chromium-browser 14.0.835.163~r101024-1 source package in Debian


chromium-browser (14.0.835.163~r101024-1) unstable; urgency=low

  [ Matteo F. Vescovi ]
  * [82a8b0b] debian/control: changing b-deps to libjpeg-dev (Closes: 641099)

  [ Giuseppe Iuculano ]
  * [ac85d47] Use system ffmpeg and icu
  * [b4fbcd0] debian/gbp.conf: Added conf for git-dch
  * [a4f4ee1] Do not install ffmpeg internal copy
  * New stable release:
    - High CVE-2011-2835: Race condition in the certificate cache.
      Credit to Ryan Sleevi of the Chromium development community.
    - Low CVE-2011-2836: Infobar the Windows Media Player plug-in to avoid
      click-free access to the system Flash. Credit to electronixtar.
    - Low CVE-2011-2837: Use PIC / pie compiler flags. Credit to wbrana.
    - Low CVE-2011-2838: Treat MIME type more authoritatively when loading
      plug-ins. Credit to Michal Zalewski of the Google Security Team.
    - High CVE-2011-2839: Crash in v8 script object wrappers.
      Credit to Kostya Serebryany of the Chromium development community.
    - Low CVE-2011-2840: Possible URL bar spoofs with unusual user interaction.
      Credit to kuzzcc.
    - Medium CVE-2011-2843: Out-of-bounds read with media buffers.
      Credit to Kostya Serebryany of the Chromium development community.
    - Medium CVE-2011-2844: Out-of-bounds read with mp3 files.
      Credit to Mario Gomes.
    - High CVE-2011-2846: Use-after-free in unload event handling.
      Credit to Arthur Gerkis.
    - High CVE-2011-2847: Use-after-free in document loader.
      Credit to miaubiz.
    - Medium CVE-2011-2848: URL bar spoof with forward button.
      Credit to Jordi Chancel.
    - Low CVE-2011-2849: Browser NULL pointer crash with WebSockets.
      Credit to Arthur Gerkis.
    - Medium CVE-2011-3234: Out-of-bounds read in box handling.
      Credit to miaubiz.
    - Medium CVE-2011-2850: Out-of-bounds read with Khmer characters.
      Credit to miaubiz.
    - Medium CVE-2011-2851: Out-of-bounds read in video handling.
      Credit to Google Chrome Security Team (Inferno).
    - High CVE-2011-2852: Off-by-one in v8. Credit to Christian Holler.
    - High CVE-2011-2853: Use-after-free in plug-in handling.
      Credit to Google Chrome Security Team (SkyLined).
    - High CVE-2011-2854: Use-after-free in ruby / table style handing.
      Credit to Sławomir Błażek, and independent later discoveries by miaubiz
      and Google Chrome Security Team (Inferno).
    - High CVE-2011-2855: Stale node in stylesheet handling.
      Credit to Arthur Gerkis.
    - High CVE-2011-2856: Cross-origin bypass in v8.
      Credit to Daniel Divricean.
    - High CVE-2011-2857: Use-after-free in focus controller. Credit to miaubiz.
    - High CVE-2011-2834: Double free in libxml XPath handling.
      Credit to Yang Dingning from NCNIPC, Graduate University of Chinese
      Academy of Sciences.
    - Medium CVE-2011-2859: Incorrect permissions assigned to non-gallery pages.
      Credit to Bernhard ‘Bruhns’ Brehm of Recurity Labs.
    - High CVE-2011-2860: Use-after-free in table style handling.
      Credit to miaubiz.
    - High CVE-2011-2862: Unintended access to v8 built-in objects.
      Credit to Sergey Glazunov.
    - Medium CVE-2011-2864: Out-of-bounds read with Tibetan characters.
      Credit to Google Chrome Security Team (Inferno).
    - Medium CVE-2011-2858: Out-of-bounds read with triangle arrays. 
      Credit to Google Chrome Security Team (Inferno).
    - Low CVE-2011-2874: Failure to pin a self-signed cert for a session. 
      Credit to Nishant Yadant of VMware and Craig Chamberlain (@randomuserid).
    - High CVE-2011-2875: Type confusion in v8 object sealing.
      Credit to Christian Holler.

 -- Giuseppe Iuculano <email address hidden>  Sat, 17 Sep 2011 21:46:29 +0200

Upload details

Uploaded by:
Debian Chromium Maintainers
Uploaded to:
Original maintainer:
Debian Chromium Maintainers
all i386 amd64 armel
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section



File Size SHA-256 Checksum
chromium-browser_14.0.835.163~r101024-1.dsc 2.5 KiB 77b2ce1f38a409f173a16981fb7f6c74ad9635e33da1512bdd643a11c4952506
chromium-browser_14.0.835.163~r101024.orig.tar.bz2 222.0 MiB d4f21a24bdc6ca96de94299f6eea4a3acc3e1b998db20bff38de88bfdd2b11f6
chromium-browser_14.0.835.163~r101024-1.debian.tar.gz 230.9 KiB 516ce670aa90ac770c97f636a57b55d18276ebbe5936586813dce645afa0be77

No changes file available.

Binary packages built by this source