[ubuntu/bionic-security] chromium-browser 86.0.4240.75-0ubuntu0.18.04.1 (Accepted)

Chris Coulson chris.coulson at canonical.com
Thu Oct 15 17:17:23 UTC 2020 

chromium-browser (86.0.4240.75-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 86.0.4240.75
    - CVE-2020-15967: Use after free in payments.
    - CVE-2020-15968: Use after free in Blink.
    - CVE-2020-15969: Use after free in WebRTC.
    - CVE-2020-15970: Use after free in NFC.
    - CVE-2020-15971: Use after free in printing.
    - CVE-2020-15972: Use after free in audio.
    - CVE-2020-15990: Use after free in autofill.
    - CVE-2020-15991: Use after free in password manager.
    - CVE-2020-15973: Insufficient policy enforcement in extensions.
    - CVE-2020-15974: Integer overflow in Blink.
    - CVE-2020-15975: Integer overflow in SwiftShader.
    - CVE-2020-15976: Use after free in WebXR.
    - CVE-2020-6557: Inappropriate implementation in networking.
    - CVE-2020-15977: Insufficient data validation in dialogs.
    - CVE-2020-15978: Insufficient data validation in navigation.
    - CVE-2020-15979: Inappropriate implementation in V8.
    - CVE-2020-15980: Insufficient policy enforcement in Intents.
    - CVE-2020-15981: Out of bounds read in audio.
    - CVE-2020-15982: Side-channel information leakage in cache.
    - CVE-2020-15983: Insufficient data validation in webUI.
    - CVE-2020-15984: Insufficient policy enforcement in Omnibox.
    - CVE-2020-15985: Inappropriate implementation in Blink.
    - CVE-2020-15986: Integer overflow in media.
    - CVE-2020-15987: Use after free in WebRTC.
    - CVE-2020-15992: Insufficient policy enforcement in networking.
    - CVE-2020-15988: Insufficient policy enforcement in downloads.
    - CVE-2020-15989: Uninitialized Use in PDFium.
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/default-allocator: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/node-use-system-wide.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/touch-v35: updated
  * debian/patches/widevine-enable-version-string.patch: refreshed
  * debian/patches/widevine-other-locations: refreshed

Date: 2020-10-07 20:26:14.003162+00:00
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Signed-By: Chris Coulson <chris.coulson at canonical.com>
https://launchpad.net/ubuntu/+source/chromium-browser/86.0.4240.75-0ubuntu0.18.04.1
-------------- next part --------------
Sorry, changesfile not available.

More information about the Bionic-changes mailing list