[ubuntu/xenial-security] chromium-browser 56.0.2924.76-0ubuntu0.16.04.1268 (Accepted)
Chris Coulson
chrisccoulson at ubuntu.com
Wed Mar 1 17:29:39 UTC 2017
chromium-browser (56.0.2924.76-0ubuntu0.16.04.1268) xenial-security; urgency=medium
* Upstream release: 56.0.2924.76
- CVE-2017-5007: Universal XSS in Blink.
- CVE-2017-5006: Universal XSS in Blink.
- CVE-2017-5008: Universal XSS in Blink.
- CVE-2017-5010: Universal XSS in Blink.
- CVE-2017-5011: Unauthorised file access in Devtools.
- CVE-2017-5009: Out of bounds memory access in WebRTC.
- CVE-2017-5012: Heap overflow in V8.
- CVE-2017-5013: Address spoofing in Omnibox.
- CVE-2017-5014: Heap overflow in Skia.
- CVE-2017-5015: Address spoofing in Omnibox.
- CVE-2017-5019: Use after free in Renderer.
- CVE-2017-5016: UI spoofing in Blink.
- CVE-2017-5017: Uninitialised memory access in webm video.
- CVE-2017-5018: Universal XSS in chrome://apps.
- CVE-2017-5020: Universal XSS in chrome://downloads.
- CVE-2017-5021: Use after free in Extensions.
- CVE-2017-5022: Bypass of Content Security Policy in Blink.
- CVE-2017-5023: Type confusion in metrics.
- CVE-2017-5024: Heap overflow in FFmpeg.
- CVE-2017-5025: Heap overflow in FFmpeg.
- CVE-2017-5026: UI spoofing.
* debian/patches/screen_capturer: allow compilation on gcc4
* debian/patches/arm64-support: reenable arm64
* debian/patches/memory-free-assertion-failure: discover memory management
assertion failures.
* debian/rules: Avoid field trial experiments to get stable code.
(closes: LP#1667125)
* debian/patches/enable-chromecast-by-default: (closes: LP#1621753)
Date: 2017-02-24 16:10:23.717912+00:00
Changed-By: Chad Miller <chad.miller at canonical.com>
Signed-By: Chris Coulson <chrisccoulson at ubuntu.com>
https://launchpad.net/ubuntu/+source/chromium-browser/56.0.2924.76-0ubuntu0.16.04.1268
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list