Accepted chromium-browser 14.0.835.163~r101024-1 (source all amd64)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 17 Sep 2011 21:46:29 +0200
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-browser-inspector chromium chromium-dbg chromium-l10n chromium-inspector
Architecture: source all amd64
Version: 14.0.835.163~r101024-1
Distribution: unstable
Urgency: low
Maintainer: Debian Chromium Maintainers <pkg-chromium-maint@lists.alioth.debian.org>
Changed-By: Giuseppe Iuculano <iuculano@debian.org>
Description:
chromium - Google's open source chromium web browser
chromium-browser - Chromium browser - transitional dummy package
chromium-browser-dbg - chromium-browser debug symbols transitional dummy package
chromium-browser-inspector - page inspector for the chromium-browser - transitional dummy pack
chromium-browser-l10n - chromium-browser language packages - transitional dummy package
chromium-dbg - Debugging symbols for the chromium web browser
chromium-inspector - page inspector for the chromium browser
chromium-l10n - chromium-browser language packages
Closes: 641099
Changes:
chromium-browser (14.0.835.163~r101024-1) unstable; urgency=low
.
[ Matteo F. Vescovi ]
* [82a8b0b] debian/control: changing b-deps to libjpeg-dev (Closes: 641099)
.
[ Giuseppe Iuculano ]
* [ac85d47] Use system ffmpeg and icu
* [b4fbcd0] debian/gbp.conf: Added conf for git-dch
* [a4f4ee1] Do not install ffmpeg internal copy
* New stable release:
- High CVE-2011-2835: Race condition in the certificate cache.
Credit to Ryan Sleevi of the Chromium development community.
- Low CVE-2011-2836: Infobar the Windows Media Player plug-in to avoid
click-free access to the system Flash. Credit to electronixtar.
- Low CVE-2011-2837: Use PIC / pie compiler flags. Credit to wbrana.
- Low CVE-2011-2838: Treat MIME type more authoritatively when loading
plug-ins. Credit to Michal Zalewski of the Google Security Team.
- High CVE-2011-2839: Crash in v8 script object wrappers.
Credit to Kostya Serebryany of the Chromium development community.
- Low CVE-2011-2840: Possible URL bar spoofs with unusual user interaction.
Credit to kuzzcc.
- Medium CVE-2011-2843: Out-of-bounds read with media buffers.
Credit to Kostya Serebryany of the Chromium development community.
- Medium CVE-2011-2844: Out-of-bounds read with mp3 files.
Credit to Mario Gomes.
- High CVE-2011-2846: Use-after-free in unload event handling.
Credit to Arthur Gerkis.
- High CVE-2011-2847: Use-after-free in document loader.
Credit to miaubiz.
- Medium CVE-2011-2848: URL bar spoof with forward button.
Credit to Jordi Chancel.
- Low CVE-2011-2849: Browser NULL pointer crash with WebSockets.
Credit to Arthur Gerkis.
- Medium CVE-2011-3234: Out-of-bounds read in box handling.
Credit to miaubiz.
- Medium CVE-2011-2850: Out-of-bounds read with Khmer characters.
Credit to miaubiz.
- Medium CVE-2011-2851: Out-of-bounds read in video handling.
Credit to Google Chrome Security Team (Inferno).
- High CVE-2011-2852: Off-by-one in v8. Credit to Christian Holler.
- High CVE-2011-2853: Use-after-free in plug-in handling.
Credit to Google Chrome Security Team (SkyLined).
- High CVE-2011-2854: Use-after-free in ruby / table style handing.
Credit to Sławomir Błażek, and independent later discoveries by miaubiz
and Google Chrome Security Team (Inferno).
- High CVE-2011-2855: Stale node in stylesheet handling.
Credit to Arthur Gerkis.
- High CVE-2011-2856: Cross-origin bypass in v8.
Credit to Daniel Divricean.
- High CVE-2011-2857: Use-after-free in focus controller. Credit to miaubiz.
- High CVE-2011-2834: Double free in libxml XPath handling.
Credit to Yang Dingning from NCNIPC, Graduate University of Chinese
Academy of Sciences.
- Medium CVE-2011-2859: Incorrect permissions assigned to non-gallery pages.
Credit to Bernhard ‘Bruhns’ Brehm of Recurity Labs.
- High CVE-2011-2860: Use-after-free in table style handling.
Credit to miaubiz.
- High CVE-2011-2862: Unintended access to v8 built-in objects.
Credit to Sergey Glazunov.
- Medium CVE-2011-2864: Out-of-bounds read with Tibetan characters.
Credit to Google Chrome Security Team (Inferno).
- Medium CVE-2011-2858: Out-of-bounds read with triangle arrays.
Credit to Google Chrome Security Team (Inferno).
- Low CVE-2011-2874: Failure to pin a self-signed cert for a session.
Credit to Nishant Yadant of VMware and Craig Chamberlain (@randomuserid).
- High CVE-2011-2875: Type confusion in v8 object sealing.
Credit to Christian Holler.
Checksums-Sha1:
0a7f8c23c8d67b006dbb899aa9adbc0f227a0204 2572 chromium-browser_14.0.835.163~r101024-1.dsc
c278fe923c9e60f0ad083ca5eaa21200232c4eca 232737451 chromium-browser_14.0.835.163~r101024.orig.tar.bz2
35306ecd6e403202ac624fc84560bb2863fea2c4 236425 chromium-browser_14.0.835.163~r101024-1.debian.tar.gz
9f2760ba3b04d6351c91d96c6674bcf9ffc9145e 175368 chromium-browser_14.0.835.163~r101024-1_all.deb
878cb66c8fba81b32d5e40b268bab368f1f3dec2 174452 chromium-browser-dbg_14.0.835.163~r101024-1_all.deb
143e97374e4651959974ed1348467cd98d683acf 174600 chromium-browser-l10n_14.0.835.163~r101024-1_all.deb
1e311dddfb096773d0c7c08bf05ac80dbb91045e 174470 chromium-browser-inspector_14.0.835.163~r101024-1_all.deb
1dee60247d87833fea0b10edce5b4b1fc60812a2 5148234 chromium-l10n_14.0.835.163~r101024-1_all.deb
4bf4a156472c23b3200073faa6dbc2e66340e1ac 769282 chromium-inspector_14.0.835.163~r101024-1_all.deb
9a215b4e7e5cc48db007045a1eef2e761c5e1cbe 21863532 chromium_14.0.835.163~r101024-1_amd64.deb
0ca7ed63b4cd7cd58063f568f14b76fe7552db34 386858818 chromium-dbg_14.0.835.163~r101024-1_amd64.deb
Checksums-Sha256:
77b2ce1f38a409f173a16981fb7f6c74ad9635e33da1512bdd643a11c4952506 2572 chromium-browser_14.0.835.163~r101024-1.dsc
d4f21a24bdc6ca96de94299f6eea4a3acc3e1b998db20bff38de88bfdd2b11f6 232737451 chromium-browser_14.0.835.163~r101024.orig.tar.bz2
516ce670aa90ac770c97f636a57b55d18276ebbe5936586813dce645afa0be77 236425 chromium-browser_14.0.835.163~r101024-1.debian.tar.gz
5cc4bc54e4e3430153b2925cf927e0868469fafa5e52e0db8b9cfdf6a0f9c53f 175368 chromium-browser_14.0.835.163~r101024-1_all.deb
45a8246d815f5fb77c88e695c69122f57691f1f74f2359e86b1da57fc6a6642c 174452 chromium-browser-dbg_14.0.835.163~r101024-1_all.deb
1d753388f13f02931e18995e1e457bc7bb5a7ffe360954b843afcb2d72f981e8 174600 chromium-browser-l10n_14.0.835.163~r101024-1_all.deb
79f04dc82642cc1f511eccf063241de6c988f8d40970d82056d25fee02505136 174470 chromium-browser-inspector_14.0.835.163~r101024-1_all.deb
339d8bd812e564ba96dda6e0a0c4eb33e20d7c9e88483ad30639c1bb0caacd5d 5148234 chromium-l10n_14.0.835.163~r101024-1_all.deb
23925575beba51d40d39ec80a231034c5dda3ed6a306665ad4306978c528c5ad 769282 chromium-inspector_14.0.835.163~r101024-1_all.deb
bfa4e32630e5d702a28fe515634129fad3f9dcbb7afd8169e30516d8f6f1db84 21863532 chromium_14.0.835.163~r101024-1_amd64.deb
8fe0b089cdbaeaa7ca538070cbf94fe5d09198d8a4d0630147a089fce4d475aa 386858818 chromium-dbg_14.0.835.163~r101024-1_amd64.deb
Files:
e022ae2e04a9371d2cb45b4b70e3463d 2572 web optional chromium-browser_14.0.835.163~r101024-1.dsc
5fb53e7586f942612a61392bc3c33bb1 232737451 web optional chromium-browser_14.0.835.163~r101024.orig.tar.bz2
e85bed08e045071ad1d9675355615abe 236425 web optional chromium-browser_14.0.835.163~r101024-1.debian.tar.gz
a02bb36a28ebbf15bacc47fa95d5201b 175368 oldlibs optional chromium-browser_14.0.835.163~r101024-1_all.deb
030d64457a30de75e19798fcb8dc8f7e 174452 oldlibs extra chromium-browser-dbg_14.0.835.163~r101024-1_all.deb
f25aff3e909c1a25c7199dbabad8de90 174600 oldlibs optional chromium-browser-l10n_14.0.835.163~r101024-1_all.deb
6e93e70a2088711282b050e337a94319 174470 oldlibs optional chromium-browser-inspector_14.0.835.163~r101024-1_all.deb
5b97722abbabafc2951fcd34e6f26e62 5148234 web optional chromium-l10n_14.0.835.163~r101024-1_all.deb
5410a02c9cec2c76d7dc397f42a58b19 769282 web optional chromium-inspector_14.0.835.163~r101024-1_all.deb
26df50a53c5049d0c3dd38586db31424 21863532 web optional chromium_14.0.835.163~r101024-1_amd64.deb
23eaf219b859de30b2fa625df35d908c 386858818 debug extra chromium-dbg_14.0.835.163~r101024-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk51l9kACgkQNxpp46476arXFQCdFVp5n0f5Z8Iyc8P8QXga7JGo
jZ4An3SKrzHESkPgtY7HOFdJ97WtukFT
=NDFY
-----END PGP SIGNATURE-----
Accepted:
chromium-browser-dbg_14.0.835.163~r101024-1_all.deb
to main/c/chromium-browser/chromium-browser-dbg_14.0.835.163~r101024-1_all.deb
chromium-browser-inspector_14.0.835.163~r101024-1_all.deb
to main/c/chromium-browser/chromium-browser-inspector_14.0.835.163~r101024-1_all.deb
chromium-browser-l10n_14.0.835.163~r101024-1_all.deb
to main/c/chromium-browser/chromium-browser-l10n_14.0.835.163~r101024-1_all.deb
chromium-browser_14.0.835.163~r101024-1.debian.tar.gz
to main/c/chromium-browser/chromium-browser_14.0.835.163~r101024-1.debian.tar.gz
chromium-browser_14.0.835.163~r101024-1.dsc
to main/c/chromium-browser/chromium-browser_14.0.835.163~r101024-1.dsc
chromium-browser_14.0.835.163~r101024-1_all.deb
to main/c/chromium-browser/chromium-browser_14.0.835.163~r101024-1_all.deb
chromium-browser_14.0.835.163~r101024.orig.tar.bz2
to main/c/chromium-browser/chromium-browser_14.0.835.163~r101024.orig.tar.bz2
chromium-dbg_14.0.835.163~r101024-1_amd64.deb
to main/c/chromium-browser/chromium-dbg_14.0.835.163~r101024-1_amd64.deb
chromium-inspector_14.0.835.163~r101024-1_all.deb
to main/c/chromium-browser/chromium-inspector_14.0.835.163~r101024-1_all.deb
chromium-l10n_14.0.835.163~r101024-1_all.deb
to main/c/chromium-browser/chromium-l10n_14.0.835.163~r101024-1_all.deb
chromium_14.0.835.163~r101024-1_amd64.deb
to main/c/chromium-browser/chromium_14.0.835.163~r101024-1_amd64.deb
Reply to: