Due to missing security updates, the available chromium-browser in precise is vulnerable to a number of security weaknesses, among others
* Upstream release 43.0.2357.65: - CVE-2015-1252: Sandbox escape in Chrome. - CVE-2015-1253: Cross-origin bypass in DOM. - CVE-2015-1254: Cross-origin bypass in Editing. - CVE-2015-1255: Use-after-free in WebAudio. - CVE-2015-1256: Use-after-free in SVG. - CVE-2015-1251: Use-after-free in Speech. - CVE-2015-1257: Container-overflow in SVG. - CVE-2015-1258: Negative-size parameter in Libvpx. - CVE-2015-1259: Uninitialized value in PDFium. - CVE-2015-1260: Use-after-free in WebRTC. - CVE-2015-1261: URL bar spoofing. - CVE-2015-1262: Uninitialized value in Blink. - CVE-2015-1263: Insecure download of spellcheck dictionary. - CVE-2015-1264: Cross-site scripting in bookmarks. - CVE-2015-1265: Various fixes from internal audits, fuzzing and other initiatives. - Multiple vulnerabilities in V8 fixed at the tip of the 4.3 branch (currently 4.3.61.21). * Upstream release 42.0.2311.135: - CVE-2015-1243: Use-after-free in DOM. - CVE-2015-1250: Various fixes from internal audits, fuzzing and other initiatives. * Upstream release 42.0.2311.90: - CVE-2015-1235: Cross-origin-bypass in HTML parser. - CVE-2015-1236: Cross-origin-bypass in Blink. - CVE-2015-1237: Use-after-free in IPC. - CVE-2015-1238: Out-of-bounds write in Skia. - CVE-2015-1240: Out-of-bounds read in WebGL. - CVE-2015-1241: Tap-Jacking. - CVE-2015-1242: Type confusion in V8. - CVE-2015-1244: HSTS bypass in WebSockets. - CVE-2015-1245: Use-after-free in PDFium. - CVE-2015-1247: Scheme issues in OpenSearch. - CVE-2015-1248: SafeBrowsing bypass. * Upstream release 41.0.2272.118: - CVE-2015-1233: A special thanks to Anonymous for a combination of V8, Gamepad and IPC bugs that can lead to remote code execution outside of the sandbox. - CVE-2015-1234: Buffer overflow via race condition in GPU. etc. etc. (just look at the change history of the 39.* to 43.* versions) ** Information type changed from Public to Public Security ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1233 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1234 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1235 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1236 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1237 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1238 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1240 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1241 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1242 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1243 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1244 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1245 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1247 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1248 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1250 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1251 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1252 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1253 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1254 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1255 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1256 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1257 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1258 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1259 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1260 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1261 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1262 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1263 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1264 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1265 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1468666 Title: Chromium VERSION on Ubuntu 12.04 LTS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1468666/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs