lp://qastaging/~chromium-team/chromium-browser/chromium-browser.natty

Created by Fabien Tassin and last modified
Get this branch:
bzr branch lp://qastaging/~chromium-team/chromium-browser/chromium-browser.natty
Members of Chromium team can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Chromium team
Project:
Chromium Browser
Status:
Development

Recent revisions

695. By Micah Gersten

releasing version 18.0.1025.168~r134367-0ubuntu0.11.04.1

694. By Micah Gersten

* New upstream release from the Stable Channel (LP: #992352)
  - [106413] High CVE-2011-3078: Use after free in floats handling. Credit to
    Google Chrome Security Team (Marty Barbella) and independent later
    discovery by miaubiz.
  - [117110] High CVE-2012-1521: Use after free in xml parser. Credit to
    Google Chrome Security Team (SkyLined) and independent later discovery by
    wushi of team509 reported through iDefense VCP (V-874rcfpq7z).
  - [117627] Medium CVE-2011-3079: IPC validation failure. Credit to PinkiePie
  - [121726] Medium CVE-2011-3080: Race condition in sandbox IPC. Credit to
    Willem Pinckaers of Matasano.
  - [121899] High CVE-2011-3081: Use after free in floats handling.
    Credit to miaubiz.

693. By Micah Gersten

releasing version 18.0.1025.151~r130497-0ubuntu0.11.04.1

692. By Micah Gersten

* New upstream release from the Stable Channel (LP: #977502)
  - black screen on Hybrid Graphics system with GPU accelerated compositing
    enabled (Issue: 117371)
  - CSS not applied to <content> element (Issue: 114667)
  - Regression rendering a div with background gradient and borders
    (Issue: 113726)
  - Canvas 2D line drawing bug with GPU acceleration (Issue: 121285)
  - Multiple crashes (Issues: 72235, 116825 and 92998)
  - Pop-up dialog is at wrong position (Issue: 116045)
  - HTML Canvas patterns are broken if you change the transformation matrix
    (Issue: 112165)
  - SSL interstitial error "proceed anyway" / "back to safety" buttons don't
    work (Issue: 119252)
  This release fixes the following security issues:
  - [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping.
    Credit to miaubiz.
  - [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to
    Sergey Glazunov.
  - [117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to
    miaubiz.
  - [117728] High CVE-2011-3069: Use-after-free in line box handling. Credit
    to miaubiz.
  - [118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to
    Google Chrome Security Team (SkyLined).
  - [118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit
    to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).
  - [118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up
    window. Credit to Sergey Glazunov.
  - [118593] High CVE-2011-3073: Use-after-free in SVG resource handling.
    Credit to Arthur Gerkis.
  - [119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit
    to Sławomir Błażek.
  - [119525] High CVE-2011-3075: Use-after-free applying style command.
    Credit to miaubiz.
  - [120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to
    miaubiz.
  - [120189] Medium CVE-2011-3077: Read-after-free in script bindings. Credit
    to Google Chrome Security Team (Inferno).

691. By Micah Gersten

releasing version 18.0.1025.142~r129054-0ubuntu0.11.04.1

690. By Micah Gersten

(merge r676 from chromium-browser.stable)

* New upstream release from the Stable Channel (LP: #968901)
  This release fixes the following security issues:
  - [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in
    EUC-JP. Credit to Masato Kinugawa.
  - [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling.
    Credit to Arthur Gerkis.
  - [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment
    handling. Credit to miaubiz.
  - [116398] Medium CVE-2011-3061: SPDY proxy certificate checking error.
    Credit to Leonidas Kontothanassis of Google.
  - [116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to
    Mateusz Jurczyk of the Google Security Team.
  - [117417] Low CVE-2011-3063: Validate navigation requests from the renderer
    more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie and
    scarybeasts (Google Chrome Security Team).
  - [117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to
    Atte Kettunen of OUSPG.
  - [117588] High CVE-2011-3065: Memory corruption in Skia. Credit to Omair.
  - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
    Holler.
* Add build dependency on libudev-dev to allow for gamepad detection; see
  http://code.google.com/p/chromium/issues/detail?id=79050
  - update debian/control
* Drop dlopen_libgnutls patch as it's been implemented upstream
   - drop debian/patches/dlopen_libgnutls.patch
   - update debian/patches/series
* Start removing *.so and *.so.* from the upstream tarball creation
  - update debian/rules
* Strip almost the entire third_party/openssl directory as it's needed only
  on android, but is used by the build system
  - update debian/rules
* Use tar's --exclude-vcs flag instead of just excluding .svn
  - update debian/rules

689. By Micah Gersten

releasing version 17.0.963.83~r127885-0ubuntu0.11.04.1

688. By Micah Gersten

* New upstream release from the Stable Channel (LP: #961831)
  This release fixes the following security issues:
  - [113902] High CVE-2011-3050: Use-after-free with first-letter handling.
    Credit to miaubiz.
  - [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit
    to Glenn Randers-Pehrson of the libpng project.
  - [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling.
    Credit to Arthur Gerkis.
  - [116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling.
    Credit to Ben Vanik of Google.
  - [116746] High CVE-2011-3053: Use-after-free in block splitting.
    Credit to miaubiz.
  - [117418] Low CVE-2011-3054: Apply additional isolations to webui
    privileges. Credit to Sergey Glazunov.
  - [117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked
    extension installation. Credit to PinkiePie.
  - [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”.
    Credit to Sergey Glazunov.
  - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
    Holler.

687. By Micah Gersten

releasing version 17.0.963.79~r125985-0ubuntu0.11.04.1

686. By Micah Gersten

* New upstream release from the Stable Channel (LP: #952711)
  This release fixes the following security issue:
  - [117620] [117656] Critical CVE-2011-3047: Errant plug-in load and GPU
    process memory corruption. Credit to PinkiePie.

Branch metadata

Branch format:
Branch format 6
Repository format:
Bazaar pack repository format 1 (needs bzr 0.92)
This branch contains Public information 
Everyone can see this information.