Update to 15.0.874.102/106
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
chromium-browser (Ubuntu) |
Fix Released
|
Medium
|
Micah Gersten | ||
Lucid |
Fix Released
|
Medium
|
Micah Gersten | ||
Maverick |
Fix Released
|
Medium
|
Micah Gersten | ||
Natty |
Fix Released
|
Medium
|
Micah Gersten | ||
Oneiric |
Fix Released
|
Medium
|
Micah Gersten | ||
Precise |
Fix Released
|
Medium
|
Micah Gersten |
Bug Description
New Chromium release from the stable channel.
Security fixes:
[86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi Chancel.
[88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to Jordi Chancel.
[90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of download filenames. Credit to Marc Novak.
[91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to Google Chrome Security Team (Tom Sepez) plus independent discovery by Juho Nurminen.
[94487] Medium CVE-2011-3878: Race condition in worker process initialization. Credit to miaubiz.
[95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to Masato Kinugawa.
[95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit to Vladimir Vorontsov, ONsec company.
[96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin policy violations. Credit to Sergey Glazunov.
[96292] High CVE-2011-3882: Use-after-free in media buffer handling. Credit to Google Chrome Security Team (Inferno).
[96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to miaubiz.
[97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian Ryner of the Chromium development community.
[97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale style bugs leading to use-after-free. Credit to miaubiz.
[98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler.
[98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to Sergey Glazunov.
[99138] High CVE-2011-3888: Use-after-free with plug-in and editing. Credit to miaubiz.
[99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
[99553] High CVE-2011-3890: Use-after-free in video source handling. Credit to Ami Fischman of the Chromium development community.
[100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to Steven Keuchel of the Chromium development community plus independent discovery by Daniel Divricean.
15.0.874.106 is a stability update to fix a regression:
The Stable channel has been updated to 15.0.874.106 for Windows, Mac, Linux, and Chrome Frame. This release fixes login issues to Barrons Online and The Wall Street Journal (Issue 101274).
Related branches
CVE References
- 2011-2845
- 2011-3875
- 2011-3876
- 2011-3877
- 2011-3878
- 2011-3879
- 2011-3880
- 2011-3881
- 2011-3882
- 2011-3883
- 2011-3884
- 2011-3885
- 2011-3886
- 2011-3887
- 2011-3888
- 2011-3889
- 2011-3890
- 2011-3891
- 2011-3892
- 2011-3893
- 2011-3894
- 2011-3895
- 2011-3896
- 2011-3897
- 2011-3900
- 2011-3903
- 2011-3904
- 2011-3905
- 2011-3906
- 2011-3907
- 2011-3908
- 2011-3909
- 2011-3910
- 2011-3911
- 2011-3912
- 2011-3913
- 2011-3914
- 2011-3915
- 2011-3916
- 2011-3917
- 2011-3919
- 2011-3921
- 2011-3922
- 2011-3924
- 2011-3925
- 2011-3926
- 2011-3927
- 2011-3928
visibility: | private → public |
Changed in chromium-browser (Ubuntu Precise): | |
assignee: | nobody → Micah Gersten (micahg) |
Changed in chromium-browser (Ubuntu Oneiric): | |
assignee: | nobody → Micah Gersten (micahg) |
Changed in chromium-browser (Ubuntu Natty): | |
assignee: | nobody → Micah Gersten (micahg) |
Changed in chromium-browser (Ubuntu Maverick): | |
assignee: | nobody → Micah Gersten (micahg) |
Changed in chromium-browser (Ubuntu Lucid): | |
assignee: | nobody → Micah Gersten (micahg) |
Changed in chromium-browser (Ubuntu Precise): | |
importance: | Undecided → High |
Changed in chromium-browser (Ubuntu Oneiric): | |
importance: | Undecided → High |
Changed in chromium-browser (Ubuntu Natty): | |
importance: | Undecided → High |
Changed in chromium-browser (Ubuntu Precise): | |
importance: | High → Medium |
Changed in chromium-browser (Ubuntu Oneiric): | |
importance: | High → Medium |
Changed in chromium-browser (Ubuntu Natty): | |
importance: | High → Medium |
Changed in chromium-browser (Ubuntu Maverick): | |
importance: | Undecided → Medium |
Changed in chromium-browser (Ubuntu Lucid): | |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in chromium-browser (Ubuntu Maverick): | |
status: | New → In Progress |
Changed in chromium-browser (Ubuntu Natty): | |
status: | New → In Progress |
Changed in chromium-browser (Ubuntu Oneiric): | |
status: | New → In Progress |
Changed in chromium-browser (Ubuntu Precise): | |
status: | New → In Progress |
description: | updated |
description: | updated |
description: | updated |
summary: |
- Update to 15.0.874.102 + Update to 15.0.874.102/106 |
description: | updated |
Changed in chromium-browser (Ubuntu Precise): | |
status: | Fix Released → In Progress |
tags: | added: security-verification verification-needed |
This bug was fixed in the package chromium-browser - 15.0.874. 102~r106587- 0ubuntu1
--------------- 102~r106587- 0ubuntu1) precise; urgency=low
chromium-browser (15.0.874.
* New upstream release from the Stable Channel (LP: #881786) ation. Credit to miaubiz.
- fix LP: #881607 - Error initializing NSS without a persistent database
This release fixes the following security issues:
- [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to
Jordi Chancel.
- [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit
to Jordi Chancel.
- [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of
download filenames. Credit to Marc Novak.
- [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to
Google Chrome Security Team (Tom Sepez) plus independent discovery by
Juho Nurminen.
- [94487] Medium CVE-2011-3878: Race condition in worker process
initializ
- [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to
Masato Kinugawa.
- [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit
to Vladimir Vorontsov, ONsec company.
- [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin
policy violations. Credit to Sergey Glazunov.
- [96292] High CVE-2011-3882: Use-after-free in media buffer handling.
Credit to Google Chrome Security Team (Inferno).
- [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to
miaubiz.
- [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to
Brian Ryner of the Chromium development community.
- [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale
style bugs leading to use-after-free. Credit to miaubiz.
- [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to
Christian Holler.
- [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to
Sergey Glazunov.
- [99138] High CVE-2011-3888: Use-after-free with plug-in and editing.
Credit to miaubiz.
- [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
- [99553] High CVE-2011-3890: Use-after-free in video source handling.
Credit to Ami Fischman of the Chromium development community.
- [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to
Steven Keuchel of the Chromium development community plus independent
discovery by Daniel Divricean.
[ Micah Gersten <email address hidden> ]
* Switch to xz debs; Add Pre-Depends on dpkg >= 1.15.6 which is needed
until after Precise
- update debian/rules
- update debian/control
[ Chris Coulson <email address hidden> ] patches/ dlopen_ sonamed_ gl.patch patches/ webkit_ rev_parser. patch patches/ cups_1. 5_build_ fix.patch patches/ series cdbs/tarball. mk
* Refresh patches
- update debian/
- update debian/
* Dropped patches, fixed upstream
- remove debian/
- update debian/
* Don't depend on cdbs being installed to create a tarball
- update debian/rules
- update debian/
[ Fabien Tassin ]
* ...