) natty; urgency=high
1219
1220
* New upstream major release from the Stable Channel (LP: #731520)
1221
It includes:
1222
- New version of V8 - Crankshaft - which greatly improves javascript
1223
performance
1224
- New settings pages that open in a tab, rather than a dialog box
1225
- Improved security with malware reporting and disabling outdated plugins
1226
by default
1227
- Password sync as part of Chrome Sync now enabled by default
1228
- GPU Accelerated Video
1229
- Background WebApps
1230
- webNavigation extension API
1231
This release also fixes the following security issues:
1232
+ Webkit bugs:
1233
- [42574] [42765] Low, Possible to navigate or close the top location in
1234
a sandboxed frame. Credit to sirdarckcat of the Google Security Team.
1235
- [69628] High, Memory corruption with counter nodes. Credit to Martin
1236
Barbella.
1237
- [70027] High, Stale node in box layout. Credit to Martin Barbella.
1238
- [70336] Medium, Cross-origin error message leak with workers. Credit to
1239
Daniel Divricean.
1240
- [70442] High, Use after free with DOM URL handling. Credit to Sergey
1241
Glazunov.
1242
- [70779] Medium, Out of bounds read handling unicode ranges. Credit to
1243
miaubiz.
1244
- [70885] [71167] Low, Pop-up blocker bypasses. Credit to Chamal de
1245
Silva.
1246
- [71763] High, Use-after-free in document script lifetime handling.
1247
Credit to miaubiz.
1248
- [72028] High, Stale pointer in table painting. Credit to Martin
1249
Barbella.
1250
- [73066] High, Crash with the DataView object. Credit to Sergey
1251
Glazunov.
1252
- [73134] High, Bad cast in text rendering. Credit to miaubiz.
1253
- [73196] High, Stale pointer in WebKit context code. Credit to Sergey
1254
Glazunov.
1255
- [73746] High, Stale pointer with SVG cursors. Credit to Sergey
1256
Glazunov.
1257
- [74030] High, DOM tree corruption with attribute handling. Credit to
1258
Sergey Glazunov.
1259
+ Chromium bugs:
1260
- [49747] Low, Work around an X server bug and crash with long messages.
1261
Credit to Louis Lang.
1262
- [66962] Low, Possible browser crash with parallel print()s. Credit to
1263
Aki Helin of OUSPG.
1264
- [69187] Medium, Cross-origin error message leak. Credit to Daniel
1265
Divricean.
1266
- [70877] High, Same origin policy bypass in v8. Credit to Daniel
1267
Divricean.
1268
+ v8:
1269
- [74662] High, Corruption via re-entrancy of RegExp code. Credit to
1270
Christian Holler.
1271
- [74675] High, Invalid memory access in v8. Credit to Christian Holler.
1272
+ ffmpeg:
1273
- [71788] High, Out-of-bounds write in the OGG container. Credit to
1274
Google Chrome Security Team (SkyLined); plus subsequent independent
1275
discovery by David Weston of Microsoft and MSVR.
1276
- [73026] High, Use of corrupt out-of-bounds structure in video code.
1277
Credit to Tavis Ormandy of the Google Security Team.
1278
+ libxslt:
1279
- [73716] Low, Leak of heap address in XSLT. Credit to Google Chrome
1280
Security Team (Chris Evans).
1281
Packaging changes:
1282
* Promote Uyghur to the list of supported translations
1283
- update debian/rules
1284
- update debian/control
1285
* Fix the FTBFS on arm by re-adding the lost arm_neon=0, and really set armv7=1
1286
on maverick and natty
1287
- update debian/rules
1288
* Fix the broken symlinks in /usr/share/doc created by CDBS (See LP: #194574)
1289
- update debian/rules
1290
* Add libxt-dev to Build-deps needed by ppGoogleNaClPluginChrome
1291
- update debian/control
1292
* Fix the Webkit version in about:version (the build system expects the svn
1293
or git directories to be available at build time)
1294
- add debian/patches/webkit_rev_parser.patch
1295
- update debian/patches/series
1296
1297
-- Fabien Tassin <fta@ubuntu.com> Tue, 08 Mar 2011 17:19:58 +0100
1298
1299
chromium-browser (9.0.597.107~r75357-0ubuntu1) natty; urgency=high
1300
1301
* New upstream release from the Stable Channel (LP: #726895)
1302
This release fixes the following security issues:
1303
+ Webkit bugs:
1304
- [54262] High, URL bar spoof with history interaction. Credit to Jordi
1305
Chancel.
1306
- [68263] High, Stylesheet node stale pointer. Credit to Sergey Glazunov.
1307
- [68741] High, Stale pointer with key frame rule. Credit to Sergey
1308
Glazunov.
1309
- [70078] High, Crash with forms controls. Credit to Stefan van Zanden.
1310
- [70244] High, Crash in SVG rendering. Credit to Sławomir Błażek.
1311
- [71114] High, Stale node in table child handling. Credit to Martin
1312
Barbella.
1313
- [71115] High, Stale pointer in table rendering. Credit to Martin
1314
Barbella.
1315
- [71296] High, Stale pointer in SVG animations. Credit to miaubiz.
1316
- [71386] High, Stale nodes in XHTML. Credit to wushi of team509.
1317
- [71388] High, Crash in textarea handling. Credit to wushi of team509.
1318
- [71595] High, Stale pointer in device orientation. Credit to Sergey
1319
Glazunov.
1320
- [71855] High, Integer overflow in textarea handling. Credit to miaubiz.
1321
- [71960] Medium, Out-of-bounds read in WebGL. Credit to Google Chrome
1322
Security Team (Inferno).
1323
- [73235] High, Stale pointer in layout. Credit to Martin Barbella.
1324
+ Chromium bugs:
1325
- [63732] High, Crash with javascript dialogs. Credit to Sergey
1326
Radchenko.
1327
- [64-bit only] [70376] Medium, Out-of-bounds read in pickle
1328
deserialization. Credit to Evgeniy Stepanov of the Chromium development
1329
community.
1330
- [71717] Medium, Out-of-bounds read in WebGL. Credit to miaubiz.
