[ubuntu/artful-proposed] chromium-browser 61.0.3163.79-0ubuntu1.1371 (Accepted)
Olivier Tilloy
olivier.tilloy at canonical.com
Thu Sep 21 15:59:27 UTC 2017
chromium-browser (61.0.3163.79-0ubuntu1.1371) artful; urgency=medium
* Upstream release: 61.0.3163.79
- CVE-2017-5111: Use after free in PDFium.
- CVE-2017-5112: Heap buffer overflow in WebGL.
- CVE-2017-5113: Heap buffer overflow in Skia.
- CVE-2017-5114: Memory lifecycle issue in PDFium.
- CVE-2017-5115: Type confusion in V8.
- CVE-2017-5116: Type confusion in V8.
- CVE-2017-5117: Use of uninitialized value in Skia.
- CVE-2017-5118: Bypass of Content Security Policy in Blink.
- CVE-2017-5119: Use of uninitialized value in Skia.
- CVE-2017-5120: Potential HTTPS downgrade during redirect navigation.
* debian/control:
- bump Standards-Version to 4.0.0
- add build dependency on llvm
* debian/rules: build with is_component_build=false, is_official_build=true,
allow_posix_link_time_opt=false and fatal_linker_warnings=false
* debian/patches/additional-search-engines.patch: refreshed
* debian/patches/define__libc_malloc.patch: added
* debian/patches/disable-sse2: refreshed
* debian/patches/enable-chromecast-by-default.patch: refreshed
* debian/patches/fix-compilation-for-atk.patch: added
* debian/patches/fix-gn-bootstrap.patch: updated
* debian/patches/fix_building_widevinecdm_with_chromium.patch: refreshed
* debian/patches/make-base-numerics-build-with-gcc.patch: added
* debian/patches/revert-llvm-ar.patch: removed, no longer needed
* debian/patches/search-credit.patch: refreshed
* debian/patches/skia-undef-HWCAP_CRC32.patch: added
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/tests/chromium-version: fix test shutdown
* debian/tests/html5test:
- fix test shutdown
- update test expectations
Date: Mon, 11 Sep 2017 22:07:08 +0200
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Chris Coulson <chrisccoulson at ubuntu.com>
https://launchpad.net/ubuntu/+source/chromium-browser/61.0.3163.79-0ubuntu1.1371
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 11 Sep 2017 22:07:08 +0200
Source: chromium-browser
Binary: chromium-browser chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-extra chromium-chromedriver
Architecture: source
Version: 61.0.3163.79-0ubuntu1.1371
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Description:
chromium-browser - Chromium web browser, open-source version of Chrome
chromium-browser-l10n - chromium-browser language packages
chromium-chromedriver - WebDriver driver for the Chromium Browser
chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
Changes:
chromium-browser (61.0.3163.79-0ubuntu1.1371) artful; urgency=medium
.
* Upstream release: 61.0.3163.79
- CVE-2017-5111: Use after free in PDFium.
- CVE-2017-5112: Heap buffer overflow in WebGL.
- CVE-2017-5113: Heap buffer overflow in Skia.
- CVE-2017-5114: Memory lifecycle issue in PDFium.
- CVE-2017-5115: Type confusion in V8.
- CVE-2017-5116: Type confusion in V8.
- CVE-2017-5117: Use of uninitialized value in Skia.
- CVE-2017-5118: Bypass of Content Security Policy in Blink.
- CVE-2017-5119: Use of uninitialized value in Skia.
- CVE-2017-5120: Potential HTTPS downgrade during redirect navigation.
* debian/control:
- bump Standards-Version to 4.0.0
- add build dependency on llvm
* debian/rules: build with is_component_build=false, is_official_build=true,
allow_posix_link_time_opt=false and fatal_linker_warnings=false
* debian/patches/additional-search-engines.patch: refreshed
* debian/patches/define__libc_malloc.patch: added
* debian/patches/disable-sse2: refreshed
* debian/patches/enable-chromecast-by-default.patch: refreshed
* debian/patches/fix-compilation-for-atk.patch: added
* debian/patches/fix-gn-bootstrap.patch: updated
* debian/patches/fix_building_widevinecdm_with_chromium.patch: refreshed
* debian/patches/make-base-numerics-build-with-gcc.patch: added
* debian/patches/revert-llvm-ar.patch: removed, no longer needed
* debian/patches/search-credit.patch: refreshed
* debian/patches/skia-undef-HWCAP_CRC32.patch: added
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/tests/chromium-version: fix test shutdown
* debian/tests/html5test:
- fix test shutdown
- update test expectations
Checksums-Sha1:
86ab777f60c72288af95b7bcf1ce562d8fd61425 2592 chromium-browser_61.0.3163.79-0ubuntu1.1371.dsc
c650a8c0ded98e27e52da1f5b333a7fdb2e9c720 2670292 chromium-browser_61.0.3163.79-0ubuntu1.1371.debian.tar.xz
Checksums-Sha256:
937bec7d412c3c7ec04fc394f94f42d96cabd03455d51a0e77dd26ae7cb30ee8 2592 chromium-browser_61.0.3163.79-0ubuntu1.1371.dsc
2d9b1a680c0c7ce54385abdae47e415f21facf3160432efe245efb0d02827028 2670292 chromium-browser_61.0.3163.79-0ubuntu1.1371.debian.tar.xz
Files:
f58301d3124e07a47972e628268d1d2e 2592 web optional chromium-browser_61.0.3163.79-0ubuntu1.1371.dsc
7eee7858eaa263369d90369a5ad12b0c 2670292 web optional chromium-browser_61.0.3163.79-0ubuntu1.1371.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQE5BAEBCAAjBQJZw+CYHBxjaHJpcy5jb3Vsc29uQGNhbm9uaWNhbC5jb20ACgkQ
YR+97NWUbg/Gkgf/QfzVynvRr0NfyWZlZ4J4hJu5Wh1yqEKtagcvb6Ny4j6MKH2D
1wIGiST8LTrON3CIsaNj8U8MD49aHKnceTOvBsLzF/k0Zl7nKVZ+WdkF/2AVru+/
6F3zwim8iA0mAcXOMwbL3sWC/0wdl8qCuzchS3xupp/q4Q7iUrXRLzVBRfWHUuuR
vYkuHBmG1o5d+8BSPHwrhS4Tsvw34urdeawQ5C+tC8Ix1h9AZxIQcfpQPfhR1vLf
tQKlGgA67tXcaxGXzyfN8QLWVo51PR6cXRTer0AKZWCYYe8H4r8muFZmz5oORRoV
RORHCAZldW/8PB4HGxDuYotux25TJV6AalKPVw==
=T3NL
-----END PGP SIGNATURE-----
More information about the Artful-changes
mailing list