Update to 17.0.963.65
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
chromium-browser (Ubuntu) |
Fix Released
|
Medium
|
Micah Gersten | ||
Lucid |
Fix Released
|
Medium
|
Micah Gersten | ||
Maverick |
Fix Released
|
Medium
|
Micah Gersten | ||
Natty |
Fix Released
|
Medium
|
Micah Gersten | ||
Oneiric |
Fix Released
|
Medium
|
Micah Gersten | ||
Precise |
Fix Released
|
Medium
|
Micah Gersten |
Bug Description
This release fixes a number of issues including:
Cursors and backgrounds sometimes do not load [111218]
Plugins not loading on some pages [108228]
Text paste includes trailing spaces [106551]
Websites using touch controls break [110332]
[105867] High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit to Chamal de Silva.
[108037] High CVE-2011-3032: Use-after-free in SVG value handling. Credit to Arthur Gerkis.
[108406] [115471] High CVE-2011-3033: Buffer overflow in the Skia drawing library. Credit to Aki Helin of OUSPG.
[111748] High CVE-2011-3034: Use-after-free in SVG document handling. Credit to Arthur Gerkis.
[112212] High CVE-2011-3035: Use-after-free in SVG use handling. Credit to Arthur Gerkis.
[113258] High CVE-2011-3036: Bad cast in line box handling. Credit to miaubiz.
[113439] [114924] [115028] High CVE-2011-3037: Bad casts in anonymous block splitting. Credit to miaubiz.
[113497] High CVE-2011-3038: Use-after-free in multi-column handling. Credit to miaubiz.
[113707] High CVE-2011-3039: Use-after-free in quote handling. Credit to miaubiz.
[114054] High CVE-2011-3040: Out-of-bounds read in text handling. Credit to miaubiz.
[114068] High CVE-2011-3041: Use-after-free in class attribute handling. Credit to miaubiz.
[114219] High CVE-2011-3042: Use-after-free in table section handling. Credit to miaubiz.
[115681] High CVE-2011-3043: Use-after-free in flexbox with floats. Credit to miaubiz.
[116093] High CVE-2011-3044: Use-after-free with SVG animation elements. Credit to Arthur Gerkis.
Related branches
visibility: | private → public |
Changed in chromium-browser (Ubuntu Oneiric): | |
assignee: | nobody → Micah Gersten (micahg) |
Changed in chromium-browser (Ubuntu Natty): | |
assignee: | nobody → Micah Gersten (micahg) |
Changed in chromium-browser (Ubuntu Maverick): | |
assignee: | nobody → Micah Gersten (micahg) |
Changed in chromium-browser (Ubuntu Lucid): | |
assignee: | nobody → Micah Gersten (micahg) |
Changed in chromium-browser (Ubuntu Oneiric): | |
status: | New → In Progress |
Changed in chromium-browser (Ubuntu Natty): | |
status: | New → In Progress |
Changed in chromium-browser (Ubuntu Maverick): | |
status: | New → In Progress |
Changed in chromium-browser (Ubuntu Lucid): | |
status: | New → In Progress |
importance: | Undecided → Medium |
Changed in chromium-browser (Ubuntu Maverick): | |
importance: | Undecided → Medium |
Changed in chromium-browser (Ubuntu Oneiric): | |
importance: | Undecided → Medium |
Changed in chromium-browser (Ubuntu Natty): | |
importance: | Undecided → Medium |
description: | updated |
This bug was fixed in the package chromium-browser - 17.0.963. 65~r124586- 0ubuntu1
--------------- 65~r124586- 0ubuntu1) precise; urgency=low
chromium-browser (17.0.963.
* New upstream release from the Stable Channel (LP: #946914)
- Cursors and backgrounds sometimes do not load [111218]
- Plugins not loading on some pages [108228]
- Text paste includes trailing spaces [106551]
- Websites using touch controls break [110332]
This release fixes the following security issues:
- [105867] High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit
to Chamal de Silva.
- [108037] High CVE-2011-3032: Use-after-free in SVG value handling. Credit
to Arthur Gerkis.
- [108406] [115471] High CVE-2011-3033: Buffer overflow in the Skia drawing
library. Credit to Aki Helin of OUSPG.
- [111748] High CVE-2011-3034: Use-after-free in SVG document handling.
Credit to Arthur Gerkis.
- [112212] High CVE-2011-3035: Use-after-free in SVG use handling. Credit to
Arthur Gerkis.
- [113258] High CVE-2011-3036: Bad cast in line box handling. Credit to
miaubiz.
- [113439] [114924] [115028] High CVE-2011-3037: Bad casts in anonymous
block splitting. Credit to miaubiz.
- [113497] High CVE-2011-3038: Use-after-free in multi-column handling.
Credit to miaubiz.
- [113707] High CVE-2011-3039: Use-after-free in quote handling. Credit to
miaubiz.
- [114054] High CVE-2011-3040: Out-of-bounds read in text handling. Credit
to miaubiz.
- [114068] High CVE-2011-3041: Use-after-free in class attribute handling.
Credit to miaubiz.
- [114219] High CVE-2011-3042: Use-after-free in table section handling.
Credit to miaubiz.
- [115681] High CVE-2011-3043: Use-after-free in flexbox with floats. Credit
to miaubiz.
- [116093] High CVE-2011-3044: Use-after-free with SVG animation elements.
Credit to Arthur Gerkis.
[ Jani Monoses <email address hidden> ] patches/ fix-armhf- ftbfs.patch patches/ series
* Fix FTBFS on armhf (LP: #943281)
- add debian/
- update debian/
-- Micah Gersten <email address hidden> Mon, 05 Mar 2012 03:48:05 -0600