[ubuntu/bionic-proposed] chromium-browser 63.0.3239.84-0ubuntu1 (Accepted)

Olivier Tilloy olivier.tilloy at canonical.com
Mon Dec 11 10:56:46 UTC 2017 

chromium-browser (63.0.3239.84-0ubuntu1) bionic; urgency=medium

  * Upstream release: 63.0.3239.84
    - CVE-2017-15407: Out of bounds write in QUIC.
    - CVE-2017-15408: Heap buffer overflow in PDFium.
    - CVE-2017-15409: Out of bounds write in Skia.
    - CVE-2017-15410: Use after free in PDFium.
    - CVE-2017-15411: Use after free in PDFium.
    - CVE-2017-15412: Use after free in libXML.
    - CVE-2017-15413: Type confusion in WebAssembly.
    - CVE-2017-15415: Pointer information disclosure in IPC call.
    - CVE-2017-15416: Out of bounds read in Blink.
    - CVE-2017-15417: Cross origin information disclosure in Skia.
    - CVE-2017-15418: Use of uninitialized value in Skia.
    - CVE-2017-15419: Cross origin leak of redirect URL in Blink.
    - CVE-2017-15420: URL spoofing in Omnibox.
    - CVE-2017-15422: Integer overflow in ICU.
    - CVE-2017-15423: Issue with SPAKE implementation in BoringSSL.
    - CVE-2017-15424: URL Spoof in Omnibox.
    - CVE-2017-15425: URL Spoof in Omnibox.
    - CVE-2017-15426: URL Spoof in Omnibox.
    - CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox.
  * debian/rules:
    - replace allow_posix_link_time_opt=false by use_lld=false,
      is_cfi=false and use_thin_lto=false
    - rename use_vulcanize GN flag to optimize_webui
    - generate the man page as it's not being built with chromium any
      longer (since commit 64b961499bebc54fe48478f5e37477252c7887fa)
  * debian/patches/arm-neon.patch: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/fix-gn-bootstrap.patch: removed, no longer needed
  * debian/patches/fix_building_widevinecdm_with_chromium.patch: replaced by
    debian/patches/widevine-revision.patch
  * debian/patches/glibc-2-26-changes.patch: renamed to
    debian/patches/no-xlocale-header.patch and updated
  * debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: added
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: updated
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/touch-v35: refreshed
  * debian/patches/use-clang-versioned.patch: refreshed
  * debian/patches/widevine-other-locations: updated (LP: #1652110)
  * debian/patches/widevine-revision.patch: added (LP: #1652110)

Date: Thu, 07 Dec 2017 10:00:14 +0100
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/chromium-browser/63.0.3239.84-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 07 Dec 2017 10:00:14 +0100
Source: chromium-browser
Binary: chromium-browser chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-extra chromium-chromedriver
Architecture: source
Version: 63.0.3239.84-0ubuntu1
Distribution: bionic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Description:
 chromium-browser - Chromium web browser, open-source version of Chrome
 chromium-browser-l10n - chromium-browser language packages
 chromium-chromedriver - WebDriver driver for the Chromium Browser
 chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
Launchpad-Bugs-Fixed: 1652110
Changes:
 chromium-browser (63.0.3239.84-0ubuntu1) bionic; urgency=medium
 .
   * Upstream release: 63.0.3239.84
     - CVE-2017-15407: Out of bounds write in QUIC.
     - CVE-2017-15408: Heap buffer overflow in PDFium.
     - CVE-2017-15409: Out of bounds write in Skia.
     - CVE-2017-15410: Use after free in PDFium.
     - CVE-2017-15411: Use after free in PDFium.
     - CVE-2017-15412: Use after free in libXML.
     - CVE-2017-15413: Type confusion in WebAssembly.
     - CVE-2017-15415: Pointer information disclosure in IPC call.
     - CVE-2017-15416: Out of bounds read in Blink.
     - CVE-2017-15417: Cross origin information disclosure in Skia.
     - CVE-2017-15418: Use of uninitialized value in Skia.
     - CVE-2017-15419: Cross origin leak of redirect URL in Blink.
     - CVE-2017-15420: URL spoofing in Omnibox.
     - CVE-2017-15422: Integer overflow in ICU.
     - CVE-2017-15423: Issue with SPAKE implementation in BoringSSL.
     - CVE-2017-15424: URL Spoof in Omnibox.
     - CVE-2017-15425: URL Spoof in Omnibox.
     - CVE-2017-15426: URL Spoof in Omnibox.
     - CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox.
   * debian/rules:
     - replace allow_posix_link_time_opt=false by use_lld=false,
       is_cfi=false and use_thin_lto=false
     - rename use_vulcanize GN flag to optimize_webui
     - generate the man page as it's not being built with chromium any
       longer (since commit 64b961499bebc54fe48478f5e37477252c7887fa)
   * debian/patches/arm-neon.patch: refreshed
   * debian/patches/disable-sse2: refreshed
   * debian/patches/fix-gn-bootstrap.patch: removed, no longer needed
   * debian/patches/fix_building_widevinecdm_with_chromium.patch: replaced by
     debian/patches/widevine-revision.patch
   * debian/patches/glibc-2-26-changes.patch: renamed to
     debian/patches/no-xlocale-header.patch and updated
   * debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: added
   * debian/patches/search-credit.patch: refreshed
   * debian/patches/set-rpath-on-chromium-executables.patch: updated
   * debian/patches/suppress-newer-clang-warning-flags.patch: updated
   * debian/patches/touch-v35: refreshed
   * debian/patches/use-clang-versioned.patch: refreshed
   * debian/patches/widevine-other-locations: updated (LP: #1652110)
   * debian/patches/widevine-revision.patch: added (LP: #1652110)
Checksums-Sha1:
 2c86e029248faab76d2b690f60a230e5ba475662 2539 chromium-browser_63.0.3239.84-0ubuntu1.dsc
 b2193fa6ea05c9c558b6ed2cd0ebc6f657507dd4 534280828 chromium-browser_63.0.3239.84.orig.tar.xz
 2607ddeb4a489ea95ca1dc4a00e9fc77710da465 2671516 chromium-browser_63.0.3239.84-0ubuntu1.debian.tar.xz
 4962ccd4dc18513bc659f089a63e2bbdd39f123a 17758 chromium-browser_63.0.3239.84-0ubuntu1_source.buildinfo
Checksums-Sha256:
 d835a54a928db27a504de7ef117ff2f50c49dc59f1466ddf94b13ddb58fa4b0e 2539 chromium-browser_63.0.3239.84-0ubuntu1.dsc
 6de2754dfc333675ae6a67ae13c95666009b35c84f847b058edbf312e42fa3af 534280828 chromium-browser_63.0.3239.84.orig.tar.xz
 8fffe12dcdbb2e6af60ce113cc04932fb0252b71f494f32ba5b7e48b7d901a9a 2671516 chromium-browser_63.0.3239.84-0ubuntu1.debian.tar.xz
 e12b4883a5b89d3d98ce46cf95a66c7d82420f8b381e379b502fd4cb363008db 17758 chromium-browser_63.0.3239.84-0ubuntu1_source.buildinfo
Files:
 0aa9d102e77c79ef96e702489f5653ad 2539 web optional chromium-browser_63.0.3239.84-0ubuntu1.dsc
 85285d9ed3e6205c60774475dc5149b7 534280828 web optional chromium-browser_63.0.3239.84.orig.tar.xz
 c1fc3bcbc0351ae305ff6f1ec1b96e45 2671516 web optional chromium-browser_63.0.3239.84-0ubuntu1.debian.tar.xz
 689c2b6fbbb4527cb888860ec97e7317 17758 web optional chromium-browser_63.0.3239.84-0ubuntu1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQEcBAEBCAAGBQJaKQR0AAoJENMo1yMYrObHfYQIAIzl8Ym7AYGK7cF4AtSkQpO4
8gOhgUyonLvOnfEp/26DcIjxO8XzdT8PM13EREWZy+G8E6KZtFjNvbrpGDrOWHnA
lnUjUgQkPZoG+jD3xdtpIXw61nshu1Rhv8XOeepastNH5CXgEag5lr3itAIIILUQ
iOHpSVo5+fym4aMfSPgUT7oWcyvTU16X2VM4x1rPi7jU2Xezfh5VXEYTmFcakvMR
G4cmnutTFWVPzIGgqW2hvSQ4sLX6wkY+zF6jKG7mLx6mIVvxIdUs7YEfeVJPA4Cu
MyoFyA+cIP3TyyCjq0uISEiBOVip213Vri7L6g2A1cRNFTrYJgqVlVLlTUOGfoA=
=1gcq
-----END PGP SIGNATURE-----

More information about the Bionic-changes mailing list