SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for chromium-browser-stable-13.0.782.215-1-mdv2011.0.i586.rpm :

* Tue Aug 23 2011 Claudio Matsuoka 13.0.782.215-1mdv2011.0+ Revision: 696328- new upstream release 13.0.782.215 (97094)- security fixes:
* [82552] High CVE-2011-2823: Use-after-free in line box handling
* [88216] High CVE-2011-2824: Use-after-free with counter nodes
* [88670] High CVE-2011-2825: Use-after-free with custom fonts
* [89402] High CVE-2011-2821: Double free in libxml XPath handling
* [87453] High CVE-2011-2826: Cross-origin violation with empty origins
* [90668] High CVE-2011-2827: Use-after-free in text searching
* [91517] High CVE-2011-2828: Out-of-bounds write in v8
* [32-bit only] [91598] High CVE-2011-2829: Integer overflow in uniform arrays- detailed changelog at http://goo.gl/Lzn1m- new upstream release 13.0.782.112 (95650)- move release 13.0.782.107 (94237) from beta to stable- security fixes:
* [78841] High CVE-2011-2359: Stale pointer due to bad line box tracking in rendering.
* [79266] Low CVE-2011-2360: Potential bypass of dangerous file prompt.
* [79426] Low CVE-2011-2361: Improve designation of strings in the basic auth dialog.
* [81307] Medium CVE-2011-2782: File permissions error with drag and drop.
* [83273] Medium CVE-2011-2783: Always confirm a developer mode NPAPI extension install via a browser dialog.
* [83841] Low CVE-2011-2784: Local file path disclosure via GL program log.
* [84402] Low CVE-2011-2785: Sanitize the homepage URL in extensions.
* [84600] Low CVE-2011-2786: Make sure the speech input bubble is always on-screen.
* [84805] Medium CVE-2011-2787: Browser crash due to GPU lock re-entrancy issue.
* [85559] Low CVE-2011-2788: Buffer overflow in inspector serialization.
* [85808] Medium CVE-2011-2789: Use after free in Pepper plug-in instantiation.
* [86502] High CVE-2011-2790: Use-after-free with floating styles.
* [86900] High CVE-2011-2791: Out-of-bounds write in ICU.
* [87148] High CVE-2011-2792: Use-after-free with float removal.
* [87227] High CVE-2011-2793: Use-after-free in media selectors.
* [87298] Medium CVE-2011-2794: Out-of-bounds read in text iteration.
* [87339] Medium CVE-2011-2795: Cross-frame function leak.
* [87548] High CVE-2011-2796: Use-after-free in Skia.
* [87729] High CVE-2011-2797: Use-after-free in resource caching.
* [87815] Low CVE-2011-2798: Prevent a couple of internal schemes from being web accessible.
* [87925] High CVE-2011-2799: Use-after-free in HTML range handling.
* [88337] Medium CVE-2011-2800: Leak of client-side redirect target.
* [88591] High CVE-2011-2802: v8 crash with const lookups.
* [88827] Medium CVE-2011-2803: Out-of-bounds read in Skia paths.
* [88846] High CVE-2011-2801: Use-after-free in frame loader.
* [88889] High CVE-2011-2818: Use-after-free in display box rendering.
* [89142] High CVE-2011-2804: PDF crash with nested functions.
* [89520] High CVE-2011-2805: Cross-origin script injection.
* [90222] High CVE-2011-2819: Cross-origin violation in base URI handling.- detailed changelog at http://goo.gl/25VH4
* Fri Jul 29 2011 Claudio Matsuoka 12.0.742.124-1+ Revision: 692282- new upstream release 112-12.0.742.124 (92024)
* Tue Jun 28 2011 Claudio Matsuoka 12.0.742.112-1+ Revision: 687931- new upstream release 12.0.742.112 (90785)- security fixes:
* [77493] Medium CVE-2011-2345: Out-of-bounds read in NPAPI string handling.
* [84355] High CVE-2011-2346: Use-after-free in SVG font handling.
* [85003] High CVE-2011-2347: Memory corruption in CSS parsing.
* [85102] High CVE-2011-2350: Lifetime and re-entrancy issues in the HTML parser.
* [85177] High CVE-2011-2348: Bad bounds check in v8.
