[Bug 712655] Re: 8.0.552.237 - 9.0.597.84 upgrade
This bug was fixed in the package chromium-browser - 9.0.597.84~r72991-0ubuntu0.10.04.1 --- chromium-browser (9.0.597.84~r72991-0ubuntu0.10.04.1) lucid-security; urgency=high * New upstream release from the Stable Channel (LP: #712655) This release fixes the following security issues: - [55831] High, Use-after-free in image loading. Credit to Aki Helin of OUSPG. - [59081] Low, Apply some restrictions to cross-origin drag + drop. Credit to Google Chrome Security Team (SkyLined) and the Google Security Team (Michal Zalewski, David Bloom). - [62791] Low, Browser crash with extension with missing key. Credit to Brian Kirchoff. - [65669] Low, Handle merging of autofill profiles more gracefully. Credit to Google Chrome Security Team (Inferno). - [68244] Low, Browser crash with bad volume setting. Credit to Matthew Heidermann. - [69195] Critical, Race condition in audio handling. Credit to the gamers of Reddit! * Add the app/resources/app_strings.grd template to the list of templates translated in Launchpad - update debian/rules * Drop the gcc 4.5 work-around, applied upstream - remove debian/patches/gcc-4.5-build-workaround.patch - update debian/patches/series * Drop gcc 4.2/4.3 from Build-depends and remove the gcc 4.4 workarounds now done in the upstream gyp files - update debian/control - update debian/rules * Add libxtst-dev to Build-deps now that chromoting uses the XTest extension to execute mouse and keyboard events - update debian/control * Fix the libgnutls dlopen to look for the sonamed lib - add debian/patches/dlopen_libgnutls.patch - update debian/patches/series * Fix the libosmesa/libGLESv2/libEGL dlopen() to look for the sonamed libs. This assumes either the libgles2-mesa + libegl1-mesa packages (better) or the libosmesa6 package are installed - add debian/patches/dlopen_sonamed_gl.patch - update debian/patches/series -- Fabien Tassin f...@ubuntu.com Thu, 03 Feb 2011 22:56:37 +0100 ** Changed in: chromium-browser (Ubuntu Lucid) Status: In Progress = Fix Released ** Changed in: chromium-browser (Ubuntu Maverick) Status: In Progress = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/712655 Title: 8.0.552.237 - 9.0.597.84 upgrade -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 712655] Re: 8.0.552.237 - 9.0.597.84 upgrade
This bug was fixed in the package chromium-browser - 9.0.597.84~r72991-0ubuntu0.10.10.1 --- chromium-browser (9.0.597.84~r72991-0ubuntu0.10.10.1) maverick-security; urgency=high * New upstream release from the Stable Channel (LP: #712655) This release fixes the following security issues: - [55831] High, Use-after-free in image loading. Credit to Aki Helin of OUSPG. - [59081] Low, Apply some restrictions to cross-origin drag + drop. Credit to Google Chrome Security Team (SkyLined) and the Google Security Team (Michal Zalewski, David Bloom). - [62791] Low, Browser crash with extension with missing key. Credit to Brian Kirchoff. - [65669] Low, Handle merging of autofill profiles more gracefully. Credit to Google Chrome Security Team (Inferno). - [68244] Low, Browser crash with bad volume setting. Credit to Matthew Heidermann. - [69195] Critical, Race condition in audio handling. Credit to the gamers of Reddit! * Add the app/resources/app_strings.grd template to the list of templates translated in Launchpad - update debian/rules * Drop the gcc 4.5 work-around, applied upstream - remove debian/patches/gcc-4.5-build-workaround.patch - update debian/patches/series * Drop gcc 4.2/4.3 from Build-depends and remove the gcc 4.4 workarounds now done in the upstream gyp files - update debian/control - update debian/rules * Add libxtst-dev to Build-deps now that chromoting uses the XTest extension to execute mouse and keyboard events - update debian/control * Fix the libgnutls dlopen to look for the sonamed lib - add debian/patches/dlopen_libgnutls.patch - update debian/patches/series * Fix the libosmesa/libGLESv2/libEGL dlopen() to look for the sonamed libs. This assumes either the libgles2-mesa + libegl1-mesa packages (better) or the libosmesa6 package are installed - add debian/patches/dlopen_sonamed_gl.patch - update debian/patches/series -- Fabien Tassin f...@ubuntu.com Thu, 03 Feb 2011 22:56:37 +0100 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/712655 Title: 8.0.552.237 - 9.0.597.84 upgrade -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 712655] Re: 8.0.552.237 - 9.0.597.84 upgrade
