[ubuntu/eoan-proposed] chromium-browser 75.0.3770.80-0ubuntu1~snap1 (Accepted)

Olivier Tilloy olivier.tilloy at canonical.com
Wed Jun 12 07:59:13 UTC 2019 

chromium-browser (75.0.3770.80-0ubuntu1~snap1) eoan; urgency=medium

  * Upstream release: 75.0.3770.80
    - CVE-2019-5828: Use after free in ServiceWorker.
    - CVE-2019-5829: Use after free in Download Manager.
    - CVE-2019-5830: Incorrectly credentialed requests in CORS.
    - CVE-2019-5831: Incorrect map processing in V8.
    - CVE-2019-5832: Incorrect CORS handling in XHR.
    - CVE-2019-5833: Inconsistent security UI placement.
    - CVE-2019-5834: URL spoof in Omnibox on iOS.
    - CVE-2019-5835: Out of bounds read in Swiftshader.
    - CVE-2019-5836: Heap buffer overflow in Angle.
    - CVE-2019-5837: Cross-origin resources size disclosure in Appcache.
    - CVE-2019-5838: Overly permissive tab access in Extensions.
    - CVE-2019-5839: Incorrect handling of certain code points in Blink.
    - CVE-2019-5840: Popup blocker bypass.
  * Install the chromium snap in place of the debian packages, and make the
    wrapper script rename the desktop file in well-known desktop launchers
    (currently GNOME Shell and Unity)

Date: Wed, 12 Jun 2019 09:57:03 +0200
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/chromium-browser/75.0.3770.80-0ubuntu1~snap1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 12 Jun 2019 09:57:03 +0200
Source: chromium-browser
Architecture: source
Version: 75.0.3770.80-0ubuntu1~snap1
Distribution: eoan
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Changes:
 chromium-browser (75.0.3770.80-0ubuntu1~snap1) eoan; urgency=medium
 .
   * Upstream release: 75.0.3770.80
     - CVE-2019-5828: Use after free in ServiceWorker.
     - CVE-2019-5829: Use after free in Download Manager.
     - CVE-2019-5830: Incorrectly credentialed requests in CORS.
     - CVE-2019-5831: Incorrect map processing in V8.
     - CVE-2019-5832: Incorrect CORS handling in XHR.
     - CVE-2019-5833: Inconsistent security UI placement.
     - CVE-2019-5834: URL spoof in Omnibox on iOS.
     - CVE-2019-5835: Out of bounds read in Swiftshader.
     - CVE-2019-5836: Heap buffer overflow in Angle.
     - CVE-2019-5837: Cross-origin resources size disclosure in Appcache.
     - CVE-2019-5838: Overly permissive tab access in Extensions.
     - CVE-2019-5839: Incorrect handling of certain code points in Blink.
     - CVE-2019-5840: Popup blocker bypass.
   * Install the chromium snap in place of the debian packages, and make the
     wrapper script rename the desktop file in well-known desktop launchers
     (currently GNOME Shell and Unity)
Checksums-Sha1:
 2c69a2f6182938d4f54604a9c38177d6585e1144 1773 chromium-browser_75.0.3770.80-0ubuntu1~snap1.dsc
 468ed9e57e39306476cec58862731cf9d081fabf 97440 chromium-browser_75.0.3770.80-0ubuntu1~snap1.tar.xz
 6a485c4e97b89f1e9092f09ad8b5b75eb4be4b4c 7930 chromium-browser_75.0.3770.80-0ubuntu1~snap1_source.buildinfo
Checksums-Sha256:
 c5cad5ef2897062b35b127875aba7d4bae007f28f3881b72743192e5dd9e0d03 1773 chromium-browser_75.0.3770.80-0ubuntu1~snap1.dsc
 b3763614327e9d3c802c3673c6e636526b41fa26b86f98b349a3e02e8a1be40e 97440 chromium-browser_75.0.3770.80-0ubuntu1~snap1.tar.xz
 a23a52b47297c5e2215c26451e7b0c24144d700d285ff48f0fa3490e58875f6a 7930 chromium-browser_75.0.3770.80-0ubuntu1~snap1_source.buildinfo
Files:
 a262588f6a40f27ca5b1cac4a4dd4fb0 1773 web optional chromium-browser_75.0.3770.80-0ubuntu1~snap1.dsc
 ea1c118d5853c22b47b72fdd5b292d33 97440 web optional chromium-browser_75.0.3770.80-0ubuntu1~snap1.tar.xz
 81f6ede8617e8d89865fab9f3201a4be 7930 web optional chromium-browser_75.0.3770.80-0ubuntu1~snap1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEOEr9Mc7+BgD56Np90yjXIxis5scFAl0AsK0ACgkQ0yjXIxis
5sejcwgAuLo1DH8XnIT3oGd8UPuUbcPGdIN13ANKszpF4aH6wIcncjBNJNlSf7Q6
h4QTaPoGyG1ch+BOmG7CjLzDUR/phgSvddrtfbfsh/tDqrw+4DIgP0KF/urUYngV
F7NvdCs2950c5dcioiDiF7uZRjf9wwLTLge5eGB4CfDBoqVpQ2DU8oajpXcoRzdc
LMLkcLedcSObvhmzF3gG9dyi5xGO2RCTFwXMukAQ/x1hiww6HIoE0ZSbYzlsCdXj
Fdd2+lvk7lUX9uPm3QJbs/GVQecG2h7Uttr78MQiIJR3LlH9tya8xIhJTAaniD0n
vX4jvuRvuBt5ewevZg1YT0jJD+xsGQ==
=bieC
-----END PGP SIGNATURE-----

More information about the Eoan-changes mailing list