UbuntuUpdates.org

Package "chromium-browser"

Name: chromium-browser

Description:

Chromium browser

Latest version: 18.0.1025.151~r130497-0ubuntu1
Release: precise (12.04)
Level: base
Repository: universe
Homepage: http://code.google.com/chromium/

Links

Save this URL for the latest version of "chromium-browser": https://www.ubuntuupdates.org/chromium-browser


Download "chromium-browser"


Other versions of "chromium-browser" in Precise

Repository Area Version
security universe 37.0.2062.120-0ubuntu0.12.04.4
updates universe 37.0.2062.120-0ubuntu0.12.04.4
PPA: Chromium Stable Channel 30.0.1599.114-0ubuntu0.12.04.4~cm0precise
PPA: WebApps Preview 20.0.1132.47~r144678-0precise1+webapps7

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 18.0.1025.151~r130497-0ubuntu1 2012-04-10 03:06:53 UTC

chromium-browser (18.0.1025.151~r130497-0ubuntu1) precise; urgency=low

  * New upstream release from the Stable Channel (LP: #977502)
    - black screen on Hybrid Graphics system with GPU accelerated compositing
      enabled (Issue: 117371)
    - CSS not applied to element (Issue: 114667)
    - Regression rendering a div with background gradient and borders
      (Issue: 113726)
    - Canvas 2D line drawing bug with GPU acceleration (Issue: 121285)
    - Multiple crashes (Issues: 72235, 116825 and 92998)
    - Pop-up dialog is at wrong position (Issue: 116045)
    - HTML Canvas patterns are broken if you change the transformation matrix
      (Issue: 112165)
    - SSL interstitial error "proceed anyway" / "back to safety" buttons don't
      work (Issue: 119252)
    This release fixes the following security issues:
    - [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping.
      Credit to miaubiz.
    - [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to
      Sergey Glazunov.
    - [117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to
      miaubiz.
    - [117728] High CVE-2011-3069: Use-after-free in line box handling. Credit
      to miaubiz.
    - [118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to
      Google Chrome Security Team (SkyLined).
    - [118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit
      to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).
    - [118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up
      window. Credit to Sergey Glazunov.
    - [118593] High CVE-2011-3073: Use-after-free in SVG resource handling.
      Credit to Arthur Gerkis.
    - [119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit
      to Sławomir Błażek.
    - [119525] High CVE-2011-3075: Use-after-free applying style command.
      Credit to miaubiz.
    - [120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to
      miaubiz.
    - [120189] Medium CVE-2011-3077: Read-after-free in script bindings. Credit
      to Google Chrome Security Team (Inferno).

 -- Micah Gersten Mon, 09 Apr 2012 16:21:40 -0500

Source diff to previous version
977502 Please update to 18.0.1025.151
CVE-2011-3066 Skia, as used in Google Chrome before 18.0.1025.151, does not properly perform clipping, which allows remote attackers to cause a denial of service (o
CVE-2011-3067 Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements.
CVE-2011-3068 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause
CVE-2011-3069 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause
CVE-2011-3070 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified o
CVE-2011-3071 Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of
CVE-2011-3072 Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows.
CVE-2011-3073 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified o
CVE-2011-3074 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified o
CVE-2011-3075 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified o
CVE-2011-3076 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified o
CVE-2011-3077 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified o

Version: 18.0.1025.142~r129054-0ubuntu1 2012-04-02 06:06:55 UTC

chromium-browser (18.0.1025.142~r129054-0ubuntu1) precise; urgency=low

  * New upstream release from the Stable Channel (LP: #968901)
    This release fixes the following security issues:
    - [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in
      EUC-JP. Credit to Masato Kinugawa.
    - [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling.
      Credit to Arthur Gerkis.
    - [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment
      handling. Credit to miaubiz.
    - [116398] Medium CVE-2011-3061: SPDY proxy certificate checking error.
      Credit to Leonidas Kontothanassis of Google.
    - [116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to
      Mateusz Jurczyk of the Google Security Team.
    - [117417] Low CVE-2011-3063: Validate navigation requests from the renderer
      more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie and
      scarybeasts (Google Chrome Security Team).
    - [117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to
      Atte Kettunen of OUSPG.
    - [117588] High CVE-2011-3065: Memory corruption in Skia. Credit to Omair.
    - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
      Holler.

