Ubuntu
chromium-browser package

9.0.597.84 -> 9.0.597.94 upgrade

Bug #715357 reported by Fabien Tassin
260
This bug affects 1 person
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Fix Released
High
Fabien Tassin
Lucid
Fix Released
High
Unassigned
Maverick
Fix Released
High
Unassigned
Natty
Fix Released
High
Fabien Tassin

Bug Description

Binary package hint: chromium-browser

Upstream just released a new Minor (stable) release fixing a bunch of security issues.

Needed in natty, maverick and lucid.

Fabien Tassin (fta)
Changed in chromium-browser (Ubuntu Natty):
assignee: nobody → Fabien Tassin (fta)
importance: Undecided → High
status: New → In Progress
Changed in chromium-browser (Ubuntu Maverick):
importance: Undecided → High
status: New → In Progress
Changed in chromium-browser (Ubuntu Lucid):
importance: Undecided → High
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 9.0.597.94~r73967-0ubuntu1

---------------
chromium-browser (9.0.597.94~r73967-0ubuntu1) natty; urgency=high

  * New upstream release from the Stable Channel (LP: #715357)
    This release fixes the following security issues:
    - [67234] High, Stale pointer in animation event handling. Credit to Rik
      Cabanier.
    - [68120] High, Use-after-free in SVG font faces. Credit to miaubiz.
    - [69556] High, Stale pointer with anonymous block handling. Credit to
      Martin Barbella.
    - [69970] Medium, Out-of-bounds read in plug-in handling. Credit to Bill
      Budge of Google.
    - [70456] Medium, Possible failure to terminate process on out-of-memory
      condition. Credit to David Warren of CERT/CC.
  * Update the gl dlopen patch to search for libGLESv2.so.2 instead of .1
    - update debian/patches/dlopen_sonamed_gl.patch
 -- Fabien Tassin <email address hidden> Tue, 08 Feb 2011 20:18:51 +0100

Changed in chromium-browser (Ubuntu Natty):
status: In Progress → Fix Released
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Uploaded updated packages for lucid and maverick to the ubuntu-security-proposed PPA.

tags: added: security-verification
security vulnerability: no → yes
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

I'll copy and test these once they are done building. Thanks Fabien!

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Tested i386 and amd64 for lucid and maverick using QRT:scripts/test-browser.py and they are all fine. armel is still building on maverick, but when it is done, I will publish.

tags: added: verification-done
removed: security-verification
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Sigh. It was actually lucid that was still building, but the build died and was restarted. It will be at least another 17 hours.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 9.0.597.94~r73967-0ubuntu0.10.10.1

---------------
chromium-browser (9.0.597.94~r73967-0ubuntu0.10.10.1) maverick-security; urgency=high

  * New upstream release from the Stable Channel (LP: #715357)
    This release fixes the following security issues:
    - [67234] High, Stale pointer in animation event handling. Credit to Rik
      Cabanier.
    - [68120] High, Use-after-free in SVG font faces. Credit to miaubiz.
    - [69556] High, Stale pointer with anonymous block handling. Credit to
      Martin Barbella.
    - [69970] Medium, Out-of-bounds read in plug-in handling. Credit to Bill
      Budge of Google.
    - [70456] Medium, Possible failure to terminate process on out-of-memory
      condition. Credit to David Warren of CERT/CC.
  * Update the gl dlopen patch to search for libGLESv2.so.2 instead of .1
    - update debian/patches/dlopen_sonamed_gl.patch
 -- Fabien Tassin <email address hidden> Tue, 08 Feb 2011 20:18:51 +0100

Changed in chromium-browser (Ubuntu Maverick):
status: In Progress → Fix Released
Revision history for this message
Zdenko Eštok (mabuss11) wrote :

After upgrade to 9.0.597.94 (73967) Ubuntu 10.10 Shockwave Flash plugin crashes on youtube videos. Doesn't happen in firefox.

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Zdenko,

This was specifically tested on both i386 and amd64 and worked. Can you file a new bug and provide more details?

Thanks!

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 9.0.597.94~r73967-0ubuntu0.10.04.1

---------------
chromium-browser (9.0.597.94~r73967-0ubuntu0.10.04.1) lucid-security; urgency=high

  * New upstream release from the Stable Channel (LP: #715357)
    This release fixes the following security issues:
    - [67234] High, Stale pointer in animation event handling. Credit to Rik
      Cabanier.
    - [68120] High, Use-after-free in SVG font faces. Credit to miaubiz.
    - [69556] High, Stale pointer with anonymous block handling. Credit to
      Martin Barbella.
    - [69970] Medium, Out-of-bounds read in plug-in handling. Credit to Bill
      Budge of Google.
    - [70456] Medium, Possible failure to terminate process on out-of-memory
      condition. Credit to David Warren of CERT/CC.
  * Update the gl dlopen patch to search for libGLESv2.so.2 instead of .1
    - update debian/patches/dlopen_sonamed_gl.patch
 -- Fabien Tassin <email address hidden> Tue, 08 Feb 2011 20:18:51 +0100

Changed in chromium-browser (Ubuntu Lucid):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.