- Tue Jun 28 2011 Claudio Matsuoka <claudio@mandriva.com> 12.0.742.112-1mdv2011.0
+ Revision: 687931
- new upstream release 12.0.742.112 (90785)
- security fixes:
* [77493] Medium CVE-2011-2345: Out-of-bounds read in NPAPI string handling.
* [84355] High CVE-2011-2346: Use-after-free in SVG font handling.
* [85003] High CVE-2011-2347: Memory corruption in CSS parsing.
* [85102] High CVE-2011-2350: Lifetime and re-entrancy issues in the HTML
parser.
* [85177] High CVE-2011-2348: Bad bounds check in v8.
* [85211] High CVE-2011-2351: Use-after-free with SVG use element.
* [85418] High CVE-2011-2349: Use-after-free in text selection.
- detailed changelog at http://goo.gl/PPBY4 - Tue Jun 7 2011 Claudio Matsuoka <claudio@mandriva.com> 12.0.742.91-1
+ Revision: 683117
- new upstream release 12.0.742.91 (stable)
* Hardware accelerated 3D CSS
* New Safe Browsing protection against downloading malicious files
* Ability to delete Flash cookies from inside Chrome
* Launch Apps by name from the Omnibox
* Integrated Sync into new settings pages
* Improved screen reader support
* New warning when hitting Command-Q on Mac
* Removal of Google Gears
- security fixes
* [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues
in float handling
* [75496] Medium CVE-2011-1809: Use-after-free in accessibility support
* [75643] Low CVE-2011-1810: Visit history information leak in CSS
* [76034] Low CVE-2011-1811: Browser crash with lots of form submissions
* [77026] Medium CVE-2011-1812: Extensions permission bypass
* [78516] High CVE-2011-1813: Stale pointer in extension framework
* [79362] Medium CVE-2011-1814: Read from uninitialized pointer
* [79862] Low CVE-2011-1815: Extension script injection into new tab page
* [80358] Medium CVE-2011-1816: Use-after-free in developer tools
* [81916] Medium CVE-2011-1817: Browser memory corruption in history
deletion
* [81949] High CVE-2011-1818: Use-after-free in image loader
* [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages
* [83275] High CVE-2011-2332: Same origin bypass in v8
* [83743] High CVE-2011-2342: Same origin bypass in DOM
- copy release 12.0.742.91 from beta to stable - Wed May 25 2011 Claudio Matsuoka <claudio@mandriva.com> 11.0.696.71-1
+ Revision: 678989
- new upstream release 11.0.696.71 (stable)
- security fixes
* [72189] Low CVE-2011-1801: Pop-up blocker bypass.
* [$1000] [82546] High CVE-2011-1804: Stale pointer in floats rendering.
* [82873] Critical CVE-2011-1806: Memory corruption in GPU command buffer.
* [82903] Critical CVE-2011-1807: Out-of-bounds write in blob handling.
- bug fixes
* REGRESSION: selection extended by arrow keys flickers on LinkedIn.com.
(Issue 83197).
* Have ConnectBackupJob try IPv4 first to hide potential long IPv6 connect
timeout (Issue 81686). - Thu May 12 2011 Claudio Matsuoka <claudio@mandriva.com> 11.0.696.68-1
+ Revision: 673982
- new upstream release 11.0.696.68 (stable)
- security fixes
* [64046] High CVE-2011-1799: Bad casts in Chromium WebKit glue.
* [80608] High CVE-2011-1800: Integer overflows in SVG filters. - Sat May 7 2011 Claudio Matsuoka <claudio@mandriva.com> 11.0.696.65-1
+ Revision: 671613
- new upstream release 11.0.696.65 (stable)
* fix issue 80580: After deleting bookmarks on the Bookmark managers,
the bookmark bar doesn't display properly with existing bookmarks. - Fri Apr 29 2011 Claudio Matsuoka <claudio@mandriva.com> 11.0.696.57-1
+ Revision: 660171
- new upstream release 11.0.696.57 (stable)
- security fixes:
* [61502] High CVE-2011-1303: Stale pointer in floating object handling
* [70538] Low CVE-2011-1304: Pop-up block bypass via plug-ins
* [70589] Medium CVE-2011-1305: Linked-list race in database handling
* [71586] Medium CVE-2011-1434: Lack of thread safety in MIME handling
* [72523] Medium CVE-2011-1435: Bad extension with tabs permission can
capture local files
* [72910] Low CVE-2011-1436: Possible browser crash due to bad interaction
with X
* [73526] High CVE-2011-1437: Integer overflows in float rendering
* [74653] High CVE-2011-1438: Same origin policy violation with blobs
* [74763] High CVE-2011-1439: Prevent interference between renderer
processes
* [75186] High CVE-2011-1440: Use-after-free with tag and CSS
* [75347] High CVE-2011-1441: Bad cast with floating select lists
