[ubuntu/bionic-updates] chromium-browser 97.0.4692.71-0ubuntu0.18.04.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Fri Jan 14 14:33:26 UTC 2022
chromium-browser (97.0.4692.71-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 97.0.4692.71
- CVE-2022-0096: Use after free in Storage.
- CVE-2022-0097: Inappropriate implementation in DevTools.
- CVE-2022-0098: Use after free in Screen Capture.
- CVE-2022-0099: Use after free in Sign-in.
- CVE-2022-0100: Heap buffer overflow in Media streams API.
- CVE-2022-0101: Heap buffer overflow in Bookmarks.
- CVE-2022-0102: Type Confusion in V8.
- CVE-2022-0103: Use after free in SwiftShader.
- CVE-2022-0104: Heap buffer overflow in ANGLE.
- CVE-2022-0105: Use after free in PDF.
- CVE-2022-0106: Use after free in Autofill.
- CVE-2022-0107: Use after free in File Manager API.
- CVE-2022-0108: Inappropriate implementation in Navigation.
- CVE-2022-0109: Inappropriate implementation in Autofill.
- CVE-2022-0110: Incorrect security UI in Autofill.
- CVE-2022-0111: Inappropriate implementation in Navigation.
- CVE-2022-0112: Incorrect security UI in Browser UI.
- CVE-2022-0113: Inappropriate implementation in Blink.
- CVE-2022-0114: Out of bounds memory access in Web Serial.
- CVE-2022-0115: Uninitialized Use in File API.
- CVE-2022-0116: Inappropriate implementation in Compositing.
- CVE-2022-0117: Policy bypass in Service Workers.
- CVE-2022-0118: Inappropriate implementation in WebShare.
- CVE-2022-0120: Inappropriate implementation in Passwords.
* debian/patches/blink-math-constexpr.patch: added
* debian/patches/blink-math-constexpr2.patch: added
* debian/patches/build-with-old-libva-missing-defines.patch: refreshed
* debian/patches/build-with-old-libva-no-av1.patch: refreshed
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/use-clang-versioned.patch: updated
* debian/patches/widevine-other-locations: refreshed
chromium-browser (96.0.4664.110-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 96.0.4664.110
- CVE-2021-4098: Insufficient data validation in Mojo.
- CVE-2021-4099: Use after free in Swiftshader.
- CVE-2021-4100: Object lifecycle issue in ANGLE.
- CVE-2021-4101: Heap buffer overflow in Swiftshader.
- CVE-2021-4102: Use after free in V8.
chromium-browser (96.0.4664.93-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 96.0.4664.93
- CVE-2021-4052: Use after free in web apps.
- CVE-2021-4053: Use after free in UI.
- CVE-2021-4054: Incorrect security UI in autofill.
- CVE-2021-4055: Heap buffer overflow in extensions.
- CVE-2021-4056: Type Confusion in loader.
- CVE-2021-4057: Use after free in file API.
- CVE-2021-4058: Heap buffer overflow in ANGLE.
- CVE-2021-4059: Insufficient data validation in loader.
- CVE-2021-4061: Type Confusion in V8.
- CVE-2021-4062: Heap buffer overflow in BFCache.
- CVE-2021-4063: Use after free in developer tools.
- CVE-2021-4064: Use after free in screen capture.
- CVE-2021-4065: Use after free in autofill.
- CVE-2021-4066: Integer underflow in ANGLE.
- CVE-2021-4067: Use after free in window manager.
- CVE-2021-4068: Insufficient validation of untrusted input in new tab page.
chromium-browser (96.0.4664.45-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 96.0.4664.45
- CVE-2021-38007: Type Confusion in V8.
- CVE-2021-38008: Use after free in media.
- CVE-2021-38009: Inappropriate implementation in cache.
- CVE-2021-38006: Use after free in storage foundation.
- CVE-2021-38005: Use after free in loader.
- CVE-2021-38010: Inappropriate implementation in service workers.
- CVE-2021-38011: Use after free in storage foundation.
- CVE-2021-38012: Type Confusion in V8.
- CVE-2021-38013: Heap buffer overflow in fingerprint recognition.
- CVE-2021-38014: Out of bounds write in Swiftshader.
- CVE-2021-38015: Inappropriate implementation in input.
- CVE-2021-38016: Insufficient policy enforcement in background fetch.
- CVE-2021-38017: Insufficient policy enforcement in iframe sandbox.
- CVE-2021-38018: Inappropriate implementation in navigation.
- CVE-2021-38019: Insufficient policy enforcement in CORS.
- CVE-2021-38020: Insufficient policy enforcement in contacts picker.
- CVE-2021-38021: Inappropriate implementation in referrer.
- CVE-2021-38022: Inappropriate implementation in WebAuthentication.
* debian/patches/build-with-old-libva-missing-defines.patch: refreshed
* debian/patches/build-with-old-libva-no-av1.patch: refreshed
* debian/patches/libaom-armhf-build-cpudetect.patch: refreshed
* debian/patches/no-dirmd.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
* debian/patches/widevine-enable-version-string.patch: refreshed
Date: 2022-01-07 22:01:10.516157+00:00
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/chromium-browser/97.0.4692.71-0ubuntu0.18.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list