This bug was fixed in the package chromium-browser - 12.0.742.91~r87961-0ubuntu1 --------------- chromium-browser (12.0.742.91~r87961-0ubuntu1) oneiric; urgency=high * New upstream release from the Stable Channel (LP: #794197) It includes: - Hardware accelerated 3D CSS - New Safe Browsing protection against downloading malicious files - Ability to delete Flash cookies from inside Chrome - Launch Apps by name from the Omnibox - Integrated Sync into new settings pages - Improved screen reader support - New warning when hitting Command-Q on Mac - Removal of Google Gears This release fixes the following security issues: + WebKit issues: - [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues in float handling. Credit to miaubiz. - [75496] Medium CVE-2011-1809: Use-after-free in accessibility support. Credit to Google Chrome Security Team (SkyLined). - [75643] Low CVE-2011-1810: Visit history information leak in CSS. Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability Research (MSVR). - [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit to kuzzcc. - [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to miaubiz. - [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey Glazunov. + Chromium issues: - [76034] Low CVE-2011-1811: Browser crash with lots of form submissions. Credit to “DimitrisV22”. - [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to kuzzcc. - [78516] High CVE-2011-1813: Stale pointer in extension framework. Credit to Google Chrome Security Team (Inferno). - [79862] Low CVE-2011-1815: Extension script injection into new tab page. Credit to kuzzcc. - [81916] Medium CVE-2011-1817: Browser memory corruption in history deletion. Credit to Collin Payne. - [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages. Credit to Vladislavas Jarmalis, plus subsequent independent discovery by Sergey Glazunov. - [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey Glazunov. Packaging changes: * Provide a batch of translations for the Unity quicklists, and update the regular desktop translations - update debian/chromium-browser.desktop * Add a keep-alive script preventing the builders from killing the build when it's not echoing anything for too long (useful when linking the main binary with ld-bfd) - add debian/keep-alive.sh - update debian/rules * Drop the gtk resize patch, now that upstream does it for us - remove debian/patches/disable_gtk_resize_grip_on_natty.patch - update debian/patches/series * Drop the xdg-utils patch and use the system xdg tools when we detect that xdg-setting is present on the system (ensuring it's a recent enough xdg-utils) - update debian/chromium-browser.sh.in - remove debian/patches/xdg-utils_gnome3_lp670128_for_natty.patch - update debian/patches/series * Drop the stored passwords patch - remove debian/patches/stored_passwords_lp743494.patch - update debian/patches/series * Drop the dedicated webapp WMClass patch - remove debian/patches/webapps-wm-class-lp692462.patch - update debian/patches/series * When building with a non-default g++, also link with the same version - update debian/rules * Empty the -inspector package now that it has been merged into the main resources.pak file (so that the Inspector remains usable after an upgrade until the next browser restart). Also remove the resources directory, now empty - remove debian/chromium-browser-inspector.install - update debian/chromium-browser.dirs - update debian/rules -- Fabien Tassin