** Summary changed:
- Update to 15.0.874.102
+ Update to 15.0.874.102/106
** Description changed:
New Chromium release from the stable channel.
Security fixes:
[86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to
Jordi Chancel.
[88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to
Jordi Chancel.
[90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of download
filenames. Credit to Marc Novak.
[91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to Google
Chrome Security Team (Tom Sepez) plus independent discovery by Juho Nurminen.
[94487] Medium CVE-2011-3878: Race condition in worker process
initialization. Credit to miaubiz.
[95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to
Masato Kinugawa.
[95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit
to Vladimir Vorontsov, ONsec company.
[96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin
policy violations. Credit to Sergey Glazunov.
[96292] High CVE-2011-3882: Use-after-free in media buffer handling. Credit
to Google Chrome Security Team (Inferno).
[96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to
miaubiz.
[97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian
Ryner of the Chromium development community.
[97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale
style bugs leading to use-after-free. Credit to miaubiz.
[98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to
Christian Holler.
[98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to
Sergey Glazunov.
[99138] High CVE-2011-3888: Use-after-free with plug-in and editing. Credit
to miaubiz.
[99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
[99553] High CVE-2011-3890: Use-after-free in video source handling. Credit
to Ami Fischman of the Chromium development community.
[100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to
Steven Keuchel of the Chromium development community plus independent discovery
by Daniel Divricean.
+
+
+ 15.0.874.106 is a stability update to fix a regression:
+ The Stable channel has been updated to 15.0.874.106 for Windows, Mac, Linux,
and Chrome Frame. This release fixes login issues to Barrons Online and The
Wall Street Journal (Issue 101274).
** Changed in: chromium-browser (Ubuntu Precise)
Status: Fix Released => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/881786
Title:
Update to 15.0.874.102/106
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/881786/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