* [85211] High CVE-2011-2351: Use-after-free with SVG use element.
* [85418] High CVE-2011-2349: Use-after-free in text selection.- detailed changelog at http://goo.gl/PPBY4
* Tue Jun 07 2011 Claudio Matsuoka 12.0.742.91-1+ Revision: 683117- new upstream release 12.0.742.91 (stable)
* Hardware accelerated 3D CSS
* New Safe Browsing protection against downloading malicious files
* Ability to delete Flash cookies from inside Chrome
* Launch Apps by name from the Omnibox
* Integrated Sync into new settings pages
* Improved screen reader support
* New warning when hitting Command-Q on Mac
* Removal of Google Gears- security fixes
* [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues in float handling
* [75496] Medium CVE-2011-1809: Use-after-free in accessibility support
* [75643] Low CVE-2011-1810: Visit history information leak in CSS
* [76034] Low CVE-2011-1811: Browser crash with lots of form submissions
* [77026] Medium CVE-2011-1812: Extensions permission bypass
* [78516] High CVE-2011-1813: Stale pointer in extension framework
* [79362] Medium CVE-2011-1814: Read from uninitialized pointer
* [79862] Low CVE-2011-1815: Extension script injection into new tab page
* [80358] Medium CVE-2011-1816: Use-after-free in developer tools
* [81916] Medium CVE-2011-1817: Browser memory corruption in history deletion
* [81949] High CVE-2011-1818: Use-after-free in image loader
* [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages
* [83275] High CVE-2011-2332: Same origin bypass in v8
* [83743] High CVE-2011-2342: Same origin bypass in DOM- copy release 12.0.742.91 from beta to stable
* Wed May 25 2011 Claudio Matsuoka 11.0.696.71-1+ Revision: 678989- new upstream release 11.0.696.71 (stable)- security fixes
* [72189] Low CVE-2011-1801: Pop-up blocker bypass.
* [$1000] [82546] High CVE-2011-1804: Stale pointer in floats rendering.
* [82873] Critical CVE-2011-1806: Memory corruption in GPU command buffer.
* [82903] Critical CVE-2011-1807: Out-of-bounds write in blob handling.- bug fixes
* REGRESSION: selection extended by arrow keys flickers on LinkedIn.com. (Issue 83197).
* Have ConnectBackupJob try IPv4 first to hide potential long IPv6 connect timeout (Issue 81686).
* Thu May 12 2011 Claudio Matsuoka 11.0.696.68-1+ Revision: 673982- new upstream release 11.0.696.68 (stable)- security fixes
* [64046] High CVE-2011-1799: Bad casts in Chromium WebKit glue.
* [80608] High CVE-2011-1800: Integer overflows in SVG filters.
* Sat May 07 2011 Claudio Matsuoka 11.0.696.65-1+ Revision: 671613- new upstream release 11.0.696.65 (stable)
* fix issue 80580: After deleting bookmarks on the Bookmark managers, the bookmark bar doesn\'t display properly with existing bookmarks.
* Fri Apr 29 2011 Claudio Matsuoka 11.0.696.57-1+ Revision: 660171- new upstream release 11.0.696.57 (stable)- security fixes:
* [61502] High CVE-2011-1303: Stale pointer in floating object handling
* [70538] Low CVE-2011-1304: Pop-up block bypass via plug-ins
* [70589] Medium CVE-2011-1305: Linked-list race in database handling
* [71586] Medium CVE-2011-1434: Lack of thread safety in MIME handling
* [72523] Medium CVE-2011-1435: Bad extension with tabs permission can capture local files
* [72910] Low CVE-2011-1436: Possible browser crash due to bad interaction with X
* [73526] High CVE-2011-1437: Integer overflows in float rendering
* [74653] High CVE-2011-1438: Same origin policy violation with blobs
* [74763] High CVE-2011-1439: Prevent interference between renderer processes
* [75186] High CVE-2011-1440: Use-after-free with tag and CSS
* [75347] High CVE-2011-1441: Bad cast with floating select lists
* [75801] High CVE-2011-1442: Corrupt node trees with mutation events
* [76001] High CVE-2011-1443: Stale pointers in layering code
* [76542] High CVE-2011-1444: Race condition in sandbox launcher
