Overview Details Repositories Revisions Requests Users Attributes Meta
update for chromium, v8

- Update to 19.0.1079
Security Fixes (bnc#754456):
* High CVE-2011-3050: Use-after-free with first-letter handling
* High CVE-2011-3045: libpng integer issue from upstream
* High CVE-2011-3051: Use-after-free in CSS cross-fade handling
* High CVE-2011-3052: Memory corruption in WebGL canvas handling
* High CVE-2011-3053: Use-after-free in block splitting
* Low CVE-2011-3054: Apply additional isolations to webui
privileges
* Low CVE-2011-3055: Prompt in the browser native UI for unpacked
extension installation
* High CVE-2011-3056: Cross-origin violation with “magic iframe”.
* Low CVE-2011-3049: Extension web request API can interfere with
system requests
Other Fixes:
* The short-cut key for caps lock (Shift + Search) is disabled
when an accessibility screen reader is enabled
* Fixes an issue with files not being displayed in File Manager
when some file names contain UTF-8 characters (generally
accented characters)
* Fixed dialog boxes in settings. (Issue: 118031)
* Fixed flash videos turning white on mac when running with
--disable-composited-core-animation-plugins (Issue: 117916)
* Change to look for correctly sized favicon when multiple images
are provided. (Issue: 118275)
* Fixed issues - 116044, 117470, 117068, 117668, 118620

- Update to 19.0.1077

- Update to 19.0.1074
- Build Chromium on openSUSE > 12.1 with the gold linker
- Fix build issues with GCC 4.7

- Update to 19.0.1071
* Several fixes and improvements in the new Settings, Extensions,
and Help pages.
* Fixed the flashing when switched between composited and
non-composited mode. [Issue: 116603]
* Fixed stability issues 116913, 117217, 117347, 117081

Fixed bugs
bnc#754456
chromium 17.0.963.83
CVE-CVE-2011-3045
Integer signedness error in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted
CVE-CVE-2011-3049
Google Chrome before 17.0.963.83 does not properly restrict the extension web request API, which allows remote attackers to cause a denial of service (disrupted system requests) via a crafted extension.
CVE-CVE-2011-3055
The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension.
CVE-CVE-2011-3054
The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
CVE-CVE-2011-3056
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."
CVE-CVE-2011-3051
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade functi
CVE-CVE-2011-3050
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pse
CVE-CVE-2011-3053
Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.
CVE-CVE-2011-3052
The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Selected Binaries
openSUSE Build Service is sponsored by
Places