[ubuntu/yakkety-security] chromium-browser 57.0.2987.98-0ubuntu0.16.10.1344 (Accepted)
Chris Coulson
chrisccoulson at ubuntu.com
Wed Apr 5 18:48:27 UTC 2017
chromium-browser (57.0.2987.98-0ubuntu0.16.10.1344) yakkety-security; urgency=medium
* Upstream release: 57.0.2987.98.
- CVE-2017-5030: Memory corruption in V8.
- CVE-2017-5031: Use after free in ANGLE.
- CVE-2017-5032: Out of bounds write in PDFium.
- CVE-2017-5029: Integer overflow in libxslt.
- CVE-2017-5034: Use after free in PDFium.
- CVE-2017-5035: Incorrect security UI in Omnibox.
- CVE-2017-5036: Use after free in PDFium.
- CVE-2017-5037: Multiple out of bounds writes in ChunkDemuxer.
- CVE-2017-5039: Use after free in PDFium.
- CVE-2017-5040: Information disclosure in V8.
- CVE-2017-5041: Address spoofing in Omnibox.
- CVE-2017-5033: Bypass of Content Security Policy in Blink.
- CVE-2017-5042: Incorrect handling of cookies in Cast.
- CVE-2017-5038: Use after free in GuestView.
- CVE-2017-5043: Use after free in GuestView.
- CVE-2017-5044: Heap overflow in Skia.
- CVE-2017-5045: Information disclosure in XSS Auditor.
- CVE-2017-5046: Information disclosure in Blink.
* debian/patches/arm64-support no longer needed
* debian/patches/stdatomic: Support gcc48.
* debian/patches/snapshot-library-link: Add missing libsnapshot link
* debian/patches/gtk-ui-stdmove: fix && pointer return with std::move
* debian/control: Drop binary arch "any" and explicitly list four.
* debian/patches/arm64-vpx-alignment: Avoid ARM64 alignment bug on some
compilers.
* debian/rules: Fix armhf float ABI and remove unnecessary envvars.
(LP: #1673276)
Date: 2017-03-17 15:53:13.612579+00:00
Changed-By: Chad Miller <chad.miller at canonical.com>
Signed-By: Chris Coulson <chrisccoulson at ubuntu.com>
https://launchpad.net/ubuntu/+source/chromium-browser/57.0.2987.98-0ubuntu0.16.10.1344
-------------- next part --------------
Sorry, changesfile not available.
More information about the Yakkety-changes
mailing list