[Pkg-chromium-commit] chromium-browser/chromium-browser.sid: 665 * Upload to unstable, this release fixes the following security issue:
Giuseppe Iuculano
iuculano at debian.org
Tue Sep 7 16:49:29 UTC 2010
Branch name: chromium-browser/chromium-browser.sid
Branch location : bzr+ssh://bzr.debian.org/bzr/pkg-chromium/chromium-browser/chromium-browser.sid
Browse location: http://bzr.debian.org/loggerhead/pkg-chromium
Revision No: 665
Revision Id: iuculano at debian.org-20100907164929-34z0egt8q1syzxrl
Committer: Giuseppe Iuculano <iuculano at debian.org>
Message : * Upload to unstable, this release fixes the following security issue:
- [34414] Low Pop-up blocker bypass with blank frame target. Credit to
Google Chrome Security Team (Inferno) and “ironfist99”.
- [37201] Medium URL bar visual spoofing with homographic sequences. Credit
to Chris Weber of Casaba Security.
- [41654] Medium Apply more restrictions on setting clipboard content.
Credit to Brook Novak.
- [45659] High Stale pointer with SVG filters. Credit to Tavis Ormandy of
the Google Security Team.
- [45876] Medium Possible installed extension enumeration. Credit to
Lostmon.
- [46750] [51846] Low Browser NULL crash with WebSockets. Credit to Google
Chrome Security Team (SkyLined), Google Chrome Security Team
(Justin Schuh) and Keith Campbell.
- [50386] High Use-after-free in Notifications presenter. Credit to Sergey
Glazunov.
- [50839] High Notification permissions memory corruption. Credit to Michal
Zalewski of the Google Security Team and Google Chrome Security Team
(SkyLined).
- [51630] [51739] High Integer errors in WebSockets. Credit to
Keith Campbell and Google Chrome Security Team (Cris Neckar).
- [51653] High Memory corruption with counter nodes. Credit to kuzzcc.
- [51727] Low Avoid storing excessive autocomplete entries. Credit to Google
Chrome Security Team (Inferno).
- [52443] High Stale pointer in focus handling. Credit to VUPEN
Vulnerability Research Team (VUPEN-SR-2010-249).
- [52682] High Sandbox parameter deserialization error. Credit to Ashutosh
Mehra and Vineet Batra of the Adobe Reader Sandbox Team.
- [53001] Medium Cross-origin image theft. Credit to Isaac Dawson.
* Provide gnome-www-browser (Closes: #594057)
* use startup-notification correctly (Closes: #581347)
* the main scrollbar doesn'have anymore low contrast (Closes: #582648)
* check DISPLAY envvar (Closes: #587398)
* Doesn't segfault with cups (Closes: #593748)
--------------------------------------------------------
** Modified :
- debian/changelog
-------------- next part --------------
=== modified file 'debian/changelog'
--- a/debian/changelog 2010-09-04 06:28:51 +0000
+++ b/debian/changelog 2010-09-07 16:49:29 +0000
@@ -1,3 +1,42 @@
+chromium-browser (6.0.472.53~r57914-3) UNRELEASED; urgency=low
+
+ * Upload to unstable, this release fixes the following security issue:
+ - [34414] Low Pop-up blocker bypass with blank frame target. Credit to
+ Google Chrome Security Team (Inferno) and “ironfist99”.
+ - [37201] Medium URL bar visual spoofing with homographic sequences. Credit
+ to Chris Weber of Casaba Security.
+ - [41654] Medium Apply more restrictions on setting clipboard content.
+ Credit to Brook Novak.
+ - [45659] High Stale pointer with SVG filters. Credit to Tavis Ormandy of
+ the Google Security Team.
+ - [45876] Medium Possible installed extension enumeration. Credit to
+ Lostmon.
+ - [46750] [51846] Low Browser NULL crash with WebSockets. Credit to Google
+ Chrome Security Team (SkyLined), Google Chrome Security Team
+ (Justin Schuh) and Keith Campbell.
+ - [50386] High Use-after-free in Notifications presenter. Credit to Sergey
+ Glazunov.
+ - [50839] High Notification permissions memory corruption. Credit to Michal
+ Zalewski of the Google Security Team and Google Chrome Security Team
+ (SkyLined).
+ - [51630] [51739] High Integer errors in WebSockets. Credit to
+ Keith Campbell and Google Chrome Security Team (Cris Neckar).
+ - [51653] High Memory corruption with counter nodes. Credit to kuzzcc.
+ - [51727] Low Avoid storing excessive autocomplete entries. Credit to Google
+ Chrome Security Team (Inferno).
+ - [52443] High Stale pointer in focus handling. Credit to VUPEN
+ Vulnerability Research Team (VUPEN-SR-2010-249).
+ - [52682] High Sandbox parameter deserialization error. Credit to Ashutosh
+ Mehra and Vineet Batra of the Adobe Reader Sandbox Team.
+ - [53001] Medium Cross-origin image theft. Credit to Isaac Dawson.
+ * Provide gnome-www-browser (Closes: #594057)
+ * use startup-notification correctly (Closes: #581347)
+ * the main scrollbar doesn'have anymore low contrast (Closes: #582648)
+ * check DISPLAY envvar (Closes: #587398)
+ * Doesn't segfault with cups (Closes: #593748)
+
+ -- Giuseppe Iuculano <iuculano at debian.org> Tue, 07 Sep 2010 18:35:50 +0200
+
chromium-browser (6.0.472.53~r57914-2) experimental; urgency=low
* Do not install libppapi_tests.so and DumpRenderTree_resources/
More information about the Pkg-chromium-commit
mailing list