[Bug 881786] Re: Update to 15.0.874.102/106

[Launchpad Bug Tracker]

This bug was fixed in the package chromium-browser -
16.0.912.77~r118311-0ubuntu0.10.10.1

---
chromium-browser (16.0.912.77~r118311-0ubuntu0.10.10.1) maverick-security; 
urgency=low

  * New upstream release from the Stable Channel (LP: #923602)
This release fixes the following security issues:
- [106484] High CVE-2011-3924: Use-after-free in DOM selections. Credit to
  Arthur Gerkis.
- [107182] Critical CVE-2011-3925: Use-after-free in Safe Browsing
  navigation. Credit to Chamal de Silva.
- [108461] High CVE-2011-3928: Use-after-free in DOM handling. Credit to
  wushi of team509 reported through ZDI (ZDI-CAN-1415).
- [108605] High CVE-2011-3927: Uninitialized value in Skia. Credit to
  miaubiz.
- [109556] High CVE-2011-3926: Heap-buffer-overflow in tree builder.
  Credit to Arthur Gerkis.

chromium-browser (16.0.912.75~r116452-0ubuntu0.10.10.1) maverick-
security; urgency=low

  * New upstream release from the Stable Channel (LP: #914648, #889711)
This release fixes the following security issues:
- [106672] High CVE-2011-3921: Use-after-free in animation frames. Credit to
  Boris Zbarsky of Mozilla.
- [107128] High CVE-2011-3919: Heap-buffer-overflow in libxml. Credit to
  Jüri Aedla.
- [108006] High CVE-2011-3922: Stack-buffer-overflow in glyph handling.
  Credit to Google Chrome Security Team (Cris Neckar).

This upload also includes the following security fixes from 16.0.912.63:
- [81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit
  to David Holloway of the Chromium development community.
- [95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google
  Chrome Security Team (Inferno).
- [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit to
  Aki Helin of OUSPG.
- [99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit to
  Luka Treiber of ACROS Security.
- [100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to
  Aki Helin of OUSPG.
- [101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS
  property array. Credit to Google Chrome Security Team (scarybeasts) and
  Chu.
- [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame
  handling. Credit to Google Chrome Security Team (Cris Neckar).
- [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF. Credit to Google
  Chrome Security Team (scarybeasts) and Robert Swiecki of the Google
  Security Team.
- [102359] High CVE-2011-3912: Use-after-free in SVG filters. Credit to
  Arthur Gerkis.
- [103921] High CVE-2011-3913: Use-after-free in Range handling. Credit to
  Arthur Gerkis.
- [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling.
  Credit to Sławomir Błażek.
- [104529] High CVE-2011-3915: Buffer overflow in PDF font handling. Credit
  to Atte Kettunen of OUSPG.
- [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross
  references. Credit to Atte Kettunen of OUSPG.
- [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher.
  Credit to Google Chrome Security Team (Marty Barbella).
- [107258] High CVE-2011-3904: Use-after-free in bidi handling. Credit to
  Google Chrome Security Team (Inferno) and miaubiz.

This upload also includes the following security fixes from 15.0.874.121:
- [103259] High CVE-2011-3900: Out-of-bounds write in v8. Credit to
  Christian Holler.

This upload also includes the following security fixes from 15.0.874.120:
- [100465] High CVE-2011-3892: Double free in Theora decoder. Credit to Aki
  Helin of OUSPG.
- [100492] [100543] Medium CVE-2011-3893: Out of bounds reads in MKV and
  Vorbis media handlers. Credit to Aki Helin of OUSPG.
- [101172] High CVE-2011-3894: Memory corruption regression in VP8 decoding.
  Credit to Andrew Scherkus of the Chromium development community.
- [101458] High CVE-2011-3895: Heap overflow in Vorbis decoder. Credit to
  Aki Helin of OUSPG.
- [101624] High CVE-2011-3896: Buffer overflow in shader variable mapping.
  Credit to Ken “strcpy” Russell of the Chromium development community.
- [102242] High CVE-2011-3897: Use-after-free in editing. Credit to pa_kt
  reported through ZDI (ZDI-CAN-1416).