1331
- [72214] High, Accidental exposure of internal extension functions.
1332
Credit to Tavis Ormandy of the Google Security Team.
1333
- [72437] High, Use-after-free with blocked plug-ins. Credit to Chamal de
1334
Silva.
1335
* Bump the lang-pack package from Suggests to Recommends (LP: #689267)
1336
- update debian/control
1337
* Disable PIE on Armel/Lucid (LP: #716703)
1338
- update debian/rules
1339
* Add the disk usage to the Apport hooks
1340
- update debian/apport/chromium-browser.py
1341
* Drop gyp from Build-Depends, use in-source gyp instead
1342
- update debian/control
1343
* Merge back the ffmpeg codecs (from the chromium-codecs-ffmpeg source package)
1344
- update debian/rules
1345
- update debian/control
1346
- add debian/chromium-codecs-ffmpeg-extra.install
1347
- add debian/chromium-codecs-ffmpeg.install
1348
1349
-- Fabien Tassin <fta@ubuntu.com> Tue, 01 Mar 2011 00:14:02 +0100
1350
1351
chromium-browser (9.0.597.94~r73967-0ubuntu1) natty; urgency=high
1352
1353
* New upstream release from the Stable Channel (LP: #715357)
1354
This release fixes the following security issues:
1355
- [67234] High, Stale pointer in animation event handling. Credit to Rik
1356
Cabanier.
1357
- [68120] High, Use-after-free in SVG font faces. Credit to miaubiz.
1358
- [69556] High, Stale pointer with anonymous block handling. Credit to
1359
Martin Barbella.
1360
- [69970] Medium, Out-of-bounds read in plug-in handling. Credit to Bill
1361
Budge of Google.
1362
- [70456] Medium, Possible failure to terminate process on out-of-memory
1363
condition. Credit to David Warren of CERT/CC.
1364
* Update the gl dlopen patch to search for libGLESv2.so.2 instead of .1
1365
- update debian/patches/dlopen_sonamed_gl.patch
1366
1367
-- Fabien Tassin <fta@ubuntu.com> Tue, 08 Feb 2011 20:18:51 +0100
1368
1369
chromium-browser (9.0.597.84~r72991-0ubuntu1) natty; urgency=high
1370
1371
* New upstream release from the Stable Channel (LP: #712655)
1372
This release fixes the following security issues:
1373
- [55831] High, Use-after-free in image loading. Credit to Aki Helin of
1374
OUSPG.
1375
- [59081] Low, Apply some restrictions to cross-origin drag + drop. Credit
1376
to Google Chrome Security Team (SkyLined) and the Google Security Team
1377
(Michal Zalewski, David Bloom).
1378
- [62791] Low, Browser crash with extension with missing key. Credit to
1379
Brian Kirchoff.
1380
- [64669] Low, Handle merging of autofill profiles more gracefully. Credit
1381
to Google Chrome Security Team (Inferno).
1382
- [68244] Low, Browser crash with bad volume setting. Credit to Matthew
1383
Heidermann.
1384
- [69195] Critical, Race condition in audio handling. Credit to the gamers
1385
of Reddit!
1386
* Add the app/resources/app_strings.grd template to the list
1387
of templates translated in Launchpad
1388
- update debian/rules
1389
* Drop the gcc 4.5 work-around, applied upstream
1390
- remove debian/patches/gcc-4.5-build-workaround.patch
1391
- update debian/patches/series
1392
* Drop gcc 4.2/4.3 from Build-depends and remove the gcc 4.4 workarounds
1393
now done in the upstream gyp files
1394
- update debian/control
1395
- update debian/rules
1396
* Add libxtst-dev to Build-deps now that chromoting uses the XTest extension
1397
to execute mouse and keyboard events
1398
- update debian/control
1399
* Remove GNOME_DESKTOP_SESSION_ID from the Apport report, it's useless
1400
- update debian/apport/chromium-browser.py
1401
* Add a system to enable/disable distribution specific patches from the quilt
1402
series
1403
- add debian/enable-dist-patches.pl
1404
- update debian/rules
1405
* Disable the gtk resize grip on Natty (LP: #703451)
1406
Original patch by Cody Russell <crussell@ubuntu.com>, ported to v9
1407
- add debian/patches/disable_gtk_resize_grip_on_natty.patch
1408
- update debian/patches/series
1409
* Fix the libgnutls dlopen to look for the sonamed lib
1410
- add debian/patches/dlopen_libgnutls.patch
1411
- update debian/patches/series
1412
* Fix the libosmesa/libGLESv2/libEGL dlopen() to look for the sonamed libs.
1413
This assumes either the libgles2-mesa + libegl1-mesa packages (better) or
1414
the libosmesa6 package are installed
1415
- add debian/patches/dlopen_sonamed_gl.patch
1416
- update debian/patches/series
1417
1418
-- Fabien Tassin <fta@ubuntu.com> Thu, 03 Feb 2011 22:56:37 +0100
1419
1420
chromium-browser (8.0.552.237~r70801-0ubuntu1) natty; urgency=high
1421
1422
* New upstream release from the Stable Channel (LP: #702542)
1423
This release fixes the following security issues:
1424
- [58053] Medium, Browser crash in extensions notification handling. Credit
1425
to Eric Roman of the Chromium development community.
1426
- [65764] High, Bad pointer handling in node iteration. Credit to Sergey
1427
Glazunov.
1428
- [66560] High, Stale pointer with CSS + canvas. Credit to Sergey Glazunov.
1429
- [66748] High, Stale pointer with CSS + cursors. Credit to Jan Tošovský.
1430
- [67303] High, Bad memory access with mismatched video frame sizes. Credit
1431
to Aki Helin of OUSPG; plus independent discovery by Google Chrome
1432
Security Team (SkyLined) and David Warren of CERT.
1433
- [67363] High, Stale pointer with SVG use element. Credited anonymously;
1434
plus indepdent discovery by miaubiz.
1435
- [67393] Medium, Uninitialized pointer in the browser triggered by rogue
1436
extension. Credit to kuzzcc.
1437
- [68115] High, Vorbis decoder buffer overflows. Credit to David Warren of
1438
CERT.
