[Desktop-packages] [Bug 1132568] Re: Please update to 25.0.1364.152

[ilf]

And another release: http://googlechromereleases.blogspot.de/2013/03
/stable-channel-update_4.html

The new CVEs:

    [$1000] [176882] High CVE-2013-0902: Use-after-free in frame loader. Credit 
to Chamal de Silva.
    [$1000] [176252] High CVE-2013-0903: Use-after-free in browser navigation 
handling. Credit to “chromium.khalil”.
    [$2000] [172926] [172331] High CVE-2013-0904: Memory corruption in Web 
Audio. Credit to Atte Kettunen of OUSPG.
    [$1000] [168982] High CVE-2013-0905: Use-after-free with SVG animations. 
Credit to Atte Kettunen of OUSPG.
    [174895] High CVE-2013-0906: Memory corruption in Indexed DB. Credit to 
Google Chrome Security Team (Jüri Aedla).
    [174150] Medium CVE-2013-0907: Race condition in media thread handling. 
Credit to Andrew Scherkus of the Chromium development community.
    [174059] Medium CVE-2013-0908: Incorrect handling of bindings for extension 
processes.
    [173906] Low CVE-2013-0909: Referer leakage with XSS Auditor. Credit to 
Egor Homakov.
    [172573] Medium CVE-2013-0910: Mediate renderer -> browser plug-in loads 
more strictly. Credit to Google Chrome Security Team (Chris Evans).
    [172264] High CVE-2013-0911: Possible path traversal in database handling. 
Credit to Google Chrome Security Team (Jüri Aedla).

** Summary changed:

- Please update to 25.0.1364.97
+ Please update to 25.0.1364.152

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0902

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0903

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0904

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0905

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0906

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0907

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0908

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0909

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0910

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0911

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1132568

Title:
  Please update to 25.0.1364.152

Status in “chromium-browser” package in Ubuntu:
  Triaged
Status in “chromium-browser” source package in Lucid:
  Triaged
Status in “chromium-browser” source package in Oneiric:
  Triaged
Status in “chromium-browser” source package in Precise:
  Triaged
Status in “chromium-browser” source package in Quantal:
  Triaged
Status in “chromium-browser” source package in Raring:
  Triaged

Bug description:
  Please update chromium-browser 25.0.1364.97 [1]. v25 fixes several new
  security issues.

  [1]http://googlechromereleases.blogspot.com/2013/02/stable-channel-
  update_21.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1132568/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp