47
|
|
|
Micah Gersten |
15.0.874.106~r107270-0ubuntu0.11.04.1 |
12 years ago
|
|
|
46
|
|
|
Micah Gersten |
14.0.835.202~r103287-0ubuntu0.11.04.1 |
12 years ago
|
|
|
45
|
|
|
Micah Gersten |
12.0.742.112~r90304-0ubuntu0.11.04.1 |
12 years ago
|
|
|
44
|
|
|
Micah Gersten |
12.0.742.91~r87961-0ubuntu0.11.04.1 |
12 years ago
|
|
|
43
|
|
|
Micah Gersten |
11.0.696.71~r86024-0ubuntu0.11.04.1 |
12 years ago
|
|
|
42
|
|
|
Micah Gersten |
11.0.696.68~r84545-0ubuntu0.11.04.1 |
12 years ago
|
|
|
41
|
|
|
Micah Gersten |
11.0.696.65~r84435-0ubuntu0.11.04.1 |
12 years ago
|
|
|
40
|
|
* New Major upstream release from the Stable Channel (LP: #771935) This release fixes the following security issues: + WebKit issues: - [61502] High, CVE-2011-1303: Stale pointer in floating object handling. Credit to Scott Hess of the Chromium development community and Martin Barbella. - [70538] Low, CVE-2011-1304: Pop-up block bypass via plug-ins. Credit to Chamal De Silva. - [70589] Medium, CVE-2011-1305: Linked-list race in database handling. Credit to Kostya Serebryany of the Chromium development community. - [73526] High, CVE-2011-1437: Integer overflows in float rendering. Credit to miaubiz. - [74653] High, CVE-2011-1438: Same origin policy violation with blobs. Credit to kuzzcc. - [75186] High, CVE-2011-1440: Use-after-free with <ruby> tag and CSS. Credit to Jose A. Vazquez. - [75347] High, CVE-2011-1441: Bad cast with floating select lists. Credit to Michael Griffiths. - [75801] High, CVE-2011-1442: Corrupt node trees with mutation events. Credit to Sergey Glazunov and wushi of team 509. - [76001] High, CVE-2011-1443: Stale pointers in layering code. Credit to Martin Barbella. - [76646] Medium, CVE-2011-1445: Out-of-bounds read in SVG. Credit to wushi of team509. - [76666] [77507] [78031] High, CVE-2011-1446: Possible URL bar spoofs with navigation errors and interrupted loads. Credit to kuzzcc. - [76966] High, CVE-2011-1447: Stale pointer in drop-down list handling. Credit to miaubiz. - [77130] High, CVE-2011-1448: Stale pointer in height calculations. Credit to wushi of team509. - [77346] High, CVE-2011-1449: Use-after-free in WebSockets. Credit to Marek Majkowski. - [77463] High, CVE-2011-1451: Dangling pointers in DOM id map. Credit to Sergey Glazunov. - [79199] High, CVE-2011-1454: Use-after-free in DOM id handling. Credit to Sergey Glazunov. + Chromium issues: - [71586] Medium, CVE-2011-1434: Lack of thread safety in MIME handling. Credit to Aki Helin. - [72523] Medium, CVE-2011-1435: Bad extension with ‘tabs’ permission can capture local files. Credit to Cole Snodgrass. - [72910] Low, CVE-2011-1436: Possible browser crash due to bad interaction with X. Credit to miaubiz. - [76542] High, CVE-2011-1444: Race condition in sandbox launcher. Credit to Dan Rosenberg. - [77349] Low, CVE-2011-1450: Dangling pointers in file dialogs. Credit to kuzzcc. - [77786] Medium, CVE-2011-1452: URL bar spoof with redirect and manual reload. Credit to Jordi Chancel. - [74763] High, CVE-2011-1439: Prevent interference between renderer processes. Credit to Julien Tinnes of the Google Security Team. * Fix the password store regression from the last Chromium 10 update. Backport from trunk provided by Elliot Glaysher from upstream (LP: #743494) - add debian/patches/stored_passwords_lp743494.patch - update debian/patches/series * Fix the dedicated webapp WMClass (needed by Unity/bamf). Don't change the WMClass at all on XFCE where it is displayed to the user as a title (which it isn't). This is a backport of upstream revisions 82581 & 82672 (LP: #692462) - update debian/patches/webapps-wm-class-lp692462.patch * Update the SVG logo to match the new simplified 2D logo (LP: #748881) - update debian/chromium-browser.svg * Ship the app icon in all the sizes provided upstream - update debian/rules * Add libpam0g-dev to Build-depends, needed by "Chromoting" - update debian/control * Enable the new use_third_party_translations flag at build time (it enables the Launchpad translations already used in Ubuntu since Chromium 8) - update debian/rules
|
Fabien Tassin |
11.0.696.57~r82915-0ubuntu0.11.04.1 |
12 years ago
|
|
|
39
|
|
|
Fabien Tassin |
10.0.648.205~r81283-0ubuntu1 |
12 years ago
|
|
|
38
|
|
|
Fabien Tassin |
10.0.648.204~r79063-0ubuntu2 |
13 years ago
|
|
|
37
|
|
|
Fabien Tassin |
10.0.648.204~r79063-0ubuntu1 |
13 years ago
|
|
|
36
|
|
|
Fabien Tassin |
10.0.648.133~r77742-0ubuntu1 |