  [ Brandon Snider brandonsni...@ubuntu.com ]
  * Refresh patch
- update debian/patches/chromium_useragent.patch.in

chromium-browser (15.0.874.106~r107270-0ubuntu0.10.10.1) maverick-
security; urgency=low

  * New upstream release from the Stable Channel (LP: #881786)
This release fixes the following security issues:
- [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to
  Jordi Chancel.
- [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit
  to Jordi Chancel.
- [90217] Low CVE-2011-3876: Avoid stripping 

[Bug 881786] Re: Update to 15.0.874.102/106

[Launchpad Bug Tracker]

This bug was fixed in the package chromium-browser -
16.0.912.77~r118311-0ubuntu0.11.04.1

---
chromium-browser (16.0.912.77~r118311-0ubuntu0.11.04.1) natty-security; 
urgency=low

  * New upstream release from the Stable Channel (LP: #923602)
This release fixes the following security issues:
- [106484] High CVE-2011-3924: Use-after-free in DOM selections. Credit to
  Arthur Gerkis.
- [107182] Critical CVE-2011-3925: Use-after-free in Safe Browsing
  navigation. Credit to Chamal de Silva.
- [108461] High CVE-2011-3928: Use-after-free in DOM handling. Credit to
  wushi of team509 reported through ZDI (ZDI-CAN-1415).
- [108605] High CVE-2011-3927: Uninitialized value in Skia. Credit to
  miaubiz.
- [109556] High CVE-2011-3926: Heap-buffer-overflow in tree builder.
  Credit to Arthur Gerkis.

chromium-browser (16.0.912.75~r116452-0ubuntu0.11.04.1) natty-security;
urgency=low

  * New upstream release from the Stable Channel (LP: #914648, #889711)
This release fixes the following security issues:
- [106672] High CVE-2011-3921: Use-after-free in animation frames. Credit to
  Boris Zbarsky of Mozilla.
- [107128] High CVE-2011-3919: Heap-buffer-overflow in libxml. Credit to
  Jüri Aedla.
- [108006] High CVE-2011-3922: Stack-buffer-overflow in glyph handling.
  Credit to Google Chrome Security Team (Cris Neckar).

This upload also includes the following security fixes from 16.0.912.63:
- [81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit
  to David Holloway of the Chromium development community.
- [95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google
  Chrome Security Team (Inferno).
- [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit to
  Aki Helin of OUSPG.
- [99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit to
  Luka Treiber of ACROS Security.
- [100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to
  Aki Helin of OUSPG.
- [101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS
  property array. Credit to Google Chrome Security Team (scarybeasts) and
  Chu.
- [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame
  handling. Credit to Google Chrome Security Team (Cris Neckar).
- [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF. Credit to Google
  Chrome Security Team (scarybeasts) and Robert Swiecki of the Google
  Security Team.
- [102359] High CVE-2011-3912: Use-after-free in SVG filters. Credit to
  Arthur Gerkis.
- [103921] High CVE-2011-3913: Use-after-free in Range handling. Credit to
  Arthur Gerkis.
- [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling.
  Credit to Sławomir Błażek.
- [104529] High CVE-2011-3915: Buffer overflow in PDF font handling. Credit
  to Atte Kettunen of OUSPG.
- [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross
  references. Credit to Atte Kettunen of OUSPG.
- [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher.
  Credit to Google Chrome Security Team (Marty Barbella).
- [107258] High CVE-2011-3904: Use-after-free in bidi handling. Credit to
  Google Chrome Security Team (Inferno) and miaubiz.

This upload also includes the following security fixes from 15.0.874.121:
- [103259] High CVE-2011-3900: Out-of-bounds write in v8. Credit to
  Christian Holler.

