CVE-2011-2845: URL bar spoof in history handling CVE-2011-3875: URL bar spoof with drag+drop of URLs CVE-2011-3876: Avoid stripping whitespace at the end of download filenames CVE-2011-3877: XSS in appcache internals page. CVE-2011-3878: Race condition in worker process initialization. Credit to miaubiz. CVE-2011-3879: Avoid redirect to chrome scheme URIs. CVE-2011-3880: Donât permit as a HTTP header delimiter CVE-2011-3881: Cross-origin policy violations CVE-2011-3882: Use-after-free in media buffer handling. CVE-2011-3883: Use-after-free in counter handling. CVE-2011-3884: Timing issues in DOM traversal. CVE-2011-3885: Stale style bugs leading to use-after-free. CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler. CVE-2011-3887: Cookie theft with javascript URIs. Credit to Sergey Glazunov. CVE-2011-3888: Use-after-free with plug-in and editing. Credit to miaubiz. CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz. CVE-2011-3890: Use-after-free in video source handling. Credit to Ami Fischman of the Chromium development community. CVE-2011-3891: Exposure of internal v8 functions.
Dmorgan, package ready for the QA ? :D
Assignee: bugsquad => dmorganec
CC: (none) => mailinglistsduraph
If the package is ready for qa, then i586 testing is complte for chromium-browser-stable-15.0.874.102-0.1.mga1.src.rpm Tested using http://www.adobe.com/software/flash/about/ and http://javatester.org/version.html
Blocks: (none) => 3200
Blocks: 3200 => (none)Depends on: (none) => 3200
Please, can you enable the debug package ? see bug 2392 (I know you are not the maintainer but you was)
Ok so reassign for the QA. I don't know if bug 3200 is a block bug of this one. Dmorgan ideas ?
CC: (none) => dmorganecAssignee: dmorganec => qa-bugs
Tested OK x86_64 Used the flash and java tests and some other, more generic, browser testing sites. http://acidtests.org/ http://html5test.com/ http://www.cyscape.com/showbrow.asp We need to know exactly what has been fixed here though. Ping dmorgan
Looking again, Dave already did that for this version, so we can validate. Advisory ---------------------- Chromium-browser update to fix the following CVE's: CVE-2011-2845: URL bar spoof in history handling CVE-2011-3875: URL bar spoof with drag+drop of URLs CVE-2011-3876: Avoid stripping whitespace at the end of download filenames CVE-2011-3877: XSS in appcache internals page. CVE-2011-3878: Race condition in worker process initialization. Credit to miaubiz. CVE-2011-3879: Avoid redirect to chrome scheme URIs. CVE-2011-3880: Donât permit as a HTTP header delimiter CVE-2011-3881: Cross-origin policy violations CVE-2011-3882: Use-after-free in media buffer handling. CVE-2011-3883: Use-after-free in counter handling. CVE-2011-3884: Timing issues in DOM traversal. CVE-2011-3885: Stale style bugs leading to use-after-free. CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler. CVE-2011-3887: Cookie theft with javascript URIs. Credit to Sergey Glazunov. CVE-2011-3888: Use-after-free with plug-in and editing. Credit to miaubiz. CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz. CVE-2011-3890: Use-after-free in video source handling. Credit to Ami Fischman of the Chromium development community. CVE-2011-3891: Exposure of internal v8 functions. For more information please see: http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html -------------------------- SRPM: chromium-browser-stable-15.0.874.102-0.1.mga1.src.rpm Could sysadmin please push from core/updates_testing to core/updates Thankyou!
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsHardware: i586 => All
Update pushed.
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED