chromium-browser 18.0.1025.39
A WebKit powered web browser
http://code.google.com/chromium-browser
Packager: Fatih Arslan
License: GPLv2
Actions
Binary packages
Release history
| Release | Release date | Version | Updater | Comment |
|---|---|---|---|---|
| 39 | 2012-02-22 | 18.0.1025.39 | Fatih Arslan | Beta release |
| 38 | 2012-02-16 | 18.0.1025.33 | Fatih Arslan | * New beta release 18.0.1025.33 * Updated V8 - 3.8.9.6 * Fixed several crashes (Issues: 110943, 110234, 110176, 108986) * Sync: Conflicting sync entries should not be committed (Issue: 82236) * Back button frequently hangs (Issue: 93427) * Fixed Speech input bubble borders don't closing (Issues: 98323, 112194) * Improved the quality of the omnibox |
| 37 | 2012-02-14 | 18.0.1025.11 | Fatih Arslan | New beta release 18.0.1025.11 |
| 36 | 2012-02-01 | 16.0.912.77 | Fatih Arslan | Upstream release 16.0.912.77 |
| 35 | 2011-12-14 | 16.0.912.63 | Fatih Arslan | * Upstream release 16.0.912.63 * [81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching * [95465] Low CVE-2011-3905: Out-of-bounds reads in libxml * [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser * [99016] High CVE-2011-3907: URL bar spoofing with view-source * [100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing * [101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property array * [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling * [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF * [102359] High CVE-2011-3912: Use-after-free in SVG filters * [103921] High CVE-2011-3913: Use-after-free in Range handling * [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling * [104529] High CVE-2011-3915: Buffer overflow in PDF font handling * [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross references * [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher * [107258] High CVE-2011-3904: Use-after-free in bidi handling |
| 34 | 2011-11-17 | 15.0.874.121 | Fatih Arslan | * New stable release 15.0.874.121 * Updated V8 - 3.5.10.24 * [103259] High CVE-2011-3900: Out-of-bounds write in v8 |
| 33 | 2011-11-11 | 15.0.874.120 | Fatih Arslan | * Upstream release 15.0.874.120 * Updated V8 - 3.5.10.23 * Fix small print sizing issues (issues: 102186, 82472, 102154) * [100465] High CVE-2011-3892: Double free in Theora decoder * [100492] [100543] Medium CVE-2011-3893: Out of bounds reads in MKV and Vorbis media handlers * [101172] High CVE-2011-3894: Memory corruption regression in VP8 decoding * [101458] High CVE-2011-3895: Heap overflow in Vorbis decoder * [101624] High CVE-2011-3896: Buffer overflow in shader variable mapping * [102242] High CVE-2011-3897: Use-after-free in editing * [102461] Low CVE-2011-3898: Failure to ask for permission to run applets in JRE7 |
| 32 | 2011-10-27 | 15.0.874.106 | Fatih Arslan | * New stable release 15.0.874.106 * A newly redesigned "new tab" feature * Several security and bug fixes: * [86758] High CVE-2011-2845: URL bar spoof in history handling. * [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. * [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of download filenames. * [91218] Low CVE-2011-3877: XSS in appcache internals page. * [94487] Medium CVE-2011-3878: Race condition in worker process initialization. * [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. * [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. * [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin policy violations. * [96292] High CVE-2011-3882: Use-after-free in media buffer handling. * [96902] High CVE-2011-3883: Use-after-free in counter handling. * [97148] High CVE-2011-3884: Timing issues in DOM traversal. * [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale style bugs leading to use-after-free. * [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. * [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. * [99138] High CVE-2011-3888: Use-after-free with plug-in and editing. * [99211] High CVE-2011-3889: Heap overflow in Web Audio. * [99553] High CVE-2011-3890: Use-after-free in video source handling. * [100332] High CVE-2011-3891: Exposure of internal v8 functions. |
