Description
- Update to Chromium 38.0.2125.101 This update includes 159 security
fixes, including 113 relatively minor fixes. Highlighted securtiy fixes
are: CVE-2014-3188: A combination of V8 and IPC bugs that can lead to
remote code execution outside of the sandbox CVE-2014-3189:
Out-of-bounds read in PDFium CVE-2014-3190: Use-after-free in Events
CVE-2014-3191: Use-after-free in Rendering CVE-2014-3192: Use-after-free
in DOM CVE-2014-3193: Type confusion in Session Management
CVE-2014-3194: Use-after-free in Web Workers CVE-2014-3195: Information
Leak in V8 CVE-2014-3196: Permissions bypass in Windows Sandbox
CVE-2014-3197: Information Leak in XSS Auditor CVE-2014-3198:
Out-of-bounds read in PDFium CVE-2014-3199: Release Assert in V8
bindings CVE-2014-3200: Various fixes from internal audits, fuzzing and
other initiatives
- Drop the build of the Native Client. This is actually not a build as
that prebuild binaries are being shipped. Also Google no longer provides
prebuild binaries for the NativeClient for 32bit. Chromium as webbrowser
is not affected by this and it bring Chromium inline with the
regulations that prebuild binaries should not be shipped