1439
- [68178] High, Bad cast in anchor handling. Credit to Sergey Glazunov.
1440
- [68181] High, Bad cast in video handling. Credit to Sergey Glazunov.
1441
- [68439] High, Stale rendering node after DOM node removal. Credit to
1442
Martin Barbella; plus independent discovery by Google Chrome Security
1443
Team (SkyLined).
1444
- [68666] Critical, Stale pointer in speech handling. Credit to Sergey
1445
Glazunov.
1446
* Add the chrome/app/policy/policy_templates.grd template to the list
1447
of templates translated in Launchpad
1448
- update debian/rules
1449
* Add Basque and Galician to the list of supported langs for the lang-packs
1450
(translations from Launchpad/Rosetta)
1451
- update debian/rules
1452
1453
-- Fabien Tassin <fta@ubuntu.com> Thu, 13 Jan 2011 07:31:05 +0100
1454
1455
chromium-browser (8.0.552.224~r68599-0ubuntu1) natty; urgency=high
1456
1457
* New upstream release from the Stable Channel (LP: #689849)
1458
This release fixes the following security issues:
1459
- [64-bit Linux only] [56449] High Bad validation for message
1460
deserialization on 64-bit builds. Credit to Lei Zhang of the Chromium
1461
development community.
1462
- [60761] Medium, Bad extension can cause browser crash in tab handling.
1463
Credit to kuzzcc.
1464
- [63529] Low, Browser crash with NULL pointer in web worker handling.
1465
Credit to Nathan Weizenbaum of Google.
1466
- [63866] Medium, Out-of-bounds read in CSS parsing. Credit to Chris Rohlf.
1467
- [64959] High, Stale pointers in cursor handling. Credit to Sławomir
1468
Błażek and Sergey Glazunov.
1469
* Don't build with PIE on Natty/armel, for the same reason as for Maverick
1470
- update debian/rules
1471
1472
-- Fabien Tassin <fta@ubuntu.com> Mon, 13 Dec 2010 21:21:39 +0100
1473
1474
chromium-browser (8.0.552.215~r67652-0ubuntu1) natty; urgency=high
1475
1476
* New upstream Major release from the Stable Channel (LP: #684502), also
1477
fixing the following security issues:
1478
- [17655] Low, Possible pop-up blocker bypass. Credit to Google Chrome
1479
Security Team (SkyLined).
1480
- [55745] Medium, Cross-origin video theft with canvas. Credit to Nirankush
1481
Panchbhai and Microsoft Vulnerability Research (MSVR).
1482
- [56237] Low, Browser crash with HTML5 databases. Credit to Google Chrome
1483
Security Team (Inferno).
1484
- [58319] Low, Prevent excessive file dialogs, possibly leading to browser
1485
crash. Credit to Cezary Tomczak (gosu.pl).
1486
- [59554] High, Use after free in history handling. Credit to Stefan
1487
Troger.
1488
- [59817] Medium, Make sure the “dangerous file types” list is uptodate
1489
with the Windows platforms. Credit to Billy Rios of the Google Security
1490
Team.
1491
- [61701] Low, Browser crash with HTTP proxy authentication. Credit to
1492
Mohammed Bouhlel.
1493
- [61653] Medium, Out-of-bounds read regression in WebM video support.
1494
Credit to Google Chrome Security Team (Chris Evans), based on earlier
1495
testcases from Mozilla and Microsoft (MSVR).
1496
- [62127] High, Crash due to bad indexing with malformed video. Credit to
1497
miaubiz.
1498
- [62168] Medium, Possible browser memory corruption via malicious
1499
privileged extension. Credit to kuzzcc.
1500
- [62401] High, Use after free with SVG animations. Credit to Sławomir
1501
Błażek.
1502
- [63051] Medium, Use after free in mouse dragging event handling. Credit
1503
to kuzzcc.
1504
- [63444] High, Double free in XPath handling. Credit to Yang Dingning from
1505
NCNIPC, Graduate University of Chinese Academy of Sciences.
1506
* Work-around a gcc 4.5 miscompilation bug causing regression in the
1507
omnibar, breaking searches (LP: #664584)
1508
- add debian/patches/gcc-4.5-build-workaround.patch
1509
- update debian/patches/series
1510
* Automatically merge Launchpad translations with the upstream grit files and
1511
produce patches in the source tarball. Apply those patches at build time
1512
during configure
1513
- update debian/rules
1514
* Add x-scheme-handler/http and x-scheme-handler/https to the MimeType
1515
entry of the desktop file (needed on Natty where handlers are no longer
1516
searched for in gconf)
1517
- update debian/chromium-browser.desktop
1518
1519
-- Fabien Tassin <fta@ubuntu.com> Thu, 02 Dec 2010 20:32:06 +0100
1520
1521
chromium-browser (7.0.517.44~r64615-0ubuntu1) natty; urgency=high
1522
1523
* New upstream Major release from the Stable Channel (LP: #671420), also
1524
fixing the following security issues:
1525
- [51602] High, Use-after-free in text editing. Credit to David Bloom of
1526
the Google Security Team, Google Chrome Security Team (Inferno) and
1527
Google Chrome Security Team (Cris Neckar).
1528
- [55257] High, Memory corruption with enormous text area. Credit to wushi
1529
of team509.
1530
- [58657] High, Bad cast with the SVG use element. Credit to the kuzzcc.
1531
- [58731] High, Invalid memory read in XPath handling. Credit to Bui Quang
1532
Minh from Bkis (www.bkis.com).
1533
- [58741] High, Use-after-free in text control selections. Credit to
1534
“vkouchna”.
1535
- [59320] High, Integer overflows in font handling. Credit to Aki Helin of
1536
OUSPG.
1537
- [60055] High, Memory corruption in libvpx. Credit to Christoph Diehl.
1538
- [60238] High, Bad use of destroyed frame object. Credit to various
1539
developers, including “gundlach”.
1540
- [60327] [60769] [61255] High, Type confusions with event objects. Credit
1541
to “fam.lam” and Google Chrome Security Team (Inferno).
