This bug was fixed in the package chromium-browser - 17.0.963.46~r119351-0ubuntu1
--------------- chromium-browser (17.0.963.46~r119351-0ubuntu1) precise; urgency=low * New upstream release from the Stable Channel (LP: #931905) This release fixes the following security issues: - [73478] Low CVE-2011-3953: Avoid clipboard monitoring after paste event. Credit to Daniel Cheng of the Chromium development community. - [92550] Low CVE-2011-3954: Crash with excessive database usage. Credit to Collin Payne. - [93106] High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit to David Grogan of the Chromium development community. - [103630] Low CVE-2011-3956: Incorrect handling of sandboxed origins inside extensions. Credit to Devdatta Akhawe, UC Berkeley. - [104056] High CVE-2011-3957: Use-after-free in PDF garbage collection. Credit to Aki Helin of OUSPG. - [105459] High CVE-2011-3958: Bad casts with column spans. Credit to miaubiz. - [106441] High CVE-2011-3959: Buffer overflow in locale handling. Credit to Aki Helin of OUSPG. - [108416] Medium CVE-2011-3960: Out-of-bounds read in audio decoding. Credit to Aki Helin of OUSPG. - [108871] Critical CVE-2011-3961: Race condition after crash of utility process. Credit to Shawn Goertzen. - [108901] Medium CVE-2011-3962: Out-of-bounds read in path clipping. Credit to Aki Helin of OUSPG. - [109094] Medium CVE-2011-3963: Out-of-bounds read in PDF fax image handling. Credit to Atte Kettunen of OUSPG. - [109245] Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to Code Audit Labs of VulnHunt.com. - [109664] Low CVE-2011-3965: Crash in signature check. Credit to Sławomir Błażek. - [109716] High CVE-2011-3966: Use-after-free in stylesheet error handling. Credit to Aki Helin of OUSPG. - [109717] Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben Carrillo. - [109743] High CVE-2011-3968: Use-after-free in CSS handling. Credit to Arthur Gerkis. - [110112] High CVE-2011-3969: Use-after-free in SVG layout. Credit to Arthur Gerkis. - [110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to Aki Helin of OUSPG. - [110374] High CVE-2011-3971: Use-after-free with mousemove events. Credit to Arthur Gerkis. - [110559] Medium CVE-2011-3972: Out-of-bounds read in shader translator. Credit to Google Chrome Security Team (Inferno). * Rebase patch - update debian/patches/disable_dlog_and_dcheck_in_release_builds.patch * Update .install file to just install all .pak files instead of listing them by name - update debian/chromium-browser.install -- Micah Gersten <mic...@ubuntu.com> Wed, 15 Feb 2012 01:32:50 -0600 ** Changed in: chromium-browser (Ubuntu Precise) Status: In Progress => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3953 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3954 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3955 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3956 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3957 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3958 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3959 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3960 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3961 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3962 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3963 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3964 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3965 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3966 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3967 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3968 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3969 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3970 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3971 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-3972 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/931905 Title: Update to 17.0.963.46 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/931905/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs