Please update to 28.0.1500.71
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| chromium-browser (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
And again a new stable release with lots of security fixes: http://
Here are the CVEs:
CVE-2013-2853: Man-in-the-middle attack against HTTP in SSL.
CVE-2013-2867: Block pop-unders in various scenarios.
CVE-2013-2868: Incorrect sync of NPAPI extension component.
CVE-2013-2869: Out-of-bounds read in JPEG2000 handling.
CVE-2013-2870: Use-after-free with network sockets.
CVE-2013-2871: Use-after-free in input handling.
CVE-2013-2872: Possible lack of entropy in renderers.
CVE-2013-2873: Use-after-free in resource loading.
CVE-2013-2874: Screen data leak with GL textures.
CVE-2013-2875: Out-of-bounds-read in SVG.
CVE-2013-2876: Extensions permissions confusion with interstitials.
CVE-2013-2877: Out-of-bounds read in XML parsing.
CVE-2013-2878: Out-of-bounds read in text handling.
CVE-2013-2879: Confusion setting up sign-in and sync.
| information type: | Private Security → Public Security |
| Changed in chromium-browser (Ubuntu): | |
| status: | New → In Progress |
| assignee: | nobody → Jackson Doak (noskcaj) |
| Changed in chromium-browser (Ubuntu): | |
| status: | In Progress → Opinion |
| status: | Opinion → Confirmed |
| assignee: | Jackson Doak (noskcaj) → nobody |
| Changed in chromium-browser (Ubuntu): | |
| status: | Confirmed → Fix Released |