This upload also includes the following security fixes from 15.0.874.120:
- [100465] High CVE-2011-3892: Double free in Theora decoder. Credit to Aki
  Helin of OUSPG.
- [100492] [100543] Medium CVE-2011-3893: Out of bounds reads in MKV and
  Vorbis media handlers. Credit to Aki Helin of OUSPG.
- [101172] High CVE-2011-3894: Memory corruption regression in VP8 decoding.
  Credit to Andrew Scherkus of the Chromium development community.
- [101458] High CVE-2011-3895: Heap overflow in Vorbis decoder. Credit to
  Aki Helin of OUSPG.
- [101624] High CVE-2011-3896: Buffer overflow in shader variable mapping.
  Credit to Ken “strcpy” Russell of the Chromium development community.
- [102242] High CVE-2011-3897: Use-after-free in editing. Credit to pa_kt
  reported through ZDI (ZDI-CAN-1416).

  [ Brandon Snider brandonsni...@ubuntu.com ]
  * Refresh patch
- update debian/patches/chromium_useragent.patch.in

chromium-browser (15.0.874.106~r107270-0ubuntu0.11.04.1) natty-security;
urgency=low

  * New upstream release from the Stable Channel (LP: #881786)
This release fixes the following security issues:
- [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to
  Jordi Chancel.
- [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit
  to Jordi Chancel.
- [90217] Low CVE-2011-3876: Avoid stripping whitespace at the 

[Bug 881786] Re: Update to 15.0.874.102/106

[Launchpad Bug Tracker]

This bug was fixed in the package chromium-browser -
15.0.874.106~r107270-0ubuntu0.11.10.1

---
chromium-browser (15.0.874.106~r107270-0ubuntu0.11.10.1) oneiric-security; 
urgency=low

  * New upstream release from the Stable Channel (LP: #881786)
- fix LP: #881607 - Error initializing NSS without a persistent database
This release fixes the following security issues:
- [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to
  Jordi Chancel.
- [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit
  to Jordi Chancel.
- [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of
  download filenames. Credit to Marc Novak.
- [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to
  Google Chrome Security Team (Tom Sepez) plus independent discovery by
  Juho Nurminen.
- [94487] Medium CVE-2011-3878: Race condition in worker process
  initialization. Credit to miaubiz.
- [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to
  Masato Kinugawa.
- [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit
  to Vladimir Vorontsov, ONsec company.
- [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin
  policy violations. Credit to Sergey Glazunov.
- [96292] High CVE-2011-3882: Use-after-free in media buffer handling.
  Credit to Google Chrome Security Team (Inferno).
- [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to
  miaubiz.
- [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to
  Brian Ryner of the Chromium development community.
- [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale
  style bugs leading to use-after-free. Credit to miaubiz.
- [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to
  Christian Holler.
- [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to
  Sergey Glazunov.
- [99138] High CVE-2011-3888: Use-after-free with plug-in and editing.
  Credit to miaubiz.
- [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
- [99553] High CVE-2011-3890: Use-after-free in video source handling.
  Credit to Ami Fischman of the Chromium development community.
- [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to
  Steven Keuchel of the Chromium development community plus independent
  discovery by Daniel Divricean.

  [ Chris Coulson chris.coul...@canonical.com ]
  * Refresh patches
- update debian/patches/dlopen_sonamed_gl.patch
- update debian/patches/webkit_rev_parser.patch
  * Dropped patches, fixed upstream
- remove debian/patches/cups_1.5_build_fix.patch
- update debian/patches/series

  [ Fabien Tassin ]
  * Disable NaCl until we figure out what to do with the private toolchain
- update debian/rules
  * Do not install the pseudo_locales files in the debs
- update debian/rules
  * Add python-simplejson to Build-depends. This is needed by NaCl even with
NaCl disabled, so this is a temporary workaround to unbreak the build, it
must be fixed upstream
- update debian/control

  [ Micah Gersten mic...@ubuntu.com ]
  * Switch to internal libvpx; This makes updating easier
- update debian/rules
  * Drop build dependency on libvpx due to the switch to internal libvpx
- update debian/control
 -- Micah Gersten mic...@ubuntu.com   Thu, 27 Oct 2011 02:45:31 -0500

