[Bug 787846] Re: 11.0.696.68 -> 11.0.696.71
This bug was fixed in the package chromium-browser - 11.0.696.71~r86024-0ubuntu0.11.04.1 --- chromium-browser (11.0.696.71~r86024-0ubuntu0.11.04.1) natty-security; urgency=low [ Fabien Tassin ] * New Minor upstream release from the Stable Channel (LP: #787846) This release fixes the following security issues: + WebKit issues: - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De Silva. - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit to Martin Barbella. - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community. + GPU/WebGL issue: - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command buffer. Credit to Google Chrome Security Team (Cris Neckar). * Update the svg icon once again, the previous one contained an embedded png (LP: #748881) - update debian/chromium-browser.svg -- Micah GerstenWed, 25 May 2011 18:01:58 -0500 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/787846 Title: 11.0.696.68 -> 11.0.696.71 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 787846] Re: 11.0.696.68 -> 11.0.696.71
This bug was fixed in the package chromium-browser - 11.0.696.71~r86024-0ubuntu0.10.10.1 --- chromium-browser (11.0.696.71~r86024-0ubuntu0.10.10.1) maverick-security; urgency=low [ Fabien Tassin ] * New Minor upstream release from the Stable Channel (LP: #787846) This release fixes the following security issues: + WebKit issues: - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De Silva. - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit to Martin Barbella. - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community. + GPU/WebGL issue: - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command buffer. Credit to Google Chrome Security Team (Cris Neckar). * Update the svg icon once again, the previous one contained an embedded png (LP: #748881) - update debian/chromium-browser.svg -- Micah GerstenWed, 25 May 2011 17:12:59 -0500 ** Changed in: chromium-browser (Ubuntu Natty) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/787846 Title: 11.0.696.68 -> 11.0.696.71 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 787846] Re: 11.0.696.68 -> 11.0.696.71
This bug was fixed in the package chromium-browser - 11.0.696.71~r86024-0ubuntu0.10.04.1 --- chromium-browser (11.0.696.71~r86024-0ubuntu0.10.04.1) lucid-security; urgency=low [ Fabien Tassin ] * New Minor upstream release from the Stable Channel (LP: #787846) This release fixes the following security issues: + WebKit issues: - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De Silva. - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit to Martin Barbella. - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community. + GPU/WebGL issue: - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command buffer. Credit to Google Chrome Security Team (Cris Neckar). * Update the svg icon once again, the previous one contained an embedded png (LP: #748881) - update debian/chromium-browser.svg -- Micah GerstenWed, 25 May 2011 15:24:22 -0500 ** Changed in: chromium-browser (Ubuntu Lucid) Status: Fix Committed => Fix Released ** Changed in: chromium-browser (Ubuntu Maverick) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/787846 Title: 11.0.696.68 -> 11.0.696.71 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 787846] Re: 11.0.696.68 -> 11.0.696.71
Tested with QRT on i386 and amd64 Lucid-Natty. No regressions found over previous versions in each release. ** Tags added: security-verification verification-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/787846 Title: 11.0.696.68 -> 11.0.696.71 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 787846] Re: 11.0.696.68 -> 11.0.696.71
Lucid - Natty copied to -proposed (this actually happened about 12 hours ago). ** Changed in: chromium-browser (Ubuntu Lucid) Status: In Progress => Fix Committed ** Changed in: chromium-browser (Ubuntu Maverick) Status: In Progress => Fix Committed ** Changed in: chromium-browser (Ubuntu Natty) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/787846 Title: 11.0.696.68 -> 11.0.696.71 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 787846] Re: 11.0.696.68 -> 11.0.696.71
** Changed in: chromium-browser (Ubuntu Lucid) Status: New => In Progress ** Changed in: chromium-browser (Ubuntu Maverick) Status: New => In Progress ** Changed in: chromium-browser (Ubuntu Natty) Status: New => In Progress ** Changed in: chromium-browser (Ubuntu Lucid) Assignee: (unassigned) => Micah Gersten (micahg) ** Changed in: chromium-browser (Ubuntu Maverick) Assignee: (unassigned) => Micah Gersten (micahg) ** Changed in: chromium-browser (Ubuntu Natty) Assignee: (unassigned) => Micah Gersten (micahg) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/787846 Title: 11.0.696.68 -> 11.0.696.71 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 787846] Re: 11.0.696.68 -> 11.0.696.71
** Branch linked: lp:~chromium-team/chromium-browser/chromium- browser.natty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/787846 Title: 11.0.696.68 -> 11.0.696.71 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 787846] Re: 11.0.696.68 -> 11.0.696.71
** Branch linked: lp:~chromium-team/chromium-browser/chromium- browser.maverick -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/787846 Title: 11.0.696.68 -> 11.0.696.71 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 787846] Re: 11.0.696.68 -> 11.0.696.71
** Branch linked: lp:~chromium-team/chromium-browser/chromium- browser.lucid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/787846 Title: 11.0.696.68 -> 11.0.696.71 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 787846] Re: 11.0.696.68 -> 11.0.696.71
This bug was fixed in the package chromium-browser - 11.0.696.71~r86024-0ubuntu1 --- chromium-browser (11.0.696.71~r86024-0ubuntu1) oneiric; urgency=low * New Minor upstream release from the Stable Channel (LP: #787846) This release fixes the following security issues: + WebKit issues: - [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De Silva. - [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit to Martin Barbella. - [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community. - other issues covered by CVE-2011-1802, CVE-2011-1803, CVE-2011-1805 + GPU/WebGL issue: - [82873] Critical, CVE-2011-1806: Memory corruption in GPU command buffer. Credit to Google Chrome Security Team (Cris Neckar). * Update the svg icon once again, the previous one contained an embedded png (LP: #748881) - update debian/chromium-browser.svg * Don't build with libjpeg-turbo on armel, to prevent a FTBFS - update debian/rules -- Fabien TassinThu, 24 May 2011 23:42:08 +0200 ** Changed in: chromium-browser (Ubuntu Oneiric) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1801 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1802 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1803 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1804 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1805 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1806 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1807 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/787846 Title: 11.0.696.68 -> 11.0.696.71 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 787846] Re: 11.0.696.68 -> 11.0.696.71
** This bug has been flagged as a security vulnerability -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/787846 Title: 11.0.696.68 -> 11.0.696.71 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 787846] Re: 11.0.696.68 -> 11.0.696.71
** Branch linked: lp:~chromium-team/chromium-browser/chromium- browser.oneiric -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/787846 Title: 11.0.696.68 -> 11.0.696.71 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 787846] Re: 11.0.696.68 -> 11.0.696.71
** Also affects: chromium-browser (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: chromium-browser (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: chromium-browser (Ubuntu Natty) Importance: Undecided Status: New ** Also affects: chromium-browser (Ubuntu Oneiric) Importance: Undecided Status: New ** Changed in: chromium-browser (Ubuntu Oneiric) Status: New => Fix Committed ** Changed in: chromium-browser (Ubuntu Oneiric) Assignee: (unassigned) => Fabien Tassin (fta) ** Changed in: chromium-browser (Ubuntu Oneiric) Importance: Undecided => High ** Changed in: chromium-browser (Ubuntu Natty) Importance: Undecided => High ** Changed in: chromium-browser (Ubuntu Maverick) Importance: Undecided => High ** Changed in: chromium-browser (Ubuntu Lucid) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/787846 Title: 11.0.696.68 -> 11.0.696.71 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs