[ubuntu/artful-proposed] chromium-browser 58.0.3029.81-0ubuntu2.1350 (Accepted)

Olivier Tilloy olivier.tilloy at canonical.com
Wed Apr 26 12:00:59 UTC 2017 

chromium-browser (58.0.3029.81-0ubuntu2.1350) artful; urgency=medium

  * Upstream release: 58.0.3029.81
    - CVE-2017-5057: Type confusion in PDFium.
    - CVE-2017-5058: Heap use after free in Print Preview.
    - CVE-2017-5059: Type confusion in Blink.
    - CVE-2017-5060: URL spoofing in Omnibox.
    - CVE-2017-5061: URL spoofing in Omnibox.
    - CVE-2017-5062: Use after free in Chrome Apps.
    - CVE-2017-5063: Heap overflow in Skia.
    - CVE-2017-5064: Use after free in Blink.
    - CVE-2017-5065: Incorrect UI in Blink.
    - CVE-2017-5066: Incorrect signature handing in Networking.
    - CVE-2017-5067: URL spoofing in Omnibox.
    - CVE-2017-5069: Cross-origin bypass in Blink.
  * debian/patches/arm.patch: removed, no longer needed
  * debian/patches/gtk-ui-stdmove: removed, no longer needed (upstreamed)
  * debian/patches/screen_capturer: removed, no longer needed (upstreamed)
  * debian/patches/default-allocator: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/enable-chromecast-by-default: refreshed
  * debian/patches/fix_building_widevinecdm_with_chromium.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/snapshot-library-link: refreshed
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/fix-gn-bootstrap.patch: added
  * debian/rules: disable the use of Vulcanize, the required node.js modules
    are not readily available

Date: Mon, 24 Apr 2017 22:33:22 +0200
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Chris Coulson <chrisccoulson at ubuntu.com>
https://launchpad.net/ubuntu/+source/chromium-browser/58.0.3029.81-0ubuntu2.1350
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 24 Apr 2017 22:33:22 +0200
Source: chromium-browser
Binary: chromium-browser chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-extra chromium-chromedriver
Architecture: source
Version: 58.0.3029.81-0ubuntu2.1350
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Description:
 chromium-browser - Chromium web browser, open-source version of Chrome
 chromium-browser-l10n - chromium-browser language packages
 chromium-chromedriver - WebDriver driver for the Chromium Browser
 chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
Changes:
 chromium-browser (58.0.3029.81-0ubuntu2.1350) artful; urgency=medium
 .
   * Upstream release: 58.0.3029.81
     - CVE-2017-5057: Type confusion in PDFium.
     - CVE-2017-5058: Heap use after free in Print Preview.
     - CVE-2017-5059: Type confusion in Blink.
     - CVE-2017-5060: URL spoofing in Omnibox.
     - CVE-2017-5061: URL spoofing in Omnibox.
     - CVE-2017-5062: Use after free in Chrome Apps.
     - CVE-2017-5063: Heap overflow in Skia.
     - CVE-2017-5064: Use after free in Blink.
     - CVE-2017-5065: Incorrect UI in Blink.
     - CVE-2017-5066: Incorrect signature handing in Networking.
     - CVE-2017-5067: URL spoofing in Omnibox.
     - CVE-2017-5069: Cross-origin bypass in Blink.
   * debian/patches/arm.patch: removed, no longer needed
   * debian/patches/gtk-ui-stdmove: removed, no longer needed (upstreamed)
   * debian/patches/screen_capturer: removed, no longer needed (upstreamed)
   * debian/patches/default-allocator: refreshed
   * debian/patches/disable-sse2: refreshed
   * debian/patches/enable-chromecast-by-default: refreshed
   * debian/patches/fix_building_widevinecdm_with_chromium.patch: refreshed
   * debian/patches/search-credit.patch: refreshed
   * debian/patches/snapshot-library-link: refreshed
   * debian/patches/title-bar-default-system.patch-v35: refreshed
   * debian/patches/fix-gn-bootstrap.patch: added
   * debian/rules: disable the use of Vulcanize, the required node.js modules
     are not readily available
Checksums-Sha1:
 97ec3dce6b58d3834dd4db18cd65069688e4ef01 2721 chromium-browser_58.0.3029.81-0ubuntu2.1350.dsc
 76a3c7ef3a90c0eebe22be3ba5af69366af60f48 509252204 chromium-browser_58.0.3029.81.orig.tar.xz
 7d52fdc80a851a797702b8f56eeed1a0f155b1bc 522220 chromium-browser_58.0.3029.81-0ubuntu2.1350.debian.tar.xz
Checksums-Sha256:
 e9f390a14f2f6a685bfec12adab014997456032285c0e442f432d75676fc1483 2721 chromium-browser_58.0.3029.81-0ubuntu2.1350.dsc
 5ab61b7025a5143fa1b21713479b316ec7a98e262e79e84f9c9a9656179217cb 509252204 chromium-browser_58.0.3029.81.orig.tar.xz
 a1fc7b9d40fe894602b7e7662a5d14f727a4dc88e835f8430c2195bea422173e 522220 chromium-browser_58.0.3029.81-0ubuntu2.1350.debian.tar.xz
Files:
 32882f4ed00e9ac10ab695bd8d969b39 2721 web optional chromium-browser_58.0.3029.81-0ubuntu2.1350.dsc
 fe28227f5f4aa05709b9cbd47a5cf426 509252204 web optional chromium-browser_58.0.3029.81.orig.tar.xz
 5f338baefd86ea32d5f0ca3231be7df7 522220 web optional chromium-browser_58.0.3029.81-0ubuntu2.1350.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQE5BAEBCAAjBQJZAIomHBxjaHJpcy5jb3Vsc29uQGNhbm9uaWNhbC5jb20ACgkQ
YR+97NWUbg9e/Qf+MR28IdKe8C6nGyzMKqqizedxRcFcbe3/rW0oNayN7PibEA6D
tfXAoO+/cr94CjFdnYYVL/hjKX/HxmNujvSMRqGdFWnt21B9sTVod5qLCKz34vJE
y1eF+HRbtuhoxqvkxGfOXOsk7c0yKMGTg2enu1YCe26+V6mcbyVrjaJ/H5UrsugT
zSgrqNgZMKSs72Wf9yyRWYh7OzoDk5gPF2rv2fUob5XKEtG2YMNDw27EYg3bw5Zh
QNXaZyOy2W9F3YnVGPKkNa+iKmu7KY0u7yFJIJDvfYXHz0kkNodcDCO85JYkYrRP
FUy3fsqiM3boYcMhnAdQ5J/h8Yd6pNTErC2RKA==
=7qj9
-----END PGP SIGNATURE-----

More information about the Artful-changes mailing list