linux-traipu team mailing list archive

Thread
Date
[Bug 1232575] Re: chrome.extension not available when called from extension scripts in Chromium but works on Chrome

To: linux-traipu@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1232575@xxxxxxxxxxxxxxxxxx>
Date: Mon, 04 Nov 2013 16:30:17 -0000
Reply-to: Bug 1232575 <1232575@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package chromium-browser -
30.0.1599.114-0ubuntu0.13.10.2

---------------
chromium-browser (30.0.1599.114-0ubuntu0.13.10.2) saucy-security; urgency=low

  * Test the compiler for "-m32" support as the canonical test of support.
    Only a problem on ARM.

chromium-browser (30.0.1599.114-0ubuntu0.13.10.1) saucy-updates;
urgency=low

  * New release 30.0.1599.114.
  * New release 30.0.1599.101:
    - CVE-2013-2925: Use after free in XHR.
    - CVE-2013-2926: Use after free in editing.
    - CVE-2013-2927: Use after free in forms.
  * New release 29.0.1547.76.
  * New release 30.0.1599.66:
    - CVE-2013-2906: Races in Web Audio.
    - CVE-2013-2907: Out of bounds read in Window.prototype object.
    - CVE-2013-2908: Address bar spoofing related to the “204 No Content”
      status code.
    - CVE-2013-2909: Use after free in inline-block rendering.
    - CVE-2013-2910: Use-after-free in Web Audio.
    - CVE-2013-2911: Use-after-free in XSLT.
    - CVE-2013-2912: Use-after-free in PPAPI.
    - CVE-2013-2913: Use-after-free in XML document parsing.
    - CVE-2013-2914: Use after free in the Windows color chooser dialog.
    - CVE-2013-2915: Address bar spoofing via a malformed scheme.
    - CVE-2013-2916: Address bar spoofing related to the “204 No Content”
      status code.
    - CVE-2013-2917: Out of bounds read in Web Audio.
    - CVE-2013-2918: Use-after-free in DOM.
    - CVE-2013-2919: Memory corruption in V8.
    - CVE-2013-2920: Out of bounds read in URL parsing.
    - CVE-2013-2921: Use-after-free in resource loader.
    - CVE-2013-2922: Use-after-free in template element.
    - CVE-2013-2923: Various fixes from internal audits, fuzzing and other
      initiatives (Chrome 30).
    - CVE-2013-2924: Use-after-free in ICU.
  * debian/tests/...: Make first real tests using sikuli. Probably quite
    fragile on changes to upstream. (LP: #1222895)
  * debian/patches/4-chromeless-window-launch-option.patch: Make new windows
    use their own state instead of checking the parameters of the instance that
    started all processes for whether a window has chrome or not. (LP: #1223855)
  * Update autopkgtest tests.
  * debian/patches/series: Drop comment references to old patches.  Remove
    files.
  * debian/rules: Don't build 'reliability_tests' any more. It's deprecated
    upstream and we don't use it anyway.
  * debian/rules: debian/chromium-browser.install: Handle sandbox compilation
    configuration changes by stopping our special handling and using the default,
    and "you have to change the underscore from the build target into a hyphen".
  * debian/rules: Process rpath of files in debian/tmp* BEFORE we copy them out.
    (LP: #1226143)
  * debian/testing/driver: Cheap run test to make sure chromedriver runs.
    (LP: #1226143)
  * debian/patches/4-chromeless-window-launch-option.patch: Fix syntax that
    caused extensions to fail.  (LP: #1232575)
  * debian/rules: Use runtime linker for all architectures, not just 64-bit.
    Component builds everywhere, now.  More than 4GB is too much to expect.
  * debian/rules: clean up packaging comparison code.
 -- Chad MILLER <chad.miller@xxxxxxxxxxxxx>   Sun, 27 Oct 2013 13:08:11 -0400

** Changed in: chromium-browser (Ubuntu)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2906

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2907

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2908

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2909

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2910

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2911

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2912

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2913

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2914

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2915

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2916

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2917

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2918

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2919

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2920

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2921

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2922

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2923

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2924

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2925

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2926

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2927

-- 
You received this bug notification because you are a member of UBUNTU -
AL - BR, which is subscribed to Chromium Browser.
https://bugs.launchpad.net/bugs/1232575

Title:
  chrome.extension not available when called from extension scripts in
  Chromium but works on Chrome

Status in Chromium Browser:
  Unknown
Status in “chromium-browser” package in Ubuntu:
  Fix Released

Bug description:
  When I updated to 13.10 and Chromium 29.0.1547.65-0ubuntu2, a few
  extensions stopped working properly. The easiest to reproduce is
  Reddit Enhancement Suite 4.3.0.1, it immediately fails on loading the
  extension with this error:

  chrome.extension is not available: 'extension' is not allowed for
  specified context type content script,  extension page, web page,
  etc.). [VM] binding (22):427

  Following from anywhere that called chrome.extension.sendMessage or
  chrome.extension.onMessage in the extension. Chromium's own bug
  tracker says this usage is deprecated (replaced by chrome.runtime
  namespace which does work) but testing against Chrome 29.0.1547.76 on
  the stable channel, the older namespace works correctly with the
  extensions.

  chromium-browser:
    Installed: 29.0.1547.65-0ubuntu2
    Candidate: 29.0.1547.65-0ubuntu2
    Version table:
   *** 29.0.1547.65-0ubuntu2 0
          500 http://mirrors.cat.pdx.edu/ubuntu/ saucy/universe amd64 Packages
          100 /var/lib/dpkg/status

To manage notifications about this bug go to:
https://bugs.launchpad.net/chromium-browser/+bug/1232575/+subscriptions