** Changed in: chromium-browser (Ubuntu Oneiric)
   Status: Fix Committed = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Florian Achleitner]

This update still wasn't released? What's wrong?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Micah Gersten]

Sorry, between UDS and the Mozilla updates this week, I ran out of time
to verify.  There's another update which will go out early next week.
If anyone is interested in helping to verify Chromium updates, please
contact me through Launchpad on my home page (just click on my name and
there's a contact button on the top right).

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Dmitry Shachnev]

@Micah: 15.0.874.120 was released today:
http://googlechromereleases.blogspot.com/2011/11/stable-channel-
update.html.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Micah Gersten]

That was released yesterday, I meant next week as that's when I'll get
it into the Ubuntu archive.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Micah Gersten]

Tested lucid i386/amd64 packages with QRT, no regressions found over
previous functionality.  However, NaCL is missing (Bug #882942), this
was previously disabled, but installed.  I don't believe this is worth
holding up these security fixes though.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Launchpad Bug Tracker]

This bug was fixed in the package chromium-browser -
15.0.874.106~r107270-0ubuntu0.10.04.1

---
chromium-browser (15.0.874.106~r107270-0ubuntu0.10.04.1) lucid-security; 
urgency=low

  * New upstream release from the Stable Channel (LP: #881786)
This release fixes the following security issues:
- [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to
  Jordi Chancel.
- [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit
  to Jordi Chancel.
- [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of
  download filenames. Credit to Marc Novak.
- [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to
  Google Chrome Security Team (Tom Sepez) plus independent discovery by
  Juho Nurminen.
- [94487] Medium CVE-2011-3878: Race condition in worker process
  initialization. Credit to miaubiz.
- [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to
  Masato Kinugawa.
- [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit
  to Vladimir Vorontsov, ONsec company.
- [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin
  policy violations. Credit to Sergey Glazunov.
- [96292] High CVE-2011-3882: Use-after-free in media buffer handling.
  Credit to Google Chrome Security Team (Inferno).
- [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to
  miaubiz.
- [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to
  Brian Ryner of the Chromium development community.
- [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale
  style bugs leading to use-after-free. Credit to miaubiz.
- [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to
  Christian Holler.
- [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to
  Sergey Glazunov.
- [99138] High CVE-2011-3888: Use-after-free with plug-in and editing.
  Credit to miaubiz.
- [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
- [99553] High CVE-2011-3890: Use-after-free in video source handling.
  Credit to Ami Fischman of the Chromium development community.
- [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to
  Steven Keuchel of the Chromium development community plus independent
  discovery by Daniel Divricean.

  [ Chris Coulson chris.coul...@canonical.com ]
  * Refresh patches
- update debian/patches/dlopen_sonamed_gl.patch
- update debian/patches/webkit_rev_parser.patch

  [ Fabien Tassin ]
  * Disable NaCl until we figure out what to do with the private toolchain
- update debian/rules
  * Do not install the pseudo_locales files in the debs
- update debian/rules
  * Add python-simplejson to Build-depends. This is needed by NaCl even with
NaCl disabled, so this is a temporary workaround to unbreak the build, it
must be fixed upstream
- update debian/control
 -- Micah Gersten mic...@ubuntu.com   Thu, 27 Oct 2011 00:23:10 -0500

** Changed in: chromium-browser (Ubuntu Lucid)
   Status: Fix Committed = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Launchpad Bug Tracker]

** Branch linked: lp:ubuntu/lucid-security/chromium-browser

** Branch linked: lp:ubuntu/lucid-updates/chromium-browser

** Branch linked: lp:ubuntu/maverick-proposed/chromium-browser

** Branch linked: lp:ubuntu/natty-proposed/chromium-browser

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Launchpad Bug Tracker]

** Branch linked: lp:ubuntu/oneiric-proposed/chromium-browser

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Launchpad Bug Tracker]

** Branch linked: lp:~chromium-team/chromium-browser/chromium-
browser.maverick

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Launchpad Bug Tracker]

** Branch linked: lp:~chromium-team/chromium-browser/chromium-
browser.natty

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Launchpad Bug Tracker]

** Branch linked: lp:~chromium-team/chromium-browser/chromium-
browser.oneiric

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Jamie Strandboge]

Lucid - Oneiric built successfully and copied to -proposed.

