[ubuntu/bionic-security] chromium-browser 92.0.4515.159-0ubuntu0.18.04.1 (Accepted)

Chris Coulson chris.coulson at canonical.com
Thu Aug 19 13:38:44 UTC 2021 

chromium-browser (92.0.4515.159-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 92.0.4515.159
    - CVE-2021-30598: Type Confusion in V8.
    - CVE-2021-30599: Type Confusion in V8.
    - CVE-2021-30600: Use after free in Printing.
    - CVE-2021-30601: Use after free in Extensions API.
    - CVE-2021-30602: Use after free in WebRTC.
    - CVE-2021-30603: Race in WebAudio.
    - CVE-2021-30604: Use after free in ANGLE.

chromium-browser (92.0.4515.131-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 92.0.4515.131
    - CVE-2021-30590: Heap buffer overflow in Bookmarks.
    - CVE-2021-30591: Use after free in File System API.
    - CVE-2021-30592: Out of bounds write in Tab Groups.
    - CVE-2021-30593: Out of bounds read in Tab Strip.
    - CVE-2021-30594: Use after free in Page Info UI.
    - CVE-2021-30596: Incorrect security UI in Navigation.
    - CVE-2021-30597: Use after free in Browser UI.

chromium-browser (92.0.4515.107-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 92.0.4515.107
    - CVE-2021-30565: Out of bounds write in Tab Groups.
    - CVE-2021-30566: Stack buffer overflow in Printing.
    - CVE-2021-30567: Use after free in DevTools.
    - CVE-2021-30568: Heap buffer overflow in WebGL.
    - CVE-2021-30569: Use after free in sqlite.
    - CVE-2021-30571: Insufficient policy enforcement in DevTools.
    - CVE-2021-30572: Use after free in Autofill.
    - CVE-2021-30573: Use after free in GPU.
    - CVE-2021-30574: Use after free in protocol handling.
    - CVE-2021-30575: Out of bounds read in Autofill.
    - CVE-2021-30576: Use after free in DevTools.
    - CVE-2021-30577: Insufficient policy enforcement in Installer.
    - CVE-2021-30578: Uninitialized Use in Media.
    - CVE-2021-30579: Use after free in UI framework.
    - CVE-2021-30580: Insufficient policy enforcement in Android intents.
    - CVE-2021-30581: Use after free in DevTools.
    - CVE-2021-30582: Inappropriate implementation in Animation.
    - CVE-2021-30583: Insufficient policy enforcement in image handling on
      Windows.
    - CVE-2021-30584: Incorrect security UI in Downloads.
    - CVE-2021-30585: Use after free in sensor handling.
    - CVE-2021-30586: Use after free in dialog box handling on Windows.
    - CVE-2021-30587: Inappropriate implementation in Compositing on Windows.
    - CVE-2021-30588: Type Confusion in V8.
    - CVE-2021-30589: Insufficient validation of untrusted input in Sharing.
  * debian/patches/build-with-old-libva-missing-defines.patch: refreshed
  * debian/patches/build-with-old-libva-no-av1.patch: refreshed
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/no-dirmd.patch: refreshed
  * debian/patches/partition-allocator-missing-ioctl.patch: added
  * debian/patches/qualify-ambiguous-name-lookup.patch: added
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/strip-binaries-on-amd64-only.patch: added
  * debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/touch-v35: refreshed
  * debian/patches/v8-add-missing-constexpr-arm64.patch: added
  * debian/patches/widevine-enable-version-string.patch: refreshed
  * debian/patches/widevine-other-locations: updated

chromium-browser (91.0.4472.164-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 91.0.4472.164
    - CVE-2021-30559: Out of bounds write in ANGLE.
    - CVE-2021-30541: Use after free in V8.
    - CVE-2021-30560: Use after free in Blink XSLT.
    - CVE-2021-30561: Type Confusion in V8.
    - CVE-2021-30562: Use after free in WebSerial.
    - CVE-2021-30563: Type Confusion in V8.
    - CVE-2021-30564: Heap buffer overflow in WebXR.

chromium-browser (91.0.4472.114-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 91.0.4472.114
    - CVE-2021-30554: Use after free in WebGL.
    - CVE-2021-30555: Use after free in Sharing.
    - CVE-2021-30556: Use after free in WebAudio.
    - CVE-2021-30557: Use after free in TabGroups.

chromium-browser (91.0.4472.106-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 91.0.4472.106

Date: 2021-08-17 07:36:09.543436+00:00
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Signed-By: Chris Coulson <chris.coulson at canonical.com>
https://launchpad.net/ubuntu/+source/chromium-browser/92.0.4515.159-0ubuntu0.18.04.1
-------------- next part --------------
Sorry, changesfile not available.

More information about the Bionic-changes mailing list