[ubuntu/bionic-security] chromium-browser 99.0.4844.51-0ubuntu0.18.04.1 (Accepted)
Chris Coulson
chris.coulson at canonical.com
Fri Mar 4 15:36:55 UTC 2022
chromium-browser (99.0.4844.51-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 99.0.4844.51
- CVE-2022-0789: Heap buffer overflow in ANGLE.
- CVE-2022-0790: Use after free in Cast UI.
- CVE-2022-0791: Use after free in Omnibox.
- CVE-2022-0792: Out of bounds read in ANGLE.
- CVE-2022-0793: Use after free in Views.
- CVE-2022-0794: Use after free in WebShare.
- CVE-2022-0795: Type Confusion in Blink Layout.
- CVE-2022-0796: Use after free in Media.
- CVE-2022-0797: Out of bounds memory access in Mojo.
- CVE-2022-0798: Use after free in MediaStream.
- CVE-2022-0799: Insufficient policy enforcement in Installer.
- CVE-2022-0800: Heap buffer overflow in Cast UI.
- CVE-2022-0801: Inappropriate implementation in HTML parser.
- CVE-2022-0802: Inappropriate implementation in Full screen mode.
- CVE-2022-0803: Inappropriate implementation in Permissions.
- CVE-2022-0804: Inappropriate implementation in Full screen mode.
- CVE-2022-0805: Use after free in Browser Switcher.
- CVE-2022-0806: Data leak in Canvas.
- CVE-2022-0807: Inappropriate implementation in Autofill.
- CVE-2022-0808: Use after free in Chrome OS Shell.
- CVE-2022-0809: Out of bounds memory access in WebXR.
* debian/rules: exclude unnecessary build artifacts (LP: #1961565)
* debian/patches/arm64-no-pointer-authentication.patch: added
* debian/patches/build-with-old-libva-missing-defines.patch: refreshed
* debian/patches/build-with-old-libva-no-av1.patch: refreshed
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/define__libc_malloc.patch: updated
* debian/patches/gn-no-std-equal_to.patch: added
* debian/patches/libaom-armhf-build-cpudetect.patch: refreshed
* debian/patches/revert-sequence-checker-capability-name.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
* debian/patches/use-clang-versioned.patch: refreshed
* debian/patches/widevine-enable-version-string.patch: refreshed
chromium-browser (98.0.4758.102-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 98.0.4758.102
- CVE-2022-0603: Use after free in File Manager.
- CVE-2022-0604: Heap buffer overflow in Tab Groups.
- CVE-2022-0605: Use after free in Webstore API.
- CVE-2022-0606: Use after free in ANGLE.
- CVE-2022-0607: Use after free in GPU.
- CVE-2022-0608: Integer overflow in Mojo.
- CVE-2022-0609: Use after free in Animation.
- CVE-2022-0610: Inappropriate implementation in Gamepad API.
chromium-browser (98.0.4758.80-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 98.0.4758.80
- CVE-2022-0452: Use after free in Safe Browsing.
- CVE-2022-0453: Use after free in Reader Mode.
- CVE-2022-0454: Heap buffer overflow in ANGLE.
- CVE-2022-0455: Inappropriate implementation in Full Screen Mode.
- CVE-2022-0456: Use after free in Web Search.
- CVE-2022-0457: Type Confusion in V8.
- CVE-2022-0458: Use after free in Thumbnail Tab Strip.
- CVE-2022-0459: Use after free in Screen Capture.
- CVE-2022-0460: Use after free in Window Dialog.
- CVE-2022-0461: Policy bypass in COOP.
- CVE-2022-0462: Inappropriate implementation in Scroll.
- CVE-2022-0463: Use after free in Accessibility.
- CVE-2022-0464: Use after free in Accessibility.
- CVE-2022-0465: Use after free in Extensions.
- CVE-2022-0466: Inappropriate implementation in Extensions Platform.
- CVE-2022-0467: Inappropriate implementation in Pointer Lock.
- CVE-2022-0468: Use after free in Payments.
- CVE-2022-0469: Use after free in Cast.
- CVE-2022-0470: Out of bounds memory access in V8.
* debian/patches/blink-math-constexpr2.patch: removed, no longer needed
* debian/patches/build-with-old-libva-missing-defines.patch: refreshed
* debian/patches/build-with-old-libva-no-av1.patch: refreshed
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/node-use-system-wide.patch: refreshed
* debian/patches/partition-allocator-clang-name-confusion.patch: added
* debian/patches/qualify-ambiguous-name-lookup.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/strip-binaries-on-amd64-only.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
* debian/patches/use-clang-versioned.patch: refreshed
* debian/patches/widevine-other-locations: refreshed
chromium-browser (97.0.4692.99-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 97.0.4692.99
- CVE-2022-0289: Use after free in Safe browsing.
- CVE-2022-0290: Use after free in Site isolation.
- CVE-2022-0291: Inappropriate implementation in Storage.
- CVE-2022-0292: Inappropriate implementation in Fenced Frames.
- CVE-2022-0293: Use after free in Web packaging.
- CVE-2022-0294: Inappropriate implementation in Push messaging.
- CVE-2022-0295: Use after free in Omnibox.
- CVE-2022-0296: Use after free in Printing.
- CVE-2022-0297: Use after free in Vulkan.
- CVE-2022-0298: Use after free in Scheduling.
- CVE-2022-0300: Use after free in Text Input Method Editor.
- CVE-2022-0301: Heap buffer overflow in DevTools.
- CVE-2022-0302: Use after free in Omnibox.
- CVE-2022-0303: Race in GPU Watchdog.
- CVE-2022-0304: Use after free in Bookmarks.
- CVE-2022-0305: Inappropriate implementation in Service Worker API.
- CVE-2022-0306: Heap buffer overflow in PDFium.
- CVE-2022-0307: Use after free in Optimization Guide.
- CVE-2022-0308: Use after free in Data Transfer.
- CVE-2022-0309: Inappropriate implementation in Autofill.
- CVE-2022-0310: Heap buffer overflow in Task Manager.
- CVE-2022-0311: Heap buffer overflow in Task Manager.
Date: 2022-03-01 20:55:09.957821+00:00
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Signed-By: Chris Coulson <chris.coulson at canonical.com>
https://launchpad.net/ubuntu/+source/chromium-browser/99.0.4844.51-0ubuntu0.18.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list