** Changed in: chromium-browser (Ubuntu Lucid)
   Status: In Progress = Fix Committed

** Changed in: chromium-browser (Ubuntu Maverick)
   Status: In Progress = Fix Committed

** Changed in: chromium-browser (Ubuntu Natty)
   Status: In Progress = Fix Committed

** Changed in: chromium-browser (Ubuntu Oneiric)
   Status: In Progress = Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Micah Gersten]

** Tags added: security-verification verification-needed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Rolf Leggewie]

what kind of verification would be needed here?  that the packages are
indeed available? ;-)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Micah Gersten]

I just need to run them through QRT's test-browser.py (lp;qa-regression-
testing), nothing for anyone else to do yet :)  If you're interested in
helping test chromium in the future, I can see about that.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Micah Gersten]

** Summary changed:

- Update to 15.0.874.102
+ Update to 15.0.874.102/106

** Description changed:

  New Chromium release from the stable channel.
  
  Security fixes:
  [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to 
Jordi Chancel.
  [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to 
Jordi Chancel.
  [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of download 
filenames. Credit to Marc Novak.
  [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to Google 
Chrome Security Team (Tom Sepez) plus independent discovery by Juho Nurminen.
  [94487] Medium CVE-2011-3878: Race condition in worker process 
initialization. Credit to miaubiz.
  [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to 
Masato Kinugawa.
  [95992] Low CVE-2011-3880: Don’t permit  as a HTTP header delimiter. Credit 
to Vladimir Vorontsov, ONsec company.
  [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin 
policy violations. Credit to Sergey Glazunov.
  [96292] High CVE-2011-3882: Use-after-free in media buffer handling. Credit 
to Google Chrome Security Team (Inferno).
  [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to 
miaubiz.
  [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian 
Ryner of the Chromium development community.
  [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale 
style bugs leading to use-after-free. Credit to miaubiz.
  [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to 
Christian Holler.
  [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to 
Sergey Glazunov.
  [99138] High CVE-2011-3888: Use-after-free with plug-in and editing. Credit 
to miaubiz.
  [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
  [99553] High CVE-2011-3890: Use-after-free in video source handling. Credit 
to Ami Fischman of the Chromium development community.
  [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to 
Steven Keuchel of the Chromium development community plus independent discovery 
by Daniel Divricean.
+ 
+ 
+ 15.0.874.106 is a stability update to fix a regression: 
+ The Stable channel has been updated to 15.0.874.106 for Windows, Mac, Linux, 
and Chrome Frame.  This release fixes login issues to Barrons Online and The 
Wall Street Journal (Issue 101274).

** Changed in: chromium-browser (Ubuntu Precise)
   Status: Fix Released = In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Launchpad Bug Tracker]

This bug was fixed in the package chromium-browser -
15.0.874.106~r107270-0ubuntu1

---
chromium-browser (15.0.874.106~r107270-0ubuntu1) precise; urgency=low

  * New upstream release from the Stable Channel (LP: #881786)
- This release fixes a regression with regard to logging into certain
  websites
 -- Micah Gersten mic...@ubuntu.com   Wed, 26 Oct 2011 23:19:00 -0500

** Changed in: chromium-browser (Ubuntu Precise)
   Status: In Progress = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 881786] Re: Update to 15.0.874.102/106

[Launchpad Bug Tracker]

** Branch linked: lp:~chromium-team/chromium-browser/chromium-
browser.lucid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786

Title:
  Update to 15.0.874.102/106

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs