[Pkg-chromium-commit] chromium-browser/chromium-browser.squeeze: 716 [69640] Medium Out-of-bounds read in text searching. Credit to Kostya
Giuseppe Iuculano
iuculano at debian.org
Thu Mar 3 15:37:33 UTC 2011
Branch name: chromium-browser/chromium-browser.squeeze
Branch location : bzr+ssh://bzr.debian.org/bzr/pkg-chromium/chromium-browser/chromium-browser.squeeze
Browse location: http://bzr.debian.org/loggerhead/pkg-chromium
Revision No: 716
Revision Id: iuculano at debian.org-20110303153733-0tc1a0doegwo10r3
Committer: Giuseppe Iuculano <iuculano at debian.org>
Message : [69640] Medium Out-of-bounds read in text searching. Credit to Kostya
Serebryany of the Chromium development community
--------------------------------------------------------
** Added :
- debian/patches/69640.patch
** Modified :
- debian/changelog
- debian/patches/series
-------------- next part --------------
=== modified file 'debian/changelog'
--- a/debian/changelog 2011-03-03 15:22:37 +0000
+++ b/debian/changelog 2011-03-03 15:37:33 +0000
@@ -5,8 +5,10 @@
Chancel.
- [63732] High Crash with javascript dialogs. Credit to Sergey Radchenko.
- [68263] High Stylesheet node stale pointer. Credit to Sergey Glazunov.
+ - [69640] Medium Out-of-bounds read in text searching. Credit to Kostya
+ Serebryany of the Chromium development community
- -- Giuseppe Iuculano <iuculano at debian.org> Thu, 03 Mar 2011 16:20:55 +0100
+ -- Giuseppe Iuculano <iuculano at debian.org> Thu, 03 Mar 2011 16:36:36 +0100
chromium-browser (6.0.472.63~r59945-5+squeeze2) stable-security; urgency=high
=== added file 'debian/patches/69640.patch'
--- a/debian/patches/69640.patch 1970-01-01 00:00:00 +0000
+++ b/debian/patches/69640.patch 2011-03-03 15:37:33 +0000
@@ -0,0 +1,14 @@
+--- a/src/third_party/WebKit/WebCore/editing/TextIterator.cpp
++++ b/src/third_party/WebKit/WebCore/editing/TextIterator.cpp
+@@ -1740,6 +1740,11 @@ inline SearchBuffer::SearchBuffer(const
+
+ inline SearchBuffer::~SearchBuffer()
+ {
++ // Leave the static object pointing to a valid string.
++ UErrorCode status = U_ZERO_ERROR;
++ usearch_setPattern(WebCore::searcher(), &newlineCharacter, 1, &status);
++ ASSERT(status == U_ZERO_ERROR);
++
+ unlockSearcher();
+ }
+
=== modified file 'debian/patches/series'
--- a/debian/patches/series 2011-03-03 15:22:37 +0000
+++ b/debian/patches/series 2011-03-03 15:37:33 +0000
@@ -59,3 +59,4 @@
54262.patch
63732.patch
68263.patch
+69640.patch
More information about the Pkg-chromium-commit
mailing list