Crikey! I'm using a dev ppa and am only on Version 27.0.1453.6 Ubuntu
Regards, Phill. On 22 May 2013 21:20, ilf <1183...@bugs.launchpad.net> wrote: > *** This bug is a security vulnerability *** > > Public security bug reported: > > And again a new stable release with lots of security fixes: > http://googlechromereleases.blogspot.de/2013/05/stable-channel- > release.html > > Here are the CVEs: > > CVE-2013-2837: Use-after-free in SVG. > CVE-2013-2838: Out-of-bounds read in v8. > CVE-2013-2839: Bad cast in clipboard handling. > CVE-2013-2840: Use-after-free in media loader. > CVE-2013-2841: Use-after-free in Pepper resource handling. > CVE-2013-2842: Use-after-free in widget handling. > CVE-2013-2843: Use-after-free in speech handling. > CVE-2013-2844: Use-after-free in style resolution. > CVE-2013-2845: Memory safety issues in Web Audio. > CVE-2013-2846: Use-after-free in media loader. > CVE-2013-2847: Use-after-free race condition with workers. > CVE-2013-2848: Possible data extraction with XSS Auditor. > CVE-2013-2849: Possible XSS with drag+drop or copy+paste. > > Please update and keep current. Thanks. > > ** Affects: chromium-browser (Ubuntu) > Importance: Undecided > Status: New > > ** Information type changed from Private Security to Public Security > > ** CVE added: http://www.cve.mitre.org/cgi- > bin/cvename.cgi?name=2013-2837 > > ** CVE added: http://www.cve.mitre.org/cgi- > bin/cvename.cgi?name=2013-2838 > > ** CVE added: http://www.cve.mitre.org/cgi- > bin/cvename.cgi?name=2013-2839 > > ** CVE added: http://www.cve.mitre.org/cgi- > bin/cvename.cgi?name=2013-2840 > > ** CVE added: http://www.cve.mitre.org/cgi- > bin/cvename.cgi?name=2013-2841 > > ** CVE added: http://www.cve.mitre.org/cgi- > bin/cvename.cgi?name=2013-2842 > > ** CVE added: http://www.cve.mitre.org/cgi- > bin/cvename.cgi?name=2013-2843 > > ** CVE added: http://www.cve.mitre.org/cgi- > bin/cvename.cgi?name=2013-2844 > > ** CVE added: http://www.cve.mitre.org/cgi- > bin/cvename.cgi?name=2013-2847 > > ** CVE added: http://www.cve.mitre.org/cgi- > bin/cvename.cgi?name=2013-2848 > > ** CVE added: http://www.cve.mitre.org/cgi- > bin/cvename.cgi?name=2013-2845 > > ** CVE added: http://www.cve.mitre.org/cgi- > bin/cvename.cgi?name=2013-2846 > > ** CVE added: http://www.cve.mitre.org/cgi- > bin/cvename.cgi?name=2013-2849 > > -- > You received this bug notification because you are a member of Lubuntu > Packages Team, which is subscribed to chromium-browser in Ubuntu. > https://bugs.launchpad.net/bugs/1183086 > > Title: > Please update to 27.0.1453.93 > > Status in “chromium-browser” package in Ubuntu: > New > > Bug description: > And again a new stable release with lots of security fixes: > http://googlechromereleases.blogspot.de/2013/05/stable-channel- > release.html > > Here are the CVEs: > > CVE-2013-2837: Use-after-free in SVG. > CVE-2013-2838: Out-of-bounds read in v8. > CVE-2013-2839: Bad cast in clipboard handling. > CVE-2013-2840: Use-after-free in media loader. > CVE-2013-2841: Use-after-free in Pepper resource handling. > CVE-2013-2842: Use-after-free in widget handling. > CVE-2013-2843: Use-after-free in speech handling. > CVE-2013-2844: Use-after-free in style resolution. > CVE-2013-2845: Memory safety issues in Web Audio. > CVE-2013-2846: Use-after-free in media loader. > CVE-2013-2847: Use-after-free race condition with workers. > CVE-2013-2848: Possible data extraction with XSS Auditor. > CVE-2013-2849: Possible XSS with drag+drop or copy+paste. > > Please update and keep current. Thanks. > > To manage notifications about this bug go to: > > https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1183086/+subscriptions > -- https://wiki.ubuntu.com/phillw -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1183086 Title: Please update to 27.0.1453.93 Status in “chromium-browser” package in Ubuntu: New Bug description: And again a new stable release with lots of security fixes: http://googlechromereleases.blogspot.de/2013/05/stable-channel- release.html Here are the CVEs: CVE-2013-2837: Use-after-free in SVG. CVE-2013-2838: Out-of-bounds read in v8. CVE-2013-2839: Bad cast in clipboard handling. CVE-2013-2840: Use-after-free in media loader. CVE-2013-2841: Use-after-free in Pepper resource handling. CVE-2013-2842: Use-after-free in widget handling. CVE-2013-2843: Use-after-free in speech handling. CVE-2013-2844: Use-after-free in style resolution. CVE-2013-2845: Memory safety issues in Web Audio. CVE-2013-2846: Use-after-free in media loader. CVE-2013-2847: Use-after-free race condition with workers. CVE-2013-2848: Possible data extraction with XSS Auditor. CVE-2013-2849: Possible XSS with drag+drop or copy+paste. Please update and keep current. Thanks. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1183086/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
