UbuntuUpdates.org

Package "chromium-browser"


Moved to precise:universe:updates


Name: chromium-browser

Description:

Chromium browser

Latest version: *DELETED*
Release: precise (12.04)
Level: proposed
Repository: universe
Homepage: http://code.google.com/chromium/

Links

Save this URL for the latest version of "chromium-browser": https://www.ubuntuupdates.org/chromium-browser


Download "chromium-browser"


Other versions of "chromium-browser" in Precise

Repository Area Version
base universe 18.0.1025.151~r130497-0ubuntu1
security universe 37.0.2062.120-0ubuntu0.12.04.4
updates universe 37.0.2062.120-0ubuntu0.12.04.4
PPA: Chromium Stable Channel 30.0.1599.114-0ubuntu0.12.04.4~cm0precise
PPA: WebApps Preview 20.0.1132.47~r144678-0precise1+webapps7

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: *DELETED* 2012-09-20 18:07:00 UTC
Moved to precise:universe:updates
No changelog for deleted or moved packages.

Version: 20.0.1132.47~r144678-0ubuntu0.12.04.1 2012-09-10 18:06:56 UTC

  chromium-browser (20.0.1132.47~r144678-0ubuntu0.12.04.1) precise-security; urgency=low

  * New upstream release from the Stable Channel
    This release fixes the following security issues:
    - [118633] Low CVE-2012-2815: Leak of iframe fragment id. Credit to Elie
      Bursztein of Google.
    - [120222] High CVE-2012-2817: Use-after-free in table section handling.
      Credit to miaubiz.
    - [120944] High CVE-2012-2818: Use-after-free in counter layout. Credit to
      miaubiz.
    - [120977] High CVE-2012-2819: Crash in texture handling. Credit to Ken
      ���gets��� Russell of the Chromium development community.
    - [121926] Medium CVE-2012-2820: Out-of-bounds read in SVG filter handling.
      Credit to Atte Kettunen of OUSPG.
    - [122925] Medium CVE-2012-2821: Autofill display problem. Credit to
      ���simonbrown60���.
    - [various] Medium CVE-2012-2822: Misc. lower severity OOB read issues in
      PDF. Credit to awesome ASAN and various Googlers (Kostya Serebryany,
      Evgeniy Stepanov, Mateusz Jurczyk, Gynvael Coldwind).
    - [124356] High CVE-2012-2823: Use-after-free in SVG resource handling.
      Credit to miaubiz.
    - [125374] High CVE-2012-2824: Use-after-free in SVG painting. Credit to
      miaubiz.
    - [128688] Medium CVE-2012-2826: Out-of-bounds read in texture conversion.
      Credit to Google Chrome Security Team (Inferno).
    - [129857] High CVE-2012-2828: Integer overflows in PDF. Credit to Mateusz
      Jurczyk of Google Security Team with contributions by Gynvael Coldwind of
      Google Security Team and Google Chrome Security Team (Chris Evans).
    - [129947] High CVE-2012-2829: Use-after-free in first-letter handling.
      Credit to miaubiz.
    - [129951] High CVE-2012-2830: Wild pointer in array value setting. Credit
      to miaubiz.
    - [130356] High CVE-2012-2831: Use-after-free in SVG reference handling.
      Credit to miaubiz.
    - [131553] High CVE-2012-2832: Uninitialized pointer in PDF image codec.
      Credit to Mateusz Jurczyk of Google Security Team with contributions by
      Gynvael Coldwind of Google Security Team.
    - [132156] High CVE-2012-2833: Buffer overflow in PDF JS API. Credit to
      Mateusz Jurczyk of Google Security Team.
    - [132779] High CVE-2012-2834: Integer overflow in Matroska container.
      Credit to J��ri Aedla.
    - [127417] Medium CVE-2012-2825: Wild read in XSL handling. Credit to
      Nicholas Gregoire.
    - [64-bit Linux only] [129930] High CVE-2012-2807: Integer overflows in
      libxml. Credit to J��ri Aedla.

    This upload also fixes the following issues from 19.0.1084.52:
    - [117409] High CVE-2011-3103: Crashes in v8 garbage collection. Credit to
      the Chromium development community (Brett Wilson).
    - [118018] Medium CVE-2011-3104: Out-of-bounds read in Skia. Credit to
      Google Chrome Security Team (Inferno).
    - [120912] High CVE-2011-3105: Use-after-free in first-letter handling.
      Credit to miaubiz.
    - [122654] Critical CVE-2011-3106: Browser memory corruption with websockets
      over SSL. Credit to the Chromium development community (Dharani Govindan).
    - [124625] High CVE-2011-3107: Crashes in the plug-in JavaScript bindings.
      Credit to the Chromium development community (Dharani Govindan).
    - [125159] Critical CVE-2011-3108: Use-after-free in browser cache. Credit
      to ���efbiaiinzinz���.
    - [Linux only] [126296] High CVE-2011-3109: Bad cast in GTK UI. Credit to
      Micha Bartholom��.
    - [126337] [126343] [126378] [127349] [127819] [127868] High CVE-2011-3110:
      Out of bounds writes in PDF. Credit to Mateusz Jurczyk of the Google
      Security Team, with contributions by Gynvael Coldwind of the Google
      Security Team.
    - [126414] Medium CVE-2011-3111: Invalid read in v8. Credit to Christian
      Holler.
    - [127331] High CVE-2011-3112: Use-after-free with invalid encrypted PDF.
      Credit to Mateusz Jurczyk of the Google Security Team, with contributions
      by Gynvael Coldwind of the Google Security Team.
    - [127883] High CVE-2011-3113: Invalid cast with colorspace handling in PDF.
      Credit to Mateusz Jurczyk of the Google Security Team, with contributions
      by Gynvael Coldwind of the Google Security Team.
    - [128014] High CVE-2011-3114: Buffer overflows with PDF functions. Credit
      to Google Chrome Security Team (scarybeasts).
    - [128018] High CVE-2011-3115: Type corruption in v8. Credit to Christian
      Holler.

    This upload also fixes the following issues from the first Chromium 19
    stable release:
    - [112983] Low CVE-2011-3083: Browser crash with video + FTP. Credit to
      Aki Helin of OUSPG.
    - [113496] Low CVE-2011-3084: Load links from internal pages in their own
      process. Credit to Brett Wilson of the Chromium development community.
    - [118374] Medium CVE-2011-3085: UI corruption with long autofilled values.
      Credit to ���psaldorn���.
    - [118642] High CVE-2011-3086: Use-after-free with style element. Credit to
      Arthur Gerkis.
    - [118664] Low CVE-2011-3087: Incorrect window navigation. Credit to
      Charlie Reis of the Chromium development community.
    - [120648] Medium CVE-2011-3088: Out-of-bounds read in hairline drawing.
      Credit to Aki Helin of OUSPG.
    - [120711] High CVE-2011-3089: Use-after-free in table handling. Credit to
      miaubiz.
    - [121223] Medium CVE-2011-3090: Race condition with workers. Credit to
      Arthur Gerkis.
    - [121734] High CVE-2011-3091: Use-after-free with indexed DB. Credit to
      Google Chrome Security Team (Inferno).
    - [122337] High CVE-2011-3092: Invalid write in v8 regex. Credit to
      Christian Holler.
    - [122585] Medium CVE-2011-3093: Out-of-bounds read in glyph handling.
      Credit to miaubiz.
    - [122586] Medium CVE-2011-3094: Out-of-bounds read in Tibetan handling.
      Credit to miaubiz.
    - [123481] High CVE-2011-3095: Out-of-bounds write in OGG container

