← Back to team overview

linux-traipu team mailing list archive

[Bug 1310163] Re: chromium-browser with multiple tabs crashes on startup in KDE environment

 

This bug was fixed in the package chromium-browser -
38.0.2125.111-0ubuntu0.14.10.1.1103

---------------
chromium-browser (38.0.2125.111-0ubuntu0.14.10.1.1103) utopic-security; urgency=medium

  * Upstream release 38.0.2125.111.
  * Upstream release 38.0.2125.104.
  * Upstream release 38.0.2125.101:  (LP: #1310163)
    - CVE-2014-3188: A special thanks to Jüri Aedla for a combination of V8 and
      IPC bugs that can lead to remote code execution outside of the sandbox.
    - CVE-2014-3189: Out-of-bounds read in PDFium.
    - CVE-2014-3190: Use-after-free in Events.
    - CVE-2014-3191: Use-after-free in Rendering.
    - CVE-2014-3192: Use-after-free in DOM.
    - CVE-2014-3193: Type confusion in Session Management.
    - CVE-2014-3194: Use-after-free in Web Workers.
    - CVE-2014-3195: Information Leak in V8.
    - CVE-2014-3196: Permissions bypass in Windows Sandbox.
    - CVE-2014-3197: Information Leak in XSS Auditor.
    - CVE-2014-3198: Out-of-bounds read in PDFium.
    - CVE-2014-3199: Release Assert in V8 bindings.
    - CVE-2014-3200: Various fixes from internal audits, fuzzing and other
      initiatives (Chrome 38).
  * debian/rules: Prefer GCC 4.8 when compiling. 4.9 remains buggy.
  * Make the verification step in clean make more compare-able output.
  * debian/patches/configuration-directory.patch: Account for new location of
    policies directory in /etc . Change back. (LP: #1373802)
  * debian/patches/lp-translations-paths: Map old third_party filenames to
    new name after processor compiles.
  * debian/rules: Fix patch-translations rule, workflow.
  * debian/patches/macro-templates-not-match: Anonymous struct isn't sizable.
  * debian/chromium-browser.sh.in: Fix broken logic of CHROMIUM_USER_FLAGS,
    which has never worked. (LP: #1381644)
  * debian/patches/disable-sse: Disable more SSE #includes.
  * debian/rules: Omit unnecessary files from packaging.
  * debian/chromium-browser.sh.in: Fix variable name bug and suggest
    ~/.chromium-browser.init file over hamfisted CHROMIUM_USER_FLAGS.
  * debian/patches/5-desktop-integration-settings.patch: Adapt to new settings
    APIs.

chromium-browser (37.0.2062.120-0ubuntu1) utopic; urgency=low

  * Upstream release 37.0.2062.120:
    - CVE-2014-3178: Use-after-free in rendering. Credit to miaubiz.
    - CVE-2014-3179: Various fixes from internal audits, fuzzing and other
      initiatives.
  * debian/rules: Simplify and rearrange.
  * debian/rules, debian/known_gyp_flags: Keep better track of known GYP flags,
    so we can fail when something changes unexpectedly.
  * debian/rules: Fix up patch-translations rule.

chromium-browser (37.0.2062.94-0ubuntu1) utopic; urgency=low

  * Upstream release 37.0.2062.94.
    - CVE-2014-3165: Use-after-free in Blink websockets.
    - CVE-2014-3176, CVE-2014-3177: A combination of bugs in V8, IPC, sync, and
      extensions that can lead to remote code execution outside of the sandbox.
    - CVE-2014-3168: Use-after-free in SVG.
    - CVE-2014-3169: Use-after-free in DOM.
    - CVE-2014-3170: Extension permission dialog spoofing.
    - CVE-2014-3171: Use-after-free in bindings.
    - CVE-2014-3172: Issue related to extension debugging.
    - CVE-2014-3173: Uninitialized memory read in WebGL.
    - CVE-2014-3174: Uninitialized memory read in Web Audio.
    - CVE-2014-3175: Various fixes from internal audits, fuzzing and other
      initiatives.
    - CVE-2014-3176, CVE-2014-3177: Interaction of extensions, IPC, the sync
      API, and Google V8 to execute arbitrary code.
  * Fix a shell bug in the binary-wrapper that prevented USER flags
    from working properly.
  * debian/control: Suggests chromiumflashplugin .
  * debian/apport: Significant cleanup.
  * debian/rules: Disable SSE instructions on x86 to avoid SIGILL on some CPUs.
    (LP: #1353185)
  * debian/checkout-orig-source.mk: Don't include src/ prefix in orig tarball.
  * debian/patches/*: refresh line numbers.
  * debian/patches/search-credit.patch,
    debian/patches/additional-search-engines.patch: Track source files moved.
  * debian/patches/ffmpeg-gyp-config.patch,
    debian/patches/fix-gyp-space-in-object-filename-exception.patch,
    debian/patches/gyp-icu-m32-test:
    Disabled. No longer needs fixing.
  * debian/control: build-dep on openssl.
  * debian/patches/disable-sse2: Don't require SSE/SSE2 CPU features on x86.
    (LP: #1353185)
  * debian/rules: Use built-in PDF support. (LP: #513745, #1009902)
 -- Chad MILLER <chad.miller@xxxxxxxxxxxxx>   Wed, 15 Oct 2014 14:22:55 -0400

