[Pkg-chromium-maint] chromium-browser_55.0.2883.75-1~deb8u1_i386.changes ACCEPTED into proposed-updates->stable-new

Debian FTP Masters ftpmaster at ftp-master.debian.org
Sun Dec 11 21:34:16 UTC 2016 

Mapping stable-security to proposed-updates.

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 11 Dec 2016 04:48:45 +0000
Source: chromium-browser
Binary: chromium chromium-dbg chromium-l10n chromium-inspector chromedriver
Architecture: source i386 all
Version: 55.0.2883.75-1~deb8u1
Distribution: jessie-security
Urgency: medium
Maintainer: Debian Chromium Maintainers <pkg-chromium-maint at lists.alioth.debian.org>
Changed-By: Michael Gilbert <mgilbert at debian.org>
Description:
 chromedriver - web browser - WebDriver support
 chromium   - web browser
 chromium-dbg - web browser - debugging symbols
 chromium-inspector - web browser - page inspection support
 chromium-l10n - web browser - language packs
Closes: 844631
Changes:
 chromium-browser (55.0.2883.75-1~deb8u1) jessie-security; urgency=medium
 .
   * New upstream stable release:
     - CVE-2016-5181: Universal XSS in Blink. Credit to Anonymous
     - CVE-2016-5182: Heap overflow in Blink. Credit to Giwan Go
     - CVE-2016-5183: Use after free in PDFium. Credit to Anonymous
     - CVE-2016-5184: Use after free in PDFium. Credit to Anonymous
     - CVE-2016-5185: Use after free in Blink. Credit to cloudfuzzer
     - CVE-2016-5186: Out of bounds read in DevTools. Credit to Abdulrahman
     - CVE-2016-5187: URL spoofing. Credit to Luan Herrera
     - CVE-2016-5188: UI spoofing. Credit to Luan Herrera
       haojunhou at gmail.com
     - CVE-2016-5189: URL spoofing. Credit to xisigr
       Alqabandi
     - CVE-2016-5190: Use after free in Internals. Credit to Atte Kettunen
     - CVE-2016-5191: Universal XSS in Bookmarks. Credit to Gareth Hughes
     - CVE-2016-5192: Cross-origin bypass in Blink. Credit to
     - CVE-2016-5193: Scheme bypass. Credit to Yuyang ZHOU
     - CVE-2016-5194: Various fixes from internal audits, fuzzing and other
       initiatives
     - CVE-2016-5198: Out of bounds memory access in V8. Credit to Tencent Keen
       Security Lab
     - CVE-2016-5200: Out of bounds memory access in V8. Credit to Choongwoo Han
     - CVE-2016-5201: Info leak in extensions. Credit to Rob Wu
     - CVE-2016-5202: Various fixes from internal audits, fuzzing and other
       initiatives
     - CVE-2016-5203: Use after free in PDFium. Credit to Anonymous
     - CVE-2016-5204: Universal XSS in Blink. Credit to Mariusz Mlynski
     - CVE-2016-5205: Universal XSS in Blink. Credit to Anonymous
     - CVE-2016-5206: Same-origin bypass in PDFium. Credit to Rob Wu
     - CVE-2016-5207: Universal XSS in Blink. Credit to Mariusz Mlynski
     - CVE-2016-5208: Universal XSS in Blink. Credit to Mariusz Mlynski
     - CVE-2016-5209: Out of bounds write in Blink. Credit to Giwan Go
     - CVE-2016-5210: Out of bounds write in PDFium. Credit to Ke Liu
     - CVE-2016-5211: Use after free in PDFium. Credit to Anonymous
     - CVE-2016-5212: Local file disclosure in DevTools. Credit to Khalil Zhani
     - CVE-2016-5213: Use after free in V8. Credit to Khalil Zhani
     - CVE-2016-5214: File download protection bypass. Credit to Jonathan Birch
       and MSVR
     - CVE-2016-5215: Use after free in Webaudio. Credit to Looben Yang
     - CVE-2016-5216: Use after free in PDFium. Credit to Anonymous
     - CVE-2016-5217: Use of unvalidated data in PDFium. Credit to Rob Wu
     - CVE-2016-5218: Address spoofing in Omnibox. Credit to Abdulrahman
       Alqabandi
     - CVE-2016-5219: Use after free in V8. Credit to Rob Wu
     - CVE-2016-5220: Local file access in PDFium. Credit to Rob Wu
     - CVE-2016-5221: Integer overflow in ANGLE. Credit to Tim Becker
     - CVE-2016-5222: Address spoofing in Omnibox. Credit to xisigr
     - CVE-2016-5223: Integer overflow in PDFium. Credit to Hwiwon Lee
     - CVE-2016-5224: Same-origin bypass in SVG. Credit to Roeland Krak
     - CVE-2016-5225: CSP bypass in Blink. Credit to Scott Helme
     - CVE-2016-5226: Limited XSS in Blink. Credit to Jun Kokatsu
     - CVE-2016-9650: CSP Referrer disclosure. Credit to Jakub Żoczek
     - CVE-2016-9651: Private property access in V8. Credit to Guang Gong
     - CVE-2016-9652: Various fixes from internal audits, fuzzing and other
       initiatives
     - Certificate validity is now independent of the browser build date
       (closes: #844631).
