It's not called out specifically in the change log. The existing
entries in the change log are very concerning for the 12.04 LTS update:
chromium-browser (37.0.2062.120-0ubuntu0.12.04.1~pkg917) precise-
security; urgency=medium
* Release to stage
chromium-browser (37.0.2062.120-0ubuntu1) UNRELEASED; urgency=low
* Upstream release 37.0.2062.120:
- CVE-2014-3178: Use-after-free in rendering. Credit to miaubiz.
- CVE-2014-3179: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/rules: Simplify and rearrange.
* debian/rules, debian/known_gyp_flags: Keep better track of known GYP flags,
so we can fail when something changes unexpectedly.
* debian/rules: Fix up patch-translations rule.
Why are changes being made to debian/rules to "Simplify and rearrange"
in an LTS update? That's just inviting problems like this. In looking
at a side-by-side diff (via meld), it appears that the removal of this
line may have been of victim of the referenced rearranging. I attempted
to find the packaging source repository, but the one referenced in LP
appears to be out dated and did not see a reference to the current one
(if there is a public one).
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3178
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3179
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1374222
Title:
path for policy files changed
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1374222/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
