← Back to team overview

linux-traipu team mailing list archive

[Bug 513745] Re: pdf documents (probably other mimetypes too) not opened by chromium-browser

 

This bug was fixed in the package chromium-browser -
37.0.2062.94-0ubuntu0.12.04.1~pkg909

---------------
chromium-browser (37.0.2062.94-0ubuntu0.12.04.1~pkg909) precise-security; urgency=medium

  * Release to stage

chromium-browser (37.0.2062.94-0ubuntu1) UNRELEASED; urgency=low

  * Upstream release 37.0.2062.94.
    - CVE-2014-3165: Use-after-free in Blink websockets.
    - CVE-2014-3176, CVE-2014-3177: A combination of bugs in V8, IPC, sync, and
      extensions that can lead to remote code execution outside of the sandbox.
    - CVE-2014-3168: Use-after-free in SVG.
    - CVE-2014-3169: Use-after-free in DOM.
    - CVE-2014-3170: Extension permission dialog spoofing.
    - CVE-2014-3171: Use-after-free in bindings.
    - CVE-2014-3172: Issue related to extension debugging.
    - CVE-2014-3173: Uninitialized memory read in WebGL.
    - CVE-2014-3174: Uninitialized memory read in Web Audio.
    - CVE-2014-3175: Various fixes from internal audits, fuzzing and other
      initiatives.
    - CVE-2014-3176, CVE-2014-3177: Interaction of extensions, IPC, the sync
      API, and Google V8 to execute arbitrary code.
  * Fix a shell bug in the binary-wrapper that prevented USER flags
    from working properly.
  * debian/control: Suggests chromiumflashplugin .
  * debian/apport: Significant cleanup.
  * debian/rules: Disable SSE instructions on x86 to avoid SIGILL on some CPUs.
    (LP: #1353185)
  * debian/checkout-orig-source.mk: Don't include src/ prefix in orig tarball.
  * debian/patches/*: refresh line numbers.
  * debian/patches/search-credit.patch,
    debian/patches/additional-search-engines.patch: Track source files moved.
  * debian/patches/ffmpeg-gyp-config.patch,
    debian/patches/fix-gyp-space-in-object-filename-exception.patch,
    debian/patches/gyp-icu-m32-test:
    Disabled. No longer needs fixing.
  * debian/control: build-dep on openssl.
  * debian/patches/disable-sse2: Don't require SSE/SSE2 CPU features on x86.
    (LP: #1353185)
  * debian/rules: Use built-in PDF support. (LP: #513745, #1009902)

chromium-browser (36.0.1985.143-0ubuntu1) precise-security; urgency=low

  * Upstream release 36.0.1985.143:
    - CVE-2014-3165: Use-after-free in web sockets.
    - CVE-2014-3166: Information disclosure in SPDY.
    - CVE-2014-3167: Various fixes from internal audits, fuzzing and other
      initiatives.
  * debian/rules: Avoid some unnecessary warning of invalid mv.
  * debian/rules: Don't use tcmalloc on i386.
  * debian/control: Don't have (unused) shlibs-depends on -dbg packages
    and non-binary packages.
  * debian/chromium-browser-codecs-ffmpeg-extra.dirs,
    debian/chromium-browser-codecs-ffmpeg.dirs: Removed. Unused.
  * debian/chromium-browser.lintian-overrides,
    debian/chromium-codecs-ffmpeg-extra-dbg.lintian-overrides,
    debian/chromium-codecs-ffmpeg-extra.lintian-overrides,
    debian/chromium-codecs-ffmpeg.lintian-overrides,
    debian/source/lintian-overrides: Add lintian overrides.
 -- Chad MILLER <chad.miller@xxxxxxxxxxxxx>   Sun, 31 Aug 2014 17:27:11 -0400

** Changed in: chromium-browser (Ubuntu)
       Status: Confirmed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3165

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3166

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3167

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3168

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3169

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3170

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3171

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3172

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3173

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3174

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3175

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3176

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3177

** Changed in: chromium-browser (Ubuntu)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of UBUNTU -
AL - BR, which is subscribed to Chromium Browser.
https://bugs.launchpad.net/bugs/513745

Title:
  pdf documents (probably other mimetypes too) not opened by chromium-
  browser

Status in Chromium Browser:
  Unknown
Status in “chromium-browser” package in Ubuntu:
  Fix Released

Bug description:
  Binary package hint: chromium-browser

  clicking on a .pdf opens a new tab, that tab stays however, empty and
  the .pdf gets downloaded to the default download location.

  Instead chromium should open the pdf in the pdf mime-type handler aka
  evince.

To manage notifications about this bug go to:
https://bugs.launchpad.net/chromium-browser/+bug/513745/+subscriptions