[ubuntu/disco-security] chromium-browser 79.0.3945.79-0ubuntu0.19.04.3 (Accepted)

Chris Coulson chris.coulson at canonical.com
Mon Dec 16 20:48:24 UTC 2019

chromium-browser (79.0.3945.79-0ubuntu0.19.04.3) disco; urgency=medium

  * debian/patches/add-missing-vector-include.patch: added

chromium-browser (79.0.3945.79-0ubuntu0.19.04.2) disco; urgency=medium

  * debian/patches/add-missing-algorithm-include.patch: added

chromium-browser (79.0.3945.79-0ubuntu0.19.04.1) disco; urgency=medium

  * Upstream release: 79.0.3945.79
    - CVE-2019-13725: Use after free in Bluetooth.
    - CVE-2019-13726: Heap buffer overflow in password manager.
    - CVE-2019-13727: Insufficient policy enforcement in WebSockets.
    - CVE-2019-13728: Out of bounds write in V8.
    - CVE-2019-13729: Use after free in WebSockets.
    - CVE-2019-13730: Type Confusion in V8.
    - CVE-2019-13732: Use after free in WebAudio.
    - CVE-2019-13734: Out of bounds write in SQLite.
    - CVE-2019-13735: Out of bounds write in V8.
    - CVE-2019-13764: Type Confusion in V8.
    - CVE-2019-13736: Integer overflow in PDFium.
    - CVE-2019-13737: Insufficient policy enforcement in autocomplete.
    - CVE-2019-13738: Insufficient policy enforcement in navigation.
    - CVE-2019-13739: Incorrect security UI in Omnibox.
    - CVE-2019-13740: Incorrect security UI in sharing.
    - CVE-2019-13741: Insufficient validation of untrusted input in Blink.
    - CVE-2019-13742: Incorrect security UI in Omnibox.
    - CVE-2019-13743: Incorrect security UI in external protocol handling.
    - CVE-2019-13744: Insufficient policy enforcement in cookies.
    - CVE-2019-13745: Insufficient policy enforcement in audio.
    - CVE-2019-13746: Insufficient policy enforcement in Omnibox.
    - CVE-2019-13747: Uninitialized Use in rendering.
    - CVE-2019-13748: Insufficient policy enforcement in developer tools.
    - CVE-2019-13749: Incorrect security UI in Omnibox.
    - CVE-2019-13750: Insufficient data validation in SQLite.
    - CVE-2019-13751: Uninitialized Use in SQLite.
    - CVE-2019-13752: Out of bounds read in SQLite.
    - CVE-2019-13753: Out of bounds read in SQLite.
    - CVE-2019-13754: Insufficient policy enforcement in extensions.
    - CVE-2019-13755: Insufficient policy enforcement in extensions.
    - CVE-2019-13756: Incorrect security UI in printing.
    - CVE-2019-13757: Incorrect security UI in Omnibox.
    - CVE-2019-13758: Insufficient policy enforcement in navigation.
    - CVE-2019-13759: Incorrect security UI in interstitials.
    - CVE-2019-13761: Incorrect security UI in Omnibox.
    - CVE-2019-13762: Insufficient policy enforcement in downloads.
    - CVE-2019-13763: Insufficient policy enforcement in payments.
  * debian/patches/add-missing-memory-include.patch: removed, no longer needed
  * debian/patches/chromium_useragent.patch: refreshed
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/default-allocator: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/fix-extra-arflags.patch: refreshed
  * debian/patches/make-DohUpgradeEntry-non-const.patch: removed, no longer
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/touch-v35: refreshed
  * debian/patches/widevine-enable-version-string.patch: updated
  * debian/patches/widevine-other-locations: updated

Date: 2019-12-11 20:30:13.841079+00:00
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Signed-By: Chris Coulson <chris.coulson at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Disco-changes mailing list