* [76646] Medium CVE-2011-1445: Out-of-bounds read in SVG
* [76666] [77507] [78031] High CVE-2011-1446: Possible URL bar spoofs with navigation errors and interrupted loads
* [76966] High CVE-2011-1447: Stale pointer in drop-down list handling
* [77130] High CVE-2011-1448: Stale pointer in height calculations
* [77346] High CVE-2011-1449: Use-after-free in WebSockets
* [77349] Low CVE-2011-1450: Dangling pointers in file dialogs
* [77463] High CVE-2011-1451: Dangling pointers in DOM id map
* [77786] Medium CVE-2011-1452: URL bar spoof with redirect and manual reload
* [79199] High CVE-2011-1454: Use-after-free in DOM id handling
* [79361] Medium CVE-2011-1455: Out-of-bounds read with multipart-encoded PDF
* [79364] High CVE-2011-1456: Stale pointers with PDF forms- detailed changelog at http://goo.gl/arI9m- copy Chromium 11 sources from beta to stable- remove Chromium 10 source files
* Fri Apr 15 2011 Claudio Matsuoka 10.0.648.205-1+ Revision: 653084- new upstream release 10.0.648.205 (stable)
* Fix issue 75629: CVE-2011-1301: Use-after-free in the GPU process
* Fix issue 78524: CVE-2011-1302: Heap overflow in the GPU process- detailed changelog at http://goo.gl/wJg8b
* Mon Apr 04 2011 Claudio Matsuoka 10.0.648.204-2+ Revision: 650370- update chromium-browser package group- bump release for buildsystem debug
* Fri Mar 25 2011 Claudio Matsuoka 10.0.648.204-1+ Revision: 648498- new upstream release 10.0.648.204 (stable)
* support for password manager
* performance and stability fixes
* fix CVE-2011-1291: Buffer error in base string handling
* fix CVE-2011-1292: Use-after-free in the frame loader
* fix CVE-2011-1293: Use-after-free in HTMLCollection
* fix CVE-2011-1294: Stale pointer in CSS handling
* fix CVE-2011-1295: DOM tree corruption with broken node parentage
* fix CVE-2011-1296: Stale pointer in SVG text handling- fix some system library settings introduced in revision 647139 + Funda Wang - build with more system libs
* Fri Mar 18 2011 Claudio Matsuoka 10.0.648.151-1+ Revision: 646282- new upstream release 10.0.648.151 (stable)
* blacklist a small number of HTTPS certificates
* Sat Mar 12 2011 Claudio Matsuoka 10.0.648.133-1+ Revision: 644042- new upstream release 10.0.648.133 (stable)
* [CVE-2011-1290] fix memory corruption in style handling- check presence of patch files
* Fri Mar 11 2011 Claudio Matsuoka 10.0.648.127-2+ Revision: 643848- apply patches correctly
* Wed Mar 09 2011 Claudio Matsuoka 10.0.648.127-1+ Revision: 643105- new upstream release 10.0.648.127 (stable)
* New version of V8 which greatly improves javascript performance
* New settings pages that open in a tab, rather than a dialog box
* Improved security with malware reporting and disabling outdated plugins by default
* Password sync as part of Chrome Sync now enabled by default
* GPU Accelerated Video
* Background WebApps
* webNavigation extension API- annoucement and security fix list: http://goo.gl/PWdBi- move chromium patch 10.0.648.114 from beta channel to stable- move chromium patch 10.0.648.82 from beta channel to stable- move chromium patch 10.0.648.127 from beta channel to stable- move chromium patch 10.0.648.126 from beta channel to stable- move chromium 10.0.648.45 from beta channel to stable- move patch from beta channel to stable- move patch from beta channel to stable
* Tue Mar 01 2011 Claudio Matsuoka 9.0.597.107-1+ Revision: 641075- new upstream release 9.0.597.107 (stable)- contains security fixes, see detais at http://goo.gl/rkTSm- add beta browser to the downgrade notice in spec description
* Sat Feb 12 2011 Claudio Matsuoka 9.0.597.98-1+ Revision: 637364- new upstream version 9.0.597.98- add conflicts to beta channel browser- add obsoletes entry for old (canary) chromium-browser package
* Thu Feb 10 2011 Claudio Matsuoka 9.0.597.94-1+ Revision: 637082- imported package chromium-browser-stable
  
ICM