[Pkg-chromium-maint] chromium-browser_30.0.1599.101-1_amd64.changes ACCEPTED into unstable

Debian FTP Masters ftpmaster at ftp-master.debian.org
Mon Oct 21 13:54:49 UTC 2013


Hash: SHA1

Format: 1.8
Date: Mon, 21 Oct 2013 13:06:14 +0200
Source: chromium-browser
Binary: chromium chromium-dbg chromium-l10n chromium-inspector
Architecture: source all amd64
Version: 30.0.1599.101-1
Distribution: unstable
Urgency: low
Maintainer: Debian Chromium Maintainers <pkg-chromium-maint at lists.alioth.debian.org>
Changed-By: Giuseppe Iuculano <iuculano at debian.org>
 chromium   - Google's open source chromium web browser
 chromium-dbg - Debugging symbols for the chromium web browser
 chromium-inspector - page inspector for the chromium browser
 chromium-l10n - chromium-browser language packages
 chromium-browser (30.0.1599.101-1) unstable; urgency=low
   [ Giuseppe Iuculano ]
   * New stable release:
     - High CVE-2013-2925: Use after free in XHR. Credit to Atte Kettunen of
     - High CVE-2013-2926: Use after free in editing. Credit to
     - High CVE-2013-2927: Use after free in forms. Credit to
     - CVE-2013-2928: Various fixes from internal audits, fuzzing and other
     - Medium CVE-2013-2906: Races in Web Audio.
       Credit to Atte Kettunen of OUSPG.
     - Medium CVE-2013-2907: Out of bounds read in Window.prototype object.
       Credit to Boris Zbarsky.
     - Medium CVE-2013-2908: Address bar spoofing related to the "204
       No Content" status code. Credit to Chamal de Silva.
     - High CVE-2013-2909: Use after free in inline-block
       rendering. Credit to Atte Kettunen of OUSPG.
     - Medium CVE-2013-2910: Use-after-free in Web Audio. Credit to
       Byoungyoung Lee of Georgia Tech Information Security Center (GTISC).
     - High CVE-2013-2911: Use-after-free in XSLT. Credit to Atte
       Kettunen of OUSPG.
     - High CVE-2013-2912: Use-after-free in PPAPI. Credit to Chamal
       de Silva and 41.w4r10r(at)garage4hackers.com.
     - High CVE-2013-2913: Use-after-free in XML document parsing.
       Credit to cloudfuzzer.
     - High CVE-2013-2914: Use after free in the Windows color
       chooser dialog. Credit to Khalil Zhani.
     - Low CVE-2013-2915: Address bar spoofing via a malformed scheme.
       Credit to Wander Groeneveld.
     - High CVE-2013-2916: Address bar spoofing related to the "204
       No Content” status code. Credit to Masato Kinugawa.
     - Medium CVE-2013-2917: Out of bounds read in Web Audio. Credit
       to Byoungyoung Lee and Tielei Wang of Georgia Tech Information
       Security Center (GTISC).
     - High CVE-2013-2918: Use-after-free in DOM. Credit to
       Byoungyoung Lee of Georgia Tech Information Security Center (GTISC).
     - High CVE-2013-2919: Memory corruption in V8. Credit to Adam
       Haile of Concrete Data.
     - Medium CVE-2013-2920: Out of bounds read in URL parsing. Credit to
       Atte Kettunen of OUSPG.
     - High CVE-2013-2921: Use-after-free in resource loader. Credit
       to Byoungyoung Lee and Tielei Wang of Georgia Tech Information
       Security Center (GTISC).
     - High CVE-2013-2922: Use-after-free in template element. Credit
       to Jon Butler.
     - CVE-2013-2923: Various fixes from internal audits, fuzzing and other
       initiatives (Chrome 30).
     - Medium CVE-2013-2924: Use-after-free in ICU. Upstream bug here.
   * [6651f1c] Added chrpath to build-depends
   * [3c88b20] Refreshed Patches for version 30
   * [743a0a6] Make default of third-party cookies the most secure for users.
     Thanks to Chad Miller
   * [9507f07] Do not install remoting_locales/en-US.pak
   * [64b895b] Move chrome_sandbox to chrome-sandbox, chromium reads that file
   [ Shawn Landden ]
   * [6d027f1] rules: dpkg compresses .deb files with xz by default now
   [ Michael Gilbert ]
   * [18341ce] add some TODO tasks
 f8835471dc196d9c92b617867f1a98c511836bc6 2598 chromium-browser_30.0.1599.101-1.dsc
 cd0cddd9792bc971957075350cd6e32d2c380b5f 619355960 chromium-browser_30.0.1599.101.orig.tar.xz
 1faa40b06cf57115083ab3e6e04362ba9a1a924b 254610 chromium-browser_30.0.1599.101-1.debian.tar.gz
 f9643406f7ed1ecb62b2138ff14d9f5ed2a3aded 2839640 chromium-l10n_30.0.1599.101-1_all.deb
 eb83ae3cfa10bcef5861f5ffa384e23850aac005 690140 chromium-inspector_30.0.1599.101-1_all.deb
 b0a29944800969905576e45cdb83ddeae25334f4 36552562 chromium_30.0.1599.101-1_amd64.deb
 ea9e133e74cf9bd113fb49cc49758d5992707532 489722330 chromium-dbg_30.0.1599.101-1_amd64.deb
 01e3700f34ce5bd8a0dae80e8a4dca2952c1eb7016f1b4832dc2a50f3fe735dc 2598 chromium-browser_30.0.1599.101-1.dsc
 270731d645cb06c1a4403231c7a9d40d6ea708581473c1ec79988182d590a125 619355960 chromium-browser_30.0.1599.101.orig.tar.xz
 d67da253d74936a133ca3d72e65df96a3e40553eb6ff9860f475fef42e8952e3 254610 chromium-browser_30.0.1599.101-1.debian.tar.gz
 12ccaec0d4df7469252c2c53311ce940581fad5c196959a51accd1edd583431a 2839640 chromium-l10n_30.0.1599.101-1_all.deb
 a80e23936d57f24266a90568bede2da052667ce8a4e1c3effce57d26797222cc 690140 chromium-inspector_30.0.1599.101-1_all.deb
 e3ef8e3a8d152116ca38b848f5232b00de393479136e20c5abdd4fed6cd73067 36552562 chromium_30.0.1599.101-1_amd64.deb
 78ab8e239b6fec86d6cb66d5b85542ae45c442702690f5691e3d89ef9c6f68ac 489722330 chromium-dbg_30.0.1599.101-1_amd64.deb
 198d3d8d8a2ac8ae196866a965500eef 2598 web optional chromium-browser_30.0.1599.101-1.dsc
 ce6eefe72b0a483197dd82ab87c7e1db 619355960 web optional chromium-browser_30.0.1599.101.orig.tar.xz
 f70c879906e1f5a1450dac66fddd36fc 254610 web optional chromium-browser_30.0.1599.101-1.debian.tar.gz
 a2113514fae0892d358b1d90ece15e58 2839640 web optional chromium-l10n_30.0.1599.101-1_all.deb
 5622b1dc9bc596dcd00f9d17632ed5ca 690140 web optional chromium-inspector_30.0.1599.101-1_all.deb
 6545521700e1f6b1c7e52e5d1854b37e 36552562 web optional chromium_30.0.1599.101-1_amd64.deb
 152b96a293763a36e6c13f3332d91972 489722330 debug extra chromium-dbg_30.0.1599.101-1_amd64.deb

Version: GnuPG v1.4.15 (GNU/Linux)


Thank you for your contribution to Debian.

More information about the Pkg-chromium-maint mailing list