[Pkg-chromium-commit] chromium-browser/chromium-browser.sid: 755 * New Stable release:
Giuseppe Iuculano
iuculano at debian.org
Thu Apr 28 08:37:35 UTC 2011
Branch name: chromium-browser/chromium-browser.sid
Branch location : bzr+ssh://bzr.debian.org/bzr/pkg-chromium/chromium-browser/chromium-browser.sid
Browse location: http://bzr.debian.org/loggerhead/pkg-chromium
Revision No: 755
Revision Id: iuculano at debian.org-20110428083735-7bs6fkleqrmb01rs
Committer: Giuseppe Iuculano <iuculano at debian.org>
Message : * New Stable release:
- [61502] High CVE-2011-1303: Stale pointer in floating object handling.
Credit to Scott Hess of the Chromium development community and
Martin Barbella.
- [70538] Low CVE-2011-1304: Pop-up block bypass via plug-ins.
Credit to Chamal De Silva.
- [70589] Medium CVE-2011-1305: Linked-list race in database handling.
Credit to Kostya Serebryany of the Chromium development community.
- [71586] Medium CVE-2011-1434: Lack of thread safety in MIME handling.
Credit to Aki Helin.
- [72523] Medium CVE-2011-1435: Bad extension with ‘tabs’ permission can
capture local files. Credit to Cole Snodgrass.
- [72910] Low CVE-2011-1436: Possible browser crash due to bad interaction
with X. Credit to miaubiz.
- [73526] High CVE-2011-1437: Integer overflows in float rendering.
Credit to miaubiz.
- [74653] High CVE-2011-1438: Same origin policy violation with blobs.
Credit to kuzzcc.
- [74763] High CVE-2011-1439: Prevent interference between renderer
processes. Credit to Julien Tinnes of the Google Security Team.
- [75186] High CVE-2011-1440: Use-after-free with <ruby> tag and CSS.
Credit to Jose A. Vazquez.
- [75347] High CVE-2011-1441: Bad cast with floating select lists.
Credit to Michael Griffiths.
- [75801] High CVE-2011-1442: Corrupt node trees with mutation events.
Credit to Sergey Glazunov and wushi of team 509.
- [76001] High CVE-2011-1443: Stale pointers in layering code.
Credit to Martin Barbella.
- [76542] High CVE-2011-1444: Race condition in sandbox launcher.
Credit to Dan Rosenberg.
- [76646] Medium CVE-2011-1445: Out-of-bounds read in SVG.
Credit to wushi of team509.
- [76666] [77507] [78031] High CVE-2011-1446: Possible URL bar spoofs with
navigation errors and interrupted loads. Credit to kuzzcc.
- [76966] High CVE-2011-1447: Stale pointer in drop-down list handling.
Credit to miaubiz.
- [77130] High CVE-2011-1448: Stale pointer in height calculations.
Credit to wushi of team509.
- [77346] High CVE-2011-1449: Use-after-free in WebSockets.
Credit to Marek Majkowski.
- [77349] Low CVE-2011-1450: Dangling pointers in file dialogs.
Credit to kuzzcc.
- [77463] High CVE-2011-1451: Dangling pointers in DOM id map.
Credit to Sergey Glazunov.
- [77786] Medium CVE-2011-1452: URL bar spoof with redirect and manual
reload. Credit to Jordi Chancel.
- [79199] High CVE-2011-1454: Use-after-free in DOM id handling.
Credit to Sergey Glazunov.
--------------------------------------------------------
** Modified :
- debian/changelog
-------------- next part --------------
=== modified file 'debian/changelog'
--- a/debian/changelog 2011-04-15 07:20:26 +0000
+++ b/debian/changelog 2011-04-28 08:37:35 +0000
@@ -1,3 +1,56 @@
+chromium-browser (11.0.696.57~r82915-1) UNRELEASED; urgency=low
+
+ * New Stable release:
+ - [61502] High CVE-2011-1303: Stale pointer in floating object handling.
+ Credit to Scott Hess of the Chromium development community and
+ Martin Barbella.
+ - [70538] Low CVE-2011-1304: Pop-up block bypass via plug-ins.
+ Credit to Chamal De Silva.
+ - [70589] Medium CVE-2011-1305: Linked-list race in database handling.
+ Credit to Kostya Serebryany of the Chromium development community.
+ - [71586] Medium CVE-2011-1434: Lack of thread safety in MIME handling.
+ Credit to Aki Helin.
+ - [72523] Medium CVE-2011-1435: Bad extension with ‘tabs’ permission can
+ capture local files. Credit to Cole Snodgrass.
+ - [72910] Low CVE-2011-1436: Possible browser crash due to bad interaction
+ with X. Credit to miaubiz.
+ - [73526] High CVE-2011-1437: Integer overflows in float rendering.
+ Credit to miaubiz.
+ - [74653] High CVE-2011-1438: Same origin policy violation with blobs.
+ Credit to kuzzcc.
+ - [74763] High CVE-2011-1439: Prevent interference between renderer
+ processes. Credit to Julien Tinnes of the Google Security Team.
+ - [75186] High CVE-2011-1440: Use-after-free with <ruby> tag and CSS.
+ Credit to Jose A. Vazquez.
+ - [75347] High CVE-2011-1441: Bad cast with floating select lists.
+ Credit to Michael Griffiths.
+ - [75801] High CVE-2011-1442: Corrupt node trees with mutation events.
+ Credit to Sergey Glazunov and wushi of team 509.
+ - [76001] High CVE-2011-1443: Stale pointers in layering code.
+ Credit to Martin Barbella.
+ - [76542] High CVE-2011-1444: Race condition in sandbox launcher.
+ Credit to Dan Rosenberg.
+ - [76646] Medium CVE-2011-1445: Out-of-bounds read in SVG.
+ Credit to wushi of team509.
+ - [76666] [77507] [78031] High CVE-2011-1446: Possible URL bar spoofs with
+ navigation errors and interrupted loads. Credit to kuzzcc.
+ - [76966] High CVE-2011-1447: Stale pointer in drop-down list handling.
+ Credit to miaubiz.
+ - [77130] High CVE-2011-1448: Stale pointer in height calculations.
+ Credit to wushi of team509.
+ - [77346] High CVE-2011-1449: Use-after-free in WebSockets.
+ Credit to Marek Majkowski.
+ - [77349] Low CVE-2011-1450: Dangling pointers in file dialogs.
+ Credit to kuzzcc.
+ - [77463] High CVE-2011-1451: Dangling pointers in DOM id map.
+ Credit to Sergey Glazunov.
+ - [77786] Medium CVE-2011-1452: URL bar spoof with redirect and manual
+ reload. Credit to Jordi Chancel.
+ - [79199] High CVE-2011-1454: Use-after-free in DOM id handling.
+ Credit to Sergey Glazunov.
+
+ -- Giuseppe Iuculano <iuculano at debian.org> Thu, 28 Apr 2011 10:20:21 +0200
+
chromium-browser (10.0.648.205~r81283-1) unstable; urgency=low
* New stable release:
More information about the Pkg-chromium-commit
mailing list