openSUSE-SU-2012:0374-1 -- Suse updateID: oval:org.secpod.oval:def:400433 | Date: (C)2012-12-31 (M)2022-06-24 |
Class: PATCH | Family: unix |
Changes in chromium: - Update to 19.0.1066 * Fixed Chrome install/update resets Google search preferences * Don"t trigger accelerated compositing on 3D CSS when using swiftshader * Fixed a GPU crash * More fixes for Back button frequently hangs * Bastion now works * Fixed Composited layer sorting irregularity with accelerated canvas * Fixed Composited layer sorting irregularity with accelerated canvas * Fixed Google Feedback causes render process to use too much memory * Fixed after upgrade, some pages are rendered as blank * Fixed Pasting text into a single-line text field shouldn"t keep literal newlines - Security Fixes: * Critical CVE-2011-3047: Errant plug-in load and GPU process memory corruption * Critical CVE-2011-3046: UXSS and bad history navigation. - Update to 19.0.1060 * Fixed NTP signed in state is missing * Fixed gmail seems to redraw itself occasionally * Focus "OK" button on Javascript dialogs * Fixed Back button frequently hangs * Increase the buffer size to fix muted playback rate * Fixed Empty span with line-height renders with non-zero height * Marked the Certum Trusted Network CA as an issuer of extended-validation certificates. * Fixed importing of bookmarks, history, etc. from Firefox 10+. * Fixed issues - 114001, 110785, 114168, 114598, 111663, 113636, 112676 * Fixed several crashes * Fixed Firefox browser in Import Bookmarks and Settings drop-down * Sync: Sessions aren"t associating pre-existing tabs * Fixed All "Extensions" make an entry under the "NTP Apps" page - Security Fixes : * High CVE-2011-3031: Use-after-free in v8 element wrapper. * High CVE-2011-3032: Use-after-free in SVG value handling. * High CVE-2011-3033: Buffer overflow in the Skia drawing library. * High CVE-2011-3034: Use-after-free in SVG document handling. * High CVE-2011-3035: Use-after-free in SVG use handling. * High CVE-2011-3036: Bad cast in line box handling. * High CVE-2011-3037: Bad casts in anonymous block splitting. * High CVE-2011-3038: Use-after-free in multi-column handling. * High CVE-2011-3039: Use-after-free in quote handling. * High CVE-2011-3040: Out-of-bounds read in text handling. * High CVE-2011-3041: Use-after-free in class attribute handling. * High CVE-2011-3042: Use-after-free in table section handling. * High CVE-2011-3043: Use-after-free in flexbox with floats. * High CVE-2011-3044: Use-after-free with SVG animation elements. Changes in v8: - Update to 3.9.13.0 * Add code kind check before preparing for OSR. * Pass zone explicitly to zone-allocation on x64 and ARM. * Port string construct stub to x64. * Performance and stability improvements on all platforms.