[Bug 881786] Re: Update to 15.0.874.102/106
This bug was fixed in the package chromium-browser - 16.0.912.77~r118311-0ubuntu0.10.10.1 --- chromium-browser (16.0.912.77~r118311-0ubuntu0.10.10.1) maverick-security; urgency=low * New upstream release from the Stable Channel (LP: #923602) This release fixes the following security issues: - [106484] High CVE-2011-3924: Use-after-free in DOM selections. Credit to Arthur Gerkis. - [107182] Critical CVE-2011-3925: Use-after-free in Safe Browsing navigation. Credit to Chamal de Silva. - [108461] High CVE-2011-3928: Use-after-free in DOM handling. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1415). - [108605] High CVE-2011-3927: Uninitialized value in Skia. Credit to miaubiz. - [109556] High CVE-2011-3926: Heap-buffer-overflow in tree builder. Credit to Arthur Gerkis. chromium-browser (16.0.912.75~r116452-0ubuntu0.10.10.1) maverick- security; urgency=low * New upstream release from the Stable Channel (LP: #914648, #889711) This release fixes the following security issues: - [106672] High CVE-2011-3921: Use-after-free in animation frames. Credit to Boris Zbarsky of Mozilla. - [107128] High CVE-2011-3919: Heap-buffer-overflow in libxml. Credit to Jüri Aedla. - [108006] High CVE-2011-3922: Stack-buffer-overflow in glyph handling. Credit to Google Chrome Security Team (Cris Neckar). This upload also includes the following security fixes from 16.0.912.63: - [81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to David Holloway of the Chromium development community. - [95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team (Inferno). - [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit to Aki Helin of OUSPG. - [99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit to Luka Treiber of ACROS Security. - [100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to Aki Helin of OUSPG. - [101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property array. Credit to Google Chrome Security Team (scarybeasts) and Chu. - [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling. Credit to Google Chrome Security Team (Cris Neckar). - [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF. Credit to Google Chrome Security Team (scarybeasts) and Robert Swiecki of the Google Security Team. - [102359] High CVE-2011-3912: Use-after-free in SVG filters. Credit to Arthur Gerkis. - [103921] High CVE-2011-3913: Use-after-free in Range handling. Credit to Arthur Gerkis. - [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling. Credit to Sławomir Błażek. - [104529] High CVE-2011-3915: Buffer overflow in PDF font handling. Credit to Atte Kettunen of OUSPG. - [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross references. Credit to Atte Kettunen of OUSPG. - [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to Google Chrome Security Team (Marty Barbella). - [107258] High CVE-2011-3904: Use-after-free in bidi handling. Credit to Google Chrome Security Team (Inferno) and miaubiz. This upload also includes the following security fixes from 15.0.874.121: - [103259] High CVE-2011-3900: Out-of-bounds write in v8. Credit to Christian Holler. This upload also includes the following security fixes from 15.0.874.120: - [100465] High CVE-2011-3892: Double free in Theora decoder. Credit to Aki Helin of OUSPG. - [100492] [100543] Medium CVE-2011-3893: Out of bounds reads in MKV and Vorbis media handlers. Credit to Aki Helin of OUSPG. - [101172] High CVE-2011-3894: Memory corruption regression in VP8 decoding. Credit to Andrew Scherkus of the Chromium development community. - [101458] High CVE-2011-3895: Heap overflow in Vorbis decoder. Credit to Aki Helin of OUSPG. - [101624] High CVE-2011-3896: Buffer overflow in shader variable mapping. Credit to Ken “strcpy” Russell of the Chromium development community. - [102242] High CVE-2011-3897: Use-after-free in editing. Credit to pa_kt reported through ZDI (ZDI-CAN-1416). [ Brandon Snider brandonsni...@ubuntu.com ] * Refresh patch - update debian/patches/chromium_useragent.patch.in chromium-browser (15.0.874.106~r107270-0ubuntu0.10.10.1) maverick- security; urgency=low * New upstream release from the Stable Channel (LP: #881786) This release fixes the following security issues: - [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi Chancel. - [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to Jordi Chancel. - [90217] Low CVE-2011-3876: Avoid stripping
[Bug 881786] Re: Update to 15.0.874.102/106
