[Pkg-chromium-maint] chromium-browser_64.0.3282.119-1~deb9u1_source.changes ACCEPTED into proposed-updates->stable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Thu Feb 1 03:20:30 UTC 2018
Mapping stable-security to proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 31 Jan 2018 02:27:51 +0000
Source: chromium-browser
Binary: chromium chromium-l10n chromium-shell chromium-widevine chromium-driver chromedriver
Architecture: source
Version: 64.0.3282.119-1~deb9u1
Distribution: stretch-security
Urgency: medium
Maintainer: Debian Chromium Maintainers <pkg-chromium-maint at lists.alioth.debian.org>
Changed-By: Michael Gilbert <mgilbert at debian.org>
Description:
chromedriver - web browser - WebDriver support transitional package
chromium - web browser
chromium-driver - web browser - WebDriver support
chromium-l10n - web browser - language packs
chromium-shell - web browser - minimal shell
chromium-widevine - web browser - widevine content decryption support
Changes:
chromium-browser (64.0.3282.119-1~deb9u1) stretch-security; urgency=medium
.
* New upstream stable release.
- CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall
- CVE-2017-15429: UXSS in V8. Reported by Anonymous
- CVE-2018-6031: Use after free in PDFium. Reported by Anonymous
- CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun
Kokatsu
- CVE-2018-6033: Race when opening downloaded files. Reported by Juho
Nurminen
- CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein
- CVE-2018-6035: Insufficient isolation of devtools from extensions.
Reported by Rob Wu
- CVE-2018-6036: Integer underflow in WebAssembly. Reported by The UK's
National Cyber Security Centre
- CVE-2018-6037: Insufficient user gesture requirements in autofill.
Reported by Paul Stone
- CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer
- CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen
- CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu
- CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera
- CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani
- CVE-2018-6043: Insufficient escaping with external URL handlers. Reported
by 0x09AL
- CVE-2018-6045: Insufficient isolation of devtools from extensions.
Reported by Rob Wu
- CVE-2018-6046: Insufficient isolation of devtools from extensions.
Reported by Rob Wu
- CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato
Kinugawa
- CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu
- CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu
- CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew
- CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso
- CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by
Tanner Emek
- CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset
Kabdenov
- CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu
Checksums-Sha1:
c2731003a3d7f8de13dbd56023f7c328e823e3d6 4359 chromium-browser_64.0.3282.119-1~deb9u1.dsc
b88ccf415793acf1e338352cedf06653df6eb1bb 396240296 chromium-browser_64.0.3282.119.orig.tar.xz
ce56b69c43310cdf05ff1a91ec9738832233f5dd 134896 chromium-browser_64.0.3282.119-1~deb9u1.debian.tar.xz
2193dc79816e7be67134309e6fd1edf1683b5e48 19671 chromium-browser_64.0.3282.119-1~deb9u1_source.buildinfo
Checksums-Sha256:
374a731b0fc2bc132a649ceb7bcb39fac07c4f9d1db9e614798a2bfcbddf92e8 4359 chromium-browser_64.0.3282.119-1~deb9u1.dsc
fa500ab844b3985fd9a9983d8ce6cba2b551c878ea03986bd9bf13af5d692d36 396240296 chromium-browser_64.0.3282.119.orig.tar.xz
97a6d923583643c34c1e2f514bfecde137e30aba48473144f52714e03908685f 134896 chromium-browser_64.0.3282.119-1~deb9u1.debian.tar.xz
6243e1c9b255ce563632c34b1f188e60d69ea2aa336b39671dd127021aad5270 19671 chromium-browser_64.0.3282.119-1~deb9u1_source.buildinfo
Files:
26428506b4d71862d85348ca63d83b35 4359 web optional chromium-browser_64.0.3282.119-1~deb9u1.dsc
31e0468364b767c8f91e56a3c3dde07f 396240296 web optional chromium-browser_64.0.3282.119.orig.tar.xz
2bab42cc8870cdc8acd05f3b44d55312 134896 web optional chromium-browser_64.0.3282.119-1~deb9u1.debian.tar.xz
037809cbf6a2d4058f2c47380a3ed73d 19671 web optional chromium-browser_64.0.3282.119-1~deb9u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAlpx0F0ACgkQuNayzQLW
9HNSLiAAxEjbMLceFXRZmGTlod9k1kFAuDqvV36UTOyVnsHgazulKhx6yRlU/WTM
p/MlElRe5x6F7Sul/nOKKugxjHsp8gZcRJtk4AHaMjNeYfxYMI9D1j03nR6uVwz1
QHSF/hmf1vCulEMSbuNT53T8xW5+fWL5go0Y9saOO+LHP4nDY3PoBMw7NKMwnq4J
eybDLTcHNrrvX40iOvHUa0md0YntD0IeMJoM3Mi8QpbOZc2E+cb9S1VGEmjW4WQz
TbTX2eDcvdPQe9cCYGQpD4LIRsYD/9abfSKe3dqRRNH8e08g0FPpmveNf72yXRVe
sakd1QIxcyxTeW+m18pgeqJesugJhIYDVEFuYfPiIURTlPcEuGZWJDVHtHF+L/lu
36AbwqL/6vhDcBV0mrhMDqv84rVxbMUgSQisWOwGKN9W8411sE2Ge1n2Xjsi+lmW
woemHFPWuPRg0EgJS0vxf4Q+5Y21nD4DOI19Qk14noxbTQmXHZ+ELPgz6sPWyttU
oaNedi3c5V9pSVeaiUjTqNW993XZlXD7HP4Iqdh3blWP7RUpQbWtAiNAhE77+whT
BhG88WcexdRmFfHjxqYbHVWk/+KnhFWsNpBV1diPgTcVHuV2gtyzONVYkRCool0i
s68RMfrlJpHMq6IB4K7woOlchERdsiwi6qqIQR9X7YtiixuJytREoQNooUtR5YHL
UPMVpGkyKrd19up0gOWOuR+QULOz10NJCZnN/fG5RftNIkXGyGNOIKWJwLmqiUv2
1uxHvOhuEdsv4tGAtKCz7ibWvVAWKkgFMNDFuE+9Q0s5e5ibIbSJLR3zwKarg6nc
bDNxo7IHx7ZRRelf7wnHl9Ey0JoFlehaIPZ8YAMMaD2AdzKfr+rRPC30x/Mpw+uK
lJ91+a/Fc9mjKRJEYp+jPFq9MNbcHkRQuyJIwDQDeLSrlFNKLf9jbOcTRH7d6oCn
hZVAXiabd9kRZTT2cqukvsUP/0YChxVSi70qn2y4LXQbVjNzymA0dWNKlm/gBXNM
ajA22xH80+QZSKwmuen0a6sC+RkZw21qPXd3skFG4njkg8rBSfOLyAiVX31sjlVy
CW+eY28Ix4sBx5rDv8Yi7jZ7t+Bg5T4NiIiv4Lyy52TXZSBnOdflQJmws7gfLNr3
rj1s/CHhnrvm2q7SP29fXAfDQ8aoyEUygOrb4b/UsSW7ofEPM2LjdUSlk2r7TecA
D7cVCjDArH7WDnoUg3ujRMQ/Er25w2bCYAjLxQ6gZokBbcbe0tbjCjdmBaiPBkH4
Q2FX8iy0CrXKNwhVjOho+xS2CRmdA0eh4RVnk/TfZL9vATkdaIYXLRA/eplDXpJ4
72espjmZnqhC5gUOne0vWA5a/pi9lA==
=QhQr
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-chromium-maint
mailing list