Ubuntu
chromium-browser package

  1. Bug #715357
  2. Comment #9

Comment 9 for bug 715357

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 9.0.597.94~r73967-0ubuntu0.10.04.1

---------------
chromium-browser (9.0.597.94~r73967-0ubuntu0.10.04.1) lucid-security; urgency=high

  * New upstream release from the Stable Channel (LP: #715357)
    This release fixes the following security issues:
    - [67234] High, Stale pointer in animation event handling. Credit to Rik
      Cabanier.
    - [68120] High, Use-after-free in SVG font faces. Credit to miaubiz.
    - [69556] High, Stale pointer with anonymous block handling. Credit to
      Martin Barbella.
    - [69970] Medium, Out-of-bounds read in plug-in handling. Credit to Bill
      Budge of Google.
    - [70456] Medium, Possible failure to terminate process on out-of-memory
      condition. Credit to David Warren of CERT/CC.
  * Update the gl dlopen patch to search for libGLESv2.so.2 instead of .1
    - update debian/patches/dlopen_sonamed_gl.patch
 -- Fabien Tassin <email address hidden> Tue, 08 Feb 2011 20:18:51 +0100