*** This bug is a security vulnerability *** Public security bug reported:
And again a new stable release with lots of security fixes: http://googlechromereleases.blogspot.com/2013/08/stable-channel- update.html Here are the CVEs: CVE-2013-2887: Various fixes from internal audits, fuzzing and other initiatives (Chrome 29). CVE-2013-2900: Incomplete path sanitization in file handling. CVE-2013-2901: Integer overflow in ANGLE. CVE-2013-2902: Use after free in XSLT. CVE-2013-2903: Use after free in media element. CVE-2013-2904: Use after free in document parsing. CVE-2013-2905: Information leak via overly broad permissions on shared memory files. (I should write a script for this.) ** Affects: chromium-browser (Ubuntu) Importance: Undecided Status: New ** Information type changed from Private Security to Public Security ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-2887 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-2900 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-2901 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-2902 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-2903 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-2904 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-2905 ** Description changed: And again a new stable release with lots of security fixes: - googlechromereleases.blogspot.com/2013/08/stable-channel-update.html + http://googlechromereleases.blogspot.com/2013/08/stable-channel- + update.html Here are the CVEs: CVE-2013-2887: Various fixes from internal audits, fuzzing and other initiatives (Chrome 29). CVE-2013-2900: Incomplete path sanitization in file handling. - CVE-2013-2901: Integer overflow in ANGLE. - CVE-2013-2902: Use after free in XSLT. - CVE-2013-2903: Use after free in media element. - CVE-2013-2904: Use after free in document parsing. + CVE-2013-2901: Integer overflow in ANGLE. + CVE-2013-2902: Use after free in XSLT. + CVE-2013-2903: Use after free in media element. + CVE-2013-2904: Use after free in document parsing. CVE-2013-2905: Information leak via overly broad permissions on shared memory files. (I should write a script for this.) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1215361 Title: Please update to 29.0.1547.57 Status in “chromium-browser” package in Ubuntu: New Bug description: And again a new stable release with lots of security fixes: http://googlechromereleases.blogspot.com/2013/08/stable-channel- update.html Here are the CVEs: CVE-2013-2887: Various fixes from internal audits, fuzzing and other initiatives (Chrome 29). CVE-2013-2900: Incomplete path sanitization in file handling. CVE-2013-2901: Integer overflow in ANGLE. CVE-2013-2902: Use after free in XSLT. CVE-2013-2903: Use after free in media element. CVE-2013-2904: Use after free in document parsing. CVE-2013-2905: Information leak via overly broad permissions on shared memory files. (I should write a script for this.) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1215361/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