993080 chromium-browser FTBFS on arm*
CVE-2012-2815 Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access
CVE-2012-2817 Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified ot
CVE-2012-2818 Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified ot
CVE-2012-2819 The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textur
CVE-2012-2820 Google Chrome before 20.0.1132.43 does not properly implement SVG filters, which allows remote attackers to cause a denial of service (out-of-bounds r
CVE-2012-2821 The autofill implementation in Google Chrome before 20.0.1132.43 does not properly display text, which has unspecified impact and remote attack vector
CVE-2012-2822 The PDF functionality in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified v
CVE-2012-2823 Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified ot
CVE-2012-2824 Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified ot
CVE-2012-2826 Google Chrome before 20.0.1132.43 does not properly implement texture conversion, which allows remote attackers to cause a denial of service (out-of-b
CVE-2012-2828 Multiple integer overflows in the PDF functionality in Google Chrome before 20.0.1132.43 allow remote attackers to cause a denial of service or possib
CVE-2012-2829 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause
CVE-2012-2830 Google Chrome before 20.0.1132.43 does not properly set array values, which allows remote attackers to cause a denial of service (incorrect pointer us
CVE-2012-2831 Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified ot
CVE-2012-2832 The image-codec implementation in the PDF functionality in Google Chrome before 20.0.1132.43 does not initialize an unspecified pointer, which allows
CVE-2012-2833 Buffer overflow in the JS API in the PDF functionality in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or po
CVE-2012-2834 Integer overflow in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact v
CVE-2012-2825 The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspec
CVE-2012-2807 Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43, on 64-bit Linux platforms allow remote attackers to cause a denia
CVE-2011-3103 Google V8, as used in Google Chrome before 19.0.1084.52, does not properly perform garbage collection, which allows remote attackers to cause a denial
CVE-2011-3104 Skia, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2011-3105 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 19.0.1084.52 allows remote attackers to cause
CVE-2011-3106 The WebSockets implementation in Google Chrome before 19.0.1084.52 does not properly handle use of SSL, which allows remote attackers to execute arbit
CVE-2011-3107 Google Chrome before 19.0.1084.52 does not properly implement JavaScript bindings for plug-ins, which allows remote attackers to cause a denial of ser
CVE-2011-3108 Use-after-free vulnerability in Google Chrome before 19.0.1084.52 allows remote attackers to execute arbitrary code via vectors related to the browser
CVE-2011-3109 Google Chrome before 19.0.1084.52 on Linux does not properly perform a cast of an unspecified variable, which allows remote attackers to cause a denia
CVE-2011-3110 The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other imp
CVE-2011-3111 Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (invalid read operation) via unspecified
CVE-2011-3112 Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or pos
CVE-2011-3113 The PDF functionality in Google Chrome before 19.0.1084.52 does not properly perform a cast of an unspecified variable during handling of color spaces
CVE-2011-3114 Multiple buffer overflows in the PDF functionality in Google Chrome before 19.0.1084.52 allow remote attackers to cause a denial of service or possibl
CVE-2011-3115 Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service or possibly have unspecified other impac
CVE-2011-3083 browser/profiles/profile_impl_io_data.cc in Google Chrome before 19.0.1084.46 does not properly handle a malformed ftp URL in the SRC attribute of a V
CVE-2011-3084 Google Chrome before 19.0.1084.46 does not use a dedicated process for the loading of links found on an internal page, which might allow attackers to
CVE-2011-3085 The Autofill feature in Google Chrome before 19.0.1084.46 does not properly restrict field values, which allows remote attackers to cause a denial of
CVE-2011-3086 Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified ot
CVE-2011-3087 Google Chrome before 19.0.1084.46 does not properly perform window navigation, which has unspecified impact and remote attack vectors.
CVE-2011-3088 Google Chrome before 19.0.1084.46 does not properly draw hairlines, which allows remote attackers to cause a denial of service (out-of-bounds read) vi
CVE-2011-3089 Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified ot
CVE-2011-3090 Race condition in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via
CVE-2011-3091 Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service
CVE-2011-3092 The regex implementation in Google V8, as used in Google Chrome before 19.0.1084.46, allows remote attackers to cause a denial of service (invalid wri
CVE-2011-3093 Google Chrome before 19.0.1084.46 does not properly handle glyphs, which allows remote attackers to cause a denial of service (out-of-bounds read) via
CVE-2011-3094 Google Chrome before 19.0.1084.46 does not properly handle Tibetan text, which allows remote attackers to cause a denial of service (out-of-bounds rea
CVE-2011-3095 The OGG container in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact
CVE-2011-3096 Use-after-free vulnerability in Google Chrome before 19.0.1084.46 on Linux allows remote attackers to cause a denial of service or possibly have unspe
CVE-2011-3097 The PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other imp
CVE-2011-3099 Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or pos
CVE-2011-3100 Google Chrome before 19.0.1084.46 does not properly draw dash paths, which allows remote attackers to cause a denial of service (out-of-bounds read) v
CVE-2011-3101 Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vec
CVE-2011-3102 Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46, allows remote attackers to cause a denial of service (out-of-bounds write)

Version: *DELETED* 2012-07-03 04:06:44 UTC
Moved to precise:universe:updates
No changelog for deleted or moved packages.

Version: 18.0.1025.168~r134367-0ubuntu0.12.04.1 2012-05-01 18:09:18 UTC

chromium-browser (18.0.1025.168~r134367-0ubuntu0.12.04.1) precise-security; urgency=low

  * New upstream release from the Stable Channel (LP: #992352)
    - [106413] High CVE-2011-3078: Use after free in floats handling. Credit to
      Google Chrome Security Team (Marty Barbella) and independent later
      discovery by miaubiz.
    - [117110] High CVE-2012-1521: Use after free in xml parser. Credit to
      Google Chrome Security Team (SkyLined) and independent later discovery by
      wushi of team509 reported through iDefense VCP (V-874rcfpq7z).
    - [117627] Medium CVE-2011-3079: IPC validation failure. Credit to PinkiePie
    - [121726] Medium CVE-2011-3080: Race condition in sandbox IPC. Credit to
      Willem Pinckaers of Matasano.
    - [121899] High CVE-2011-3081: Use after free in floats handling.
      Credit to miaubiz.

 -- Micah Gersten Tue, 01 May 2012 00:02:53 -0500

992352 Please update to 18.0.1025.168
CVE-2011-3078 RESERVED
CVE-2012-1521 RESERVED
CVE-2011-3079 RESERVED
CVE-2011-3080 RESERVED
CVE-2011-3081 RESERVED



About   -   Send Feedback to @ubuntu_updates