© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
8d2a675
demo site
(Get the code!)
This bug was fixed in the package chromium-browser - 10.0.648.
---------------
chromium-browser (10.0.648.
* New upstream minor release from the Stable Channel (LP: #762275)
This release fixes the following security issues:
- [75629] Critical, CVE-2011-1301: Use-after-free in the GPU process.
Credit to Google Chrome Security Team (Inferno).
- [78524] Critical, CVE-2011-1302: Heap overflow in the GPU process. Credit
to Christoph Diehl.
This releasse also contains the security fixes from 10.0.648.204~r79063
(which has been skipped by the sponsors) (LP: #742118)
+ Webkit bugs:
- [73216] High, CVE-2011-1292: Use-after-free in the frame loader. Credit
to Sławomir Błażek.
- [73595] High, CVE-2011-1293: Use-after-free in HTMLCollection. Credit
to Sergey Glazunov.
- [74562] High, CVE-2011-1294: Stale pointer in CSS handling. Credit to
Sergey Glazunov.
- [74991] High, CVE-2011-1295: DOM tree corruption with broken node
parentage. Credit to Sergey Glazunov.
- [75170] High, CVE-2011-1296: Stale pointer in SVG text handling. Credit
to Sergey Glazunov.
+ Chromium bugs:
- [72517] High, CVE-2011-1291: Buffer error in base string handling.
Credit to Alex Turpin.
Packaging changes:
* Set arm_fpu=vfpv3-d16 on arm (less restrictive than the default vfpv3)
preventing a SIGILL crash on some boards (LP: #735877)
- update debian/control
* Install libppGoogleNaCl
- update debian/rules
- update debian/
* Fix the apport hooks to pass the expected 'ui' to add_info(), needed when
called from apport/ubuntu-bug (LP: #759635)
- update debian/
* NaCL may be blacklisted, so only include it when it's actually been
built (fixes the ftbfs on arm) (LP: #745854)
- update debian/rules
- update debian/
* Harden the apport hooks in the extensions section
- update debian/
-- Fabien Tassin <email address hidden> Thu, 14 Apr 2011 22:36:16 +0200