[Desktop-packages] [Bug 1025111] Re: (CVE-2012-2842)

Mon, 15 Oct 2012 05:03:06 -0700 

https://launchpad.net/ubuntu/+source/chromium-
browser/22.0.1229.79~r158531-0ubuntu1

chromium-browser (22.0.1229.79~r158531-0ubuntu1) quantal-proposed;
urgency=low

  * New upstream release from the Stable Channel
  * debian/control
    - fixed typo in description for chromium-codecs-ffmpeg
  * debian/patches/fix-armhf-ftbfs.patch
    - Dropped, no longer needed
  * debian/chromium-browser.install
    - Install demo extension
  * debian/rules
    - Updated INSTALL_EXCLUDE_FILES
    - build with gcc 4.7
  * debian/patches/1-infobars.patch,
    debian/patches/2-get-domain-tld.patch,
    debian/patches/3-chrome-xid.patch,
    debian/patches/4-chromeless-window-launch-option.patch,
    debian/patches/5-desktop-integration-settings.patch,
    debian/patches/fix-1034541.patch
    - Updated for v22
  * debian/patches/6-passwordless-install-support.patch
    - Webapp package installation (LP: #1059460)
  * debian/patches/7-plugin-status.patch
    - Don't block npapi plugins on linux, which is required by
      unity-chromium-extension

 -- Ken VanDine <ken.vand...@canonical.com>   Fri, 12 Oct 2012 09:31:11
-0400

** Changed in: chromium-browser (Ubuntu)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1025111

Title:
  (CVE-2012-2842) <chromium-browser-20.0.1132.57 : use-after-free
  vulnerability (CVE-2012-{2842,2843,2844})

Status in “chromium-browser” package in Ubuntu:
  Fix Released
Status in Gentoo Linux:
  Fix Released

Bug description:
  The Stable channel has been updated to 20.0.1132.57 for Windows, Mac,
  Linux, and Chrome Frame. Along with below mentioned security fixes,
  this build contains an update to Flash player, v8 (3.10.8.20) and
  couple of stability/bug fixes.

  
  Security fixes and rewards:

  Please see the Chromium security page for more detail. Note that the
  referenced bugs may be kept private until a majority of our users are
  up to date with the fix.

  [$1000] [129898] High CVE-2012-2842: Use-after-free in counter handling. 
Credit to miaubiz.
  [$1000] [130595] High CVE-2012-2843: Use-after-free in layout height 
tracking. Credit to miaubiz.
  [133450] High CVE-2012-2844: Bad object access with JavaScript in PDF. Credit 
to Alexey Samsonov of Google.

  http://googlechromereleases.blogspot.com/2012/07/stable-channel-
  update.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1025111/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to