Update to 13.0.782.107

Had slangasek copy to -proposed for lucid-natty

Lucid i386 and amd64 tested with QRT, one minor regression found over previous functionality (Bug #824975). On the plus side, bug #795786 and bug #795787 appear to be fixed with this version.

Lucid seemed to pass, but maverick and natty both fail on HTML5 video/audio. Bugs to follow.

We'll track this now in bug 834922 since there's a new upstream release which hopefully fixes the issues.

This bug was fixed in the package chromium-browser - 14.0.835.202~r103287-0ubuntu0.10.04.2

---------------
chromium-browser (14.0.835.202~r103287-0ubuntu0.10.04.2) lucid-security; urgency=low

  * New upstream release from the Stable Channel (LP: #858744)
    This release fixes the following security issues:
    + Chromium issues (13.0.782.220):
      - Trust in Diginotar Intermediate CAs revoked
    + Chromium issues (14.0.835.163):
      - [49377] High CVE-2011-2835: Race condition in the certificate cache.
        Credit to Ryan Sleevi.
      - [57908] Low CVE-2011-2837: Use PIC / pie compiler flags. Credit to
        wbrana.
      - [75070] Low CVE-2011-2838: Treat MIME type more authoritatively when
        loading plug-ins. Credit to Michal Zalewski.
      - [78639] High CVE-2011-2841: Garbage collection error in PDF. Credit to
        Mario Gomes.
      - [82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers.
        Credit to Kostya Serebryany.
      - [85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files. Credit
        to Mario Gomes.
      - [89564] Medium CVE-2011-2848: URL bar spoof with forward button. Credit
        to Jordi Chancel.
      - [89795] Low CVE-2011-2849: Browser NULL pointer crash with WebSockets.
        Credit to Arthur Gerkis.
      - [90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer characters.
        Credit to miaubiz.
      - [90173] Medium CVE-2011-2851: Out-of-bounds read in video handling.
        Credit to Google Chrome Security Team (Inferno).
      - [91197] High CVE-2011-2853: Use-after-free in plug-in handling. Credit
        to Google Chrome Security Team (SkyLined).
      - [93497] Medium CVE-2011-2859: Incorrect permissions assigned to
        non-gallery pages. Credit to Bernhard ‘Bruhns’ Brehm
      - [93596] Medium CVE-2011-2861: Bad string read in PDF. Credit to Aki
        Helin of OUSPG.
      - [95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan
        characters. Credit to Google Chrome Security Team (Inferno).
      - [95625] Medium CVE-2011-2858: Out-of-bounds read with triangle arrays.
        Credit to Google Chrome Security Team (Inferno).
      - [95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a
        session. Credit to Nishant Yadant and Craig Chamberlain (@randomuserid).
    + Chromium issues (14.0.835.202):
      - [95671] High CVE-2011-2878: Inappropriate cross-origin access to the
        window prototype. Credit to Sergey Glazunov.
      - [96150] High CVE-2011-2879: Lifetime and threading issues in audio node
        handling. Credit to Google Chrome Security Team (Inferno).
      - [98089] Critical CVE-2011-3873: Memory corruption in shader translator.
        Credit to Zhenyao Mo.
    + Webkit issues (14.0.835.163):
      - [78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with unusual
        user interaction. Credit to kuzzcc.
      - [89219] High CVE-2011-2846: Use-after-free in unload event handling.
        Credit to Arthur Gerkis.
      - [89330] High CVE-2011-2847: Use-after-free in document loader. Credit to
        miaubiz.
      - [89991] Medium CVE-2011-3234: Out-of-bounds read in box handl...

This bug was fixed in the package chromium-browser - 14.0.835.202~r103287-0ubuntu0.10.10.1

---------------
chromium-browser (14.0.835.202~r103287-0ubuntu0.10.10.1) maverick-security; urgency=low

