Ubuntu Security Notice 3552-1 - Johann Hofmann discovered that HTML fragments created for chrome-privileged documents were not properly sanitized. An attacker could exploit this to execute arbitrary code.
cb75456f4685d4fe6714d772f734e3ad10cf43b211c3db184b609ae95eff2868