[ubuntu/bionic-security] chromium-browser 93.0.4577.63-0ubuntu0.18.04.1 (Accepted)

Chris Coulson chris.coulson at canonical.com
Mon Sep 20 21:54:30 UTC 2021 

chromium-browser (93.0.4577.63-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 93.0.4577.63
    - CVE-2021-30606: Use after free in Blink.
    - CVE-2021-30607: Use after free in Permissions.
    - CVE-2021-30608: Use after free in Web Share.
    - CVE-2021-30609: Use after free in Sign-In.
    - CVE-2021-30610: Use after free in Extensions API.
    - CVE-2021-30611: Use after free in WebRTC.
    - CVE-2021-30612: Use after free in WebRTC.
    - CVE-2021-30613: Use after free in Base internals.
    - CVE-2021-30614: Heap buffer overflow in TabStrip.
    - CVE-2021-30615: Cross-origin data leak in Navigation.
    - CVE-2021-30616: Use after free in Media.
    - CVE-2021-30617: Policy bypass in Blink.
    - CVE-2021-30618: Inappropriate implementation in DevTools.
    - CVE-2021-30619: UI Spoofing in Autofill.
    - CVE-2021-30620: Insufficient policy enforcement in Blink.
    - CVE-2021-30621: UI Spoofing in Autofill.
    - CVE-2021-30622: Use after free in WebApp Installs.
    - CVE-2021-30623: Use after free in Bookmarks.
    - CVE-2021-30624: Use after free in Autofill.
  * debian/patches/build-with-old-libva-missing-defines.patch: refreshed
  * debian/patches/build-with-old-libva-no-av1.patch: refreshed
  * debian/patches/enable-chromecast-by-default.patch: removed, no longer needed
  * debian/patches/libaom-armhf-build-cpudetect.patch: refreshed
  * debian/patches/no-dirmd.patch: refreshed
  * debian/patches/qualify-ambiguous-name-lookup.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/use-clang-versioned.patch: refreshed
  * debian/patches/v8-add-missing-constexpr-arm64.patch: removed, no longer
    needed (upstreamed)
  * debian/patches/widevine-enable-version-string.patch: refreshed

Date: 2021-09-01 07:11:10.127954+00:00
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Signed-By: Chris Coulson <chris.coulson at canonical.com>
https://launchpad.net/ubuntu/+source/chromium-browser/93.0.4577.63-0ubuntu0.18.04.1
-------------- next part --------------
Sorry, changesfile not available.

More information about the Bionic-changes mailing list