* [75801] High CVE-2011-1442: Corrupt node trees with mutation events
* [76001] High CVE-2011-1443: Stale pointers in layering code
* [76542] High CVE-2011-1444: Race condition in sandbox launcher
* [76646] Medium CVE-2011-1445: Out-of-bounds read in SVG
* [76666] [77507] [78031] High CVE-2011-1446: Possible URL bar spoofs with
navigation errors and interrupted loads
* [76966] High CVE-2011-1447: Stale pointer in drop-down list handling
* [77130] High CVE-2011-1448: Stale pointer in height calculations
* [77346] High CVE-2011-1449: Use-after-free in WebSockets
* [77349] Low CVE-2011-1450: Dangling pointers in file dialogs
* [77463] High CVE-2011-1451: Dangling pointers in DOM id map
* [77786] Medium CVE-2011-1452: URL bar spoof with redirect and manual
reload
* [79199] High CVE-2011-1454: Use-after-free in DOM id handling
* [79361] Medium CVE-2011-1455: Out-of-bounds read with multipart-encoded
PDF
* [79364] High CVE-2011-1456: Stale pointers with PDF forms
- detailed changelog at http://goo.gl/arI9m
- copy Chromium 11 sources from beta to stable
- remove Chromium 10 source files - Fri Apr 15 2011 Claudio Matsuoka <claudio@mandriva.com> 10.0.648.205-1
+ Revision: 653084
- new upstream release 10.0.648.205 (stable)
* Fix issue 75629: CVE-2011-1301: Use-after-free in the GPU process
* Fix issue 78524: CVE-2011-1302: Heap overflow in the GPU process
- detailed changelog at http://goo.gl/wJg8b - Mon Apr 4 2011 Claudio Matsuoka <claudio@mandriva.com> 10.0.648.204-2
+ Revision: 650370
- update chromium-browser package group
- bump release for buildsystem debug - Fri Mar 25 2011 Claudio Matsuoka <claudio@mandriva.com> 10.0.648.204-1
+ Revision: 648498
- new upstream release 10.0.648.204 (stable)
* support for password manager
* performance and stability fixes
* fix CVE-2011-1291: Buffer error in base string handling
* fix CVE-2011-1292: Use-after-free in the frame loader
* fix CVE-2011-1293: Use-after-free in HTMLCollection
* fix CVE-2011-1294: Stale pointer in CSS handling
* fix CVE-2011-1295: DOM tree corruption with broken node parentage
* fix CVE-2011-1296: Stale pointer in SVG text handling
- fix some system library settings introduced in revision 647139
+ Funda Wang
- build with more system libs - Fri Mar 18 2011 Claudio Matsuoka <claudio@mandriva.com> 10.0.648.151-1
+ Revision: 646282
- new upstream release 10.0.648.151 (stable)
* blacklist a small number of HTTPS certificates - Sat Mar 12 2011 Claudio Matsuoka <claudio@mandriva.com> 10.0.648.133-1
+ Revision: 644042
- new upstream release 10.0.648.133 (stable)
* [CVE-2011-1290] fix memory corruption in style handling
- check presence of patch files - Fri Mar 11 2011 Claudio Matsuoka <claudio@mandriva.com> 10.0.648.127-2
+ Revision: 643848
- apply patches correctly - Wed Mar 9 2011 Claudio Matsuoka <claudio@mandriva.com> 10.0.648.127-1
+ Revision: 643105
- new upstream release 10.0.648.127 (stable)
* New version of V8 which greatly improves javascript performance
* New settings pages that open in a tab, rather than a dialog box
* Improved security with malware reporting and disabling outdated plugins
by default
* Password sync as part of Chrome Sync now enabled by default
* GPU Accelerated Video
* Background WebApps
* webNavigation extension API
- annoucement and security fix list: http://goo.gl/PWdBi
- move chromium patch 10.0.648.114 from beta channel to stable
- move chromium patch 10.0.648.82 from beta channel to stable
- move chromium patch 10.0.648.127 from beta channel to stable
- move chromium patch 10.0.648.126 from beta channel to stable
- move chromium 10.0.648.45 from beta channel to stable
- move patch from beta channel to stable
- move patch from beta channel to stable - Tue Mar 1 2011 Claudio Matsuoka <claudio@mandriva.com> 9.0.597.107-1
+ Revision: 641075
- new upstream release 9.0.597.107 (stable)
- contains security fixes, see detais at http://goo.gl/rkTSm
- add beta browser to the downgrade notice in spec description - Sat Feb 12 2011 Claudio Matsuoka <claudio@mandriva.com> 9.0.597.98-1
+ Revision: 637364
- new upstream version 9.0.597.98
- add conflicts to beta channel browser
- add obsoletes entry for old (canary) chromium-browser package - Thu Feb 10 2011 Claudio Matsuoka <claudio@mandriva.com> 9.0.597.94-1
+ Revision: 637082
- imported package chromium-browser-stable