[ubuntu/trusty-updates] chromium-browser 49.0.2623.87-0ubuntu0.14.04.1.1112 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Mar 22 00:00:51 UTC 2016
chromium-browser (49.0.2623.87-0ubuntu0.14.04.1.1112) trusty-security; urgency=medium
* debian/patches/system-xdg-settings: Insist on using system xdg utilities.
* Upstream release 49.0.2623.87:
- CVE-2016-1643: Type confusion in Blink.
- CVE-2016-1644: Use-after-free in Blink.
- CVE-2016-1645: Out-of-bounds write in PDFium.
* Upstream release 49.0.2623.75:
- CVE-2016-1630: Same-origin bypass in Blink.
- CVE-2016-1631: Same-origin bypass in Pepper Plugin.
- CVE-2016-1632: Bad cast in Extensions.
- CVE-2016-1633: Use-after-free in Blink.
- CVE-2016-1634: Use-after-free in Blink.
- CVE-2016-1635: Use-after-free in Blink.
- CVE-2016-1636: SRI Validation Bypass.
- CVE-2015-8126: Out-of-bounds access in libpng.
- CVE-2016-1637: Information Leak in Skia.
- CVE-2016-1638: WebAPI Bypass.
- CVE-2016-1639: Use-after-free in WebRTC.
- CVE-2016-1640: Origin confusion in Extensions UI.
- CVE-2016-1641: Use-after-free in Favicon.
- CVE-2016-1642: Various fixes from internal audits, fuzzing and other
initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch
(currently 4.9.385.26).
* debian/rules: No longer fabricate snap package as side effect.
* debian/control: build-dep on libffi-dev, mesa-common-dev.
* debian/patches/format-flag: Remove patch.
Date: 2016-03-16 18:12:12.799231+00:00
Changed-By: Chad Miller <chad.miller at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/chromium-browser/49.0.2623.87-0ubuntu0.14.04.1.1112
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list