[ubuntu/zesty-proposed] chromium-browser 57.0.2987.98-0ubuntu1.1348 (Accepted)

Chad MILLER chad.miller at canonical.com
Thu Apr 6 16:57:43 UTC 2017 

chromium-browser (57.0.2987.98-0ubuntu1.1348) zesty; urgency=medium

  * Upstream release: 57.0.2987.98.
    - CVE-2017-5030: Memory corruption in V8.
    - CVE-2017-5031: Use after free in ANGLE.
    - CVE-2017-5032: Out of bounds write in PDFium.
    - CVE-2017-5029: Integer overflow in libxslt.
    - CVE-2017-5034: Use after free in PDFium.
    - CVE-2017-5035: Incorrect security UI in Omnibox.
    - CVE-2017-5036: Use after free in PDFium.
    - CVE-2017-5037: Multiple out of bounds writes in ChunkDemuxer.
    - CVE-2017-5039: Use after free in PDFium.
    - CVE-2017-5040: Information disclosure in V8.
    - CVE-2017-5041: Address spoofing in Omnibox.
    - CVE-2017-5033: Bypass of Content Security Policy in Blink.
    - CVE-2017-5042: Incorrect handling of cookies in Cast.
    - CVE-2017-5038: Use after free in GuestView.
    - CVE-2017-5043: Use after free in GuestView.
    - CVE-2017-5044: Heap overflow in Skia.
    - CVE-2017-5045: Information disclosure in XSS Auditor.
    - CVE-2017-5046: Information disclosure in Blink.
  * debian/patches/arm64-support no longer needed
  * debian/patches/stdatomic: Support gcc48.
  * debian/patches/snapshot-library-link: Add missing libsnapshot link
  * debian/patches/gtk-ui-stdmove: fix && pointer return with std::move
  * debian/rules: Fix armhf float ABI and remove unnecessary envvars.
    (LP: #1673276)
  * debian/rules, debian/control: Use clang.

Date: Wed, 15 Mar 2017 21:12:35 -0400
Changed-By: Chad MILLER <chad.miller at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Chris Coulson <chrisccoulson at ubuntu.com>
https://launchpad.net/ubuntu/+source/chromium-browser/57.0.2987.98-0ubuntu1.1348
-------------- next part --------------
Format: 1.8
Date: Wed, 15 Mar 2017 21:12:35 -0400
Source: chromium-browser
Binary: chromium-browser chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-extra chromium-chromedriver
Architecture: source
Version: 57.0.2987.98-0ubuntu1.1348
Distribution: zesty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Chad MILLER <chad.miller at canonical.com>
Description:
 chromium-browser - Chromium web browser, open-source version of Chrome
 chromium-browser-l10n - chromium-browser language packages
 chromium-chromedriver - WebDriver driver for the Chromium Browser
 chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
Launchpad-Bugs-Fixed: 1673276
Changes:
 chromium-browser (57.0.2987.98-0ubuntu1.1348) zesty; urgency=medium
 .
   * Upstream release: 57.0.2987.98.
     - CVE-2017-5030: Memory corruption in V8.
     - CVE-2017-5031: Use after free in ANGLE.
     - CVE-2017-5032: Out of bounds write in PDFium.
     - CVE-2017-5029: Integer overflow in libxslt.
     - CVE-2017-5034: Use after free in PDFium.
     - CVE-2017-5035: Incorrect security UI in Omnibox.
     - CVE-2017-5036: Use after free in PDFium.
     - CVE-2017-5037: Multiple out of bounds writes in ChunkDemuxer.
     - CVE-2017-5039: Use after free in PDFium.
     - CVE-2017-5040: Information disclosure in V8.
     - CVE-2017-5041: Address spoofing in Omnibox.
     - CVE-2017-5033: Bypass of Content Security Policy in Blink.
     - CVE-2017-5042: Incorrect handling of cookies in Cast.
     - CVE-2017-5038: Use after free in GuestView.
     - CVE-2017-5043: Use after free in GuestView.
     - CVE-2017-5044: Heap overflow in Skia.
     - CVE-2017-5045: Information disclosure in XSS Auditor.
     - CVE-2017-5046: Information disclosure in Blink.
   * debian/patches/arm64-support no longer needed
   * debian/patches/stdatomic: Support gcc48.
   * debian/patches/snapshot-library-link: Add missing libsnapshot link
   * debian/patches/gtk-ui-stdmove: fix && pointer return with std::move
   * debian/rules: Fix armhf float ABI and remove unnecessary envvars.
     (LP: #1673276)
   * debian/rules, debian/control: Use clang.
Checksums-Sha1:
 d2f46a17cd5e52cf128e773d5bdfa73fa2ee9a04 2696 chromium-browser_57.0.2987.98-0ubuntu1.1348.dsc
 4a1c959b63c1ca218b440dbd195c929032097cc6 482328 chromium-browser_57.0.2987.98-0ubuntu1.1348.debian.tar.xz
Checksums-Sha256:
 c92af22433ade9c55947f8afbf34ffd5b2d3a3163b5f43d91b5fc7cc32e26062 2696 chromium-browser_57.0.2987.98-0ubuntu1.1348.dsc
 e6d81f1e2b2ae5fcec3b76fd50a96e96315162924c625ac6a67300006b3a3e08 482328 chromium-browser_57.0.2987.98-0ubuntu1.1348.debian.tar.xz
Files:
 0d0adee50547a49df6cca4a14f7ba492 2696 web optional chromium-browser_57.0.2987.98-0ubuntu1.1348.dsc
 4ae453b951fc78c6e1c64577a3549292 482328 web optional chromium-browser_57.0.2987.98-0ubuntu1.1348.debian.tar.xz

More information about the Zesty-changes mailing list