[Pkg-chromium-commit] [pkg-chromium] 05/05: release 62.0.3202.75-1~deb9u1

Michael Gilbert mgilbert at moszumanska.debian.org
Sun Nov 5 23:08:51 UTC 2017 

This is an automated email from the git hooks/post-receive script.

mgilbert pushed a commit to branch stretch
in repository pkg-chromium.

commit b82ca31eb33c364d417a453e823bab8684041a85
Author: Michael Gilbert <mgilbert at debian.org>
Date:   Sun Nov 5 23:10:45 2017 +0000

    release 62.0.3202.75-1~deb9u1
---
 debian/changelog | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index f1734c9..7259236 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,35 @@
+chromium-browser (62.0.3202.75-1~deb9u1) stretch-security; urgency=medium
+
+  * New upstream stable release.
+    - CVE-2017-5124: UXSS with MHTML. Reported by Anonymous
+    - CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous
+    - CVE-2017-5126: Use after free in PDFium. Reported by Luat Nguyen
+    - CVE-2017-5127: Use after free in PDFium. Reported by Luat Nguyen
+    - CVE-2017-5128: Heap overflow in WebGL. Reported by Omair
+    - CVE-2017-5129: Use after free in WebAudio. Reported by Omair
+    - CVE-2017-5131: Out of bounds write in Skia. Reported by Anonymous
+    - CVE-2017-5132: Incorrect stack manipulation in WebAssembly. Reported by
+      Gaurav Dewan
+    - CVE-2017-5133: Out of bounds write in Skia. Reported by Aleksandar
+      Nikolic
+    - CVE-2017-15386: UI spoofing in Blink. Reported by WenXu Wu
+    - CVE-2017-15387: Content security bypass. Reported by Jun Kokatsu
+    - CVE-2017-15388: Out of bounds read in Skia. Reported by Kushal Arvind
+      Shah
+    - CVE-2017-15389: URL spoofing in OmniBox. Reported by xisigr
+    - CVE-2017-15390: URL spoofing in OmniBox. Reported by Haosheng Wang
+    - CVE-2017-15391: Extension limitation bypass in Extensions. Reported by
+      João Lucas Melo Brasio
+    - CVE-2017-15392: Incorrect registry key handling in PlatformIntegration.
+      Reported by Xiaoyin Liu
+    - CVE-2017-15393: Referrer leak in Devtools. Reported by Svyat Mitin
+    - CVE-2017-15394: URL spoofing in extensions UI. Reported by Sam
+    - CVE-2017-15395: Null pointer dereference in ImageCapture. Reported by
+      Johannes Bergman
+    - CVE-2017-15396: Stack overflow in V8. Reported by Yuan Deng
+
+ -- Michael Gilbert <mgilbert at debian.org>  Sun, 05 Nov 2017 03:09:35 +0000
+
 chromium-browser (61.0.3163.100-1~deb9u1) stretch-security; urgency=medium
 
   * New upstream stable release

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-chromium/pkg-chromium.git

More information about the Pkg-chromium-commit mailing list