This bug was fixed in the package chromium-browser -
12.0.742.112~r90304-0ubuntu1
---------------
chromium-browser (12.0.742.112~r90304-0ubuntu1) oneiric; urgency=high
* New Minor upstream release from the Stable Channel (LP: #803107)
This release fixes the following security issues:
+ WebKit issues:
- [84355] High, CVE-2011-2346: Use-after-free in SVG font handling.
Credit to miaubiz.
- [85003] High, CVE-2011-2347: Memory corruption in CSS parsing. Credit
to miaubiz.
- [85102] High, CVE-2011-2350: Lifetime and re-entrancy issues in the
HTML parser. Credit to miaubiz.
- [85211] High, CVE-2011-2351: Use-after-free with SVG use element.
Credit to miaubiz.
- [85418] High, CVE-2011-2349: Use-after-free in text selection. Credit
to miaubiz.
+ Chromium issues:
- [77493] Medium, CVE-2011-2345: Out-of-bounds read in NPAPI string
handling. Credit to Philippe Arteau.
- [85177] High, CVE-2011-2348: Bad bounds check in v8. Credit to Aki
Helin of OUSPG.
Packaging changes:
* Add Valencian (ca@valencia) to the list of supported langs for the
lang-packs
- update debian/rules
- update debian/control
* Add support for language variants in Grit, backported from trunk.
This is needed to support lang-codes like ca@valencia
- add debian/patches/grit_language_variants.patch
- update debian/patches/series
* Add a WANT_ONLY_WHITELISTED_NEW_LANGS knob to make it easier to
sync translations of new langs between all the branches
- update debian/rules
* Properly stop the keep-alive when the build fails
- update debian/rules
* Fix the HTML5 <video> tag regression in Oneiric by properly linking
libvpx so it's not being dropped from libffmpegsumo.so (LP: #795171)
- add debian/patches/html5-codecs-fix.patch
- update debian/patches/series
* Drop the -inspector package, its content has been merged into the main deb
in M12 and the deb remained empty since.
Also drop chromium-codecs-ffmpeg-nonfree, renamed in M5 to -extra
- update debian/control
- update debian/rules
* Backport of http://codereview.chromium.org/6883221 from M13 presumably
fixing the ARM ftbfs from the last update, and set use_cups=0 on armel
- add debian/patches/cups_cleanup_cr6883221.patch
- update debian/patches/series
- update debian/rules
-- Fabien Tassin <[email protected]> Tue, 28 Jun 2011 07:17:52 +0200
** Changed in: chromium-browser (Ubuntu Oneiric)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2345
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2346
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2347
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2348
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2349
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2350
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2351
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/795171
Title:
<video> tag broken in oneiric only due to --as-needed in the toolchain
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/795171/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
