[Pkg-chromium-maint] chromium-browser_30.0.1599.101-1_amd64.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Mon Oct 21 13:54:49 UTC 2013
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 21 Oct 2013 13:06:14 +0200
Source: chromium-browser
Binary: chromium chromium-dbg chromium-l10n chromium-inspector
Architecture: source all amd64
Version: 30.0.1599.101-1
Distribution: unstable
Urgency: low
Maintainer: Debian Chromium Maintainers <pkg-chromium-maint at lists.alioth.debian.org>
Changed-By: Giuseppe Iuculano <iuculano at debian.org>
Description:
chromium - Google's open source chromium web browser
chromium-dbg - Debugging symbols for the chromium web browser
chromium-inspector - page inspector for the chromium browser
chromium-l10n - chromium-browser language packages
Changes:
chromium-browser (30.0.1599.101-1) unstable; urgency=low
.
[ Giuseppe Iuculano ]
* New stable release:
- High CVE-2013-2925: Use after free in XHR. Credit to Atte Kettunen of
OUSPG.
- High CVE-2013-2926: Use after free in editing. Credit to
cloudfuzzer.
- High CVE-2013-2927: Use after free in forms. Credit to
cloudfuzzer.
- CVE-2013-2928: Various fixes from internal audits, fuzzing and other
initiatives.
- Medium CVE-2013-2906: Races in Web Audio.
Credit to Atte Kettunen of OUSPG.
- Medium CVE-2013-2907: Out of bounds read in Window.prototype object.
Credit to Boris Zbarsky.
- Medium CVE-2013-2908: Address bar spoofing related to the "204
No Content" status code. Credit to Chamal de Silva.
- High CVE-2013-2909: Use after free in inline-block
rendering. Credit to Atte Kettunen of OUSPG.
- Medium CVE-2013-2910: Use-after-free in Web Audio. Credit to
Byoungyoung Lee of Georgia Tech Information Security Center (GTISC).
- High CVE-2013-2911: Use-after-free in XSLT. Credit to Atte
Kettunen of OUSPG.
- High CVE-2013-2912: Use-after-free in PPAPI. Credit to Chamal
de Silva and 41.w4r10r(at)garage4hackers.com.
- High CVE-2013-2913: Use-after-free in XML document parsing.
Credit to cloudfuzzer.
- High CVE-2013-2914: Use after free in the Windows color
chooser dialog. Credit to Khalil Zhani.
- Low CVE-2013-2915: Address bar spoofing via a malformed scheme.
Credit to Wander Groeneveld.
- High CVE-2013-2916: Address bar spoofing related to the "204
No Content” status code. Credit to Masato Kinugawa.
- Medium CVE-2013-2917: Out of bounds read in Web Audio. Credit
to Byoungyoung Lee and Tielei Wang of Georgia Tech Information
Security Center (GTISC).
- High CVE-2013-2918: Use-after-free in DOM. Credit to
Byoungyoung Lee of Georgia Tech Information Security Center (GTISC).
- High CVE-2013-2919: Memory corruption in V8. Credit to Adam
Haile of Concrete Data.
- Medium CVE-2013-2920: Out of bounds read in URL parsing. Credit to
Atte Kettunen of OUSPG.
- High CVE-2013-2921: Use-after-free in resource loader. Credit
to Byoungyoung Lee and Tielei Wang of Georgia Tech Information
Security Center (GTISC).
- High CVE-2013-2922: Use-after-free in template element. Credit
to Jon Butler.
- CVE-2013-2923: Various fixes from internal audits, fuzzing and other
initiatives (Chrome 30).
- Medium CVE-2013-2924: Use-after-free in ICU. Upstream bug here.
.
* [6651f1c] Added chrpath to build-depends
* [3c88b20] Refreshed Patches for version 30
* [743a0a6] Make default of third-party cookies the most secure for users.
Thanks to Chad Miller
* [9507f07] Do not install remoting_locales/en-US.pak
* [64b895b] Move chrome_sandbox to chrome-sandbox, chromium reads that file
.
[ Shawn Landden ]
* [6d027f1] rules: dpkg compresses .deb files with xz by default now
.
[ Michael Gilbert ]
* [18341ce] add some TODO tasks
Checksums-Sha1:
f8835471dc196d9c92b617867f1a98c511836bc6 2598 chromium-browser_30.0.1599.101-1.dsc
cd0cddd9792bc971957075350cd6e32d2c380b5f 619355960 chromium-browser_30.0.1599.101.orig.tar.xz
1faa40b06cf57115083ab3e6e04362ba9a1a924b 254610 chromium-browser_30.0.1599.101-1.debian.tar.gz
f9643406f7ed1ecb62b2138ff14d9f5ed2a3aded 2839640 chromium-l10n_30.0.1599.101-1_all.deb
eb83ae3cfa10bcef5861f5ffa384e23850aac005 690140 chromium-inspector_30.0.1599.101-1_all.deb
b0a29944800969905576e45cdb83ddeae25334f4 36552562 chromium_30.0.1599.101-1_amd64.deb
ea9e133e74cf9bd113fb49cc49758d5992707532 489722330 chromium-dbg_30.0.1599.101-1_amd64.deb
Checksums-Sha256:
01e3700f34ce5bd8a0dae80e8a4dca2952c1eb7016f1b4832dc2a50f3fe735dc 2598 chromium-browser_30.0.1599.101-1.dsc
270731d645cb06c1a4403231c7a9d40d6ea708581473c1ec79988182d590a125 619355960 chromium-browser_30.0.1599.101.orig.tar.xz
d67da253d74936a133ca3d72e65df96a3e40553eb6ff9860f475fef42e8952e3 254610 chromium-browser_30.0.1599.101-1.debian.tar.gz
12ccaec0d4df7469252c2c53311ce940581fad5c196959a51accd1edd583431a 2839640 chromium-l10n_30.0.1599.101-1_all.deb
a80e23936d57f24266a90568bede2da052667ce8a4e1c3effce57d26797222cc 690140 chromium-inspector_30.0.1599.101-1_all.deb
e3ef8e3a8d152116ca38b848f5232b00de393479136e20c5abdd4fed6cd73067 36552562 chromium_30.0.1599.101-1_amd64.deb
78ab8e239b6fec86d6cb66d5b85542ae45c442702690f5691e3d89ef9c6f68ac 489722330 chromium-dbg_30.0.1599.101-1_amd64.deb
Files:
198d3d8d8a2ac8ae196866a965500eef 2598 web optional chromium-browser_30.0.1599.101-1.dsc
ce6eefe72b0a483197dd82ab87c7e1db 619355960 web optional chromium-browser_30.0.1599.101.orig.tar.xz
f70c879906e1f5a1450dac66fddd36fc 254610 web optional chromium-browser_30.0.1599.101-1.debian.tar.gz
a2113514fae0892d358b1d90ece15e58 2839640 web optional chromium-l10n_30.0.1599.101-1_all.deb
5622b1dc9bc596dcd00f9d17632ed5ca 690140 web optional chromium-inspector_30.0.1599.101-1_all.deb
6545521700e1f6b1c7e52e5d1854b37e 36552562 web optional chromium_30.0.1599.101-1_amd64.deb
152b96a293763a36e6c13f3332d91972 489722330 debug extra chromium-dbg_30.0.1599.101-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iEYEARECAAYFAlJlLM4ACgkQNxpp46476aqoFgCfddG/1GMj971ARkWNx9Rv9yI8
3I0AnjyjOsw+PP99x9SypAGqSJb/Z/0l
=XEk/
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-chromium-maint
mailing list