** Changed in: chromium-browser (Ubuntu)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3165

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3168

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3169

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3170

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3171

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3172

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3173

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3174

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3175

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3176

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3177

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3178

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3179

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3188

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3189

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3190

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3191

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3192

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3193

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3194

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3195

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3196

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3197

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3198

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3199

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3200

** Changed in: chromium-browser (Ubuntu)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of UBUNTU -
AL - BR, which is subscribed to Chromium Browser.
https://bugs.launchpad.net/bugs/1310163

Title:
  chromium-browser with multiple tabs crashes on startup in KDE
  environment

Status in Chromium Browser:
  Unknown
Status in “chromium-browser” package in Ubuntu:
  Fix Released

Bug description:
  first output is with kwallet disabled.

  second output is after re-enabling kwallet

  ruce@Pericles:~$ ATTENTION: default value of option force_s3tc_enable overridden by environment.
  [6251:6251:0419/183400:ERROR:sandbox_linux.cc(268)] InitializeSandbox() called with multiple threads in process gpu-process
  [6208:6239:0419/183401:ERROR:object_proxy.cc(566)] Failed to call method: org.kde.KWallet.isEnabled: object_path= /modules/kwalletd: org.freedesktop.DBus.Error.ServiceUnknown: The name org.kde.kwalletd was not provided by any .service files
  [6208:6239:0419/183401:ERROR:native_backend_kwallet_x.cc(228)] Error contacting kwalletd (isEnabled)
  [6208:6239:0419/183401:ERROR:object_proxy.cc(566)] Failed to call method: org.kde.KWallet.isEnabled: object_path= /modules/kwalletd: org.freedesktop.DBus.Error.NoReply: Message did not receive a reply (timeout by message bus)
  [6208:6239:0419/183401:ERROR:native_backend_kwallet_x.cc(228)] Error contacting kwalletd (isEnabled)
  [6208:6208:0419/183402:ERROR:profile_sync_service.cc(1315)] History Delete Directives datatype error was encountered: Delete directives not supported with encryption.
  [6208:6313:0419/183404:ERROR:download.cc(109)] PostClientToServerMessage() failed during GetUpdates
  [6208:6244:0419/183411:FATAL:url_request.cc(707)] Trying to send secure referrer for insecure load

  [1]+  Aborted                 (core dumped) chromium-browser
  bruce@Pericles:~$ chromium-browser &
  [1] 7505
  bruce@Pericles:~$ ATTENTION: default value of option force_s3tc_enable overridden by environment.
  [7548:7548:0419/183625:ERROR:sandbox_linux.cc(268)] InitializeSandbox() called with multiple threads in process gpu-process
  [7505:7505:0419/183628:ERROR:profile_sync_service.cc(1315)] History Delete Directives datatype error was encountered: Delete directives not supported with encryption.
  [7505:7541:0419/183635:FATAL:url_request.cc(707)] Trying to send secure referrer for insecure load

  [1]+  Aborted                 (core dumped) chromium-browser

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: chromium-browser 34.0.1847.116-0ubuntu2
  ProcVersionSignature: Ubuntu 3.13.0-24.46-generic 3.13.9
  Uname: Linux 3.13.0-24-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3
  Architecture: amd64
  CurrentDesktop: KDE
  Date: Sat Apr 19 22:46:35 2014
  Desktop-Session:
   DESKTOP_SESSION = kde-plasma
   XDG_CONFIG_DIRS = /etc/xdg/xdg-kde-plasma:/usr/share/upstart/xdg:/etc/xdg
   XDG_DATA_DIRS = /usr/share:/usr/share/kde-plasma:/usr/local/share/:/usr/share/
  Env:
   MOZ_PLUGIN_PATH = None
   LD_LIBRARY_PATH = None
  InstallationDate: Installed on 2013-02-26 (417 days ago)
  InstallationMedia: Kubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.1)
  SourcePackage: chromium-browser
  UpgradeStatus: Upgraded to trusty on 2014-04-19 (0 days ago)
  chromium-default: CHROMIUM_FLAGS=""
  gconf-keys: /desktop/gnome/applications/browser/exec = b'firefox\n'/desktop/gnome/url-handlers/https/command = b'firefox %s\n'/desktop/gnome/url-handlers/https/enabled = b'true\n'/desktop/gnome/url-handlers/http/command = b'firefox %s\n'/desktop/gnome/url-handlers/http/enabled = b'true\n'/desktop/gnome/session/required_components/windowmanager = b''/apps/metacity/general/compositing_manager = b''/desktop/gnome/interface/icon_theme = b'gnome\n'/desktop/gnome/interface/gtk_theme = b'Clearlooks\n'
  modified.conffile..etc.default.chromium.browser: [deleted]

To manage notifications about this bug go to:
https://bugs.launchpad.net/chromium-browser/+bug/1310163/+subscriptions