[ubuntu/xenial-security] chromium-browser 85.0.4183.83-0ubuntu0.16.04.2 (Accepted)

Chris Coulson chris.coulson at canonical.com
Tue Sep 8 11:19:55 UTC 2020

chromium-browser (85.0.4183.83-0ubuntu0.16.04.2) xenial; urgency=medium

  * debian/rules: install libEGL.so and libGLESv2.so, needed for
    hardware-accelerated rendering

chromium-browser (85.0.4183.83-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 85.0.4183.83
    - CVE-2020-6558: Insufficient policy enforcement in iOS.
    - CVE-2020-6559: Use after free in presentation API.
    - CVE-2020-6560: Insufficient policy enforcement in autofill.
    - CVE-2020-6561: Inappropriate implementation in Content Security Policy.
    - CVE-2020-6562: Insufficient policy enforcement in Blink.
    - CVE-2020-6563: Insufficient policy enforcement in intent handling.
    - CVE-2020-6564: Incorrect security UI in permissions.
    - CVE-2020-6565: Incorrect security UI in Omnibox.
    - CVE-2020-6566: Insufficient policy enforcement in media.
    - CVE-2020-6567: Insufficient validation of untrusted input in command line handling.
    - CVE-2020-6568: Insufficient policy enforcement in intent handling.
    - CVE-2020-6569: Integer overflow in WebUSB.
    - CVE-2020-6570: Side-channel information leakage in WebRTC.
    - CVE-2020-6571: Incorrect security UI in Omnibox.
  * debian/control:
    - remove build dependencies on python-xcbgen and xcb-proto (no longer
      needed since https://chromium.googlesource.com/chromium/src/+/a8e4195d)
    - remove build dependency on libdrm-dev and libgbm-dev (use the third party
      copies instead)
  * debian/rules: build with use_system_libdrm=false and
    use_system_minigbm=false as chromium now requires versions of these
    libraries that are newer than what is found in xenial-security
  * debian/patches/add-missing-minigbm-dep.patch: added
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/define-libdrm-missing-identifiers.patch: removed, no longer
  * debian/patches/disable-sse2: refreshed
  * debian/patches/fix-build-with-older-xcb-proto.patch: removed, no longer
  * debian/patches/relax-ninja-version-requirement.patch: updated
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/stl-util-old-clang-compatibility.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/use-old-mesa.patch: removed, no longer needed
  * debian/patches/widevine-other-locations: refreshed
  * debian/tests/html5test: update test expectations for the removal of the
    application cache
    (see https://www.chromestatus.com/feature/6192449487634432)

chromium-browser (84.0.4147.135-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 84.0.4147.135
    - CVE-2020-6542: Use after free in ANGLE.
    - CVE-2020-6543: Use after free in task scheduling.
    - CVE-2020-6544: Use after free in media.
    - CVE-2020-6545: Use after free in audio.
    - CVE-2020-6546: Inappropriate implementation in installer.
    - CVE-2020-6547: Incorrect security UI in media.
    - CVE-2020-6548: Heap buffer overflow in Skia.
    - CVE-2020-6549: Use after free in media.
    - CVE-2020-6550: Use after free in IndexedDB.
    - CVE-2020-6551: Use after free in WebXR.
    - CVE-2020-6552: Use after free in Blink.
    - CVE-2020-6553: Use after free in offline mode.
    - CVE-2020-6554: Use after free in extensions.
    - CVE-2020-6555: Out of bounds read in WebGL.
    - CVE-2020-6556: Heap buffer overflow in SwiftShader.

Date: 2020-08-31 13:18:14.080568+00:00
Changed-By: Olivier Tilloy <olivier.tilloy at canonical.com>
Signed-By: Chris Coulson <chris.coulson at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Xenial-changes mailing list