-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 05 Dec 2018 00:45:35 +0000 Source: chromium Binary: chromium chromium-l10n chromium-shell chromium-driver chromium-common chromium-sandbox Architecture: source Version: 71.0.3578.80-1 Distribution: unstable Urgency: medium Maintainer: Debian Chromium Team <chromium-browser@packages.debian.org> Changed-By: Michael Gilbert <mgilbert@debian.org> Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-l10n - web browser - language packs chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (71.0.3578.80-1) unstable; urgency=medium . * New upstream stable release. - CVE-2018-17480: Out of bounds write in V8. Reported by Guang Gong - CVE-2018-17481: Use after frees in PDFium. Reported by Anonymous - CVE-2018-18335: Heap buffer overflow in Skia. Reported by Anonymous - CVE-2018-18336: Use after free in PDFium. Reported by Huyna - CVE-2018-18337: Use after free in Blink. Reported by cloudfuzzer - CVE-2018-18338: Heap buffer overflow in Canvas. Reported by Zhe Jin - CVE-2018-18339: Use after free in WebAudio. Reported by cloudfuzzer - CVE-2018-18340: Use after free in MediaRecorder. Reported by Anonymous - CVE-2018-18341: Heap buffer overflow in Blink. Reported by cloudfuzzer - CVE-2018-18342: Out of bounds write in V8. Reported by Guang Gong - CVE-2018-18343: Use after free in Skia. Reported by Tran Tien Hung - CVE-2018-18344: Inappropriate implementation in Extensions. Reported by Jann Horn - CVE-2018-18345: Inappropriate implementation in Site Isolation. Reported by Masato Kinugawa and Jun Kokatsu - CVE-2018-18346: Incorrect security UI in Blink. Reported by Luan Herrera - CVE-2018-18347: Inappropriate implementation in Navigation. Reported by Luan Herrera - CVE-2018-18348: Inappropriate implementation in Omnibox. Reported by Ahmed Elsobky - CVE-2018-18349: Insufficient policy enforcement in Blink. Reported by David Erceg - CVE-2018-18350: Insufficient policy enforcement in Blink. Reported by Jun Kokatsu - CVE-2018-18351: Insufficient policy enforcement in Navigation. Reported by Jun Kokatsu - CVE-2018-18352: Inappropriate implementation in Media. Reported by Jun Kokatsu - CVE-2018-18353: Inappropriate implementation in Network Authentication. Reported by Wenxu Wu - CVE-2018-18354: Insufficient data validation in Shell Integration. Reported by Wenxu Wu - CVE-2018-18355: Insufficient policy enforcement in URL Formatter. Reported by evi1m0 - CVE-2018-18356: Use after free in Skia. Reported by Tran Tien Hung - CVE-2018-18357: Insufficient policy enforcement in URL Formatter. Reported by evi1m0 - CVE-2018-18358: Insufficient policy enforcement in Proxy. Reported by Jann Horn - CVE-2018-18359: Out of bounds read in V8. Reported by cyrilliu - Inappropriate implementation in PDFium. Reported by Salem Faisal Elmrayed - Use after free in Extensions. Reported by Zhe Jin - Inappropriate implementation in Navigation. Reported by Luan Herrera - Inappropriate implementation in Navigation. Reported by Jesper van den Ende - Insufficient policy enforcement in Navigation. Reported by Ryan Pickren - Insufficient policy enforcement in URL Formatter. Reported by evi1m0 Checksums-Sha1: 424b4e05c82b1f9f24cfc76fa6832203faefd301 4214 chromium_71.0.3578.80-1.dsc f1a813d96fc272943a82a78adcaf214adb8aeecb 197203632 chromium_71.0.3578.80.orig.tar.xz 71eafb06b6bc65d08a0bc4d9087a3677e7ad56b3 166880 chromium_71.0.3578.80-1.debian.tar.xz 02bf675bb279ef2901d700fbf5fa0841600104d5 21518 chromium_71.0.3578.80-1_source.buildinfo Checksums-Sha256: 9d5439407981733af631aea98b0beefcbb165ba3f978686db2ef051101155280 4214 chromium_71.0.3578.80-1.dsc d065973886eb8fa622102c5254b480fc5c9c8e042674139efb75bd4235a9676f 197203632 chromium_71.0.3578.80.orig.tar.xz f6f46767ccab378a7333e08fa71ffbc2689e24344d6f63640f859af721057d79 166880 chromium_71.0.3578.80-1.debian.tar.xz 91116a2c3f483b5d68565375096f744c64a615d89881669668a83b6a8d73d77a 21518 chromium_71.0.3578.80-1_source.buildinfo Files: c65f54581636b04c1f45cddcde4074f9 4214 web optional chromium_71.0.3578.80-1.dsc b1cdde04ca22df99df7cf49e6453c750 197203632 web optional chromium_71.0.3578.80.orig.tar.xz 9778f6e6af63ac0c3fb3f8853be9597f 166880 web optional chromium_71.0.3578.80-1.debian.tar.xz 59041ed011a6d643731b3aba6827498c 21518 web optional chromium_71.0.3578.80-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAlwHWyUACgkQuNayzQLW 9HPtuB/+KdObznclXUZ4n64uFLMS0GQ3uvteovgDvtXAZ1qr/H7HvnDQQ81qdyWR hMysHbayGsBhA1yZUh1hnKZa6JEsHrUDUvdUhdWNn4YbaPY1Fq4xc/F6outjc0Hp qS4heJavRWF42NYx+n9BnBpSO0C/3AQ8zIkOncpwTjIRpIF6WPu3kO1QBKS1MSz7 HO2knbJzzviNrtJo3TULaZGrawe/YI8fmA0gadsMAKhy+BabKt0t0kiQGT9hv7Ce Y8NSDmv8eOY302V64Yjc40XILXjPUT62Qq4zHFcWpN2tszEhi1tajfYv1PxvCwpZ lIBD7XiVbm8Z2IUg1X9pOd1vsZjC5zmaUFuzNnKm6Va1drfn55Ki7A8QqibFJ1tE kX1Kzg8cW6+MhiSLmDA7OdrymBVA4B1272nNDJ+LfMBUAAz6n+qdmICOmSLGZauK cX+nXnXuCyZvl2TZBjBJy1rc3TfXtvctUqiw/U7LXFA6w26Y4ggw9Sv06YlhTcIz IO70bx9A3G48x8kx3Jft4NrhpCMUxMqRI3xsBMQ6qpgz25cAITFlCg7DIKbv7DIK Fdrbr9TabDi4Q9mWdlZLg3LFGM3riehs9jxPiWU96avoPrvaJZo9Ofl0gRCEbsar pGxpek7rhkR6+R/nIYY2W1E3k5vhK/0SMJ4iAdVvqvz1WKiaHaB4DEbf+kL1B9YM nptmr27Zr7REh7WNCSraUJzsRjfDLu01JZ1eeT8Dga1b6oh+I2xo8q4Co/80J+74 vrqfJ1h45+amKenQ84U1MUywlLu2XSkDX1wjTn4cBL2TowaAqRzjnWie+3O/ixsS Q50mdJX8Ga0cf901aTZrfGuLzvKIUcTlyopVdRgCSvygriEctBp/NPVi7T+3eAYs mJuNeGxTI9awC/DKKwaWeLWy+vRdKlURvZLtNJuC9FvD8dGVSHmvW4RQvu2VS6Lo nNadwASFMLw1bHizF63aqbm5D55i3sgCc5O6baUFF3QUsxgZ96cXydq6sElYIv/m nqDsqe/k8emd5LmjDZXoz3gDcUMIJyUi5jDW66sOa1qozyiAmGOsFF3ZUMDj701h LlLXsrMM8hZ7g46LA9XopO3DPsRkAF8fwRPWlkJISMv6z4vSlkrdVagmfU9GLQnZ OZ7bZkXm3qZInJlRvCi4rgL3/dUko37PHCd5Vej09YX+ZRsI2lmAUEyDzc5jYzh7 8DwNIXoIVUIyphwZdVXtCY4VzbbsFa17vX+tZ+LSzWQruWcaRscsTyO1vTShLdUp H+KaW5VLw1vmdPTfooGl/J0SQtcuVnmduAIqrAXsR72Jq9zD7fBaFRH+63VrX9I0 VnH01LEdOJ6kMdJMH0t/7l1bTQX51A== =Vmym -----END PGP SIGNATURE-----