** Description changed: - New Chromium release from the stable channel + New Chromium release from the stable channel. + + Security fixes: + [$500] [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi Chancel. + [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to Jordi Chancel. + [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of download filenames. Credit to Marc Novak. + [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to Google Chrome Security Team (Tom Sepez) plus independent discovery by Juho Nurminen. + [94487] Medium CVE-2011-3878: Race condition in worker process initialization. Credit to miaubiz. + [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to Masato Kinugawa. + [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit to Vladimir Vorontsov, ONsec company. + [$12174] [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin policy violations. Credit to Sergey Glazunov. + [96292] High CVE-2011-3882: Use-after-free in media buffer handling. Credit to Google Chrome Security Team (Inferno). + [$1000] [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to miaubiz. + [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian Ryner of the Chromium development community. + [$6337] [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale style bugs leading to use-after-free. Credit to miaubiz. + [$2000] [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler. + [$1500] [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to Sergey Glazunov. + [$1000] [99138] High CVE-2011-3888: Use-after-free with plug-in and editing. Credit to miaubiz. + [$2000] [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz. + [99553] High CVE-2011-3890: Use-after-free in video source handling. Credit to Ami Fischman of the Chromium development community. + [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to Steven Keuchel of the Chromium development community plus independent discovery by Daniel Divricean.
** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2845 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3875 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3876 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3877 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3878 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3879 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3880 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3881 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3882 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3883 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3884 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3885 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3886 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3887 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3888 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3889 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3890 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3891 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/881786 Title: Update to 15.0.874.102 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
