[ubuntu/bionic-updates] chromium-browser 104.0.5112.101-0ubuntu0.18.04.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Wed Aug 24 20:38:11 UTC 2022
chromium-browser (104.0.5112.101-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 104.0.5112.101
- CVE-2022-2852: Use after free in FedCM.
- CVE-2022-2854: Use after free in SwiftShader.
- CVE-2022-2855: Use after free in ANGLE.
- CVE-2022-2857: Use after free in Blink.
- CVE-2022-2858: Use after free in Sign-In Flow.
- CVE-2022-2853: Heap buffer overflow in Downloads.
- CVE-2022-2856: Insufficient validation of untrusted input in Intents.
- CVE-2022-2859: Use after free in Chrome OS Shell.
- CVE-2022-2860: Insufficient policy enforcement in Cookies.
- CVE-2022-2861: Inappropriate implementation in Extensions API.
chromium-browser (104.0.5112.79-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 104.0.5112.79
- CVE-2022-2603: Use after free in Omnibox.
- CVE-2022-2604: Use after free in Safe Browsing.
- CVE-2022-2605: Out of bounds read in Dawn.
- CVE-2022-2606: Use after free in Managed devices API.
- CVE-2022-2607: Use after free in Tab Strip.
- CVE-2022-2608: Use after free in Overview Mode.
- CVE-2022-2609: Use after free in Nearby Share.
- CVE-2022-2610: Insufficient policy enforcement in Background Fetch.
- CVE-2022-2611: Inappropriate implementation in Fullscreen API.
- CVE-2022-2612: Side-channel information leakage in Keyboard input.
- CVE-2022-2613: Use after free in Input.
- CVE-2022-2614: Use after free in Sign-In Flow.
- CVE-2022-2615: Insufficient policy enforcement in Cookies.
- CVE-2022-2616: Inappropriate implementation in Extensions API.
- CVE-2022-2617: Use after free in Extensions API.
- CVE-2022-2618: Insufficient validation of untrusted input in Internals.
- CVE-2022-2619: Insufficient validation of untrusted input in Settings.
- CVE-2022-2620: Use after free in WebUI.
- CVE-2022-2621: Use after free in Extensions.
- CVE-2022-2622: Insufficient validation of untrusted input in Safe Browsing.
- CVE-2022-2623: Use after free in Offline.
- CVE-2022-2624: Heap buffer overflow in PDF.
* debian/patches/allow-building-on-x86.patch: refreshed
* debian/patches/blink-math-constexpr.patch: refreshed
* debian/patches/build-with-old-libva-missing-defines.patch: refreshed
* debian/patches/build-with-old-libva-no-av1.patch: refreshed
* debian/patches/mako-revert-importlib-use.patch: added
* debian/patches/partition-allocator-clang-name-confusion.patch: refreshed
* debian/patches/partition-allocator-constexpr.patch: refreshed
* debian/patches/qualify-ambiguous-name-lookup.patch: removed, no longer
needed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
Date: 2022-08-17 07:37:09.180220+00:00
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/chromium-browser/104.0.5112.101-0ubuntu0.18.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list