chromium-browser 13.0.782.107~r94237-1 source package in Debian


chromium-browser (13.0.782.107~r94237-1) unstable; urgency=high

  * New stable version
    - Medium CVE-2011-2358: Always confirm an extension install via a browser
      dialog. Credit to Sergey Glazunov.
    - High CVE-2011-2359: Stale pointer due to bad line box tracking in
      rendering. Credit to miaubiz and Martin Barbella.
    - Low CVE-2011-2360: Potential bypass of dangerous file prompt.
      Credit to kuzzcc.
    - Low CVE-2011-2361: Improve designation of strings in the basic auth
      dialog. Credit to kuzzcc.
    - Medium CVE-2011-2782: File permissions error with drag and drop.
      Credit to Evan Martin of the Chromium development community.
    - Medium CVE-2011-2783: Always confirm a developer mode NPAPI extension
      install via a browser dialog. Credit to Sergey Glazunov.
    - Low CVE-2011-2784: Local file path disclosure via GL program log.
      Credit to kuzzcc.
    - Low CVE-2011-2785: Sanitize the homepage URL in extensions.
      Credit to kuzzcc.
    - Low CVE-2011-2786: Make sure the speech input bubble is always on-screen.
      Credit to Olli Pettay of Mozilla.
    - Medium CVE-2011-2787: Browser crash due to GPU lock re-entrancy issue.
      Credit to kuzzcc.
    - Low CVE-2011-2788: Buffer overflow in inspector serialization.
      Credit to Mikołaj Małecki.
    - Medium CVE-2011-2789: Use after free in Pepper plug-in instantiation.
      Credit to Mario Gomes and kuzzcc.
    - High CVE-2011-2790: Use-after-free with floating styles.
      Credit to miaubiz.
    - High CVE-2011-2791: Out-of-bounds write in ICU. Credit to Yang Dingning
      from NCNIPC, Graduate University of Chinese Academy of Sciences.
    - High CVE-2011-2792: Use-after-free with float removal. Credit to miaubiz.
    - High CVE-2011-2793: Use-after-free in media selectors. Credit to miaubiz.
    - Medium CVE-2011-2794: Out-of-bounds read in text iteration.
      Credit to miaubiz.
    - Medium CVE-2011-2795: Cross-frame function leak. Credit to Shih Wei-Long.
    - High CVE-2011-2796: Use-after-free in Skia. Credit to Google Chrome
      Security Team (Inferno) and Kostya Serebryany of the Chromium
      development community.
    - High CVE-2011-2797: Use-after-free in resource caching. Credit to miaubiz.
    - Low CVE-2011-2798: Prevent a couple of internal schemes from being web
      accessible. Credit to sirdarckcat of the Google Security Team.
    - High CVE-2011-2799: Use-after-free in HTML range handling.
      Credit to miaubiz.
    - Medium CVE-2011-2800: Leak of client-side redirect target.
      Credit to Juho Nurminen.
    - High CVE-2011-2802: v8 crash with const lookups.
      Credit to Christian Holler.
    - Medium CVE-2011-2803: Out-of-bounds read in Skia paths.
      Credit to Google Chrome Security Team (Inferno).
    - High CVE-2011-2801: Use-after-free in frame loader. Credit to miaubiz.
    - High CVE-2011-2818: Use-after-free in display box rendering.
      Credit to Martin Barbella.
    - High CVE-2011-2805: Cross-origin script injection.
      Credit to Sergey Glazunov.
    - [90222] High CVE-2011-2819: Cross-origin violation in base URI handling.
      Credit to Sergey Glazunov.
  * Re-added binutils-gold in Build-depends
  * Refreshed patches
  * Switch to git
  * Use system vpx, flac, webp, speex libs
  * Build-depens on gyp >= 0.1~svn971
  * Run the gclient hooks when creating the source tarball, as we need files
    from the Native Client's integrated runtime (IRT) library
    (Thanks to Fabien Tassin)
  * Install the NaCL IRT files
  * Added a lintian override for the NaCL IRT files

 -- Giuseppe Iuculano <email address hidden>  Thu, 04 Aug 2011 11:02:34 +0200

Upload details

Uploaded by:
Debian Chromium Maintainers
Uploaded to:
Original maintainer:
Debian Chromium Maintainers
all i386 amd64
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section



File Size SHA-256 Checksum
chromium-browser_13.0.782.107~r94237-1.dsc 2.4 KiB e49832dc64142ef89567657b6f6f20dcc9bea7229446f032a71694c1db0b5911
chromium-browser_13.0.782.107~r94237.orig.tar.bz2 214.6 MiB bc06d95fc5a3b9ea54a725926a7b7c9cd4f51d0abaf6782e1538e28b0bc42c7b
chromium-browser_13.0.782.107~r94237-1.debian.tar.gz 227.4 KiB b509645d7baf018c4241b423a7a1e5db7116afaf143216bf3f55e05263138d0f

No changes file available.

Binary packages built by this source