[ubuntu/utopic-proposed] chromium-browser 37.0.2062.94-0ubuntu1~pkg1065 (Accepted)
Chad MILLER
chad.miller at canonical.com
Tue Sep 2 15:01:08 UTC 2014
chromium-browser (37.0.2062.94-0ubuntu1~pkg1065) utopic; urgency=medium
* Release to stage
chromium-browser (37.0.2062.94-0ubuntu1) UNRELEASED; urgency=low
* Upstream release 37.0.2062.94.
- CVE-2014-3165: Use-after-free in Blink websockets.
- CVE-2014-3176, CVE-2014-3177: A combination of bugs in V8, IPC, sync, and
extensions that can lead to remote code execution outside of the sandbox.
- CVE-2014-3168: Use-after-free in SVG.
- CVE-2014-3169: Use-after-free in DOM.
- CVE-2014-3170: Extension permission dialog spoofing.
- CVE-2014-3171: Use-after-free in bindings.
- CVE-2014-3172: Issue related to extension debugging.
- CVE-2014-3173: Uninitialized memory read in WebGL.
- CVE-2014-3174: Uninitialized memory read in Web Audio.
- CVE-2014-3175: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3176, CVE-2014-3177: Interaction of extensions, IPC, the sync
API, and Google V8 to execute arbitrary code.
* Fix a shell bug in the binary-wrapper that prevented USER flags
from working properly.
* debian/control: Suggests chromiumflashplugin .
* debian/apport: Significant cleanup.
* debian/rules: Disable SSE instructions on x86 to avoid SIGILL on some CPUs.
(LP: #1353185)
* debian/checkout-orig-source.mk: Don't include src/ prefix in orig tarball.
* debian/patches/*: refresh line numbers.
* debian/patches/search-credit.patch,
debian/patches/additional-search-engines.patch: Track source files moved.
* debian/patches/ffmpeg-gyp-config.patch,
debian/patches/fix-gyp-space-in-object-filename-exception.patch,
debian/patches/gyp-icu-m32-test:
Disabled. No longer needs fixing.
* debian/control: build-dep on openssl.
* debian/patches/disable-sse2: Don't require SSE/SSE2 CPU features on x86.
(LP: #1353185)
* debian/rules: Use built-in PDF support. (LP: #513745, #1009902)
chromium-browser (36.0.1985.143-0ubuntu1) utopic; urgency=low
* Upstream release 36.0.1985.143:
- CVE-2014-3165: Use-after-free in web sockets.
- CVE-2014-3166: Information disclosure in SPDY.
- CVE-2014-3167: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/rules: Avoid some unnecessary warning of invalid mv.
* debian/control: Build-depends on libxkbcommon-dev.
* debian/rules: Don't use tcmalloc on i386.
* debian/control, debian/rules: Build-dep on, and use, compiler 4.8
toolchain, since 4.9 seems to be broken.
* debian/control: Don't have (unused) shlibs-depends on -dbg packages
and non-binary packages.
* debian/chromium-browser-codecs-ffmpeg-extra.dirs,
debian/chromium-browser-codecs-ffmpeg.dirs: Removed. Unused.
* debian/chromium-browser.lintian-overrides,
debian/chromium-codecs-ffmpeg-extra-dbg.lintian-overrides,
debian/chromium-codecs-ffmpeg-extra.lintian-overrides,
debian/chromium-codecs-ffmpeg.lintian-overrides,
debian/source/lintian-overrides: Add lintian overrides.
Date: Sun, 31 Aug 2014 14:26:29 -0400
Changed-By: Chad MILLER <chad.miller at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Chris Coulson <chris.coulson at canonical.com>
https://launchpad.net/ubuntu/utopic/+source/chromium-browser/37.0.2062.94-0ubuntu1~pkg1065
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 31 Aug 2014 14:26:29 -0400
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg chromium-chromedriver chromium-chromedriver-dbg
Architecture: source
Version: 37.0.2062.94-0ubuntu1~pkg1065
Distribution: utopic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Chad MILLER <chad.miller at canonical.com>
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-l10n - chromium-browser language packages
chromium-chromedriver - WebDriver driver for the Chromium Browser
chromium-chromedriver-dbg - chromium-chromedriver debug symbols
chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
Launchpad-Bugs-Fixed: 513745 1009902 1353185
Changes:
chromium-browser (37.0.2062.94-0ubuntu1~pkg1065) utopic; urgency=medium
.
* Release to stage
.
chromium-browser (37.0.2062.94-0ubuntu1) UNRELEASED; urgency=low
.
* Upstream release 37.0.2062.94.
- CVE-2014-3165: Use-after-free in Blink websockets.
- CVE-2014-3176, CVE-2014-3177: A combination of bugs in V8, IPC, sync, and
extensions that can lead to remote code execution outside of the sandbox.
- CVE-2014-3168: Use-after-free in SVG.
- CVE-2014-3169: Use-after-free in DOM.
- CVE-2014-3170: Extension permission dialog spoofing.
- CVE-2014-3171: Use-after-free in bindings.
- CVE-2014-3172: Issue related to extension debugging.
- CVE-2014-3173: Uninitialized memory read in WebGL.
- CVE-2014-3174: Uninitialized memory read in Web Audio.
- CVE-2014-3175: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3176, CVE-2014-3177: Interaction of extensions, IPC, the sync
API, and Google V8 to execute arbitrary code.
* Fix a shell bug in the binary-wrapper that prevented USER flags
from working properly.
* debian/control: Suggests chromiumflashplugin .
* debian/apport: Significant cleanup.
* debian/rules: Disable SSE instructions on x86 to avoid SIGILL on some CPUs.
(LP: #1353185)
* debian/checkout-orig-source.mk: Don't include src/ prefix in orig tarball.
* debian/patches/*: refresh line numbers.
* debian/patches/search-credit.patch,
debian/patches/additional-search-engines.patch: Track source files moved.
* debian/patches/ffmpeg-gyp-config.patch,
debian/patches/fix-gyp-space-in-object-filename-exception.patch,
debian/patches/gyp-icu-m32-test:
Disabled. No longer needs fixing.
* debian/control: build-dep on openssl.
* debian/patches/disable-sse2: Don't require SSE/SSE2 CPU features on x86.
(LP: #1353185)
* debian/rules: Use built-in PDF support. (LP: #513745, #1009902)
.
chromium-browser (36.0.1985.143-0ubuntu1) utopic; urgency=low
.
* Upstream release 36.0.1985.143:
- CVE-2014-3165: Use-after-free in web sockets.
- CVE-2014-3166: Information disclosure in SPDY.
- CVE-2014-3167: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/rules: Avoid some unnecessary warning of invalid mv.
* debian/control: Build-depends on libxkbcommon-dev.
* debian/rules: Don't use tcmalloc on i386.
* debian/control, debian/rules: Build-dep on, and use, compiler 4.8
toolchain, since 4.9 seems to be broken.
* debian/control: Don't have (unused) shlibs-depends on -dbg packages
and non-binary packages.
* debian/chromium-browser-codecs-ffmpeg-extra.dirs,
debian/chromium-browser-codecs-ffmpeg.dirs: Removed. Unused.
* debian/chromium-browser.lintian-overrides,
debian/chromium-codecs-ffmpeg-extra-dbg.lintian-overrides,
debian/chromium-codecs-ffmpeg-extra.lintian-overrides,
debian/chromium-codecs-ffmpeg.lintian-overrides,
debian/source/lintian-overrides: Add lintian overrides.
Checksums-Sha1:
f70b43e80fbf3fb1e3685654dd2a5d96dbdf6abd 2900 chromium-browser_37.0.2062.94-0ubuntu1~pkg1065.dsc
e6c03f51147a253eac71469819da91520aaad765 284604 chromium-browser_37.0.2062.94-0ubuntu1~pkg1065.debian.tar.xz
Checksums-Sha256:
e69a21cb9f29e26cf1218158d0ae82a54655f94de6da444e92b29a34cff65efa 2900 chromium-browser_37.0.2062.94-0ubuntu1~pkg1065.dsc
692784f52ed2c34e45dbbc30bf5fc50c0f8eaf46c8f8e28450a1cf2c3f473f2a 284604 chromium-browser_37.0.2062.94-0ubuntu1~pkg1065.debian.tar.xz
Files:
defe617b4c0e108909961acc1c71b46f 2900 web optional chromium-browser_37.0.2062.94-0ubuntu1~pkg1065.dsc
9e7e0a9ec0c74fee201b817e267ccdb6 284604 web optional chromium-browser_37.0.2062.94-0ubuntu1~pkg1065.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJUBdtEAAoJEGEfvezVlG4Ps6sH+gIA5PJ60Z5OHSObSDPdaPWg
fnLPv1P3jQwf97hMWdTwIguFB4YDX3S4sIDomZNjA8+ugS4Br8Us60i6+iEB6ass
5L2pjn5DfCpsl+ZDSebnTZse/NKTVr7Sz7ArIFf2PC6TjP+oQ8qD3xrjIjeJMYZe
xpvpVOwvGSlrXY1TZBIiRYFrF1iXuSs9JRNxTcL7lqP2rUm3MphtS8s3fhBkV5fF
LjGkp5MtSRSqBFjApo91HMSS1fDLCuwxhMK8LJC60JodSmydIvViWiuty7UPBKR4
JE+pctpkH14tzp8JrbfKkI8VbfTuA6BggGEWB4NjLNjKFSHTXM3hNtIOfI2gwyI=
=lqoz
-----END PGP SIGNATURE-----
More information about the Utopic-changes
mailing list