This bug was fixed in the package chromium-browser - 16.0.912.77~r118311-0ubuntu0.11.04.1 --- chromium-browser (16.0.912.77~r118311-0ubuntu0.11.04.1) natty-security; urgency=low * New upstream release from the Stable Channel (LP: #923602) This release fixes the following security issues: - [106484] High CVE-2011-3924: Use-after-free in DOM selections. Credit to Arthur Gerkis. - [107182] Critical CVE-2011-3925: Use-after-free in Safe Browsing navigation. Credit to Chamal de Silva. - [108461] High CVE-2011-3928: Use-after-free in DOM handling. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1415). - [108605] High CVE-2011-3927: Uninitialized value in Skia. Credit to miaubiz. - [109556] High CVE-2011-3926: Heap-buffer-overflow in tree builder. Credit to Arthur Gerkis. chromium-browser (16.0.912.75~r116452-0ubuntu0.11.04.1) natty-security; urgency=low * New upstream release from the Stable Channel (LP: #914648, #889711) This release fixes the following security issues: - [106672] High CVE-2011-3921: Use-after-free in animation frames. Credit to Boris Zbarsky of Mozilla. - [107128] High CVE-2011-3919: Heap-buffer-overflow in libxml. Credit to Jüri Aedla. - [108006] High CVE-2011-3922: Stack-buffer-overflow in glyph handling. Credit to Google Chrome Security Team (Cris Neckar). This upload also includes the following security fixes from 16.0.912.63: - [81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to David Holloway of the Chromium development community. - [95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team (Inferno). - [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit to Aki Helin of OUSPG. - [99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit to Luka Treiber of ACROS Security. - [100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to Aki Helin of OUSPG. - [101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property array. Credit to Google Chrome Security Team (scarybeasts) and Chu. - [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling. Credit to Google Chrome Security Team (Cris Neckar). - [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF. Credit to Google Chrome Security Team (scarybeasts) and Robert Swiecki of the Google Security Team. - [102359] High CVE-2011-3912: Use-after-free in SVG filters. Credit to Arthur Gerkis. - [103921] High CVE-2011-3913: Use-after-free in Range handling. Credit to Arthur Gerkis. - [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling. Credit to Sławomir Błażek. - [104529] High CVE-2011-3915: Buffer overflow in PDF font handling. Credit to Atte Kettunen of OUSPG. - [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross references. Credit to Atte Kettunen of OUSPG. - [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to Google Chrome Security Team (Marty Barbella). - [107258] High CVE-2011-3904: Use-after-free in bidi handling. Credit to Google Chrome Security Team (Inferno) and miaubiz. This upload also includes the following security fixes from 15.0.874.121: - [103259] High CVE-2011-3900: Out-of-bounds write in v8. Credit to Christian Holler. This upload also includes the following security fixes from 15.0.874.120: - [100465] High CVE-2011-3892: Double free in Theora decoder. Credit to Aki Helin of OUSPG. - [100492] [100543] Medium CVE-2011-3893: Out of bounds reads in MKV and Vorbis media handlers. Credit to Aki Helin of OUSPG. - [101172] High CVE-2011-3894: Memory corruption regression in VP8 decoding. Credit to Andrew Scherkus of the Chromium development community. - [101458] High CVE-2011-3895: Heap overflow in Vorbis decoder. Credit to Aki Helin of OUSPG. - [101624] High CVE-2011-3896: Buffer overflow in shader variable mapping. Credit to Ken “strcpy” Russell of the Chromium development community. - [102242] High CVE-2011-3897: Use-after-free in editing. Credit to pa_kt reported through ZDI (ZDI-CAN-1416). [ Brandon Snider brandonsni...@ubuntu.com ] * Refresh patch - update debian/patches/chromium_useragent.patch.in chromium-browser (15.0.874.106~r107270-0ubuntu0.11.04.1) natty-security; urgency=low * New upstream release from the Stable Channel (LP: #881786) This release fixes the following security issues: - [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi Chancel. - [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to Jordi Chancel. - [90217] Low CVE-2011-3876: Avoid stripping whitespace at the
[Bug 881786] Re: Update to 15.0.874.102/106
This bug was fixed in the package chromium-browser - 15.0.874.106~r107270-0ubuntu0.11.10.1 --- chromium-browser (15.0.874.106~r107270-0ubuntu0.11.10.1) oneiric-security; urgency=low * New upstream release from the Stable Channel (LP: #881786) - fix LP: #881607 - Error initializing NSS without a persistent database This release fixes the following security issues: - [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi Chancel. - [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to Jordi Chancel. - [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of download filenames. Credit to Marc Novak. - [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to Google Chrome Security Team (Tom Sepez) plus independent discovery by Juho Nurminen. - [94487] Medium CVE-2011-3878: Race condition in worker process initialization. Credit to miaubiz. - [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to Masato Kinugawa. - [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit to Vladimir Vorontsov, ONsec company. - [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin policy violations. Credit to Sergey Glazunov. - [96292] High CVE-2011-3882: Use-after-free in media buffer handling. Credit to Google Chrome Security Team (Inferno). - [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to miaubiz. - [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian Ryner of the Chromium development community. - [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale style bugs leading to use-after-free. Credit to miaubiz. - [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler. - [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to Sergey Glazunov. - [99138] High CVE-2011-3888: Use-after-free with plug-in and editing. Credit to miaubiz. - [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz. - [99553] High CVE-2011-3890: Use-after-free in video source handling. Credit to Ami Fischman of the Chromium development community. - [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to Steven Keuchel of the Chromium development community plus independent discovery by Daniel Divricean. [ Chris Coulson chris.coul...@canonical.com ] * Refresh patches - update debian/patches/dlopen_sonamed_gl.patch - update debian/patches/webkit_rev_parser.patch * Dropped patches, fixed upstream - remove debian/patches/cups_1.5_build_fix.patch - update debian/patches/series [ Fabien Tassin ] * Disable NaCl until we figure out what to do with the private toolchain - update debian/rules * Do not install the pseudo_locales files in the debs - update debian/rules * Add python-simplejson to Build-depends. This is needed by NaCl even with NaCl disabled, so this is a temporary workaround to unbreak the build, it must be fixed upstream - update debian/control [ Micah Gersten mic...@ubuntu.com ] * Switch to internal libvpx; This makes updating easier - update debian/rules * Drop build dependency on libvpx due to the switch to internal libvpx - update debian/control -- Micah Gersten mic...@ubuntu.com Thu, 27 Oct 2011 02:45:31 -0500 ** Changed in: chromium-browser (Ubuntu Oneiric) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
This update still wasn't released? What's wrong? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
Sorry, between UDS and the Mozilla updates this week, I ran out of time to verify. There's another update which will go out early next week. If anyone is interested in helping to verify Chromium updates, please contact me through Launchpad on my home page (just click on my name and there's a contact button on the top right). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
@Micah: 15.0.874.120 was released today: http://googlechromereleases.blogspot.com/2011/11/stable-channel- update.html. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
That was released yesterday, I meant next week as that's when I'll get it into the Ubuntu archive. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
Tested lucid i386/amd64 packages with QRT, no regressions found over previous functionality. However, NaCL is missing (Bug #882942), this was previously disabled, but installed. I don't believe this is worth holding up these security fixes though. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
This bug was fixed in the package chromium-browser - 15.0.874.106~r107270-0ubuntu0.10.04.1 --- chromium-browser (15.0.874.106~r107270-0ubuntu0.10.04.1) lucid-security; urgency=low * New upstream release from the Stable Channel (LP: #881786) This release fixes the following security issues: - [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi Chancel. - [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to Jordi Chancel. - [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of download filenames. Credit to Marc Novak. - [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to Google Chrome Security Team (Tom Sepez) plus independent discovery by Juho Nurminen. - [94487] Medium CVE-2011-3878: Race condition in worker process initialization. Credit to miaubiz. - [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to Masato Kinugawa. - [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit to Vladimir Vorontsov, ONsec company. - [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin policy violations. Credit to Sergey Glazunov. - [96292] High CVE-2011-3882: Use-after-free in media buffer handling. Credit to Google Chrome Security Team (Inferno). - [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to miaubiz. - [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian Ryner of the Chromium development community. - [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale style bugs leading to use-after-free. Credit to miaubiz. - [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler. - [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to Sergey Glazunov. - [99138] High CVE-2011-3888: Use-after-free with plug-in and editing. Credit to miaubiz. - [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz. - [99553] High CVE-2011-3890: Use-after-free in video source handling. Credit to Ami Fischman of the Chromium development community. - [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to Steven Keuchel of the Chromium development community plus independent discovery by Daniel Divricean. [ Chris Coulson chris.coul...@canonical.com ] * Refresh patches - update debian/patches/dlopen_sonamed_gl.patch - update debian/patches/webkit_rev_parser.patch [ Fabien Tassin ] * Disable NaCl until we figure out what to do with the private toolchain - update debian/rules * Do not install the pseudo_locales files in the debs - update debian/rules * Add python-simplejson to Build-depends. This is needed by NaCl even with NaCl disabled, so this is a temporary workaround to unbreak the build, it must be fixed upstream - update debian/control -- Micah Gersten mic...@ubuntu.com Thu, 27 Oct 2011 00:23:10 -0500 ** Changed in: chromium-browser (Ubuntu Lucid) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
