[ubuntu/bionic-security] chromium-browser 81.0.4044.122-0ubuntu0.18.04.1 (Accepted)

[Chris Coulson]

chromium-browser (81.0.4044.122-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 81.0.4044.122
    - CVE-2020-6459: Use after free in payments.
    - CVE-2020-6460: Insufficient data validation in URL formatting.
    - CVE-2020-6458: Out of bounds read and write in PDFium.

chromium-browser (81.0.4044.113-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 81.0.4044.113
    - CVE-2020-6457: Use after free in speech recognizer.

chromium-browser (81.0.4044.92-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 81.0.4044.92
    - CVE-2020-6454: Use after free in extensions.
    - CVE-2020-6423: Use after free in audio.
    - CVE-2020-6455: Out of bounds read in WebSQL.
    - CVE-2020-6430: Type Confusion in V8.
    - CVE-2020-6456: Insufficient validation of untrusted input in clipboard.
    - CVE-2020-6431: Insufficient policy enforcement in full screen.
    - CVE-2020-6432: Insufficient policy enforcement in navigations.
    - CVE-2020-6433: Insufficient policy enforcement in extensions.
    - CVE-2020-6434: Use after free in devtools.
    - CVE-2020-6435: Insufficient policy enforcement in extensions.
    - CVE-2020-6436: Use after free in window management.
    - CVE-2020-6437: Inappropriate implementation in WebView.
    - CVE-2020-6438: Insufficient policy enforcement in extensions.
    - CVE-2020-6439: Insufficient policy enforcement in navigations.
    - CVE-2020-6440: Inappropriate implementation in extensions.
    - CVE-2020-6441: Insufficient policy enforcement in omnibox.
    - CVE-2020-6442: Inappropriate implementation in cache.
    - CVE-2020-6443: Insufficient data validation in developer tools.
    - CVE-2020-6444: Uninitialized Use in WebRTC.
    - CVE-2020-6445: Insufficient policy enforcement in trusted types.
    - CVE-2020-6446: Insufficient policy enforcement in trusted types.
    - CVE-2020-6447: Inappropriate implementation in developer tools.
    - CVE-2020-6448: Use after free in V8.
  * debian/control: add libgbm-dev as a build dependency, required since
    https://chromium.googlesource.com/chromium/src/+/ff8d22e
  * debian/patches/chromium_useragent.patch: refreshed
  * debian/patches/define__libc_malloc.patch: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/fix-extra-arflags.patch: refreshed
  * debian/patches/gn-no-last-commit-position.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/use-clang-versioned.patch: refreshed

Date: 2020-04-22 18:11:15.536966+00:00
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Signed-By: Chris Coulson <chris.coulson at canonical.com>
https://launchpad.net/ubuntu/+source/chromium-browser/81.0.4044.122-0ubuntu0.18.04.1
-------------- next part --------------
Sorry, changesfile not available.