  * New upstream release from the Stable Channel (LP: #858744)
    This release fixes the following security issues:
    + Chromium issues (13.0.782.220):
      - Trust in Diginotar Intermediate CAs revoked
    + Chromium issues (14.0.835.163):
      - [49377] High CVE-2011-2835: Race condition in the certificate cache.
        Credit to Ryan Sleevi.
      - [57908] Low CVE-2011-2837: Use PIC / pie compiler flags. Credit to
        wbrana.
      - [75070] Low CVE-2011-2838: Treat MIME type more authoritatively when
        loading plug-ins. Credit to Michal Zalewski.
      - [78639] High CVE-2011-2841: Garbage collection error in PDF. Credit to
        Mario Gomes.
      - [82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers.
        Credit to Kostya Serebryany.
      - [85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files. Credit
        to Mario Gomes.
      - [89564] Medium CVE-2011-2848: URL bar spoof with forward button. Credit
        to Jordi Chancel.
      - [89795] Low CVE-2011-2849: Browser NULL pointer crash with WebSockets.
        Credit to Arthur Gerkis.
      - [90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer characters.
        Credit to miaubiz.
      - [90173] Medium CVE-2011-2851: Out-of-bounds read in video handling.
        Credit to Google Chrome Security Team (Inferno).
      - [91197] High CVE-2011-2853: Use-after-free in plug-in handling. Credit
        to Google Chrome Security Team (SkyLined).
      - [93497] Medium CVE-2011-2859: Incorrect permissions assigned to
        non-gallery pages. Credit to Bernhard ‘Bruhns’ Brehm
      - [93596] Medium CVE-2011-2861: Bad string read in PDF. Credit to Aki
        Helin of OUSPG.
      - [95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan
        characters. Credit to Google Chrome Security Team (Inferno).
      - [95625] Medium CVE-2011-2858: Out-of-bounds read with triangle arrays.
        Credit to Google Chrome Security Team (Inferno).
      - [95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a
        session. Credit to Nishant Yadant and Craig Chamberlain (@randomuserid).
    + Chromium issues (14.0.835.202):
      - [95671] High CVE-2011-2878: Inappropriate cross-origin access to the
        window prototype. Credit to Sergey Glazunov.
      - [96150] High CVE-2011-2879: Lifetime and threading issues in audio node
        handling. Credit to Google Chrome Security Team (Inferno).
      - [98089] Critical CVE-2011-3873: Memory corruption in shader translator.
        Credit to Zhenyao Mo.
    + Webkit issues (14.0.835.163):
      - [78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with unusual
        user interaction. Credit to kuzzcc.
      - [89219] High CVE-2011-2846: Use-after-free in unload event handling.
        Credit to Arthur Gerkis.
      - [89330] High CVE-2011-2847: Use-after-free in document loader. Credit to
        miaubiz.
      - [89991] Medium CVE-2011-3234: Out-of-bounds read in box ha...

This bug was fixed in the package chromium-browser - 14.0.835.202~r103287-0ubuntu0.11.04.1

---------------
chromium-browser (14.0.835.202~r103287-0ubuntu0.11.04.1) natty-security; urgency=low

  * New upstream release from the Stable Channel (LP: #858744)
    This release fixes the following security issues:
    + Chromium issues (13.0.782.220):
      - Trust in Diginotar Intermediate CAs revoked
    + Chromium issues (14.0.835.163):
      - [49377] High CVE-2011-2835: Race condition in the certificate cache.
        Credit to Ryan Sleevi.
      - [57908] Low CVE-2011-2837: Use PIC / pie compiler flags. Credit to
        wbrana.
      - [75070] Low CVE-2011-2838: Treat MIME type more authoritatively when
        loading plug-ins. Credit to Michal Zalewski.
      - [78639] High CVE-2011-2841: Garbage collection error in PDF. Credit to
        Mario Gomes.
      - [82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers.
        Credit to Kostya Serebryany.
      - [85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files. Credit
        to Mario Gomes.
      - [89564] Medium CVE-2011-2848: URL bar spoof with forward button. Credit
        to Jordi Chancel.
      - [89795] Low CVE-2011-2849: Browser NULL pointer crash with WebSockets.
        Credit to Arthur Gerkis.
      - [90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer characters.
        Credit to miaubiz.
      - [90173] Medium CVE-2011-2851: Out-of-bounds read in video handling.
        Credit to Google Chrome Security Team (Inferno).
      - [91197] High CVE-2011-2853: Use-after-free in plug-in handling. Credit
        to Google Chrome Security Team (SkyLined).
      - [93497] Medium CVE-2011-2859: Incorrect permissions assigned to
        non-gallery pages. Credit to Bernhard ‘Bruhns’ Brehm
      - [93596] Medium CVE-2011-2861: Bad string read in PDF. Credit to Aki
        Helin of OUSPG.
      - [95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan
        characters. Credit to Google Chrome Security Team (Inferno).
      - [95625] Medium CVE-2011-2858: Out-of-bounds read with triangle arrays.
        Credit to Google Chrome Security Team (Inferno).
      - [95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a
        session. Credit to Nishant Yadant and Craig Chamberlain (@randomuserid).
    + Chromium issues (14.0.835.202):
      - [95671] High CVE-2011-2878: Inappropriate cross-origin access to the
        window prototype. Credit to Sergey Glazunov.
      - [96150] High CVE-2011-2879: Lifetime and threading issues in audio node
        handling. Credit to Google Chrome Security Team (Inferno).
      - [98089] Critical CVE-2011-3873: Memory corruption in shader translator.
        Credit to Zhenyao Mo.
    + Webkit issues (14.0.835.163):
      - [78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with unusual
        user interaction. Credit to kuzzcc.
      - [89219] High CVE-2011-2846: Use-after-free in unload event handling.
        Credit to Arthur Gerkis.
      - [89330] High CVE-2011-2847: Use-after-free in document loader. Credit to
        miaubiz.
      - [89991] Medium CVE-2011-3234: Out-of-bounds read in box handl...