Package: chromium-browser Version: 12.0.742.112~r90304-1 Severity: wishlist
*** Please type your report below this line *** Hi all, Google Chrome released 13.0.782.107 and one can find the relevant posting here :- http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html This is the changelog given :- [75821] Medium CVE-2011-2358: Always confirm an extension install via a browser dialog. Credit to Sergey Glazunov. [$1000 each] [78841] High CVE-2011-2359: Stale pointer due to bad line box tracking in rendering. Credit to miaubiz and Martin Barbella. [79266] Low CVE-2011-2360: Potential bypass of dangerous file prompt. Credit to kuzzcc. [79426] Low CVE-2011-2361: Improve designation of strings in the basic auth dialog. Credit to kuzzcc. [Linux only] [81307] Medium CVE-2011-2782: File permissions error with drag and drop. Credit to Evan Martin of the Chromium development community. [83273] Medium CVE-2011-2783: Always confirm a developer mode NPAPI extension install via a browser dialog. Credit to Sergey Glazunov. [83841] Low CVE-2011-2784: Local file path disclosure via GL program log. Credit to kuzzcc. [84402] Low CVE-2011-2785: Sanitize the homepage URL in extensions. Credit to kuzzcc. [84600] Low CVE-2011-2786: Make sure the speech input bubble is always on-screen. Credit to Olli Pettay of Mozilla. [84805] Medium CVE-2011-2787: Browser crash due to GPU lock re-entrancy issue. Credit to kuzzcc. [85559] Low CVE-2011-2788: Buffer overflow in inspector serialization. Credit to Mikołaj Małecki. [$500 each] [85808] Medium CVE-2011-2789: Use after free in Pepper plug-in instantiation. Credit to Mario Gomes and kuzzcc. [$1000] [86502] High CVE-2011-2790: Use-after-free with floating styles. Credit to miaubiz. [$1000] [86900] High CVE-2011-2791: Out-of-bounds write in ICU. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences. [$1000] [87148] High CVE-2011-2792: Use-after-free with float removal. Credit to miaubiz. [$1000] [87227] High CVE-2011-2793: Use-after-free in media selectors. Credit to miaubiz. [$500] [87298] Medium CVE-2011-2794: Out-of-bounds read in text iteration. Credit to miaubiz. [$500] [87339] Medium CVE-2011-2795: Cross-frame function leak. Credit to Shih Wei-Long. [87548] High CVE-2011-2796: Use-after-free in Skia. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community. [$1000] [87729] High CVE-2011-2797: Use-after-free in resource caching. Credit to miaubiz. [87815] Low CVE-2011-2798: Prevent a couple of internal schemes from being web accessible. Credit to sirdarckcat of the Google Security Team. [$1000] [87925] High CVE-2011-2799: Use-after-free in HTML range handling. Credit to miaubiz. [$500] [88337] Medium CVE-2011-2800: Leak of client-side redirect target. Credit to Juho Nurminen. [$1000] [88591] High CVE-2011-2802: v8 crash with const lookups. Credit to Christian Holler. [88827] Medium CVE-2011-2803: Out-of-bounds read in Skia paths. Credit to Google Chrome Security Team (Inferno). [$1000] [88846] High CVE-2011-2801: Use-after-free in frame loader. Credit to miaubiz. [$1000] [88889] High CVE-2011-2818: Use-after-free in display box rendering. Credit to Martin Barbella. [$500] [89142] High CVE-2011-2804: PDF crash with nested functions. Credit to Aki Helin of OUSPG. [$1500] [89520] High CVE-2011-2805: Cross-origin script injection. Credit to Sergey Glazunov. [$1500] [90222] High CVE-2011-2819: Cross-origin violation in base URI handling. Credit to Sergey Glazunov. basically seem to be lot of security and couple of memory/rendering fixes. -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_IN, LC_CTYPE=en_IN (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages chromium-browser depends on: ii chromium 12.0.742.112~r90304-1 Chromium browser chromium-browser recommends no packages. chromium-browser suggests no packages. -- no debconf information -- Regards, Shirish Agarwal शिरीष अग्रवाल My quotes in this email licensed under CC 3.0 http://creativecommons.org/licenses/by-nc/3.0/ http://flossexperiences.wordpress.com 065C 6D79 A68C E7EA 52B3 8D70 950D 53FB 729A 8B17 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
