[Pkg-chromium-maint] chromium-browser_51.0.2704.63-1_source.changes ACCEPTED into unstable

Fri May 27 03:53:53 UTC 2016

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 27 May 2016 01:52:42 +0000
Source: chromium-browser
Binary: chromium chromium-l10n chromedriver
Architecture: source
Version: 51.0.2704.63-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Chromium Maintainers <pkg-chromium-maint at lists.alioth.debian.org>
Changed-By: Michael Gilbert <mgilbert at debian.org>
Description:
 chromedriver - web browser - WebDriver support
 chromium   - web browser
 chromium-l10n - web browser - language packs
Changes:
 chromium-browser (51.0.2704.63-1) unstable; urgency=medium
 .
   * New upstream stable release:
     - CVE-2016-1667: Same origin bypass in DOM. Credit to Mariusz Mlynski.
     - CVE-2016-1668: Same origin bypass in Blink V8 bindings. Credit to
       Mariusz Mlynski.
     - CVE-2016-1669: Buffer overflow in V8. Credit to Choongwoo Han.
     - CVE-2016-1670: Race condition in loader. Credit to anonymous.
     - CVE-2016-1672: Cross-origin bypass in extension bindings. Credit to
       Mariusz Mlynski.
     - CVE-2016-1673: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
     - CVE-2016-1674: Cross-origin bypass in extensions. Credit to Mariusz
       Mlynski.
     - CVE-2016-1675: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
     - CVE-2016-1676: Cross-origin bypass in extension bindings. Credit to Rob
       Wu.
     - CVE-2016-1677: Type confusion in V8. Credit to Guang Gong.
     - CVE-2016-1678: Heap overflow in V8. Credit to Christian Holler.
     - CVE-2016-1679: Heap use-after-free in V8 bindings. Credit to Rob Wu.
     - CVE-2016-1680: Heap use-after-free in Skia. Credit to Atte Kettunen.
     - CVE-2016-1681: Heap overflow in PDFium. Credit to Aleksandar Nikolic.
     - CVE-2016-1682: CSP bypass for ServiceWorker. Credit to KingstonTime.
     - CVE-2016-1683: Out-of-bounds access in libxslt. Credit to Nicolas
       Gregoire.
     - CVE-2016-1684: Integer overflow in libxslt. Credit to Nicolas Gregoire.
     - CVE-2016-1685: Out-of-bounds read in PDFium. Credit to Ke Liu.
     - CVE-2016-1686: Out-of-bounds read in PDFium. Credit to Ke Liu.
     - CVE-2016-1687: Information leak in extensions. Credit to Rob Wu.
     - CVE-2016-1688: Out-of-bounds read in V8. Credit to Max Korenko.
     - CVE-2016-1689: Heap buffer overflow in media. Credit to Atte Kettunen.
     - CVE-2016-1690: Heap use-after-free in Autofill. Credit to Rob Wu.
     - CVE-2016-1691: Heap buffer-overflow in Skia. Credit to Atte Kettunen.
     - CVE-2016-1692: Limited cross-origin bypass in ServiceWorker. Credit to
       Til Jasper Ullrich.
     - CVE-2016-1693: HTTP Download of Software Removal Tool. Credit to Khalil
       Zhani.
     - CVE-2016-1694: HPKP pins removed on cache clearance. Credit to Ryan
       Lester and Bryant Zadegan.
     - CVE-2016-1695: Various fixes from internal audits, fuzzing and other
       initiatives.
Checksums-Sha1:
 9ebedd01053e8f583dc5d488033e6668868210b9 3910 chromium-browser_51.0.2704.63-1.dsc
 30416dc16eb472e466280f99ffc6c11e5cee5c3e 459977248 chromium-browser_51.0.2704.63.orig.tar.xz
 29431d7281f379f0991b52e3932bc1ecd4fc9b40 119932 chromium-browser_51.0.2704.63-1.debian.tar.xz
Checksums-Sha256:
 5f64edf29c15bea9be93dc85de0d123fb7be3bf412ecc042bd1cc42c8786ad01 3910 chromium-browser_51.0.2704.63-1.dsc
 ff056403384b531d447bf80455b615c83ae3f66205ea0642c727e29da7e664b7 459977248 chromium-browser_51.0.2704.63.orig.tar.xz
 945518aefc6784c4c861938402a912a656f59be59d0eb3b90653abeb98664a27 119932 chromium-browser_51.0.2704.63-1.debian.tar.xz
Files:
 99b2f1593333a84d7890a6053916ac5b 3910 web optional chromium-browser_51.0.2704.63-1.dsc
 381433c3910d12f66acee7268cba87f6 459977248 web optional chromium-browser_51.0.2704.63.orig.tar.xz
 b6b737c4649073a06d5abc1334629602 119932 web optional chromium-browser_51.0.2704.63-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQQcBAEBCgAGBQJXR7F0AAoJELjWss0C1vRzhrcgAKZXm7LCpgnI+QA6sr9ccwR4
nb68O9p4S/rXM5vfOnnmC0poCI1wrJjEHcbd726B6AGpdkl3atSUC7odkrRJQjQS
2k74jSPT+bjWJziaCruCiOTs0LkMoA0kBg7W819KF3cySPD7I+EgJrl/wMxI8wih
laEBcCpXRCei5o7bOOc4WaU13ShmyIsS/dDemS/Wd9GvoPaYov24G5NT1Of9Y37E
ykbttWlQRxHTKMP3gFZqL5naeMOZI1JbarXSvO+5bSwKW0a3W2ZWu8ze7zEF5tzK
3QS/yH8cWTvlv/v+mtdnToNsRRMr3y9lCZpCuC/3zsOqCXOdcCcuDPkKhv1n6Ajw
2s5kG2WkbSiTnNdPDGI3V4kIAejEv3GOGWKXLaJJsCmnCN0+qhILiN540BqYH1y8
xUl+KDL2eaKDPk/KjdGq5pV+nTHn3bfGf1X6pWpawdd4szN1azWm1G14zHRmEM3/
4NCJHeXor3XBVyy9LojYTIyLFDA3EqEzOm8+Q+c6oYPsuYPPrVyP9UZqkx46Xvct
9Jj7Mc3Pr/P4PuxABFHcJ46VHnWdRXyG9d7mcXzCSTiv432uD4bzrjdRSUdgruHg
EQ7HzIq5j/n66D/1a/ToeA4tCdTVk2zJgCAyvK/c9esIg+Y5qZjWMqUnvsGiT/JY
Gr7IOamiekDPSUuvopT1HRSnSLCGWP/7PIg35QdfOE6lc7zWaIff1N60zt4FIYCg
UfrUVkeZr7pIAHiB8nzRIRdprvSeVEzo3g/c+REptxt3louHI/XxaET8/uZ3OFXl
WEk7Jb+n71k17WdrpjS6sn73UWKFCo52WjwSltHS12V7HgpiPvOCT4EqFmBbTFYk
H4LvE2aDGCA1MvEuJ9mAFvCmE/91aQzXTLuzE/H/S1I2emOOzEEmDbgnayCd+XLq
nZwYoPx6mLZr7uiRQ9yQ9z+6KQvNoLVFODFQa7+8TbMliLD1kxH9izpLMcfhTTzo
mxOGror/7oZGoG2FnvcPEhkJ3gaJa39qfWNnv+Zi0T8iuPARQbUg15gi99sxuCIq
xsXJWQPJtZoPlYZUS8uX211IYltmMZlm87UDrQt/CYoh7HDtomxVVfo/FfFs2HCF
W7JHOr3bHZ1iX2ZsMqwR5KFth55oe8ExQa0DBrIe/CDnF55OLSvXkmmQqCmUD7jR
ADTieWQBU232RUBXWCx442Zr+zAtwFX4MLklo4yvaXFwI75UV0BrYPpzSCqq+BkP
Y8WqeoBXA45DyqHi5I5UqCvfBUAgI/90XUNhqqvgbG6+F3JffjE9ozlZIRw7krWe
K1RTgt45GnUUaqqJDvVUWm4KVj+PkSftU1eg9gIOfBVf+NIWdyYBy21wyB/UN0U=
=ak0K
-----END PGP SIGNATURE-----

Thank you for your contribution to Debian.