** Branch linked: lp:ubuntu/lucid-security/chromium-browser ** Branch linked: lp:ubuntu/lucid-updates/chromium-browser ** Branch linked: lp:ubuntu/maverick-proposed/chromium-browser ** Branch linked: lp:ubuntu/natty-proposed/chromium-browser -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
** Branch linked: lp:ubuntu/oneiric-proposed/chromium-browser -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
** Branch linked: lp:~chromium-team/chromium-browser/chromium- browser.maverick -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
** Branch linked: lp:~chromium-team/chromium-browser/chromium- browser.natty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
** Branch linked: lp:~chromium-team/chromium-browser/chromium- browser.oneiric -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
Lucid - Oneiric built successfully and copied to -proposed. ** Changed in: chromium-browser (Ubuntu Lucid) Status: In Progress = Fix Committed ** Changed in: chromium-browser (Ubuntu Maverick) Status: In Progress = Fix Committed ** Changed in: chromium-browser (Ubuntu Natty) Status: In Progress = Fix Committed ** Changed in: chromium-browser (Ubuntu Oneiric) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
** Tags added: security-verification verification-needed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
what kind of verification would be needed here? that the packages are indeed available? ;-) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
I just need to run them through QRT's test-browser.py (lp;qa-regression- testing), nothing for anyone else to do yet :) If you're interested in helping test chromium in the future, I can see about that. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
** Summary changed: - Update to 15.0.874.102 + Update to 15.0.874.102/106 ** Description changed: New Chromium release from the stable channel. Security fixes: [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi Chancel. [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to Jordi Chancel. [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of download filenames. Credit to Marc Novak. [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to Google Chrome Security Team (Tom Sepez) plus independent discovery by Juho Nurminen. [94487] Medium CVE-2011-3878: Race condition in worker process initialization. Credit to miaubiz. [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to Masato Kinugawa. [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit to Vladimir Vorontsov, ONsec company. [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin policy violations. Credit to Sergey Glazunov. [96292] High CVE-2011-3882: Use-after-free in media buffer handling. Credit to Google Chrome Security Team (Inferno). [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to miaubiz. [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian Ryner of the Chromium development community. [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale style bugs leading to use-after-free. Credit to miaubiz. [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler. [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to Sergey Glazunov. [99138] High CVE-2011-3888: Use-after-free with plug-in and editing. Credit to miaubiz. [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz. [99553] High CVE-2011-3890: Use-after-free in video source handling. Credit to Ami Fischman of the Chromium development community. [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to Steven Keuchel of the Chromium development community plus independent discovery by Daniel Divricean. + + + 15.0.874.106 is a stability update to fix a regression: + The Stable channel has been updated to 15.0.874.106 for Windows, Mac, Linux, and Chrome Frame. This release fixes login issues to Barrons Online and The Wall Street Journal (Issue 101274). ** Changed in: chromium-browser (Ubuntu Precise) Status: Fix Released = In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
This bug was fixed in the package chromium-browser - 15.0.874.106~r107270-0ubuntu1 --- chromium-browser (15.0.874.106~r107270-0ubuntu1) precise; urgency=low * New upstream release from the Stable Channel (LP: #881786) - This release fixes a regression with regard to logging into certain websites -- Micah Gersten mic...@ubuntu.com Wed, 26 Oct 2011 23:19:00 -0500 ** Changed in: chromium-browser (Ubuntu Precise) Status: In Progress = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 881786] Re: Update to 15.0.874.102/106
** Branch linked: lp:~chromium-team/chromium-browser/chromium- browser.lucid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102/106 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs