This bug was fixed in the package chromium-browser -
15.0.874.120~r108895-0ubuntu1
---------------
chromium-browser (15.0.874.120~r108895-0ubuntu1) precise; urgency=low
* New upstream release from the Stable Channel (LP: #889711)
This release fixes the following security issues:
- [100465] High CVE-2011-3892: Double free in Theora decoder. Credit to Aki
Helin of OUSPG.
- [100492] [100543] Medium CVE-2011-3893: Out of bounds reads in MKV and
Vorbis media handlers. Credit to Aki Helin of OUSPG.
- [101172] High CVE-2011-3894: Memory corruption regression in VP8 decoding.
Credit to Andrew Scherkus of the Chromium development community.
- [101458] High CVE-2011-3895: Heap overflow in Vorbis decoder. Credit to
Aki Helin of OUSPG.
- [101624] High CVE-2011-3896: Buffer overflow in shader variable mapping.
Credit to Ken “strcpy” Russell of the Chromium development community.
- [102242] High CVE-2011-3897: Use-after-free in editing. Credit to pa_kt
reported through ZDI (ZDI-CAN-1416).
-- Micah Gersten <mic...@ubuntu.com> Sun, 13 Nov 2011 00:11:03 -0600
** Changed in: chromium-browser (Ubuntu Precise)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3892
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3893
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3894
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3895
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3896
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3897
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/889711
Title:
Update to 15.0.874.120
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/889711/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
