[ubuntu/trusty-updates] chromium-browser 40.0.2214.94-0ubuntu0.14.04.1.1068 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Fri Feb 6 15:59:58 UTC 2015
chromium-browser (40.0.2214.94-0ubuntu0.14.04.1.1068) trusty-security; urgency=medium
* Upstream release 40.0.2214.94.
* Upstream release 40.0.2214.93.
* Upstream release 40.0.2214.91. (LP: #1414753)
- CVE-2014-7923: Memory corruption in ICU.
- CVE-2014-7924: Use-after-free in IndexedDB.
- CVE-2014-7925: Use-after-free in WebAudio.
- CVE-2014-7926: Memory corruption in ICU.
- CVE-2014-7927: Memory corruption in V8.
- CVE-2014-7928: Memory corruption in V8.
- CVE-2014-7930: Use-after-free in DOM.
- CVE-2014-7931: Memory corruption in V8.
- CVE-2014-7929: Use-after-free in DOM.
- CVE-2014-7932: Use-after-free in DOM.
- CVE-2014-7933: Use-after-free in FFmpeg.
- CVE-2014-7934: Use-after-free in DOM.
- CVE-2014-7935: Use-after-free in Speech.
- CVE-2014-7936: Use-after-free in Views.
- CVE-2014-7937: Use-after-free in FFmpeg.
- CVE-2014-7938: Memory corruption in Fonts.
- CVE-2014-7939: Same-origin-bypass in V8.
- CVE-2014-7940: Uninitialized-value in ICU.
- CVE-2014-7941: Out-of-bounds read in UI.
- CVE-2014-7942: Uninitialized-value in Fonts.
- CVE-2014-7943: Out-of-bounds read in Skia.
- CVE-2014-7944: Out-of-bounds read in PDFium.
- CVE-2014-7945: Out-of-bounds read in PDFium.
- CVE-2014-7946: Out-of-bounds read in Fonts.
- CVE-2014-7947: Out-of-bounds read in PDFium.
- CVE-2014-7948: Caching error in AppCache.
* debian/patch/search-credit: Don't force client in GOOG suggestions search.
(LP: #1398900)
* debian/patches/dri3-within-sandbox: Backport V41 sandbox, fixing DRI3.
(LP: #1378627)
* debian/patches/macro-templates-not-match: Remove. No longer necessary.
* debian/patches/arm-neon.patch: Kill armv7=neon assumption. Fix typos.
* debian/rules: chrpath for all packages. (LP: #1415555)
chromium-browser (39.0.2171.65-0ubuntu1.1103) vivid; urgency=medium
* Upstream release 39.0.2171.65:
- CVE-2014-7899: Address bar spoofing.
- CVE-2014-7900: Use-after-free in pdfium.
- CVE-2014-7901: Integer overflow in pdfium.
- CVE-2014-7902: Use-after-free in pdfium.
- CVE-2014-7903: Buffer overflow in pdfium.
- CVE-2014-7904: Buffer overflow in Skia.
- CVE-2014-7905: Flaw allowing navigation to intents that do not have the
BROWSABLE category.
- CVE-2014-7906: Use-after-free in pepper plugins.
- CVE-2014-0574: Double-free in Flash.
- CVE-2014-7907: Use-after-free in blink.
- CVE-2014-7908: Integer overflow in media.
- CVE-2014-7909: Uninitialized memory read in Skia.
- CVE-2014-7910: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/patches/search-credit.patch: Include "client" in google search
prepopulated template's parameters.
* debian/tests/testdata/9-search-credit.sikuli: Verify search URL has
parameter.
* debian/source/lintian-overrides: Ignore android tools we don't use.
* debian/chromium-browser-dbg.lintian-overrides: Ignore libraries that we
configure to have no symbols in builder (because they are humongous
otherwise).
* debian/control: Bump standards version. Version dep "bash". Remove
duplicate language from package descriptions.
* debian/tests/testdata/1-normal-extension-active.sikuli/: Destroy test
for dead NPAPI unity-webapps extension.
Date: 2015-02-04 14:36:15.003765+00:00
Changed-By: Chad Miller <chad.miller at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/chromium-browser/40.0.2214.94-0ubuntu0.14.04.1.1068
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list