-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 09 May 2015 22:37:06 +0000 Source: chromium-browser Binary: chromium chromium-dbg chromium-l10n chromedriver Architecture: source all Version: 43.0.2357.65-1 Distribution: unstable Urgency: medium Maintainer: Debian Chromium Maintainers <pkg-chromium-maint@lists.alioth.debian.org> Changed-By: Michael Gilbert <mgilbert@debian.org> Description: chromedriver - web browser - WebDriver support chromium - web browser chromium-dbg - web browser - debugging symbols chromium-l10n - web browser - language packs Closes: 677948 756211 763421 Changes: chromium-browser (43.0.2357.65-1) unstable; urgency=medium . * New upstream stable release: - CVE-2015-1252: Sandbox escape in Chrome. Credit to anonymous. - CVE-2015-1253: Cross-origin bypass in DOM. Credit to anonymous. - CVE-2015-1254: Cross-origin bypass in Editing. Credit to armin@rawsec.net. - CVE-2015-1255: Use-after-free in WebAudio. Credit to Khalil Zhani. - CVE-2015-1256: Use-after-free in SVG. Credit to Atte Kettunen. - CVE-2015-1251: Use-after-free in Speech. Credit to SkyLined. - CVE-2015-1257: Container-overflow in SVG. Credit to miaubiz. - CVE-2015-1258: Negative-size parameter in Libvpx. Credit to cloudfuzzer - CVE-2015-1259: Uninitialized value in PDFium. Credit to Atte Kettunen. - CVE-2015-1260: Use-after-free in WebRTC. Credit to Khalil Zhani. - CVE-2015-1261: URL bar spoofing. Credit to Juho Nurminen. - CVE-2015-1262: Uninitialized value in Blink. Credit to miaubiz. - CVE-2015-1263: Insecure download of spellcheck dictionary. Credit to Mike Ruddy. - CVE-2015-1264: Cross-site scripting in bookmarks. Credit to K0r3Ph1L. - Fix for gzip file downloading (closes: #677948). - Fix for bookmark navigation (closes: #756211). * Enable HiDPI (closes: #763421). * Make chromium-l10n binnmuable. * Fix Built-Using fields. Checksums-Sha1: cc4f66c83c7e5729fba710d54e0b7e999dc14481 3925 chromium-browser_43.0.2357.65-1.dsc f82e0dd4ac4010a6e5d3d14be97fb3351ec4e6b0 333144304 chromium-browser_43.0.2357.65.orig.tar.xz b0d07aaeffdf529648ed6ea50b52b8727e145fa3 178272 chromium-browser_43.0.2357.65-1.debian.tar.xz 2f02cd5601956f5b63b172e56bd5ef2e28d0a827 3161810 chromium-l10n_43.0.2357.65-1_all.deb Checksums-Sha256: e87c1223354aa96a4f9b275c8b8363dbf9a41760a81611ee33c9c2f491fe09d5 3925 chromium-browser_43.0.2357.65-1.dsc 148705cd617a40f6f33add127187fceb9a007e9836378dcc8b494b2414018844 333144304 chromium-browser_43.0.2357.65.orig.tar.xz 42f92df4e04da85833705bf15232499d2e19e216f34a4ba72b1f11741e864417 178272 chromium-browser_43.0.2357.65-1.debian.tar.xz f94bdbafa4144e4ac8c5da7aff6a984304e8486378228285f9e113890bb419ba 3161810 chromium-l10n_43.0.2357.65-1_all.deb Files: 016834b9f432747f54b74f58fafaecd4 3925 web optional chromium-browser_43.0.2357.65-1.dsc 24a0b06c473dbf0daa6a9bdaf9e3bf6e 333144304 web optional chromium-browser_43.0.2357.65.orig.tar.xz ae54c89881f5f295609388cd029e2028 178272 web optional chromium-browser_43.0.2357.65-1.debian.tar.xz c1e437063f1db339a7109ff228091e88 3161810 localization optional chromium-l10n_43.0.2357.65-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQQcBAEBCgAGBQJVXQ56AAoJELjWss0C1vRzzlgf/jz5E5G2Ch36v3aiAp0mhOb6 jRwrnrseha+iw46x5VlUH4XK1ORhziZK1QCdolYgAPBybAX9UVBpYWkTaNjqZ/ev AvGgwaQ5CZv4brVZH1AyHf3uoDs0BjrA1W2l+H9Vb81vTq6CsnHlYWFPPf6zCII+ a/sf7Ky2WEa4sig8ioCzK0oO0I/KUsoG3VgS3mkbSCNR1NOz0o34uSXKlL6Q5l5J WM6bRLBBx82kTLb7ij5N2p5LWVDdf4b8iBLs4NOfnYL7CvfzJ96+RKAox8tAXxNZ s9+i/9uZ/kEx0e1XFfRBgsDXOWKwjIPoLKsNW03pptb+6Mj25EW6qspEFC2qe7oN m1x2VwGXxZg4//96w/S5xv3nO1ZXagxKoelUird7aAvvqKvLzcZW2C49022zKTrk yB/w8ek3lfehd9VCc9QS8ia09J82RurgwRqCouoiTgh0u/4OlDRPVKmsOSf+2c6Q xoxFngWgy7QuUE8q8bbrKWcuYLKs8MTHwnVo7MwwCN+5WKwhw0Ib1JqtdS09jBKI kGbG3yjLALzHhy2/g0hBsHLULE0pJWO8WB2Z1tmpxzXi3sDM/lUS7o9VDkptF3oF sRVFvyTopIkba+3cPKcLSBO2Sbd/trH8fUpAMVWHpmJ2sNHW2jCHfHP3eivZ5dV6 NodAEk2XJy62OgsQ6Nl5Z+UqNGHnmgtlwSFXlk+UTilla8YvQ422VY5e8+5xVD1f Tf22ruxlCELTZR1bpoaYMzcWsyDam+U4utGrrDwtxDEB1oCXFMay5yfK2bbITxFG GYQrbFbxGuaEDHilX6rJ+hoRzSLiMhW7CrCQP8p7tdRW1lOjC5I8k+un1JQH1wYU wUkx4B2tB+omge4wYS0k79HBgEjfdJ/E+5WOoYSKXHJ5yTPwuw6ArMQmRnoTks3V +Iq4TDWwQbPNzta4zvjJSgCdaFkAXm0vPXe+Mg1PEIOHGYWAgatVrdmrkjxC5Jrr /z+QpyO2d9PnBNEgAPDk9XrjYhAr5t1cKvj4kQu+Ay45tkH692AIKZqdlm1p5ZtL 25Oo+VSljUn4HubKPVQ9ZVVdKjzPpr8hKomLJgMr/RqwFC/oOav6x+cQwwucTXhq GjgUWHOa1p8XuyXk3qCQwAOvyE/QPvWd0kmeswF1LT+hb6REtwqBzhJ6C7lSz1b+ HvGrnkorVfx8eebzdT3KIDYh1iBnRHHs2uzDeZJkzWrS6c2O9Wi1/g272Lw7AXS2 cVzJY2rKlfij4h5BAtFq3QpAs6H+G9gIObHJ5uifguDU/yaHLvUw9YmJjMQxpm0Y MG+s6gATRoBlIybW9WqwRi/rxP3zfbELmWTQ738EOuwa2QE5nMiKN4pbzeW/h90= =h2Pc -----END PGP SIGNATURE-----