     - No longer supports gyp build system, so update to use gn instead.
Checksums-Sha1:
 c708b399bf09b950a2543fbc7efe64e58552a685 4087 chromium-browser_55.0.2883.75-1~deb8u1.dsc
 7e19210a25ae94e17b0fd93625642d1d59697dc8 472986664 chromium-browser_55.0.2883.75.orig.tar.xz
 22043abb4ee3fe9f3a9566482e0a08a3625ea1f0 183480 chromium-browser_55.0.2883.75-1~deb8u1.debian.tar.xz
 1c7eaf51d1d5f7da58e6216c86cac5e1d9072d6e 42461718 chromium_55.0.2883.75-1~deb8u1_i386.deb
 1ae8009a9095a527790365f7f4697a748e2d2432 6933910 chromium-dbg_55.0.2883.75-1~deb8u1_i386.deb
 b4231eed97d384edb380b8660adb4aa95cf23a98 3339348 chromium-l10n_55.0.2883.75-1~deb8u1_all.deb
 fb8186b902598cfcdf1fd2e576441892d4872461 1404218 chromium-inspector_55.0.2883.75-1~deb8u1_all.deb
 052dcc08525b2ad6ec3907e97bcdebc6cbb2acd4 2624408 chromedriver_55.0.2883.75-1~deb8u1_i386.deb
Checksums-Sha256:
 fda2905fabd8557dd8e0d85e8fdbee46acda16e7a62f5792306e0457b9846d18 4087 chromium-browser_55.0.2883.75-1~deb8u1.dsc
 8b4a7109aeb40f1804d584151649a6b2ca70d0da459fe86daeaa0f5f3c6ea358 472986664 chromium-browser_55.0.2883.75.orig.tar.xz
 055a9f090d001a6c7b619c291796b17611c8d935e617da1f06501ce1d2238ff7 183480 chromium-browser_55.0.2883.75-1~deb8u1.debian.tar.xz
 d2b25c5f689f5dc45467a355b93f310d49602b54ba3116993750a9400e4222be 42461718 chromium_55.0.2883.75-1~deb8u1_i386.deb
 b1d1d6ec538fc76f9d83a4d99da102b0c42ebd87fd91403bb065b2888871fd8a 6933910 chromium-dbg_55.0.2883.75-1~deb8u1_i386.deb
 a5120d3ba01a5cb4966ce540318a0b6904d95125515cea9356372da7077e8ea6 3339348 chromium-l10n_55.0.2883.75-1~deb8u1_all.deb
 f623318dabe60bda281db285d26a1a14ccb3302cffdcdb52166bd759dedc27ce 1404218 chromium-inspector_55.0.2883.75-1~deb8u1_all.deb
 b3e537c0bf35ea168ecd3d3935d220def7c49c06771a4f020df7675c87445662 2624408 chromedriver_55.0.2883.75-1~deb8u1_i386.deb
Files:
 4a5091cc667678b97a0d71d7cf9efd83 4087 web optional chromium-browser_55.0.2883.75-1~deb8u1.dsc
 6ea097ad1d73444f40359f54ad9bf396 472986664 web optional chromium-browser_55.0.2883.75.orig.tar.xz
 a2fbf7b8e7b607a89dd96d11645f4c6d 183480 web optional chromium-browser_55.0.2883.75-1~deb8u1.debian.tar.xz
 615f1cc64b6b8b2c4ac670a91470c1d1 42461718 web optional chromium_55.0.2883.75-1~deb8u1_i386.deb
 75d710eb62663e3d63c3c84a8e7db9a4 6933910 debug extra chromium-dbg_55.0.2883.75-1~deb8u1_i386.deb
 327a01b2d004d15c0f5a76fdf745ea5f 3339348 localization optional chromium-l10n_55.0.2883.75-1~deb8u1_all.deb
 493f5fffc7c88d53e20e3e0242399a35 1404218 web optional chromium-inspector_55.0.2883.75-1~deb8u1_all.deb
 baab5cb8f34c2b7d8bf63e0a6f583b34 2624408 web optional chromedriver_55.0.2883.75-1~deb8u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAlhNYboACgkQuNayzQLW
9HN/3B//azWVQoO6a+Txr9FEvvbRfpKpT3U+R3AKv6a2QBJJQ/tUYyBs+2SKb5Yb
YXmYNn9p3wKvU2taZTyO6pBgD4/DeAjVAvNssCsrRbB7azB/BfLjZhBrr5vC5+cj
LGZz0GTqOSIHjEg0aGMeZX2qReZN2X+keM6Sf2oAmmSPgsl1hdpR2NsrDgi+x/ZX
itOyDkE4KUdKkxbAuZnxrofWsaHPARPHf9jYnH2RKudHzbwx1kDFQprr/F/7UxpD
vIWpG67eoiol+S+DE4OVTJ2pb8Jm8EJsGJk+JBXaXmWX6r4PRFHYTcPoQKxfe5QW
O5ijXwB4ISwetJw6dhqgSZu2Kc9IFLNp1hghO72+ZVdcKXxditiziRL3PnLo/+dZ
wlA+ADEen96OlTvSRCqjWJhYtU6WK4zQrvEyBGr+q0KMCf8c2pd67qfdel/hbTUx
d92om6zm21Txy/SaeTuwY4RydGmtdRSS3OMyFpgcaHqmxz/PtXkgS6oAJ4vnipdQ
eVhZW6Uv30rZmMeGHjRHiYG1K6h6wjLcdcl/7STWF2psWPGFkxH6iQsKpfOw4/Qq
C42seyk/bM2bpDscV9Jn8tcxK060+b+eUcFiUPVaGGYa9nqsybfHo2vo/oMhWLzB
lli6Yj7psaV+hyMi9o41fVEc1WwfV+fJAcDTfol4cIt0jeBWZUnGqJeHA81v86xX
jrIPzacNfWWSfu/RSMkSz90H9Ruc6F4IFHwa4sK8xiMvyl03ukNR8dLXb4Y3DZCC
uQ3pECw1k88OWRQc6iuCN1Igwiav/jUWqRmM21SVSRx1BPaHpAVeGk/O/3BJYcJX
3hpNAVh9XhoA+6viF+qVkJ4nW3hVdZqNWQ8okw1Dq0hC/z6MfkQ+iuWyrJNhe3ZS
zlxThr6CyUOQPW1cbt4muHmZV4rsburEjP443em/9XTkeB0hyN+7pUf7mbQ8rq5h
pSviLTjz+5pa38QdNVikOAF5eS65BXmQL+boGiWyrBOVxjBePDfGMXP9oZhkjz/5
e6o2Sr3Hy+SXbjLgbi3uRj4LuS1fHlVkIbuLKdZOGTd6vivBWi8uq1xyD3+wqyDl
lI9NmfvD3d6PvHIj4RmB6AsfkaADveKQ5avBBNxumD4xGliPYYdALhmG7mRDsE6z
wKbZbGxM7BmhpK44gRkHLyr8U8URbnz4N3siTZGKXHrPGAKCTpU5fvPLGGBW7dqN
iYCuepafY9ZcFuBarWGgZo58bfzyNQUbaKNSyyVnb23z+ZrHGAgHuanZ4wrWd8gN
idAm9QWAAkZK8T7HdTCYWlCMWaVcgxn7rIiQf44hkpqiUfOTrpOcpRI2igm/gkKi
TBdQ1SNl4HHKV89/0YVL2K62QPmuBg==
=OJL5
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.

More information about the Pkg-chromium-maint mailing list