[ubuntu/trusty-security] chromium-browser 45.0.2454.85-0ubuntu0. (Accepted)

Chris Coulson chris.coulson at canonical.com
Tue Sep 22 17:43:50 UTC 2015

chromium-browser (45.0.2454.85-0ubuntu0. trusty-security; urgency=medium

  * Upstream release 45.0.2454.85:
    - CVE-2015-1291: Cross-origin bypass in DOM.
    - CVE-2015-1292: Cross-origin bypass in ServiceWorker. 
    - CVE-2015-1293: Cross-origin bypass in DOM.
    - CVE-2015-1294: Use-after-free in Skia.
    - CVE-2015-1295: Use-after-free in Printing.
    - CVE-2015-1296: Character spoofing in omnibox.
    - CVE-2015-1297: Permission scoping error in WebRequest. 
    - CVE-2015-1298: URL validation error in extensions. 
    - CVE-2015-1299: Use-after-free in Blink.
    - CVE-2015-1300: Information leak in Blink.
    - CVE-2015-1301: Various fixes from internal audits, fuzzing and other
  * debian/patches/search-credit.patch: Don't add GET param if search URL
    doesn't already use them. (LP: #1490237)
  * debian/source/lintian-overrides: Ignore new binaries in orig tar.
  * debian/patches/gpu_default_disabled: No longer disable GPU rendering by
  * debian/patches/disable-sse2: SSE exclusion is smarter now. Re-include.

Date: 2015-09-21 17:10:51.242545+00:00
Changed-By: Chad Miller <chad.miller at canonical.com>
Signed-By: Chris Coulson <chris.coulson at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list