[ubuntu/cosmic-updates] chromium-browser 72.0.3626.119-0ubuntu0.18.10.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Mar 5 15:36:25 UTC 2019


chromium-browser (72.0.3626.119-0ubuntu0.18.10.1) cosmic; urgency=medium

  * Upstream release: 72.0.3626.119
  * debian/patches/gn-fix-link-pthread.patch: added

chromium-browser (72.0.3626.109-0ubuntu0.18.10.2) cosmic; urgency=medium

  * debian/rules: add exception to match chromedriver being installed in a
    different location

chromium-browser (72.0.3626.109-0ubuntu0.18.10.1) cosmic; urgency=medium

  * Upstream release: 72.0.3626.109
  * debian/rules:
    - restore old keepalive snippet to prevent builds from timing out during
      the link phase (this happens often enough on armhf, Launchpad builders
      have an inactivity timeout of 150 minutes)
    - install the chromedriver executable in /usr/bin, where python{,3}-selenium
      and other packages expect it by default (LP: #1667208)
  * debian/control: make chromium-chromedriver provide "chromium-driver"
  * debian/chromium-chromedriver.{dirs,install}: removed, no longer needed
  * debian/tests/{chromium-version,html5test}: remove custom driver path

chromium-browser (72.0.3626.96-0ubuntu0.18.10.1) cosmic; urgency=medium

  * Upstream release: 72.0.3626.96
    - CVE-2019-5784: Inappropriate implementation in V8.
  * debian/patches/gn-do-not-build-with-icf.patch: removed, no longer needed

chromium-browser (72.0.3626.81-0ubuntu0.18.10.1) cosmic; urgency=medium

  * Upstream release: 72.0.3626.81
    - CVE-2019-5754: Inappropriate implementation in QUIC Networking.
    - CVE-2019-5782: Inappropriate implementation in V8.
    - CVE-2019-5755: Inappropriate implementation in V8.
    - CVE-2019-5756: Use after free in PDFium.
    - CVE-2019-5757: Type Confusion in SVG.
    - CVE-2019-5758: Use after free in Blink.
    - CVE-2019-5759: Use after free in HTML select elements.
    - CVE-2019-5760: Use after free in WebRTC.
    - CVE-2019-5761: Use after free in SwiftShader.
    - CVE-2019-5762: Use after free in PDFium.
    - CVE-2019-5763: Insufficient validation of untrusted input in V8.
    - CVE-2019-5764: Use after free in WebRTC.
    - CVE-2019-5765: Insufficient policy enforcement in the browser.
    - CVE-2019-5766: Insufficient policy enforcement in Canvas.
    - CVE-2019-5767: Incorrect security UI in WebAPKs.
    - CVE-2019-5768: Insufficient policy enforcement in DevTools.
    - CVE-2019-5769: Insufficient validation of untrusted input in Blink.
    - CVE-2019-5770: Heap buffer overflow in WebGL.
    - CVE-2019-5771: Heap buffer overflow in SwiftShader.
    - CVE-2019-5772: Use after free in PDFium.
    - CVE-2019-5773: Insufficient data validation in IndexedDB.
    - CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing.
    - CVE-2019-5775: Insufficient policy enforcement in Omnibox.
    - CVE-2019-5776: Insufficient policy enforcement in Omnibox.
    - CVE-2019-5777: Insufficient policy enforcement in Omnibox.
    - CVE-2019-5778: Insufficient policy enforcement in Extensions.
    - CVE-2019-5779: Insufficient policy enforcement in ServiceWorker.
    - CVE-2019-5780: Insufficient policy enforcement.
    - CVE-2019-5781: Insufficient policy enforcement in Omnibox.
  * debian/control: add default-jre-headless as a build dependency
    (needed to compile the new lite JS mojom bindings)
  * debian/patches/additional-search-engines.patch: refreshed
  * debian/patches/chromium_useragent.patch: refreshed
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/fix-extra-arflags.patch: refreshed
  * debian/patches/fix-ffmpeg-ia32-build.patch: refreshed
  * debian/patches/gn-bootstrap-remove-sysroot-options.patch: removed, no longer
    needed
  * debian/patches/gn-do-not-build-with-icf.patch: added
  * debian/patches/gn-no-last-commit-position.patch: refreshed
  * debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: removed, no longer
    needed
  * debian/patches/swiftshader-gl-entry-trampoline.patch: removed, no longer
    needed
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/widevine-other-locations: refreshed
  * debian/tests/html5test: update test expectations

Date: 2019-02-25 14:48:13.893378+00:00
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/chromium-browser/72.0.3626.119-0ubuntu0.18.10.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Cosmic-changes mailing list