[Pkg-chromium-commit] [pkg-chromium] 02/02: release 49.0.2623.75-1~deb8u1

Michael Gilbert mgilbert at moszumanska.debian.org
Wed Mar 9 20:43:10 UTC 2016 

This is an automated email from the git hooks/post-receive script.

mgilbert pushed a commit to branch jessie
in repository pkg-chromium.

commit 8a1f4ae102fdd5b48ffff98174c45cf1dc9a1555
Author: Michael Gilbert <mgilbert at debian.org>
Date:   Wed Mar 9 20:42:14 2016 +0000

    release 49.0.2623.75-1~deb8u1
---
 debian/changelog | 25 +++++++++++++++++++++++++
 debian/control   |  1 +
 debian/rules     |  1 +
 3 files changed, 27 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 433a333..1356fd7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,28 @@
+chromium-browser (49.0.2623.75-1~deb8u1) jessie-security; urgency=medium
+
+  * New upstream stable release:
+    - CVE-2016-1630: Same-origin bypass in Blink. Credit to Mariusz Mlynski.
+    - CVE-2016-1631: Same-origin bypass in Pepper Plugin. Credit to Mariusz
+      Mlynski.
+    - CVE-2016-1632: Bad cast in Extensions. Credit to anonymous.
+    - CVE-2016-1633: Use-after-free in Blink. Credit to cloudfuzzer.
+    - CVE-2016-1634: Use-after-free in Blink. Credit to cloudfuzzer.
+    - CVE-2016-1635: Use-after-free in Blink. Credit to Rob Wu.
+    - CVE-2016-1636: SRI Validation Bypass. Credit to ryan at cyph.com.
+    - CVE-2015-8126: Out-of-bounds access in libpng. Credit to joerg.bornemann.
+    - CVE-2016-1637: Information Leak in Skia. Credit to Keve Nagy.
+    - CVE-2016-1638: WebAPI Bypass. Credit to Rob Wu.
+    - CVE-2016-1639: Use-after-free in WebRTC. Credit to Khalil Zhani.
+    - CVE-2016-1640: Origin confusion in Extensions UI. Credit to Luan Herrera.
+    - CVE-2016-1641: Use-after-free in Favicon. Credit to Atte Kettunen.
+    - CVE-2016-1642: Various fixes from internal audits, fuzzing and other
+      initiatives.
+    - Multiple vulnerabilities in libv8 (version 4.9.385.26).
+  * Add libffi-dev build dependency.
+  * Set use_sysroot=0 to continue using system libraries.
+
+ -- Michael Gilbert <mgilbert at debian.org>  Sat, 05 Mar 2016 01:05:51 +0000
+
 chromium-browser (48.0.2564.116-1~deb8u1) jessie-security; urgency=medium
 
   * New stable security release:
diff --git a/debian/control b/debian/control
index 9d410cd..fe07dc0 100644
--- a/debian/control
+++ b/debian/control
@@ -48,6 +48,7 @@ Build-Depends:
  libdrm-dev,
  libusb-dev,
  libicu-dev,
+ libffi-dev,
  libkrb5-dev,
  libexif-dev,
  libudev-dev,
diff --git a/debian/rules b/debian/rules
index 0eddb2d..9fda7ef 100755
--- a/debian/rules
+++ b/debian/rules
@@ -26,6 +26,7 @@ defines+=clang_use_chrome_plugins=
 # disabled features
 defines+=use_ozone=0 \
          use_gconf=0 \
+         use_sysroot=0 \
          use_allocator=none \
          linux_breakpad=0 \
          linux_use_libgps=0 \

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-chromium/pkg-chromium.git

More information about the Pkg-chromium-commit mailing list