[Pkg-chromium-commit] [SCM] Git repository for pkg-chromium branch, master, updated. debian/21.0.1180.89_r154005-1-5-gd97a54d
Giuseppe Iuculano
iuculano at debian.org
Tue Oct 23 14:32:11 UTC 2012
The following commit has been merged in the master branch:
commit d97a54d4ea53fb0fc02c01d6762ef6e327c568e7
Author: Giuseppe Iuculano <iuculano at debian.org>
Date: Tue Oct 23 16:30:43 2012 +0200
Updated changelog
diff --git a/debian/changelog b/debian/changelog
index a1f7f0a..82220e6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-chromium-browser (22.0.1229.79~r158531-1) unstable; urgency=low
+chromium-browser (22.0.1229.94~r161065-1) unstable; urgency=medium
* New stable release:
- High CVE-2012-2889: UXSS in frame handling. Credit to
@@ -38,6 +38,18 @@ chromium-browser (22.0.1229.79~r158531-1) unstable; urgency=low
Security Team (Cris Neckar).
- High CVE-2012-2893: Double free in XSL transforms. Credit to Google
Chrome Security Team (Cris Neckar).
+ - High CVE-2012-2900: Crash in Skia text rendering.
+ Credit to Atte Kettunen of OUSPG.
+ - Critical CVE-2012-5108: Race condition in audio device
+ handling. Credit to Atte Kettunen of OUSPG.
+ - Medium CVE-2012-5109: OOB read in ICU regex. Credit to Arthur
+ Gerkis.
+ - Medium CVE-2012-5110: Out-of-bounds read in compositor. Credit to
+ Google Chrome Security Team (Inferno).
+ - Low CVE-2012-5111: Plug-in crash monitoring was missing for Pepper
+ plug-ins. Credit to Google Chrome Security Team (Chris Evans).
+ - Critical CVE-2012-5112: SVG use-after-free and IPC arbitrary file write.
+ Credit to Pinkie Pie.
* [3de18b6] Use zlib internal copy. This is necessary due to the CRIME work
around. We can use the system zlib when chrome will remove
SPDY 2/3 support.
--
Git repository for pkg-chromium
More information about the Pkg-chromium-commit
mailing list