1542
- [60688] High, Out-of-bounds array access in SVG handling. Credit to wushi
1543
of team509.
1544
* Work-around a gcc 4.5 miscompilation bug causing a regression in the
1545
omnibar, breaking searches (LP: #664584)
1546
- add debian/patches/gcc-4.5-build-workaround.patch
1547
- update debian/patches/series
1548
1549
-- Fabien Tassin <fta@ubuntu.com> Thu, 04 Nov 2010 20:53:09 +0100
1550
1551
chromium-browser (7.0.517.41~r62167-0ubuntu1) natty; urgency=high
1552
1553
* New upstream Major release from the Stable Channel (LP: #663523), also
1554
fixing the following security issues:
1555
- [48225] [51727] Medium, Possible autofill / autocomplete profile
1556
spamming. Credit to Google Chrome Security Team (Inferno).
1557
- [48857] High, Crash with forms. Credit to the Chromium development
1558
community.
1559
- [50428] Critical, Browser crash with form autofill. Credit to the
1560
Chromium development community.
1561
- [51680] High, Possible URL spoofing on page unload. Credit to kuzzcc;
1562
plus independent discovery by Jordi Chancel.
1563
- [53002] Low, Pop-up block bypass. Credit to kuzzcc.
1564
- [53985] Medium, Crash on shutdown with Web Sockets. Credit to the
1565
Chromium development community.
1566
- [54132] Low, Bad construction of PATH variable. Credit to Dan Rosenberg,
1567
Virtual Security Research.
1568
- [54500] High, Possible memory corruption with animated GIF. Credit to
1569
Simon Schaak.
1570
- [54794] High, Failure to sandbox worker processes on Linux. Credit to
1571
Google Chrome Security Team (Chris Evans).
1572
- [56451] High, Stale elements in an element map. Credit to Michal Zalewski
1573
of the Google Security Team.
1574
* Drop the -fno-tree-sink workaround for the armel gcc inlining bug now that the
1575
strict-aliasing issue in dtoa has been fixed
1576
- drop debian/patches/no_tree_sink_v8.patch
1577
- update debian/patches/series
1578
* Drop the xdg-mime patch now that we catched up with v7
1579
- drop debian/patches/xdg-utils-update.patch
1580
* Disable -Werror when building with gcc 4.5 until
1581
http://code.google.com/p/chromium/issues/detail?id=49533 gets fixed
1582
- update debian/rules
1583
* Fix the apport hook crash when the use_system key is unset (LP: #660579)
1584
- update debian/apport/chromium-browser.py
1585
1586
-- Fabien Tassin <fta@ubuntu.com> Tue, 19 Oct 2010 22:36:19 +0200
1587
1588
chromium-browser (6.0.472.63~r59945-0ubuntu2) maverick; urgency=low
1589
1590
* Fix the default browser selection on KDE4 by bringing in a fresher
1591
xdg-mime (See http://crbug.com/18106) and ship it in the main deb
1592
- add debian/patches/xdg-utils-update.patch
1593
- update debian/chromium-browser.install
1594
* Set CHROME_DESKTOP in the wrapper to help the default browser
1595
checker (LP: #513133)
1596
- update debian/chromium-browser.sh.in
1597
1598
-- Fabien Tassin <fta@ubuntu.com> Wed, 29 Sep 2010 20:40:05 +0200
1599
1600
chromium-browser (6.0.472.63~r59945-0ubuntu1) maverick; urgency=low
1601
1602
* New upstream release from the Stable Channel
1603
* Set CHROME_WRAPPER to the real name of the wrapper now that upstream
1604
use its value
1605
- update debian/chromium-browser.sh.in
1606
* Add some apport hooks adding useful information to the bugs
1607
- add debian/apport/chromium-browser.py
1608
- update debian/chromium-browser.install
1609
* Update the Desktop translations for ast/ca/pt_BR
1610
- update debian/chromium-browser.desktop
1611
1612
-- Fabien Tassin <fta@ubuntu.com> Fri, 24 Sep 2010 07:54:08 +0200
1613
1614
chromium-browser (6.0.472.62~r59676-0ubuntu1) maverick; urgency=high
1615
1616
* New upstream release from the Stable Channel (LP: #641699)
1617
This release fixes the following security issues:
1618
- [55114] High, Bad cast with malformed SVG. Credit to wushi of team 509.
1619
- [55119] Critical, Buffer mismanagement in the SPDY protocol. Credit to
1620
Mike Belshe of the Chromium development community.
1621
- [55350] High, Cross-origin property pollution. Credit to Stefano Di Paola
1622
of MindedSecurity.
1623
* Add some translations for the "Name" field in the desktop file, and fix
1624
some "Comment" / "GenericName". Thanks to the Ubuntu translation team.
1625
See https://wiki.ubuntu.com/Translations/Wanted/ChromiumDesktop to
1626
contribute more translations (LP: #631670)
1627
1628
-- Fabien Tassin <fta@ubuntu.com> Fri, 17 Sep 2010 22:25:54 +0200
1629
1630
chromium-browser (6.0.472.59~r59126-0ubuntu1) maverick; urgency=low
1631
1632
* New upstream release from the Stable Channel (LP: #638736)
1633
This release fixes the following security issues:
1634
- [50250] High, Use-after-free when using document APIs during parse.
1635
Credit to David Weston of Microsoft + Microsoft Vulnerability Research
1636
(MSVR) and wushi of team 509 (independent discoveries).
1637
- [50712] High, Use-after-free in SVG styles. Credit to kuzzcc.
1638
- [51252] High, Use-after-free with nested SVG elements. Credit to kuzzcc.
1639
- [51709] Low, Possible browser assert in cursor handling. Credit to
1640
“magnusmorton”.
1641
- [51919] High, Race condition in console handling. Credit to kuzzcc.
1642
- [53176] Low, Unlikely browser crash in pop-up blocking. Credit to kuzzcc.
1643
- [53394] High, Memory corruption in Geolocation. Credit to kuzzcc.
1644
- [53930] High, Memory corruption in Khmer handling. Credit to Google
1645
Chrome Security Team (Chris Evans).
1646
- [54006] Low, Failure to prompt for extension history access. Credit to
1647
“adriennefelt”.
1648
* Don't build with PIE on armel for now, it fails to link.
1649
- update debian/rules
1650
1651
-- Fabien Tassin <fta@ubuntu.com> Wed, 15 Sep 2010 07:20:49 +0200
1652
1653
chromium-browser (6.0.472.55~r58392-0ubuntu1) maverick; urgency=low
1654
1655
* New upstream release from the Stable Channel (LP: #635949)
1656
This release fixes the following issues/regressions:
1657
- [51727] [52940] Failures when using autocomplete
1658
- [10913] Default search engine settings wiped out
1659
- [1906] Shift reload not working
1660
* Build with the Hardening Wrapper (to gain PIE), adding another layer of
1661
protection (See https://wiki.ubuntu.com/Security/HardeningWrapper)
1662
- update debian/control
1663
- update debian/rules
1664
* On Armel, when checking for armv7, also test for Maverick version
1665
- update debian/rules
1666
1667
-- Fabien Tassin <fta@ubuntu.com> Wed, 08 Sep 2010 09:12:35 +0200
1668
1669
chromium-browser (6.0.472.53~r57914-0ubuntu1) maverick; urgency=low
1670
1671
* New upstream release from the Stable Channel (LP: #628924)
1672
This release fixes the following security issues:
1673
- [34414] Low, Pop-up blocker bypass with blank frame target. Credit to
1674
Google Chrome Security Team (Inferno) and “ironfist99”.
1675
- [37201] Medium, URL bar visual spoofing with homographic sequences.
1676
Credit to Chris Weber of Casaba Security.
1677
- [41654] Medium, Apply more restrictions on setting clipboard content.
1678
Credit to Brook Novak.
1679
- [45659] High, Stale pointer with SVG filters. Credit to Tavis Ormandy of
1680
the Google Security Team.
1681
- [45876] Medium, Possible installed extension enumeration. Credit to
1682
Lostmon.
1683
- [46750] [51846] Low, Browser NULL crash with WebSockets. Credit to Google
1684
Chrome Security Team (SkyLined), Google Chrome Security Team (Justin Schuh)
1685
and Keith Campbell.
1686
- [50386] High, Use-after-free in Notifications presenter. Credit to Sergey
1687
Glazunov.
1688
- [50839] High, Notification permissions memory corruption. Credit to
1689
Michal Zalewski of the Google Security Team and Google Chrome Security
1690
Team (SkyLined).
1691
- [51630] [51739] High, Integer errors in WebSockets. Credit to Keith
1692
Campbell and Google Chrome Security Team (Cris Neckar).
1693
- [51653] High, Memory corruption with counter nodes. Credit to kuzzcc.
1694
- [51727] Low, Avoid storing excessive autocomplete entries. Credit to
1695
Google Chrome Security Team (Inferno).
1696
- [52443] High, Stale pointer in focus handling. Credit to VUPEN
1697
Vulnerability Research Team (VUPEN-SR-2010-249).
1698
- [52682] High, Sandbox parameter deserialization error. Credit to Ashutosh
1699
Mehra and Vineet Batra of the Adobe Reader Sandbox Team.
1700
- [53001] Medium, Cross-origin image theft. Credit to Isaac Dawson.
1701
* Enable all codecs for HTML5 in Chromium, depending on which ffmpeg sumo lib
1702
is installed, the set of usable codecs (at runtime) will still vary.
1703
This is now done by setting proprietary_codecs=1 so we can drop our patch
1704
- update debian/rules
1705
- drop debian/patches/html5_video_mimetypes.patch
1706
- update debian/patches/series
1707
* Bump the Dependencies on chromium-codecs-ffmpeg to >= 0.6, needed for the new API
1708
- update debian/control
1709
* Add "libcups2-dev | libcupsys2-dev" (the latter for Hardy) to Build-Depends.
1710
This is needed for Cloud Printing
1711
- update debian/control
1712
* Add libppapi_tests.so and linker.lock to INSTALL_EXCLUDE_FILES and
1713
DumpRenderTree_resources/ to INSTALL_EXCLUDE_DIRS
1714
- update debian/rules
1715
* Install resources.pak in the main deb, and remove all resources/ accordingly
1716
- update debian/chromium-browser.install
1717
* Add libgnome-keyring-dev to Build-Depends. This is needed for the GNOME
1718
Keyring and KWallet integration. See http://crbug.com/12351
1719
- update debian/control
1720
* Ship empty policy dirs (for now) in /etc/chromium-browser/policies
1721
- update debian/rules
1722
- update debian/chromium-browser.dirs
1723
* Bump build-deps for gyp to >= 0.1~svn837
1724
- update debian/control
1725
* Drop the icedtea6-plugin workaround, it's no longer needed and it may cause
1726
troubles when the default xulrunner contains older nss/nspr libs
1727
- update debian/chromium-browser.sh.in
1728
1729
-- Fabien Tassin <fta@ubuntu.com> Thu, 02 Sep 2010 17:03:41 +0200
1730
1731
chromium-browser (5.0.375.127~r55887-0ubuntu1) maverick; urgency=low
1732
1733
* New upstream release from the Stable Channel (LP: #622823)
1734
This release fixes the following security issues:
1735
- [45400] Critical, Memory corruption with file dialog. Credit to Sergey
1736
Glazunov.
1737
- [49596] High, Memory corruption with SVGs. Credit to wushi of team509.
1738
- [49628] High, Bad cast with text editing. Credit to wushi of team509.
1739
- [49964] High, Possible address bar spoofing with history bug. Credit to
1740
Mike Taylor.
1741
- [50515] [51835] High, Memory corruption in MIME type handling. Credit to
1742
Sergey Glazunov.
1743
- [50553] Critical, Crash on shutdown due to notifications bug. Credit to
1744
Sergey Glazunov.
1745
- [51146] Medium, Stop omnibox autosuggest if the user might be about to
1746
type a password. Credit to Robert Hansen.
1747
- [51654] High, Memory corruption with Ruby support. Credit to kuzzcc.
1748
- [51670] High, Memory corruption with Geolocation support. Credit to
1749
kuzzcc.
1750
* Add the xul libdir to LD_LIBRARY_PATH in the wrapper to help icedtea6-plugin
1751
(LP: #529242). This is needed at least for openjdk-6 6b18.
1752
- update debian/chromium-browser.sh
1753
* No longer use tar --lzma in get-orig-source now that it silently uses xz
1754
(since tar 1.23-2) which is not available in the backports. Use "tar | lzma"
1755
instead so the embedded tarball is always a lzma file
1756
- update debian/rules
1757
* Tweak the user agent to include Chromium and the Distro's name and version.
1758
- add debian/patches/chromium_useragent.patch.in
1759
- update debian/patches/series
1760
- update debian/rules
1761
* Fix a typo in the subst_files rule
1762
- update debian/rules
1763
* Fix a gyp file that triggers an error with newer gyp (because of dead code)
1764
- add debian/patches/drop_unused_rules_to_please_newer_gyp.patch
1765
- update debian/patches/series
1766
* Bump gyp Build-Depends to >= 0.1~svn810 to match upstream requirement
1767
- update debian/control
1768
1769
-- Fabien Tassin <fta@ubuntu.com> Fri, 20 Aug 2010 14:09:16 +0200
1770
1771
chromium-browser (5.0.375.125~r53311-0ubuntu1) maverick; urgency=low
1772
1773
* New upstream release from the Stable Channel (LP: #612109)
1774
This release fixes the following security issues:
1775
- [42736] Medium Memory contents disclosure in layout code. Credit to
1776
Michail Nikolaev.
1777
- [43813] High Issue with large canvases. Credit to sp3x of
1778
SecurityReason.com.
1779
- [47866] High Memory corruption in rendering code. Credit to Jose A.
1780
Vazquez.
1781
- [48284] High Memory corruption in SVG handling. Credit to Aki Helin of
1782
OUSPG.
1783
- [48597] Low Avoid hostname truncation and incorrect eliding. Credit to
1784
Google Chrome Security Team (Inferno).
1785
* lsb_release is slow so try to source the static file /etc/lsb-release
1786
instead, and fallback to lsb_release if we didn't get the information we need
1787
for about:version (LP: #608253). Thanks to pitti for the idea.
1788
- update debian/chromium-browser.sh.in
1789
1790
-- Fabien Tassin <fta@ubuntu.com> Tue, 27 Jul 2010 12:03:40 +0200
1791
1792
chromium-browser (5.0.375.99~r51029-0ubuntu1) maverick; urgency=low
1793
1794
* New upstream release from the Stable Channel (LP: #602142)
1795
This release fixes the following security issues:
1796
- [42396] Low OOB read with WebGL. Credit to Sergey Glazunov; Google Chrome
1797
Security Team (SkyLined).
1798
- [42575] [42980] Medium Isolate sandboxed iframes more strongly. Credit to
1799
sirdarckcat of Google Security Team.
1800
- [43488] High Memory corruption with invalid SVGs. Credit to Aki Hekin of
1801
OUSPG; wushi of team509.
1802
- [44424] High Memory corruption in bidi algorithm. Credit to wushi of
1803
team509.
1804
- [45164] Low Crash with invalid image. Credit to Jose A. Vazquez.
1805
- [45983] High Memory corruption with invalid PNG (libpng bug). Credit to
1806
Aki Helin of OUSPG.
1807
- [46360] High Memory corruption in CSS style rendering. Credit to wushi of
1808
team509.
1809
- [46575] Low Annoyance with print dialogs. Credit to Mats Ahlgren.
1810
- [47056] Low Crash with modal dialogs. Credit to Aki Helin of OUSPG.
1811
1812
-- Fabien Tassin <fta@ubuntu.com> Fri, 02 Jul 2010 01:05:06 +0200
1813
1814
chromium-browser (5.0.375.86~r49890-0ubuntu1) maverick; urgency=low
1815
1816
* New upstream release from the Stable Channel (LP: #598913)
1817
Fixes the following security issues:
1818
- [38105] Medium XSS via application/json response (regression). Credit to
1819
Ben Davis for original discovery and Emanuele Gentili for regression
1820
discovery.
1821
- [43322] Medium Memory error in video handling. Credit to Mark Dowd under
1822
contract to Google Chrome Security Team.
1823
- [43967] High Subresource displayed in omnibox loading. Credit to Michal
1824
Zalewski of Google Security Team.
1825
- [45267] High Memory error in video handling. Credit to Google Chrome
1826
Security Team (Cris Neckar).
1827
- [46126] High Stale pointer in x509-user-cert response. Credit to Rodrigo
1828
Marcos of SECFORCE.
1829
* Drop the XLIB_SKIP_ARGB_VISUALS workaround now that the rgba patch has
1830
been backed off from gtk2 (LP: #584959)
1831
- update debian/chromium-browser.sh
1832
* Show in about:version and in the About UI when chromium is running on a different
1833
distribution that it has been built on
1834
- udpate debian/rules
1835
- rename and update debian/chromium-browser.sh => debian/chromium-browser.sh.in
1836
1837
-- Fabien Tassin <fta@ubuntu.com> Fri, 25 Jun 2010 02:05:06 +0200
1838
1839
chromium-browser (5.0.375.70~r48679-0ubuntu2) maverick; urgency=low
1840
1841
* Refresh list of languages in the -l10n package
1842
- update debian/control
1843
* Stop building and running the testsuite. The builders restricted env
1844
makes the results mostly unusable in an automated way and resources to
1845
manually exploit them are not available
1846
- update debian/control
1847
- update debian/rules
1848
* Remove duplicates of the main copyright file in order to save space on the CD
1849
- update debian/rules
1850
* Add support for the Ambiance/Radiance and Dust themes button ordering by
1851
reading the gconf pref (LP: #568307)
1852
(thanks to Giuseppe Iuculano for importing the patch from trunk)
1853
- add debian/patches/gtk-ambiance.patch
1854
- update debian/patches/series
1855
1856
-- Fabien Tassin <fta@ubuntu.com> Sat, 12 Jun 2010 12:27:42 +0200
1857
1858
chromium-browser (5.0.375.70~r48679-0ubuntu1) maverick; urgency=low
1859
1860
* New upstream release from the Stable Channel (LP: #591474)
1861
Fixes the following security issues:
1862
- [15766] Medium Cross-origin keystroke redirection. Credit to Michal
1863
Zalewski of Google Security Team.
1864
- [39985] High Cross-origin bypass in DOM methods. Credit to Sergey
1865
Glazunov.
1866
- [42723] High Memory error in table layout. Credit to wushi of team509.
1867
- [43304] High Linux sandbox escape. Credit to Mark Dowd under contract to
1868
Google Chrome Security Team.
1869
- [43307] High Bitmap stale pointer. Credit to Mark Dowd under contract to
1870
Google Chrome Security Team.
1871
- [43315] High Memory corruption in DOM node normalization. Credit to Mark
1872
Dowd under contract to Google Chrome Security Team.
1873
- [43487] High Memory corruption in text transforms. Credit to wushi of
1874
team509.
1875
- [43902] Medium XSS in innerHTML property of textarea. Credit to
1876
sirdarckcat of Google Security Team.
1877
- [44740] High Memory corruption in font handling. Credit: Apple.
1878
- [44868] High Geolocation events fire after document deletion. Credit to
1879
Google Chrome Security Team (Justin Schuh).
1880
- [44955] High Memory corruption in rendering of list markers. Credit:
1881
Apple.
1882
* Add a --temp-profile knob to the launcher script starting Chromium with
1883
a new profile which will last only for the duration of the session
1884
- update debian/chromium-browser.sh
1885
* Change StartupWMClass to Chromium-browser in the desktop launcher so
1886
cairo-dock does the right thing (LP: #587664)
1887
- update debian/chromium-browser.desktop
1888
* Set XLIB_SKIP_ARGB_VISUALS=1 in the wrapper to prevent flash from dying
1889
with a Gdk-ERROR when gtk2 is built with RGBA support (like in Maverick).
1890
(LP: #584959)
1891
- update debian/chromium-browser.sh
1892
* Unbreak get-orig-source when it needs to drop its cache after a channel jump
1893
(replace brace expansion - which is a bashism - with proper $(wildcard))
1894
- update debian/rules
1895
1896
-- Fabien Tassin <fta@ubuntu.com> Wed, 09 Jun 2010 07:30:50 +0200
1897
1898
chromium-browser (5.0.375.55~r47796-0ubuntu1) maverick; urgency=low
1899
1900
* New upstream release from the Stable Channel (at last!)
1901
- Some minor crash and stability fixes
1902
- Fixed a regression so that incognito zoom changes are no longer
1903
remembered (Issue: 43107)
1904
1905
-- Fabien Tassin <fta@ubuntu.com> Sat, 22 May 2010 17:09:00 +0200
1906
1907
chromium-browser (5.0.375.38~r46659-0ubuntu1) maverick; urgency=low
1908
1909
* New upstream release from the Beta Channel
1910
- Some crash and stability fixes
1911
- Localization refresh of the strings
1912
1913
-- Fabien Tassin <fta@ubuntu.com> Tue, 11 May 2010 10:23:45 +0200
1914
1915
chromium-browser (5.0.375.29~r46008-0ubuntu1) maverick; urgency=low
1916
1917
* New upstream release from the Beta Channel
1918
- HTML5 Features: Geolocation, App Cache, web sockets, file drag-and-drop.
1919
- V8 performance improvements
1920
- Preferences synchronization
1921
- NaCl behind a flag
1922
* Disable DLOG and DCHECK (like it is done in Chrome). This should improve
1923
performances.
1924
- add debian/patches/disable_dlog_and_dcheck_in_release_builds.patch
1925
- update debian/patches/series
1926
* Build with build_ffmpegsumo=0 instead of use_system_ffmpeg=1 (which
1927
now means something else)
1928
- update debian/rules
1929
* Install resources/{bookmark_manager,shared,net_internals} in the main deb
1930
- update debian/chromium-browser.install
1931
* Introduce a enable_sse2 flag in the gyp rules and set it to 0
1932
- update debian/patches/drop_sse2.patch => debian/patches/add_enable_sse2_flag.patch
1933
- update debian/patches/series
1934
- update debian/rules
1935
* Add app_unittests_strings and resources/{calendar_app,docs_app,gmail_app}
1936
to INSTALL_EXCLUDE_DIRS
1937
- update debian/rules
1938
* Add xdg-utils to Depends (LP: #568984)
1939
- update debian/control
1940
* Add a gnome-www-browser alternative (LP: #571103)
1941
- update debian/chromium-browser.{postinst,prerm}
1942
1943
-- Fabien Tassin <fta@ubuntu.com> Tue, 04 May 2010 17:00:02 +0200
1944
1945
chromium-browser (5.0.342.9~r43360-0ubuntu2) lucid; urgency=low
1946
1947
[ Fabien Tassin <fta@ubuntu.com> ]
1948
* Mention 'Chrome' in the main package description (LP: #561667)
1949
- update debian/control
1950
* When 'gclient update' fails, clear up the cache and retry. This helps
1951
the channels updates often failing with a "Can't switch the checkout" error
1952
- update debian/rules
1953
1954
[ Chris Coulson <chris.coulson@canonical.com> ]
1955
* Update the default search URL
1956
- update debian/rules
1957
1958
-- Fabien Tassin <fta@ubuntu.com> Fri, 16 Apr 2010 17:36:29 +0200
1959
1960
chromium-browser (5.0.342.9~r43360-0ubuntu1) lucid; urgency=low
1961
1962
* New upstream release from the Beta Channel
1963
- Fix extensions installer where some extensions cannot be installed
1964
(issue 38220)
1965
* Don't build with system zlib on Intrepid/Jaunty (needed to unbreak the
1966
backports). See http://crbug.com/38073
1967
- update debian/rules
1968
1969
-- Fabien Tassin <fta@ubuntu.com> Wed, 07 Apr 2010 21:02:55 +0200
1970
1971
chromium-browser (5.0.342.7~r42476-0ubuntu1) lucid; urgency=low
1972
1973
* New upstream release from the Beta Channel
1974
- fix an issue with Google SSL sites failing with 'error 107
1975
(net::ERR_SSL_PROTOCOL_ERROR)' (issue 37722)
1976
- Automatic translations and greater control over content for privacy
1977
- Really, really reload. A normal reload causes the browser to check with
1978
the server before reusing its cached content. The server can decide
1979
whether or not the browser should use its cached content. A force reload
1980
causes the browser to ignore its cached content and ask the server for a
1981
fresh copy of the page. Use Shift+Reload to force a reload.
1982
* Add libdbus-glib-1-dev to Build-Depends
1983
- update debian/control
1984
* Move third_party/gles2_book from STRIPPED_DIRS to ALMOST_STRIPPED_DIRS
1985
as we now need its gyp file (but nothing else)
1986
- update debian/rules
1987
* Bump gyp requirement to >= 0.1~svn795, it's needed for the new syntax
1988
- update debian/control
1989
* Add 'timestats' to INSTALL_EXCLUDE_FILES
1990
- update debian/rules
1991
* Import translations and mime-types from the upstream desktop file
1992
Thanks to Julien Lavergne <gilir@ubuntu.com> (LP: #538664)
1993
- update debian/chromium-browser.desktop
1994
* Import the free SVG logo from the Chromium website and install it
1995
in /usr/share/icons/hicolor/scalable/apps (LP: #528640)
1996
- add debian/chromium-browser.svg
1997
- update debian/rules
1998
* Move chromium-browser-inspector to Depends, it breaks some features
1999
when it's not installed
2000
- update debian/control
2001
* Rename chromium-codecs-ffmpeg-nonfree into chromium-codecs-ffmpeg-extra
2002
and move the two codecs back to Depends (LP: #537617, #513776)
2003
- update debian/control
2004
2005
-- Fabien Tassin <fta@ubuntu.com> Thu, 25 Mar 2010 08:22:40 +0100
2006
2007
chromium-browser (5.0.307.11~r39572-0ubuntu1) lucid; urgency=low
2008
2009
* New upstream release from the Beta Channel
2010
- Fixed an issue where an error resolving a proxy server would not try a
2011
direct connection. (Issue 32316)
2012
- Fixed an extensions bug that could crash the entire browser. (Issue 34778)
2013
- Fixed an issue in the cross-site scripting auditor that could prevent
2014
Google translate from working on sites. (Issue 33115)
2015
2016
-- Fabien Tassin <fta@ubuntu.com> Sat, 27 Feb 2010 17:07:23 +0100
2017
2018
chromium-browser (5.0.307.9~r39052-0ubuntu1) lucid; urgency=low
2019
2020
* New upstream release from the Beta Channel
2021
- Fixed a tab crash that could be triggered by visiting wordpress.com,
2022
http://acid3.acidtests.org/, and many other sites. (Issue 35498)
2023
- Fixed a tab crash in image loading. (Issue 32230)
2024
- Improved font bolding for fonts without native bold. (Issue 22360)
2025
* Bump gyp Build-Depends to >= 0.1~svn785
2026
- update debian/control
2027
* Add --no-circular-check to gyp_chromium to prevent gyp from failing
2028
- update debian/rules
2029
2030
-- Fabien Tassin <fta@ubuntu.com> Thu, 18 Feb 2010 00:20:07 +0100
2031
2032
chromium-browser (5.0.307.7~r38400+0-0ubuntu1) lucid; urgency=low
2033
2034
* Disable WANT_SYSTEM_LIBS since it makes Gmail/GCal crash (libxml,
2035
libxslt, ..). See http://crbug.com/34725 (LP: #522078)
2036
- update debian/rules
2037
2038
-- Fabien Tassin <fta@ubuntu.com> Mon, 15 Feb 2010 12:17:07 +0100
2039
2040
chromium-browser (5.0.307.7~r38400-0ubuntu1) lucid; urgency=low
2041
2042
* New upstream release from the Beta Channel
2043
* Re-add the -l10n strict version dependency on chromium-browser
2044
- update debian/control
2045
2046
-- Fabien Tassin <fta@ubuntu.com> Fri, 12 Feb 2010 22:00:39 +0100
2047
2048
chromium-browser (5.0.307.5~r37950+0-0ubuntu1) lucid; urgency=low
2049
2050
* Drop third_party/libxml from STRIPPED_SYSTEM_LIB_DIRS
2051
- update debian/rules
2052
2053
-- Fabien Tassin <fta@ubuntu.com> Wed, 10 Feb 2010 18:46:55 +0100
2054
2055
chromium-browser (5.0.307.5~r37950-0ubuntu1) lucid; urgency=low
2056
2057
* Add libxss-dev to Build-Depends, the new browser sync engine needs
2058
X11/extensions/scrnsaver.h
2059
- update debian/control
2060
* Add a safety net to get-orig-source when fetching sources for a channel
2061
- update debian/rules
2062
2063
-- Fabien Tassin <fta@ubuntu.com> Tue, 09 Feb 2010 17:07:18 +0100
2064
2065
chromium-browser (4.0.305.0~svn20100123r36929-0ubuntu1) lucid; urgency=low
2066
2067
[ Fabien Tassin <fta@ubuntu.com> ]
2068
* Initial release. (Closes: #520324, LP: #387765)
2069
2070
[ Alexander Sack <asac@ubuntu.com> ]
2071
* extensive license review; see copyright and copyright.problems;
2072
also see debian/licensecheck.pl for details how the copyright files are
2073
generated
2074
* address archive-admin comments:
2075
+ add "Paul Hsieh's Public Domain Option" license snippet and mark
2076
net/disk_cache/hash.cc to be govered by that; recreate copyright*
2077
- add debian/licenses/LICENSE.Paul Hsieh's Public Domain Option
2078
- update debian/licensecheck.pl
2079
- update debian/copyright
2080
- update debian/copyright.problems
2081
2082
-- Fabien Tassin <fta@ubuntu.com> Tue, 26 Jan 2010 17:43:19 +0100
Loggerhead is a web-based interface for Breezy
Version: 2.0.1