| 31 | 2011-09-27 | 14.0.835.163 | Fatih Arslan | Add symlink for flashplugin. |
| 30 | 2011-09-19 | 14.0.835.163 | Fatih Arslan | * New stable release 14.0.835.163 * Added new Web Audio Api * Actually this build contains the final NACL code, but the Linux tarball build is broken currently * Several security and bug fixes: * [49377] High CVE-2011-2835: Race condition in the certificate cache. * [51464] Low CVE-2011-2836: Infobar the Windows Media Player plug-in to avoid click-free access to the system Flash. * [57908] Low CVE-2011-2837: Use PIC / pie compiler flags. * [75070] Low CVE-2011-2838: Treat MIME type more authoritatively when loading plug-ins. * [76771] High CVE-2011-2839: Crash in v8 script object wrappers. * [78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with unusual user interaction. * [78639] High CVE-2011-2841: Garbage collection error in PDF. * [80680] Low CVE-2011-2842: Insecure lock file handling in the Mac installer. * [82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers. * [85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files. * [89219] High CVE-2011-2846: Use-after-free in unload event handling. * [89330] High CVE-2011-2847: Use-after-free in document loader. * [89564] Medium CVE-2011-2848: URL bar spoof with forward button. * [89795] Low CVE-2011-2849: Browser NULL pointer crash with WebSockets. * [89991] Medium CVE-2011-3234: Out-of-bounds read in box handling. * [90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer characters. * [90173] Medium CVE-2011-2851: Out-of-bounds read in video handling. * [91120] High CVE-2011-2852: Off-by-one in v8. * [91197] High CVE-2011-2853: Use-after-free in plug-in handling. * [92651] [94800] High CVE-2011-2854: Use-after-free in ruby / table style handing. * [92959] High CVE-2011-2855: Stale node in stylesheet handling. * [93416] High CVE-2011-2856: Cross-origin bypass in v8. * [93420] High CVE-2011-2857: Use-after-free in focus controller. * [93472] High CVE-2011-2834: Double free in libxml XPath handling. * [93497] Medium CVE-2011-2859: Incorrect permissions assigned to non-gallery pages. * [93587] High CVE-2011-2860: Use-after-free in table style handling. * [93596] Medium CVE-2011-2861: Bad string read in PDF. * [93906] High CVE-2011-2862: Unintended access to v8 built-in objects. * [95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan characters. * [95625] Medium CVE-2011-2858: Out-of-bounds read with triangle arrays. * [95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a session. * [95920] High CVE-2011-2875: Type confusion in v8 object sealing. |
| 29 | 2011-08-24 | 13.0.782.215 | Fatih Arslan | * New stable release 13.0.782.215 * [82552] High CVE-2011-2823: Use-after-free in line box handling * [88216] High CVE-2011-2824: Use-after-free with counter nodes * [88670] High CVE-2011-2825: Use-after-free with custom fonts * [89402] High CVE-2011-2821: Double free in libxml XPath handling * [87453] High CVE-2011-2826: Cross-origin violation with empty origins * [90668] High CVE-2011-2827: Use-after-free in text searching * [91517] High CVE-2011-2828: Out-of-bounds write in v8 * [32-bit only] [91598] High CVE-2011-2829: Integer overflow in uniform arrays * [Linux only] [91665] High CVE-2011-2839: Buggy memset() in PDF |
| 28 | 2011-08-04 | 13.0.782.107 | Fatih Arslan | * Beta channel has been merged to stable channel 13.0.782.107 * New features like Instant pages * Improved OmniBox * Security fixes: * [75821] Medium CVE-2011-2358: Always confirm an extension install via a browser dialog. * [78841] High CVE-2011-2359: Stale pointer due to bad line box tracking in rendering. * [79266] Low CVE-2011-2360: Potential bypass of dangerous file prompt. * [79426] Low CVE-2011-2361: Improve designation of strings in the basic auth dialog. * [81307] Medium CVE-2011-2782: File permissions error with drag and drop. * [83273] Medium CVE-2011-2783: Always confirm a developer mode NPAPI extension install via a browser dialog. * [83841] Low CVE-2011-2784: Local file path disclosure via GL program log. * [84402] Low CVE-2011-2785: Sanitize the homepage URL in extensions. * [84600] Low CVE-2011-2786: Make sure the speech input bubble is always on-screen. * [84805] Medium CVE-2011-2787: Browser crash due to GPU lock re-entrancy issue. * [85559] Low CVE-2011-2788: Buffer overflow in inspector serialization. * [85808] Medium CVE-2011-2789: Use after free in Pepper plug-in instantiation. * [86502] High CVE-2011-2790: Use-after-free with floating styles. * [86900] High CVE-2011-2791: Out-of-bounds write in ICU. * [87148] High CVE-2011-2792: Use-after-free with float removal. * [87227] High CVE-2011-2793: Use-after-free in media selectors. * [87298] Medium CVE-2011-2794: Out-of-bounds read in text iteration. * [87339] Medium CVE-2011-2795: Cross-frame function leak. * [87548] High CVE-2011-2796: Use-after-free in Skia. * [87729] High CVE-2011-2797: Use-after-free in resource caching. * [87815] Low CVE-2011-2798: Prevent a couple of internal schemes from being web accessible. * [87925] High CVE-2011-2799: Use-after-free in HTML range handling. * [88337] Medium CVE-2011-2800: Leak of client-side redirect target. * [88591] High CVE-2011-2802: v8 crash with const lookups. * [88827] Medium CVE-2011-2803: Out-of-bounds read in Skia paths. * [88846] High CVE-2011-2801: Use-after-free in frame loader. * [88889] High CVE-2011-2818: Use-after-free in display box rendering. * [89142] High CVE-2011-2804: PDF crash with nested functions. * [89520] High CVE-2011-2805: Cross-origin script injection. * [90222] High CVE-2011-2819: Cross-origin violation in base URI handling. |
| 27 | 2011-06-30 | 12.0.742.112 | Fatih Arslan | * New stable release 12.0.742.112 * Severel security fixes: * [77493] Medium CVE-2011-2345: Out-of-bounds read in NPAPI string handling * [84355] High CVE-2011-2346: Use-after-free in SVG font handling * [85003] High CVE-2011-2347: Memory corruption in CSS parsing * [85102] High CVE-2011-2350: Lifetime and re-entrancy issues in the HTML parser * [85177] High CVE-2011-2348: Bad bounds check in v8 * [85211] High CVE-2011-2351: Use-after-free with SVG use element * [85418] High CVE-2011-2349: Use-after-free in text selection |
| 26 | 2011-06-08 | 12.0.742.91 | Fatih Arslan | * New stable release 12.0.742.91 * Hardware accelerated 3D CSS * New Safe Browsing protection against downloading malicious files * Ability to delete Flash cookies from inside Chrome * Launch Apps by name from the Omnibox * Integrated Sync into new settings pages * Improved screen reader support * New warning when hitting Command-Q on Mac * Removal of Google Gears * Several security fixes: * [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues in float handling * [75496] Medium CVE-2011-1809: Use-after-free in accessibility support * [75643] Low CVE-2011-1810: Visit history information leak in CSS * [76034] Low CVE-2011-1811: Browser crash with lots of form submissions * [77026] Medium CVE-2011-1812: Extensions permission bypass * [78516] High CVE-2011-1813: Stale pointer in extension framework * [79362] Medium CVE-2011-1814: Read from uninitialized pointer * [79862] Low CVE-2011-1815: Extension script injection into new tab page * [80358] Medium CVE-2011-1816: Use-after-free in developer tools * [81916] Medium CVE-2011-1817: Browser memory corruption in history deletion * [81949] High CVE-2011-1818: Use-after-free in image loader * [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages * [83275] High CVE-2011-2332: Same origin bypass in v8 * [83743] High CVE-2011-2342: Same origin bypass in DOM |
| 25 | 2011-05-24 | 11.0.696.68 | Fatih Arslan | Blacklist gecko-mediaplayer, as it causes hang-up problems |
| 24 | 2011-05-16 | 11.0.696.68 | Fatih Arslan | * New stable release. * [64046] High CVE-2011-1799: Bad casts in Chromium WebKit glue. * [80608] High CVE-2011-1800: Integer overflows in SVG filters. |
| 23 | 2011-05-02 | 11.0.696.57 | Fatih Arslan | * Beta channel has upgraded to stable channel * Update to 11.0.696.57 with the following security fixes: * High CVE-2011-1303: Stale pointer in floating object handling. * Low CVE-2011-1304: Pop-up block bypass via plug-ins. * [70589] Medium CVE-2011-1305: Linked-list race in database handling. * [71586] Medium CVE-2011-1434: Lack of thread safety in MIME handling. * [72523] Medium CVE-2011-1435: Bad extension with ‘tabs’ permission can capture local files. * [72910] Low CVE-2011-1436: Possible browser crash due to bad interaction with X. * [73526] High CVE-2011-1437: Integer overflows in float rendering. * [74653] High CVE-2011-1438: Same origin policy violation with blobs. * [74763] High CVE-2011-1439: Prevent interference between renderer processes. * [75186] High CVE-2011-1440: Use-after-free with ruby tag and CSS. * [75347] High CVE-2011-1441: Bad cast with floating select lists. * [75801] High CVE-2011-1442: Corrupt node trees with mutation events. * [76001] High CVE-2011-1443: Stale pointers in layering code. * [76542] High CVE-2011-1444: Race condition in sandbox launcher. * [76646] Medium CVE-2011-1445: Out-of-bounds read in SVG. * [76666] [77507] [78031] High CVE-2011-1446: Possible URL bar spoofs with navigation errors and interrupted loads. * [76966] High CVE-2011-1447: Stale pointer in drop-down list handling. * [77130] High CVE-2011-1448: Stale pointer in height calculations. * [77346] High CVE-2011-1449: Use-after-free in WebSockets. * [77349] Low CVE-2011-1450: Dangling pointers in file dialogs. * [77463] High CVE-2011-1451: Dangling pointers in DOM id map. * [77786] Medium CVE-2011-1452: URL bar spoof with redirect and manual reload. * [79199] High CVE-2011-1454: Use-after-free in DOM id handling. * [79361] Medium CVE-2011-1455: Out-of-bounds read with multipart-encoded PDF. * [79364] High CVE-2011-1456: Stale pointers with PDF forms. |
| 22 | 2011-04-15 | 10.0.648.205 | Fatih Arslan | * New stable release * Several security fixes: * [75629] Critical CVE-2011-1301: Use-after-free in the GPU process. * [78524] Critical CVE-2011-1302: Heap overflow in the GPU process. |
| 21 | 2011-03-14 | 10.0.648.204 | Fatih Arslan | * New Stable release with several Security fixes: * [72517] High CVE-2011-1291: Buffer error in base string handling * [73216] High CVE-2011-1292: Use-after-free in the frame loader * [73595] High CVE-2011-1293: Use-after-free in HTMLCollection * [74562] High CVE-2011-1294: Stale pointer in CSS handling * [74991] High CVE-2011-1295: DOM tree corruption with broken node parentage * [75170] High CVE-2011-1296: Stale pointer in SVG text handling |
| 20 | 2011-03-03 | 9.0.597.107 | Fatih Arslan | Enable gecko-mediaplayer support |
| 19 | 2011-03-01 | 9.0.597.107 | Fatih Arslan | * New stable release * Several securtiy fixes: * [54262] High URL bar spoof. * [63732] High Crash with javascript dialogs. * [68263] High Stylesheet node stale pointer. * [68741] High Stale pointer with key frame rule. * [70078] High Crash with forms controls. * [70244] High Crash in SVG rendering. * [70376] 64-bit Linux only, Medium Out-of-bounds read in pickle deserialization. * [71114] High Stale node in table handling. * [71115] High Stale pointer in table rendering. * [71296] High Stale pointer in SVG animations. * [71386] High Stale nodes in XHTML. * [71388] High Crash in textarea handling. * [71595] High Stale pointer in device orientation. * [71717] Medium Out-of-bounds read in WebGL. * [71855] High Integer overflow in textarea handling. * [71960] Medium Out-of-bounds read in WebGL. * [72214] High Accidental exposure of internal extension functions. * [72437] High Use-after-free with blocked plug-ins. * [73235] High Stale pointer in layout. |
| 18 | 2011-02-09 | 9.0.597.94 | Fatih Arslan | * New Stable release * Several security fixes: * [67234] High Stale pointer in animation event handling. * [68120] High Use-after-free in SVG font faces. * [69556] High Stale pointer with anonymous block handling. * [69970] Medium Out-of-bounds read in plug-in handling. * [70456] Medium Possible failure to terminate process on out-of-memory condition. |
| 17 | 2011-02-04 | 9.0.597.84 | Fatih Arslan | * Beta channel has been upgraded to stable channel * Several security fixes: * [55831] High Use-after-free in image loading. * [59081] Low Apply some restrictions to cross-origin drag + drop. * [62791] Low Browser crash with extension with missing key. * [64051] High Crashing when printing in PDF event handler. * [65669] Low Handle merging of autofill profiles more gracefully. * [68244] Low Browser crash with bad volume setting. * [69195] Critical Race condition in audio handling. |
| 16 | 2011-01-27 | 9.0.597.83 | Fatih Arslan | New beta release |
| 15 | 2011-01-19 | 9.0.597.67 | Fatih Arslan | New beta release |
| 14 | 2011-01-10 | 9.0.597.45 | Fatih Arslan | * New beta release * Create symlinks for ffmpeg libraries |
| 13 | 2011-01-05 | 9.0.597.42 | Fatih Arslan | * New beta channel release * Give warning when downloading pisi file |
| 12 | 2010-12-29 | 9.0.597.19 | Fatih Arslan | All options are enabled by default, don't need this option strings anymore. |
| 11 | 2010-12-20 | 9.0.597.19 | Ozan Çağlayan | Add libgnome-keyring runtime dependency and change buildtime dependency. |
| 10 | 2010-12-17 | 9.0.597.19 | Fatih Arslan | * Bump to newest Beta channel (major update again) * Use patch for using libvpx systemwide instead of the bundle one |
| 9 | 2010-12-14 | 8.0.552.224 | Fatih Arslan | * Bump to newest stable * [56449] High Bad validation for message deserialization on 64-bit Linux builds. * [60761] Medium Bad extension can cause browser crash in tab handling. * [63529] Low Browser crash with NULL pointer in web worker handling. * [63866] Medium Out-of-bounds read in CSS parsing. * [64959] High Stale pointers in cursor handling. |
| 8 | 2010-12-06 | 8.0.552.215 | Fatih Arslan | * Bump to 8.0.552.215 * Stable channel has been merged to the Beta Channel * The built-in PDF viewer is now enabled by default. * Over 800 bug fixes, the importants one listed below: * [17655] Possible pop-up blocker bypass. * [55745] Cross-origin video theft with canvas. * [56237] Browser crash with HTML5 databases. * [58319] Prevent excessive file dialogs, possibly leading to browser crash. * [59554] Use after free in history handling. * [59817] Make sure the “dangerous file types” list is uptodate with the Windows platforms. * [61701] Browser crash with HTTP proxy authentication. * [61653] Out-of-bounds read regression in WebM video support. * [62127] Crash due to bad indexing with malformed video. * [62168] Possible browser memory corruption via malicious privileged extension. * [62401] Use after free with SVG animations. * [63051] Use after free in mouse dragging event handling. * [63444] Double free in XPath handling. |
| 7 | 2010-10-29 | 7.0.517.41 | Ozan Çağlayan | Mass rebuild for Pardus Corporate 2 Alpha 3 |
| 6 | 2010-10-25 | 7.0.517.41 | Fatih Arslan | -Bump to latest stable channel -An updated HTML5 parser -File API (ability of uploading a whole folder) -Several bug fixes (http://bit.ly/chrome7fixes) -Ffmpeg video support for HTML5 works now |
| 5 | 2010-09-23 | 6.0.472.63 | Fatih Arslan | Version bump Fix direct loading of global function prototypes in v8 engine |
| 4 | 2010-09-19 | 6.0.472.62 | Fatih Arslan | Version bump |
| 3 | 2010-09-15 | 6.0.472.59 | Fatih Arslan | Version |
| 2 | 2010-09-08 | 6.0.472.56 | Fatih Arslan | Version bump, take over of package |
| 1 | 2010-06-01 | 6.0.417.0 | Mete Alpaslan | First release. |
Patches
additional_download_extensions.patchblacklist_geckomediaplayer.patch
chromium-revert-jpeg-swizzle-r2.patch
chromium-webkit-zlib-r0.patch
chromium-media-no-sse-r0.patch
chromium-gyp-settings-r0.patch
pulse-compile-fix.diff