This bug was fixed in the package chromium-browser -
6.0.472.59~r59126-0ubuntu1
---------------
chromium-browser (6.0.472.59~r59126-0ubuntu1) maverick; urgency=low
* New upstream release from the Stable Channel (LP: #638736)
This release fixes the following security issues:
- [50250] High, Use-after-free when using document APIs during parse.
Credit to David Weston of Microsoft + Microsoft Vulnerability Research
(MSVR) and wushi of team 509 (independent discoveries).
- [50712] High, Use-after-free in SVG styles. Credit to kuzzcc.
- [51252] High, Use-after-free with nested SVG elements. Credit to kuzzcc.
- [51709] Low, Possible browser assert in cursor handling. Credit to
“magnusmorton”.
- [51919] High, Race condition in console handling. Credit to kuzzcc.
- [53176] Low, Unlikely browser crash in pop-up blocking. Credit to kuzzcc.
- [53394] High, Memory corruption in Geolocation. Credit to kuzzcc.
- [53930] High, Memory corruption in Khmer handling. Credit to Google
Chrome Security Team (Chris Evans).
- [54006] Low, Failure to prompt for extension history access. Credit to
“adriennefelt”.
* Don't build with PIE on armel for now, it fails to link.
- update debian/rules
-- Fabien Tassin <[email protected]> Wed, 15 Sep 2010 07:20:49 +0200
** Changed in: chromium-browser (Ubuntu Maverick)
Status: In Progress => Fix Released
--
6.0.472.55~r58392 -> 6.0.472.59~r59126 upgrade
https://bugs.launchpad.net/bugs/638736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