13 years ago
|
|
|
35
|
|
* New upstream major release from the Stable Channel (LP: #731520) It includes: - New version of V8 - Crankshaft - which greatly improves javascript performance - New settings pages that open in a tab, rather than a dialog box - Improved security with malware reporting and disabling outdated plugins by default - Password sync as part of Chrome Sync now enabled by default - GPU Accelerated Video - Background WebApps - webNavigation extension API This release also fixes the following security issues: + Webkit bugs: - [42574] [42765] Low, Possible to navigate or close the top location in a sandboxed frame. Credit to sirdarckcat of the Google Security Team. - [69628] High, Memory corruption with counter nodes. Credit to Martin Barbella. - [70027] High, Stale node in box layout. Credit to Martin Barbella. - [70336] Medium, Cross-origin error message leak with workers. Credit to Daniel Divricean. - [70442] High, Use after free with DOM URL handling. Credit to Sergey Glazunov. - [70779] Medium, Out of bounds read handling unicode ranges. Credit to miaubiz. - [70885] [71167] Low, Pop-up blocker bypasses. Credit to Chamal de Silva. - [71763] High, Use-after-free in document script lifetime handling. Credit to miaubiz. - [72028] High, Stale pointer in table painting. Credit to Martin Barbella. - [73066] High, Crash with the DataView object. Credit to Sergey Glazunov. - [73134] High, Bad cast in text rendering. Credit to miaubiz. - [73196] High, Stale pointer in WebKit context code. Credit to Sergey Glazunov. - [73746] High, Stale pointer with SVG cursors. Credit to Sergey Glazunov. - [74030] High, DOM tree corruption with attribute handling. Credit to Sergey Glazunov. + Chromium bugs: - [49747] Low, Work around an X server bug and crash with long messages. Credit to Louis Lang. - [66962] Low, Possible browser crash with parallel print()s. Credit to Aki Helin of OUSPG. - [69187] Medium, Cross-origin error message leak. Credit to Daniel Divricean. - [70877] High, Same origin policy bypass in v8. Credit to Daniel Divricean. + v8: - [74662] High, Corruption via re-entrancy of RegExp code. Credit to Christian Holler. - [74675] High, Invalid memory access in v8. Credit to Christian Holler. + ffmpeg: - [71788] High, Out-of-bounds write in the OGG container. Credit to Google Chrome Security Team (SkyLined); plus subsequent independent discovery by David Weston of Microsoft and MSVR. - [73026] High, Use of corrupt out-of-bounds structure in video code. Credit to Tavis Ormandy of the Google Security Team. + libxslt: - [73716] Low, Leak of heap address in XSLT. Credit to Google Chrome Security Team (Chris Evans). Packaging changes: * Promote Uyghur to the list of supported translations - update debian/rules - update debian/control * Fix the FTBFS on arm by re-adding the lost arm_neon=0, and really set armv7=1 on maverick and natty - update debian/rules * Fix the broken symlinks in /usr/share/doc created by CDBS (See LP: #194574) - update debian/rules * Add libxt-dev to Build-deps needed by ppGoogleNaClPluginChrome - update debian/control * Fix the Webkit version in about:version (the build system expects the svn or git directories to be available at build time) - add debian/patches/webkit_rev_parser.patch - update debian/patches/series
|
Fabien Tassin |
10.0.648.127~r76697-0ubuntu1 |
13 years ago
|
|
|
34
|
|
* New upstream release from the Stable Channel (LP: #726895) This release fixes the following security issues: + Webkit bugs: - [54262] High, URL bar spoof with history interaction. Credit to Jordi Chancel. - [68263] High, Stylesheet node stale pointer. Credit to Sergey Glazunov. - [68741] High, Stale pointer with key frame rule. Credit to Sergey Glazunov. - [70078] High, Crash with forms controls. Credit to Stefan van Zanden. - [70244] High, Crash in SVG rendering. Credit to Sławomir Błażek. - [71114] High, Stale node in table child handling. Credit to Martin Barbella. - [71115] High, Stale pointer in table rendering. Credit to Martin Barbella. - [71296] High, Stale pointer in SVG animations. Credit to miaubiz. - [71386] High, Stale nodes in XHTML. Credit to wushi of team509. - [71388] High, Crash in textarea handling. Credit to wushi of team509. - [71595] High, Stale pointer in device orientation. Credit to Sergey Glazunov. - [71855] High, Integer overflow in textarea handling. Credit to miaubiz. - [71960] Medium, Out-of-bounds read in WebGL. Credit to Google Chrome Security Team (Inferno). - [73235] High, Stale pointer in layout. Credit to Martin Barbella. + Chromium bugs: - [63732] High, Crash with javascript dialogs. Credit to Sergey Radchenko. - [64-bit only] [70376] Medium, Out-of-bounds read in pickle deserialization. Credit to Evgeniy Stepanov of the Chromium development community. - [71717] Medium, Out-of-bounds read in WebGL. Credit to miaubiz. - [72214] High, Accidental exposure of internal extension functions. Credit to Tavis Ormandy of the Google Security Team. - [72437] High, Use-after-free with blocked plug-ins. Credit to Chamal de Silva. * Bump the lang-pack package from Suggests to Recommends (LP: #689267) - update debian/control * Disable PIE on Armel/Lucid (LP: #716703) - update debian/rules * Add the disk usage to the Apport hooks - update debian/apport/chromium-browser.py * Drop gyp from Build-Depends, use in-source gyp instead - update debian/control * Merge back the ffmpeg codecs (from the chromium-codecs-ffmpeg source package) - update debian/rules - update debian/control - add debian/chromium-codecs-ffmpeg-extra.install - add debian/chromium-codecs-ffmpeg.install
|
Fabien Tassin |
9.0.597.107~r75357-0ubuntu1 |
13 years ago
|
|
|
33
|
|
|
Fabien Tassin |
9.0.597.94~r73967-0ubuntu1 |
13 years ago
|
|
|
32
|
|
* New upstream release from the Stable Channel (LP: #712655) This release fixes the following security issues: - [55831] High, Use-after-free in image loading. Credit to Aki Helin of OUSPG. - [59081] Low, Apply some restrictions to cross-origin drag + drop. Credit to Google Chrome Security Team (SkyLined) and the Google Security Team (Michal Zalewski, David Bloom). - [62791] Low, Browser crash with extension with missing key. Credit to Brian Kirchoff. - [65669] Low, Handle merging of autofill profiles more gracefully. Credit to Google Chrome Security Team (Inferno). - [68244] Low, Browser crash with bad volume setting. Credit to Matthew Heidermann. - [69195] Critical, Race condition in audio handling. Credit to the gamers of Reddit! * Add the app/resources/app_strings.grd template to the list of templates translated in Launchpad - update debian/rules * Drop the gcc 4.5 work-around, applied upstream - remove debian/patches/gcc-4.5-build-workaround.patch - update debian/patches/series * Drop gcc 4.2/4.3 from Build-depends and remove the gcc 4.4 workarounds now done in the upstream gyp files - update debian/control - update debian/rules * Add libxtst-dev to Build-deps now that chromoting uses the XTest extension to execute mouse and keyboard events - update debian/control * Remove GNOME_DESKTOP_SESSION_ID from the Apport report, it's useless - update debian/apport/chromium-browser.py * Add a system to enable/disable distribution specific patches from the quilt series - add debian/enable-dist-patches.pl - update debian/rules * Disable the gtk resize grip on Natty (LP: #703451) Original patch by Cody Russell <crussell@ubuntu.com>, ported to v9 - add debian/patches/disable_gtk_resize_grip_on_natty.patch - update debian/patches/series * Fix the libgnutls dlopen to look for the sonamed lib - add debian/patches/dlopen_libgnutls.patch - update debian/patches/series * Fix the libosmesa/libGLESv2/libEGL dlopen() to look for the sonamed libs. This assumes either the libgles2-mesa + libegl1-mesa packages (better) or the libosmesa6 package are installed - add debian/patches/dlopen_sonamed_gl.patch - update debian/patches/series
|
Fabien Tassin |
9.0.597.84~r72991-0ubuntu1 |
13 years ago
|
|
|
31
|
|
* New upstream release from the Stable Channel (LP: #702542) This release fixes the following security issues: - [58053] Medium, Browser crash in extensions notification handling. Credit to Eric Roman of the Chromium development community. - [65764] High, Bad pointer handling in node iteration. Credit to Sergey Glazunov. - [66560] High, Stale pointer with CSS + canvas. Credit to Sergey Glazunov. - [66748] High, Stale pointer with CSS + cursors. Credit to Jan Tošovský. - [67303] High, Bad memory access with mismatched video frame sizes. Credit to Aki Helin of OUSPG; plus independent discovery by Google Chrome Security Team (SkyLined) and David Warren of CERT. - [67363] High, Stale pointer with SVG use element. Credited anonymously; plus indepdent discovery by miaubiz. - [67393] Medium, Uninitialized pointer in the browser triggered by rogue extension. Credit to kuzzcc. - [68115] High, Vorbis decoder buffer overflows. Credit to David Warren of CERT. - [68178] High, Bad cast in anchor handling. Credit to Sergey Glazunov. - [68181] High, Bad cast in video handling. Credit to Sergey Glazunov. - [68439] High, Stale rendering node after DOM node removal. Credit to Martin Barbella; plus independent discovery by Google Chrome Security Team (SkyLined). - [68666] Critical, Stale pointer in speech handling. Credit to Sergey Glazunov. * Add the chrome/app/policy/policy_templates.grd template to the list of templates translated in Launchpad - update debian/rules * Add Basque and Galician to the list of supported langs for the lang-packs (translations from Launchpad/Rosetta) - update debian/rules
|
Fabien Tassin |
8.0.552.237~r70801-0ubuntu1 |
13 years ago
|
|
|
30
|
|
|
Fabien Tassin |
8.0.552.224~r68599-0ubuntu1 |
13 years ago
|
|
|
29
|
|
* New upstream Major release from the Stable Channel (LP: #684502), also fixing the following security issues: - [17655] Low, Possible pop-up blocker bypass. Credit to Google Chrome Security Team (SkyLined). - [55745] Medium, Cross-origin video theft with canvas. Credit to Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR). - [56237] Low, Browser crash with HTML5 databases. Credit to Google Chrome Security Team (Inferno). - [58319] Low, Prevent excessive file dialogs, possibly leading to browser crash. Credit to Cezary Tomczak (gosu.pl). - [59554] High, Use after free in history handling. Credit to Stefan Troger. - [59817] Medium, Make sure the “dangerous file types” list is uptodate with the Windows platforms. Credit to Billy Rios of the Google Security Team. - [61701] Low, Browser crash with HTTP proxy authentication. Credit to Mohammed Bouhlel. - [61653] Medium, Out-of-bounds read regression in WebM video support. Credit to Google Chrome Security Team (Chris Evans), based on earlier testcases from Mozilla and Microsoft (MSVR). - [62127] High, Crash due to bad indexing with malformed video. Credit to miaubiz. - [62168] Medium, Possible browser memory corruption via malicious privileged extension. Credit to kuzzcc. - [62401] High, Use after free with SVG animations. Credit to Sławomir Błażek. - [63051] Medium, Use after free in mouse dragging event handling. Credit to kuzzcc. - [63444] High, Double free in XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences. * Work-around a gcc 4.5 miscompilation bug causing regression in the omnibar, breaking searches (LP: #664584) - add debian/patches/gcc-4.5-build-workaround.patch - update debian/patches/series * Automatically merge Launchpad translations with the upstream grit files and produce patches in the source tarball. Apply those patches at build time during configure - update debian/rules * Add x-scheme-handler/http and x-scheme-handler/https to the MimeType entry of the desktop file (needed on Natty where handlers are no longer searched for in gconf) - update debian/chromium-browser.desktop
|
Fabien Tassin |
8.0.552.215~r67652-0ubuntu1 |
13 years ago
|
|
|
28
|
|
* New upstream Major release from the Stable Channel (LP: #671420), also fixing the following security issues: - [51602] High, Use-after-free in text editing. Credit to David Bloom of the Google Security Team, Google Chrome Security Team (Inferno) and Google Chrome Security Team (Cris Neckar). - [55257] High, Memory corruption with enormous text area. Credit to wushi of team509. - [58657] High, Bad cast with the SVG use element. Credit to the kuzzcc. - [58731] High, Invalid memory read in XPath handling. Credit to Bui Quang Minh from Bkis (www.bkis.com). - [58741] High, Use-after-free in text control selections. Credit to “vkouchna”. - [59320] High, Integer overflows in font handling. Credit to Aki Helin of OUSPG. - [60055] High, Memory corruption in libvpx. Credit to Christoph Diehl. - [60238] High, Bad use of destroyed frame object. Credit to various developers, including “gundlach”. - [60327] [60769] [61255] High, Type confusions with event objects. Credit to “fam.lam” and Google Chrome Security Team (Inferno). - [60688] High, Out-of-bounds array access in SVG handling. Credit to wushi of team509. * Work-around a gcc 4.5 miscompilation bug causing a regression in the omnibar, breaking searches (LP: #664584) - add debian/patches/gcc-4.5-build-workaround.patch - update debian/patches/series
|
Fabien Tassin |
7.0.517.44~r64615-0ubuntu1 |
13 years ago
|
|
|