Ubuntu
chromium-browser package

11.0.696.68 -> 11.0.696.71

Bug #787846 reported by Fabien Tassin
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Fix Released
High
Fabien Tassin
Lucid
Fix Released
High
Micah Gersten
Maverick
Fix Released
High
Micah Gersten
Natty
Fix Released
High
Micah Gersten
Oneiric
Fix Released
High
Fabien Tassin

Bug Description

Binary package hint: chromium-browser

Another security upgrade, needed in oneiric, natty, maverick and lucid

Fabien Tassin (fta)
Changed in chromium-browser (Ubuntu Oneiric):
status: New → Fix Committed
assignee: nobody → Fabien Tassin (fta)
importance: Undecided → High
Changed in chromium-browser (Ubuntu Natty):
importance: Undecided → High
Changed in chromium-browser (Ubuntu Maverick):
importance: Undecided → High
Changed in chromium-browser (Ubuntu Lucid):
importance: Undecided → High
security vulnerability: no → yes
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 11.0.696.71~r86024-0ubuntu1

---------------
chromium-browser (11.0.696.71~r86024-0ubuntu1) oneiric; urgency=low

  * New Minor upstream release from the Stable Channel (LP: #787846)
    This release fixes the following security issues:
    + WebKit issues:
      - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De
        Silva.
      - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit
        to Martin Barbella.
      - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling.
        Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany
        of the Chromium development community.
      - other issues covered by CVE-2011-1802, CVE-2011-1803, CVE-2011-1805
    + GPU/WebGL issue:
      - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command
        buffer. Credit to Google Chrome Security Team (Cris Neckar).
  * Update the svg icon once again, the previous one contained an embedded png
    (LP: #748881)
    - update debian/chromium-browser.svg
  * Don't build with libjpeg-turbo on armel, to prevent a FTBFS
    - update debian/rules
 -- Fabien Tassin <email address hidden> Thu, 24 May 2011 23:42:08 +0200

Changed in chromium-browser (Ubuntu Oneiric):
status: Fix Committed → Fix Released
Micah Gersten (micahg)
Changed in chromium-browser (Ubuntu Lucid):
status: New → In Progress
Changed in chromium-browser (Ubuntu Maverick):
status: New → In Progress
Changed in chromium-browser (Ubuntu Natty):
status: New → In Progress
Changed in chromium-browser (Ubuntu Lucid):
assignee: nobody → Micah Gersten (micahg)
Changed in chromium-browser (Ubuntu Maverick):
assignee: nobody → Micah Gersten (micahg)
Changed in chromium-browser (Ubuntu Natty):
assignee: nobody → Micah Gersten (micahg)
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Lucid - Natty copied to -proposed (this actually happened about 12 hours ago).

Changed in chromium-browser (Ubuntu Lucid):
status: In Progress → Fix Committed
Changed in chromium-browser (Ubuntu Maverick):
status: In Progress → Fix Committed
Changed in chromium-browser (Ubuntu Natty):
status: In Progress → Fix Committed
Revision history for this message
Micah Gersten (micahg) wrote :

Tested with QRT on i386 and amd64 Lucid-Natty. No regressions found over previous versions in each release.

tags: added: security-verification verification-done
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 11.0.696.71~r86024-0ubuntu0.10.04.1

---------------
chromium-browser (11.0.696.71~r86024-0ubuntu0.10.04.1) lucid-security; urgency=low

  [ Fabien Tassin <email address hidden> ]
  * New Minor upstream release from the Stable Channel (LP: #787846)
    This release fixes the following security issues:
    + WebKit issues:
      - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De
        Silva.
      - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit
        to Martin Barbella.
      - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling.
        Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany
        of the Chromium development community.
    + GPU/WebGL issue:
      - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command
        buffer. Credit to Google Chrome Security Team (Cris Neckar).
  * Update the svg icon once again, the previous one contained an embedded png
    (LP: #748881)
    - update debian/chromium-browser.svg
 -- Micah Gersten <email address hidden> Wed, 25 May 2011 15:24:22 -0500

Changed in chromium-browser (Ubuntu Lucid):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 11.0.696.71~r86024-0ubuntu0.10.10.1

---------------
chromium-browser (11.0.696.71~r86024-0ubuntu0.10.10.1) maverick-security; urgency=low

  [ Fabien Tassin <email address hidden> ]
  * New Minor upstream release from the Stable Channel (LP: #787846)
    This release fixes the following security issues:
    + WebKit issues:
      - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De
        Silva.
      - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit
        to Martin Barbella.
      - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling.
        Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany
        of the Chromium development community.
    + GPU/WebGL issue:
      - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command
        buffer. Credit to Google Chrome Security Team (Cris Neckar).
  * Update the svg icon once again, the previous one contained an embedded png
    (LP: #748881)
    - update debian/chromium-browser.svg
 -- Micah Gersten <email address hidden> Wed, 25 May 2011 17:12:59 -0500

Changed in chromium-browser (Ubuntu Maverick):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 11.0.696.71~r86024-0ubuntu0.11.04.1

---------------
chromium-browser (11.0.696.71~r86024-0ubuntu0.11.04.1) natty-security; urgency=low

  [ Fabien Tassin <email address hidden> ]
  * New Minor upstream release from the Stable Channel (LP: #787846)
    This release fixes the following security issues:
    + WebKit issues:
      - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De
        Silva.
      - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit
        to Martin Barbella.
      - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling.
        Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany
        of the Chromium development community.
    + GPU/WebGL issue:
      - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command
        buffer. Credit to Google Chrome Security Team (Cris Neckar).
  * Update the svg icon once again, the previous one contained an embedded png
    (LP: #748881)
    - update debian/chromium-browser.svg
 -- Micah Gersten <email address hidden> Wed, 25 May 2011 18:01:58 -0500

Changed in chromium-browser (Ubuntu Natty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.