-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 22 Jan 2015 04:42:18 +0000 Source: chromium-browser Binary: chromium chromium-dbg chromium-l10n chromium-inspector chromedriver Architecture: source i386 all Version: 40.0.2214.91-1 Distribution: unstable Urgency: medium Maintainer: Debian Chromium Maintainers <pkg-chromium-maint@lists.alioth.debian.org> Changed-By: Michael Gilbert <mgilbert@debian.org> Description: chromedriver - web browser - WebDriver support chromium - web browser chromium-dbg - web browser - debugging symbols chromium-inspector - web browser - page inspection support chromium-l10n - web browser - language packs Changes: chromium-browser (40.0.2214.91-1) unstable; urgency=medium . * New upstream stable release: - CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning. - CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne. - CVE-2014-7925: Use-after-free in WebAudio. Credit to mark.buer. - CVE-2014-7926: Memory corruption in ICU. Credit to yangdingning. - CVE-2014-7927: Memory corruption in V8. Credit to Christian Holler. - CVE-2014-7928: Memory corruption in V8. Credit to Christian Holler. - CVE-2014-7929: Use-after-free in DOM. Credit to cloudfuzzer. - CVE-2014-7930: Use-after-free in DOM. Credit to cloudfuzzer. - CVE-2014-7931: Memory corruption in V8. Credit to cloudfuzzer. - CVE-2014-7932: Use-after-free in DOM. Credit to Atte Kettunen. - CVE-2014-7933: Use-after-free in FFmpeg. Credit to aohelin. - CVE-2014-7934: Use-after-free in DOM. Credit to cloudfuzzer. - CVE-2014-7935: Use-after-free in Speech. Credit to Khalil Zhani. - CVE-2014-7936: Use-after-free in Views. Credit to Christoph Diehl. - CVE-2014-7937: Use-after-free in FFmpeg. Credit to Atte Kettunen. - CVE-2014-7938: Memory corruption in Fonts. Credit to Atte Kettunen. - CVE-2014-7939: Same-origin-bypass in V8. Credit to Takeshi Terada. - CVE-2014-7940: Uninitialized-value in ICU. Credit to miaubiz. - CVE-2014-7941: Out-of-bounds read in UI. Credit to Atte Kettunen and Christoph Diehl. - CVE-2014-7942: Uninitialized-value in Fonts. Credit to miaubiz. - CVE-2014-7943: Out-of-bounds read in Skia. Credit to Atte Kettunen. - CVE-2014-7944: Out-of-bounds read in PDFium. Credit to cloudfuzzer. - CVE-2014-7945: Out-of-bounds read in PDFium. Credit to cloudfuzzer. - CVE-2014-7946: Out-of-bounds read in Fonts. Credit to miaubiz. - CVE-2014-7947: Out-of-bounds read in PDFium. Credit to fuzztercluck. - CVE-2014-7948: Caching error in AppCache. Credit to jiayaoqijia. - CVE-2015-1205: Various fixes from internal audits, fuzzing and other initiatives. Checksums-Sha1: 0b8cad45de9a46c3e1c18df2b307fca491f9ce68 4032 chromium-browser_40.0.2214.91-1.dsc b7f916f38b57dec61379d67854ff2b061282c8ed 302816880 chromium-browser_40.0.2214.91.orig.tar.xz c9afff02c539833f03968c0a3dab2a1d8556df8a 177948 chromium-browser_40.0.2214.91-1.debian.tar.xz d0346d5407732e024dbd9a3f14c2aed17a1e75be 37620020 chromium_40.0.2214.91-1_i386.deb 8b13bd2efff45eb0059049589f5295f0131472df 612033190 chromium-dbg_40.0.2214.91-1_i386.deb de8738791ff4abdbb493e3af0fa440b46957a3d4 2926400 chromium-l10n_40.0.2214.91-1_all.deb 30ea6d3e9a84a2ba2c3431b3da2366a74e2b07a2 853268 chromium-inspector_40.0.2214.91-1_all.deb bae7b75af865c26dfc4dfde5fdb6fb5af0b56304 2085058 chromedriver_40.0.2214.91-1_i386.deb Checksums-Sha256: 446502b6dcb957bfe3ccadeb30e32eca9fc082bbcb29f9be0cb96a11c1c95b4f 4032 chromium-browser_40.0.2214.91-1.dsc 17c5093949125bff6dd014af082ca45b8ba86a27ad0dad581786804180bf7e8b 302816880 chromium-browser_40.0.2214.91.orig.tar.xz 7ec3026285a1402e8aef9e98995d0a7a7a0e42513940441b9aa0f3bf66395546 177948 chromium-browser_40.0.2214.91-1.debian.tar.xz b8ac1e8e91ff918d16949d782b1d79ca80475f3b0a7e1669bb8a234174e1e033 37620020 chromium_40.0.2214.91-1_i386.deb 78f78ca4bc8f653ecdfa4b508510956abdbacd7d8fcbb5939ffcadce8c5e2f57 612033190 chromium-dbg_40.0.2214.91-1_i386.deb f8c2abca9492dd8b0b0fd31ce9be56324a63ef868005b33c2ec9854612c3b4da 2926400 chromium-l10n_40.0.2214.91-1_all.deb 83e724d6ec3d27250d4c6941569c43f79466a4798a4893a0c1b04771ea3a5456 853268 chromium-inspector_40.0.2214.91-1_all.deb 10db5d3dbf56276ec0dde53726338c69c42ddbd0d0bc22c02013723a99e34807 2085058 chromedriver_40.0.2214.91-1_i386.deb Files: 1c0a7473ab9b5a3f17cf28aa3923f500 4032 web optional chromium-browser_40.0.2214.91-1.dsc 783ff49d89dee154a87511fb03520bcc 302816880 web optional chromium-browser_40.0.2214.91.orig.tar.xz 8f1d8e4071598fa900558b213f38490a 177948 web optional chromium-browser_40.0.2214.91-1.debian.tar.xz 7ab69a2b921265351e18858a7fd6ee8f 37620020 web optional chromium_40.0.2214.91-1_i386.deb c8e452e077b79ebfa19e1213d92b4e4c 612033190 debug extra chromium-dbg_40.0.2214.91-1_i386.deb c784d4989ec5c1092c006d8420412f77 2926400 localization optional chromium-l10n_40.0.2214.91-1_all.deb 53c80af0b126f8532b9fce7975e0c0b2 853268 web optional chromium-inspector_40.0.2214.91-1_all.deb 000cdf1ba1fa3a1270f1b908379ef0f8 2085058 web optional chromedriver_40.0.2214.91-1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQQcBAEBCgAGBQJUwJKlAAoJELjWss0C1vRzoe8gAIQtMz65HbK5qSKexKDog/8y w6BPl5yf/YN1/PAY7q6EQ7+uU2AAcx08PMsBmb5QcSm/T2pI22nIaqGl3QPb2nWm sPywXgxlPwAUCakEXxREedR1krSatIOzTmhdGydZilGzERl8NblPVE/SqL5dcXwl 5q5ZlHlLN7bGDntUBUn3psn9vWknvl5V5DskbBnHBsxsCpxIFPgEqSEgjjfQjaGr B45UKWlQSKG0aYPzx/DPG5usfy8X2FRe73UaWDrDJYKQUeDmxQOicJpzmLuUuXBi A+kiMLbdXRYb82RKdQk1ZK+SRMmu82R+XVxnDi7xPOytZP+NBSB4uc5pcibblZpf xE+OnBPawfKRpmxpsSTitvO7uux0qlFtHN1tkaIUIPWaQtCpM9ZXRcx6MjJ+rHIp jodod9APmwTlthY0rIBbXiaoNt/9Icv6QIQODzlOcnjc0TUsRtXsoTBrX+fnw7z+ u5uhO5oKrpBqLwMx04YxTdMhjuU71Leo1fWsmKDNgeKbZF/UobiLxfw46mNMCNVP sJb47qZyuN5T4cUmgerXpS8qVdXOO4K5VHnuq4+TWMJ/6LHdOT4PzdKvzkPAhEDc p0JzHG6ZWGdBc3v20VUH48k3kT251fG3sdZGTopVWHjv8/aqJ1Vk1jtS85lNQl1x NyOgNH5gRV3Cahm2OK7RwrSBgrm+l1yGHVAgY2o2Kr0ACon1sRkBoKccIHtS9wcm w6NlptI4yMkv/082lela/YFgYgYkqw7UHVVIYMiKaLt2O4wFlBwUyKtSvdh+7BKQ RAFkPFRCiOe8bdQTCGRT2fsPK5rbx0pZY34Es2O1MN9Kogg0cTnkvZkDG+5SMHMR 5H1Z0b8vXzJIXGxzHT0ASbqVGq8V1nYh8iafgvH0gY1qhS5Aw9ilmVvB1x1u2oVM 4ZKNdtlrhn08c+H1xInVNoq8bPMBYWHMp3M8cAndO3WO9PfSQmJnuXdi+reOpwBb or8OiqnQD65AKjw3rWltcr/NGq3pFDIAzWSnKujoaHWz9ep94XXq7bzvlAyKO+yx kO1s6OumL961NP4EBTiRpaLV1PAzlvg6rKlrvIisskAqB/5K5lhKccheYrh/xWY6 HNPA8uehiGvFkF05Ii/N043hyHk/mepDQfnP8xLdIoaYhGzZCIH3v5uENnQsEdxj S/IYaETJvovnG68NzYvk4/OAuDd8Cg47dfjVXQ/+S5qsNYkDRORFXs6j6Ft2tveO 0kya8rK1cWoujQ2cJTNGzux8AqGXBl0Rri19Gi1BntFRedvlfcp9r4wC814YAV5r M8AP8ez9GcrLBop9V07yF5BwvOkyIN9dWbNDVt4ojfy8n2AuKsmrC8UvuaoIy68= =Dc/0 -----END PGP SIGNATURE-----