[Desktop-packages] [Bug 1025111] Re: (CVE-2012-2842)

Dmitry Shachnev Mon, 15 Oct 2012 05:03:06 -0700

https://launchpad.net/ubuntu/+source/chromium-
browser/22.0.1229.79~r158531-0ubuntu1


chromium-browser (22.0.1229.79~r158531-0ubuntu1) quantal-proposed;
urgency=low

  * New upstream release from the Stable Channel
  * debian/control
    - fixed typo in description for chromium-codecs-ffmpeg
  * debian/patches/fix-armhf-ftbfs.patch
    - Dropped, no longer needed
  * debian/chromium-browser.install
    - Install demo extension
  * debian/rules
    - Updated INSTALL_EXCLUDE_FILES
    - build with gcc 4.7
  * debian/patches/1-infobars.patch,
    debian/patches/2-get-domain-tld.patch,
    debian/patches/3-chrome-xid.patch,
    debian/patches/4-chromeless-window-launch-option.patch,
    debian/patches/5-desktop-integration-settings.patch,
    debian/patches/fix-1034541.patch
    - Updated for v22
  * debian/patches/6-passwordless-install-support.patch
    - Webapp package installation (LP: #1059460)
  * debian/patches/7-plugin-status.patch
    - Don't block npapi plugins on linux, which is required by
      unity-chromium-extension

 -- Ken VanDine <[email protected]>   Fri, 12 Oct 2012 09:31:11
-0400

** Changed in: chromium-browser (Ubuntu)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1025111

Title:
  (CVE-2012-2842) <chromium-browser-20.0.1132.57 : use-after-free
  vulnerability (CVE-2012-{2842,2843,2844})

Status in “chromium-browser” package in Ubuntu:
  Fix Released
Status in Gentoo Linux:
  Fix Released

Bug description:
  The Stable channel has been updated to 20.0.1132.57 for Windows, Mac,
  Linux, and Chrome Frame. Along with below mentioned security fixes,
  this build contains an update to Flash player, v8 (3.10.8.20) and
  couple of stability/bug fixes.

  
  Security fixes and rewards:

  Please see the Chromium security page for more detail. Note that the
  referenced bugs may be kept private until a majority of our users are
  up to date with the fix.

  [$1000] [129898] High CVE-2012-2842: Use-after-free in counter handling. 
Credit to miaubiz.
  [$1000] [130595] High CVE-2012-2843: Use-after-free in layout height 
tracking. Credit to miaubiz.
  [133450] High CVE-2012-2844: Bad object access with JavaScript in PDF. Credit 
to Alexey Samsonov of Google.

  http://googlechromereleases.blogspot.com/2012/07/stable-channel-
  update.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1025111/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1025111] Re: (CVE-2012-2842)

Reply via email to