[Bug 931905] Re: Update to 17.0.963.46

[Launchpad Bug Tracker]

This bug was fixed in the package chromium-browser -
17.0.963.46~r119351-0ubuntu1

---------------
chromium-browser (17.0.963.46~r119351-0ubuntu1) precise; urgency=low

  * New upstream release from the Stable Channel (LP: #931905)
    This release fixes the following security issues:
    - [73478] Low CVE-2011-3953: Avoid clipboard monitoring after paste event.
      Credit to Daniel Cheng of the Chromium development community.
    - [92550] Low CVE-2011-3954: Crash with excessive database usage. Credit to
      Collin Payne.
    - [93106] High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit
      to David Grogan of the Chromium development community.
    - [103630] Low CVE-2011-3956: Incorrect handling of sandboxed origins inside
      extensions. Credit to Devdatta Akhawe, UC Berkeley.
    - [104056] High CVE-2011-3957: Use-after-free in PDF garbage collection.
      Credit to Aki Helin of OUSPG.
    - [105459] High CVE-2011-3958: Bad casts with column spans. Credit to
      miaubiz.
    - [106441] High CVE-2011-3959: Buffer overflow in locale handling. Credit to
      Aki Helin of OUSPG.
    - [108416] Medium CVE-2011-3960: Out-of-bounds read in audio decoding.
      Credit to Aki Helin of OUSPG.
    - [108871] Critical CVE-2011-3961: Race condition after crash of utility
      process. Credit to Shawn Goertzen.
    - [108901] Medium CVE-2011-3962: Out-of-bounds read in path clipping. Credit
      to Aki Helin of OUSPG.
    - [109094] Medium CVE-2011-3963: Out-of-bounds read in PDF fax image
      handling. Credit to Atte Kettunen of OUSPG.
    - [109245] Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to
      Code Audit Labs of VulnHunt.com.
    - [109664] Low CVE-2011-3965: Crash in signature check. Credit to Sławomir
      Błażek.
    - [109716] High CVE-2011-3966: Use-after-free in stylesheet error handling.
      Credit to Aki Helin of OUSPG.
    - [109717] Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben
      Carrillo.
    - [109743] High CVE-2011-3968: Use-after-free in CSS handling. Credit to
      Arthur Gerkis.
    - [110112] High CVE-2011-3969: Use-after-free in SVG layout. Credit to
      Arthur Gerkis.
    - [110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to
      Aki Helin of OUSPG.
    - [110374] High CVE-2011-3971: Use-after-free with mousemove events. Credit
      to Arthur Gerkis.
    - [110559] Medium CVE-2011-3972: Out-of-bounds read in shader translator.
      Credit to Google Chrome Security Team (Inferno).

  * Rebase patch
    - update debian/patches/disable_dlog_and_dcheck_in_release_builds.patch
  * Update .install file to just install all .pak files instead of listing them
    by name
    - update debian/chromium-browser.install
 -- Micah Gersten <mic...@ubuntu.com>   Wed, 15 Feb 2012 01:32:50 -0600

** Changed in: chromium-browser (Ubuntu Precise)
       Status: In Progress => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3953

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3954

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3955

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3956

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3957

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3958

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3959

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3960

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3961

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3962

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3963

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3964

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3965

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3966

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3967

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3968

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3969

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3970

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3971

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3972

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/931905

Title:
  Update to 17.0.963.46

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/931905/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs