[ubuntu/cosmic-updates] chromium-browser 74.0.3729.169-0ubuntu0.18.10.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed May 29 14:05:24 UTC 2019

chromium-browser (74.0.3729.169-0ubuntu0.18.10.1) cosmic; urgency=medium

  * Upstream release: 74.0.3729.169
  * debian/patches/revert-gn-4960.patch: added
  * debian/patches/revert-gn-4980.patch: added
  * debian/tests/data/HTML5test/index.html: mock whichbrowser.net to remove
    external test dependency

chromium-browser (74.0.3729.157-0ubuntu0.18.10.1) cosmic; urgency=medium

  * Upstream release: 74.0.3729.157

chromium-browser (74.0.3729.131-0ubuntu0.18.10.1) cosmic; urgency=medium

  * Upstream release: 74.0.3729.131
    - CVE-2019-5824: Parameter passing error in media player.

chromium-browser (74.0.3729.108-0ubuntu0.18.10.1) cosmic; urgency=medium

  * Upstream release: 74.0.3729.108
    - CVE-2019-5805: Use after free in PDFium.
    - CVE-2019-5806: Integer overflow in Angle.
    - CVE-2019-5807: Memory corruption in V8.
    - CVE-2019-5808: Use after free in Blink.
    - CVE-2019-5809: Use after free in Blink.
    - CVE-2019-5810: User information disclosure in Autofill.
    - CVE-2019-5811: CORS bypass in Blink.
    - CVE-2019-5812: URL spoof in Omnibox on iOS.
    - CVE-2019-5813: Out of bounds read in V8.
    - CVE-2019-5814: CORS bypass in Blink.
    - CVE-2019-5815: Heap buffer overflow in Blink.
    - CVE-2019-5816: Exploit persistence extension on Android.
    - CVE-2019-5817: Heap buffer overflow in Angle on Windows.
    - CVE-2019-5818: Uninitialized value in media reader.
    - CVE-2019-5819: Incorrect escaping in developer tools.
    - CVE-2019-5820: Integer overflow in PDFium.
    - CVE-2019-5821: Integer overflow in PDFium.
    - CVE-2019-5822: CORS bypass in download manager.
    - CVE-2019-5823: Forced navigation from service worker.
  * debian/patches/default-allocator: refreshed
  * debian/patches/fix-extra-arflags.patch: refreshed
  * debian/patches/gn-add-missing-arm-impl-files.patch: removed, no longer
  * debian/patches/gn-no-last-commit-position.patch: refreshed
  * debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/widevine-enable-version-string.patch: refreshed

Date: 2019-05-22 09:13:13.174290+00:00
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Cosmic-changes mailing list