From 66d5aa3286506cff7ef050cefc19596057cd3510 Mon Sep 17 00:00:00 2001 From: rene Date: Tue, 1 Mar 2011 18:15:39 +0000 Subject: Document Chromium versions 9.0.597.[84,94,107] Obtained from: http://googlechromereleases.blogspot.com/search/label/Stable%20updates --- security/vuxml/vuln.xml | 73 +++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 71 insertions(+), 2 deletions(-) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 7537fd9b6000..6f8cc303f75b 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -2002,13 +2002,82 @@ Note: Please add new entries to the beginning of this file. chromium - 8.0.552.237 + 9.0.597.107

Google Chrome Releases reports:

+
Fixed in 9.0.597.107:
+ [54262] High URL bar spoof. Credit to Jordi Chancel.
+ [63732] High Crash with javascript dialogs. Credit to Sergey + Radchenko.
+ [68263] High Stylesheet node stale pointer. Credit to Sergey + Glazunov.
+ [68741] High Stale pointer with key frame rule. Credit to Sergey + Glazunov.
+ [70078] High Crash with forms controls. Credit to Stefan van + Zanden.
+ [70244] High Crash in SVG rendering. Credit to Slawomir Blazek.
+ [64-bit Linux only] [70376] Medium Out-of-bounds read in pickle + deserialization. Credit to Evgeniy Stepanov of the Chromium + development community.
+ [71114] High Stale node in table handling. Credit to Martin + Barbella.
+ [71115] High Stale pointer in table rendering. Credit to Martin + Barbella.
+ [71296] High Stale pointer in SVG animations. Credit to + miaubiz.
+ [71386] High Stale nodes in XHTML. Credit to wushi of team509.
+ [71388] High Crash in textarea handling. Credit to wushi of + team509.
+ [71595] High Stale pointer in device orientation. Credit to Sergey + Glazunov.
+ [71717] Medium Out-of-bounds read in WebGL. Credit to miaubiz.
+ [71855] High Integer overflow in textarea handling. Credit to + miaubiz.
+ [71960] Medium Out-of-bounds read in WebGL. Credit to Google Chrome + Security Team (Inferno).
+ [72214] High Accidental exposure of internal extension functions. + Credit to Tavis Ormandy of the Google Security Team.
+ [72437] High Use-after-free with blocked plug-ins. Credit to Chamal + de Silva.
+ [73235] High Stale pointer in layout. Credit to Martin Barbella.
+ +
Fixed in 9.0.597.94:
+ [67234] High Stale pointer in animation event handling. Credit to + Rik Cabanier.
+ [68120] High Use-after-free in SVG font faces. Credit to + miaubiz.
+ [69556] High Stale pointer with anonymous block handling. Credit to + Martin Barbella.
+ [69970] Medium Out-of-bounds read in plug-in handling. Credit to + Bill Budge of Google.
+ [70456] Medium Possible failure to terminate process on + out-of-memory condition. Credit to David Warren of CERT/CC.
+ +
Fixed in 9.0.597.84:
+ [Mac only] [42989] Low Minor sandbox leak via stat(). Credit to + Daniel Cheng of the Chromium development community.
+ [55831] High Use-after-free in image loading. Credit to Aki + Helin of OUSPG.
+ [59081] Low Apply some restrictions to cross-origin drag + drop. + Credit to Google Chrome Security Team (SkyLined) and the Google + Security Team (Michal Zalewski, David Bloom).
+ [62791] Low Browser crash with extension with missing key. Credit + to Brian Kirchoff.
+ [64051] High Crashing when printing in PDF event handler. Credit to + Aki Helin of OUSPG.
+ [65669] Low Handle merging of autofill profiles more gracefully. + Credit to Google Chrome Security Team (Inferno).
+ [Mac only] [66931] Low Work around a crash in the Mac OS 10.5 SSL + libraries. Credit to Dan Morrison.
+ [68244] Low Browser crash with bad volume setting. Credit to + Matthew Heidermann.
+ [69195] Critical Race condition in audio handling. Credit to the + gamers of Reddit!
+
Fixed in 8.0.552.237:
[58053] Medium Browser crash in extensions notification handling. Credit to Eric Roman of the Chromium development community.
@@ -2143,7 +2212,7 @@ Note: Please add new entries to the beginning of this file. 2010-10-19 2010-12-07 - 2011-01-23 + 2011-03-01 -- cgit