Test i386 and amd64 for both lucid and maverick using QRT:test- browser.py and it works fine with no regressions. ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/712655 Title: 8.0.552.237 - 9.0.597.84 upgrade -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 712655] Re: 8.0.552.237 - 9.0.597.84 upgrade
FYI, the maverick armel build got restarted automatically (ie, not a FTBFS but a buildd issue). I am publishing lucid and maverick and will upload a .2 for maverick armel, to be published later. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/712655 Title: 8.0.552.237 - 9.0.597.84 upgrade -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 712655] Re: 8.0.552.237 - 9.0.597.84 upgrade
It also implies an update of the codecs. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/712655 Title: 8.0.552.237 - 9.0.597.84 upgrade -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 712655] Re: 8.0.552.237 - 9.0.597.84 upgrade
** Branch linked: lp:ubuntu/chromium-codecs-ffmpeg -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/712655 Title: 8.0.552.237 - 9.0.597.84 upgrade -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 712655] Re: 8.0.552.237 - 9.0.597.84 upgrade
This bug was fixed in the package chromium-browser - 9.0.597.84~r72991-0ubuntu1 --- chromium-browser (9.0.597.84~r72991-0ubuntu1) natty; urgency=high * New upstream release from the Stable Channel (LP: #712655) This release fixes the following security issues: - [55831] High, Use-after-free in image loading. Credit to Aki Helin of OUSPG. - [59081] Low, Apply some restrictions to cross-origin drag + drop. Credit to Google Chrome Security Team (SkyLined) and the Google Security Team (Michal Zalewski, David Bloom). - [62791] Low, Browser crash with extension with missing key. Credit to Brian Kirchoff. - [65669] Low, Handle merging of autofill profiles more gracefully. Credit to Google Chrome Security Team (Inferno). - [68244] Low, Browser crash with bad volume setting. Credit to Matthew Heidermann. - [69195] Critical, Race condition in audio handling. Credit to the gamers of Reddit! * Add the app/resources/app_strings.grd template to the list of templates translated in Launchpad - update debian/rules * Drop the gcc 4.5 work-around, applied upstream - remove debian/patches/gcc-4.5-build-workaround.patch - update debian/patches/series * Drop gcc 4.2/4.3 from Build-depends and remove the gcc 4.4 workarounds now done in the upstream gyp files - update debian/control - update debian/rules * Add libxtst-dev to Build-deps now that chromoting uses the XTest extension to execute mouse and keyboard events - update debian/control * Remove GNOME_DESKTOP_SESSION_ID from the Apport report, it's useless - update debian/apport/chromium-browser.py * Add a system to enable/disable distribution specific patches from the quilt series - add debian/enable-dist-patches.pl - update debian/rules * Disable the gtk resize grip on Natty (LP: #703451) Original patch by Cody Russell cruss...@ubuntu.com, ported to v9 - add debian/patches/disable_gtk_resize_grip_on_natty.patch - update debian/patches/series * Fix the libgnutls dlopen to look for the sonamed lib - add debian/patches/dlopen_libgnutls.patch - update debian/patches/series * Fix the libosmesa/libGLESv2/libEGL dlopen() to look for the sonamed libs. This assumes either the libgles2-mesa + libegl1-mesa packages (better) or the libosmesa6 package are installed - add debian/patches/dlopen_sonamed_gl.patch - update debian/patches/series -- Fabien Tassin f...@ubuntu.com Thu, 03 Feb 2011 22:56:37 +0100 ** Changed in: chromium-browser (Ubuntu Natty) Status: In Progress = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/712655 Title: 8.0.552.237 - 9.0.597.84 upgrade -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
