[ubuntu/bionic-updates] chromium-browser 85.0.4183.83-0ubuntu0.18.04.2 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Sep 8 12:34:45 UTC 2020

chromium-browser (85.0.4183.83-0ubuntu0.18.04.2) bionic; urgency=medium

  * debian/rules: install libEGL.so and libGLESv2.so, needed for
    hardware-accelerated rendering

chromium-browser (85.0.4183.83-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 85.0.4183.83
    - CVE-2020-6558: Insufficient policy enforcement in iOS.
    - CVE-2020-6559: Use after free in presentation API.
    - CVE-2020-6560: Insufficient policy enforcement in autofill.
    - CVE-2020-6561: Inappropriate implementation in Content Security Policy.
    - CVE-2020-6562: Insufficient policy enforcement in Blink.
    - CVE-2020-6563: Insufficient policy enforcement in intent handling.
    - CVE-2020-6564: Incorrect security UI in permissions.
    - CVE-2020-6565: Incorrect security UI in Omnibox.
    - CVE-2020-6566: Insufficient policy enforcement in media.
    - CVE-2020-6567: Insufficient validation of untrusted input in command line handling.
    - CVE-2020-6568: Insufficient policy enforcement in intent handling.
    - CVE-2020-6569: Integer overflow in WebUSB.
    - CVE-2020-6570: Side-channel information leakage in WebRTC.
    - CVE-2020-6571: Incorrect security UI in Omnibox.
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/widevine-other-locations: refreshed
  * debian/tests/html5test: update test expectations for the removal
    of the application cache
    (see https://www.chromestatus.com/feature/6192449487634432)

chromium-browser (84.0.4147.135-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 84.0.4147.135
    - CVE-2020-6542: Use after free in ANGLE.
    - CVE-2020-6543: Use after free in task scheduling.
    - CVE-2020-6544: Use after free in media.
    - CVE-2020-6545: Use after free in audio.
    - CVE-2020-6546: Inappropriate implementation in installer.
    - CVE-2020-6547: Incorrect security UI in media.
    - CVE-2020-6548: Heap buffer overflow in Skia.
    - CVE-2020-6549: Use after free in media.
    - CVE-2020-6550: Use after free in IndexedDB.
    - CVE-2020-6551: Use after free in WebXR.
    - CVE-2020-6552: Use after free in Blink.
    - CVE-2020-6553: Use after free in offline mode.
    - CVE-2020-6554: Use after free in extensions.
    - CVE-2020-6555: Out of bounds read in WebGL.
    - CVE-2020-6556: Heap buffer overflow in SwiftShader.

Date: 2020-08-31 13:27:51.470357+00:00
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Bionic-changes mailing list