This bug was fixed in the package chromium-browser -
11.0.696.71~r86024-0ubuntu0.10.10.1
---------------
chromium-browser (11.0.696.71~r86024-0ubuntu0.10.10.1) maverick-security;
urgency=low
[ Fabien Tassin <f...@ubuntu.com> ]
* New Minor upstream release from the Stable Channel (LP: #787846)
This release fixes the following security issues:
+ WebKit issues:
- [72189] Low, CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De
Silva.
- [82546] High, CVE-2011-1804: Stale pointer in floats rendering. Credit
to Martin Barbella.
- [82903] Critical, CVE-2011-1807: Out-of-bounds write in blob handling.
Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany
of the Chromium development community.
+ GPU/WebGL issue:
- [82873] Critical, CVE-2011-1806: Memory corruption in GPU command
buffer. Credit to Google Chrome Security Team (Cris Neckar).
* Update the svg icon once again, the previous one contained an embedded png
(LP: #748881)
- update debian/chromium-browser.svg
-- Micah Gersten <mic...@ubuntu.com> Wed, 25 May 2011 17:12:59 -0500
** Changed in: chromium-browser (Ubuntu Natty)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/787846
Title:
11.0.696.68 -> 11.0.696.71
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
