[Pkg-chromium-commit] [SCM] Git repository for pkg-chromium branch, master, updated. debian/17.0.963.83_r127885-1-12-gda18728

Giuseppe Iuculano iuculano at debian.org
Wed May 2 12:29:43 UTC 2012 

The following commit has been merged in the master branch:
commit da18728475bb687ee8976ddd436e854dcdbeb60d
Merge: a552341cc39f0775a92fee4d00a601cf1172517c aca851454253e596e7c1ecfca2c12b41c726eae9
Author: Giuseppe Iuculano <iuculano at debian.org>
Date:   Wed May 2 09:30:00 2012 +0200

    Merge branch 'master' of ssh://git.debian.org/git/pkg-chromium/pkg-chromium
    
    Conflicts:
    	debian/changelog

diff --combined debian/changelog
index 10d142c,fcaa08b..40b1bb6
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,18 -1,34 +1,50 @@@
 +chromium-browser (18.0.1025.168~r134367-1) unstable; urgency=low
 +
 +  * New stable release:
 +    - High CVE-2011-3078: Use after free in floats handling. Credit to
 +      Google Chrome Security Team (Marty Barbella) and independent later
 +      discovery by miaubiz.
 +    - High CVE-2012-1521: Use after free in xml parser. Credit to Google
 +      Chrome Security Team (SkyLined) and independent later discovery by
 +      wushi of team509 reported through iDefense VCP (V-874rcfpq7z).
 +    - Medium CVE-2011-3079: IPC validation failure. Credit to PinkiePie.
 +    - Medium CVE-2011-3080: Race condition in sandbox IPC. Credit to Willem
 +      Pinckaers of Matasano.
 +    - High CVE-2011-3081: Use after free in floats handling. Credit to miaubiz
 +
-  -- Giuseppe Iuculano <iuculano at debian.org>  Tue, 01 May 2012 19:20:31 +0200
++ -- Giuseppe Iuculano <iuculano at debian.org>  Wed, 02 May 2012 09:30:45 +0200
++
+ chromium-browser (18.0.1025.151~r130497-1) unstable; urgency=medium
+ 
+   * new stable release:
+     - [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping.
+       Credit to miaubiz.
+     - [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit
+       to Sergey Glazunov.
+     - [117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit
+       to miaubiz.
+     - [117728] High CVE-2011-3069: Use-after-free in line box handling.
+       Credit to miaubiz.
+     - [118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to
+       Google Chrome Security Team (SkyLined).
+     - [118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit
+       to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).
+     - [118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up
+       window.  Credit to Sergey Glazunov.
+     - [118593] High CVE-2011-3073: Use-after-free in SVG resource handling.
+       Credit to Arthur Gerkis.
+     - [119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit
+       to Sławomir Błażek.
+     - [119525] High CVE-2011-3075: Use-after-free applying style command.
+       Credit to miaubiz.
+     - [120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to
+       miaubiz.
+     - [120189] Medium CVE-2011-3077: Read-after-free in script bindings.
+       Credit to Google Chrome Security Team (Inferno).
+   * [85dfed9] build-depend on libglewmx-dev instead of versioned libglewmx1.5-dev
+   * medium urgency for security fixes
+ 
+  -- Michael Gilbert <michael.s.gilbert at gmail.com>  Thu, 05 Apr 2012 16:43:11 -0400
  
  chromium-browser (18.0.1025.142~r129054-1) unstable; urgency=low
  

-- 
Git repository for pkg-chromium

More information about the Pkg-chromium-commit mailing list