[Pkg-chromium-commit] [SCM] Git repository for pkg-chromium branch, master, updated. debian/27.0.1453.110-1-14-g1aa8765

Michael Gilbert mgilbert at debian.org
Sun Jul 14 23:39:33 UTC 2013 

The following commit has been merged in the master branch:
commit 1aa87659fa223b5fb5d55b181cecf4178df9f332
Author: Michael Gilbert <mgilbert at debian.org>
Date:   Sun Jul 14 19:43:43 2013 -0400

    Release 28.0.1500.71-1

diff --git a/debian/changelog b/debian/changelog
index ae51859..cfbbdec 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,41 @@
+chromium-browser (28.0.1500.71-1) unstable; urgency=medium
+
+  [ Michael Gilbert ]
+  * New upstream stable release:
+    - Low CVE-2013-2867: Block pop-unders in various scenarios.
+    - High CVE-2013-2879: Confusion setting up sign-in and sync. Credit to
+      Andrey Labunets.
+    - Medium CVE-2013-2868: Incorrect sync of NPAPI extension component. Credit
+      to Andrey Labunets.
+    - Medium CVE-2013-2869: Out-of-bounds read in JPEG2000 handling. Credit to
+      Felix Groebert of Google Security Team.
+    - Critical CVE-2013-2870: Use-after-free with network sockets. Credit to
+      Collin Payne.
+    - Medium CVE-2013-2853: Man-in-the-middle attack against HTTP in SSL.
+      Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco
+      at INRIA Paris.
+    - High CVE-2013-2871: Use-after-free in input handling. Credit to miaubiz.
+    - High CVE-2013-2873: Use-after-free in resource loading. Credit to
+      miaubiz.
+    - Medium CVE-2013-2875: Out-of-bounds-read in SVG. Credit to miaubiz.
+    - Medium CVE-2013-2876: Extensions permissions confusion with
+      interstitials.  Credit to Dev Akhawe.
+    - Low CVE-2013-2877: Out-of-bounds read in XML parsing. Credit to Aki Helin
+      of OUSPG.
+    - None: Remove the “viewsource” attribute on iframes. Credit to Collin
+      Jackson.
+    - Medium CVE-2013-2878: Out-of-bounds read in text handling. Credit to Atte
+      Kettunen of OUSPG.
+    - High CVE-2013-2880: Various fixes from internal audits, fuzzing and other
+      initiatives. Credit to Chrome 28 team.
+  * Install mksnapshot.
+
+  [ Shawn Landden ]
+  * Enable armhf.
+  * Build with system libwebp when version >= 0.3.0.
+
+ -- Michael Gilbert <mgilbert at debian.org>  Fri, 12 Jul 2013 15:19:18 +0000
+
 chromium-browser (27.0.1453.110-2) unstable; urgency=low
 
   [ Michael Gilbert ]

-- 
Git repository for pkg-chromium

More information about the Pkg-chromium-commit mailing list