lp:~matttbe/chromium-browser/lp1013171
- Get this branch:
- bzr branch lp:~matttbe/chromium-browser/lp1013171
Branch merges
- Ken VanDine: Approve
- Chromium team: Pending requested
-
Diff: 82 lines (+17/-8)2 files modifieddebian/apport/chromium-browser.py (+9/-8)
debian/changelog (+8/-0)
Related bugs
Bug #1013171: Many package hooks not ported to python3 | High | Fix Released |
Related blueprints
Branch information
Recent revisions
- 737. By Matthieu Baerts
-
* debian/apport:
- Update apport hook for python3 (LP: #1013171)
patch made with the help of Edward Donovan - 736. By Micah Gersten
-
(merge in ken vandine's 18.0.1025.
168~r134367- 0ubuntu1)
we're forced to merge this broken branch since it's been uploaded already* debian/rules
- include armv7 in GYP_DEFINES for 11.10, 12.04 and 12.10. Fixes
FTBFS on arm (LP: #993080) - 735. By Micah Gersten
-
* New upstream release from the Stable Channel (LP: #992352)
- [106413] High CVE-2011-3078: Use after free in floats handling. Credit to
Google Chrome Security Team (Marty Barbella) and independent later
discovery by miaubiz.
- [117110] High CVE-2012-1521: Use after free in xml parser. Credit to
Google Chrome Security Team (SkyLined) and independent later discovery by
wushi of team509 reported through iDefense VCP (V-874rcfpq7z).
- [117627] Medium CVE-2011-3079: IPC validation failure. Credit to PinkiePie
- [121726] Medium CVE-2011-3080: Race condition in sandbox IPC. Credit to
Willem Pinckaers of Matasano.
- [121899] High CVE-2011-3081: Use after free in floats handling.
Credit to miaubiz. - 733. By Micah Gersten
-
* New upstream release from the Stable Channel (LP: #977502)
- black screen on Hybrid Graphics system with GPU accelerated compositing
enabled (Issue: 117371)
- CSS not applied to <content> element (Issue: 114667)
- Regression rendering a div with background gradient and borders
(Issue: 113726)
- Canvas 2D line drawing bug with GPU acceleration (Issue: 121285)
- Multiple crashes (Issues: 72235, 116825 and 92998)
- Pop-up dialog is at wrong position (Issue: 116045)
- HTML Canvas patterns are broken if you change the transformation matrix
(Issue: 112165)
- SSL interstitial error "proceed anyway" / "back to safety" buttons don't
work (Issue: 119252)
This release fixes the following security issues:
- [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping.
Credit to miaubiz.
- [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to
Sergey Glazunov.
- [117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to
miaubiz.
- [117728] High CVE-2011-3069: Use-after-free in line box handling. Credit
to miaubiz.
- [118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to
Google Chrome Security Team (SkyLined).
- [118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit
to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).
- [118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up
window. Credit to Sergey Glazunov.
- [118593] High CVE-2011-3073: Use-after-free in SVG resource handling.
Credit to Arthur Gerkis.
- [119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit
to Sławomir Błażek.
- [119525] High CVE-2011-3075: Use-after-free applying style command.
Credit to miaubiz.
- [120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to
miaubiz.
- [120189] Medium CVE-2011-3077: Read-after-free in script bindings. Credit
to Google Chrome Security Team (Inferno). - 731. By Micah Gersten
-
* Revert the */bin/* removal as it removes too much, we are already removing *.so and *.o
- update debian/rules - 730. By Micah Gersten
-
* Use tar's --exclude-vcs flag instead of just excluding .svn
- update debian/rules - 729. By Micah Gersten
-
* Strip almost the entire third_party/openssl directory as it's needed only
on android, but is used by the build system
- update debian/rules - 728. By Micah Gersten
-
* Start removing *.so *.so.* and */bin/* from the upstream tarball creation
- update debian/rules
Branch metadata
- Branch format:
- Branch format 6
- Repository format:
- Bazaar pack repository format 1 (needs bzr 0.92)