  * Add build dependency on libudev-dev to allow for gamepad detection; see
    http://code.google.com/p/chromium/issues/detail?id=79050
    - update debian/control
  * Drop dlopen_libgnutls patch as it's been implemented upstream
     - drop debian/patches/dlopen_libgnutls.patch
     - update debian/patches/series
  * Start removing *.so and *.so.* from the upstream tarball creation
    - update debian/rules
  * Strip almost the entire third_party/openssl directory as it's needed only
    on android, but is used by the build system
    - update debian/rules
  * Use tar's --exclude-vcs flag instead of just excluding .svn
    - update debian/rules

 -- Micah Gersten Sun, 01 Apr 2012 22:17:11 -0500

Source diff to previous version
968901 Please update to 18.0.1025.142
CVE-2011-3058 Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might allow remote attackers to conduct cross-site scrip
CVE-2011-3059 Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-boun
CVE-2011-3060 Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds
CVE-2011-3061 Google Chrome before 18.0.1025.142 does not properly check X.509 certificates before use of a SPDY proxy, which might allow man-in-the-middle attacker
CVE-2011-3062 Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have
CVE-2011-3063 Google Chrome before 18.0.1025.142 does not properly validate the renderer's navigation requests, which has unspecified impact and remote attack vecto
CVE-2011-3064 Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified o
CVE-2011-3065 Skia, as used in Google Chrome before 18.0.1025.142, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspeci
CVE-2011-3057 RESERVED

Version: 17.0.963.83~r127885-0ubuntu1 2012-03-22 08:06:55 UTC

chromium-browser (17.0.963.83~r127885-0ubuntu1) precise; urgency=low

  * New upstream release from the Stable Channel (LP: #961831)
    This release fixes the following security issues:
    - [113902] High CVE-2011-3050: Use-after-free with first-letter handling.
      Credit to miaubiz.
    - [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit
      to Glenn Randers-Pehrson of the libpng project.
    - [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling.
      Credit to Arthur Gerkis.
    - [116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling.
      Credit to Ben Vanik of Google.
    - [116746] High CVE-2011-3053: Use-after-free in block splitting.
      Credit to miaubiz.
    - [117418] Low CVE-2011-3054: Apply additional isolations to webui
      privileges. Credit to Sergey Glazunov.
    - [117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked
      extension installation. Credit to PinkiePie.
    - [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”.
      Credit to Sergey Glazunov.
    - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
      Holler.

 -- Micah Gersten Wed, 21 Mar 2012 21:31:34 -0500

Source diff to previous version
961831 Update to 17.0.963.83
CVE-2011-3050 RESERVED
CVE-2011-3045 RESERVED
CVE-2011-3051 RESERVED
CVE-2011-3052 RESERVED
CVE-2011-3053 RESERVED
CVE-2011-3054 RESERVED
CVE-2011-3055 RESERVED
CVE-2011-3056 RESERVED
CVE-2011-3057 RESERVED

Version: 17.0.963.79~r125985-0ubuntu1 2012-03-12 07:02:48 UTC

chromium-browser (17.0.963.79~r125985-0ubuntu1) precise; urgency=low

  * New upstream release from the Stable Channel (LP: #952711)
    This release fixes the following security issue:
    - [117620] [117656] Critical CVE-2011-3047: Errant plug-in load and GPU
      process memory corruption. Credit to PinkiePie.

 -- Micah Gersten Mon, 12 Mar 2012 00:01:07 -0500

Source diff to previous version
CVE-2011-3047 The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption)

Version: 17.0.963.78~r125577-0ubuntu1 2012-03-09 11:06:29 UTC

chromium-browser (17.0.963.78~r125577-0ubuntu1) precise; urgency=low

  * New upstream release from the Stable Channel (LP: #950174)
    This release fixes the following security issue:
    - [117226] [117230] Critical CVE-2011-3046: UXSS and bad history navigation.
      Credit to Sergey Glazunov.

  * Add libgles2-mesa-dev build dependency on armhf as well; Hopefully really
    fix LP: #943281; Thanks to Christian Dywan for the tip
    - update debian/control

 -- Micah Gersten Fri, 09 Mar 2012 00:40:23 -0600




About   -   Send Feedback to @ubuntu_updates