-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 05 Mar 2016 01:05:51 +0000 Source: chromium-browser Binary: chromium chromium-dbg chromium-l10n chromium-inspector chromedriver Architecture: source i386 all Version: 49.0.2623.75-1~deb8u1 Distribution: jessie-security Urgency: medium Maintainer: Debian Chromium Maintainers <pkg-chromium-maint@lists.alioth.debian.org> Changed-By: Michael Gilbert <mgilbert@debian.org> Description: chromedriver - web browser - WebDriver support chromium - web browser chromium-dbg - web browser - debugging symbols chromium-inspector - web browser - page inspection support chromium-l10n - web browser - language packs Changes: chromium-browser (49.0.2623.75-1~deb8u1) jessie-security; urgency=medium . * New upstream stable release: - CVE-2016-1630: Same-origin bypass in Blink. Credit to Mariusz Mlynski. - CVE-2016-1631: Same-origin bypass in Pepper Plugin. Credit to Mariusz Mlynski. - CVE-2016-1632: Bad cast in Extensions. Credit to anonymous. - CVE-2016-1633: Use-after-free in Blink. Credit to cloudfuzzer. - CVE-2016-1634: Use-after-free in Blink. Credit to cloudfuzzer. - CVE-2016-1635: Use-after-free in Blink. Credit to Rob Wu. - CVE-2016-1636: SRI Validation Bypass. Credit to ryan@cyph.com. - CVE-2015-8126: Out-of-bounds access in libpng. Credit to joerg.bornemann. - CVE-2016-1637: Information Leak in Skia. Credit to Keve Nagy. - CVE-2016-1638: WebAPI Bypass. Credit to Rob Wu. - CVE-2016-1639: Use-after-free in WebRTC. Credit to Khalil Zhani. - CVE-2016-1640: Origin confusion in Extensions UI. Credit to Luan Herrera. - CVE-2016-1641: Use-after-free in Favicon. Credit to Atte Kettunen. - CVE-2016-1642: Various fixes from internal audits, fuzzing and other initiatives. - Multiple vulnerabilities in libv8 (version 4.9.385.26). * Add libffi-dev build dependency. * Set use_sysroot=0 to continue using system libraries. Checksums-Sha1: cf390a8dbb06f199c99d0862ce88647154f0b523 4072 chromium-browser_49.0.2623.75-1~deb8u1.dsc ae8c320bcf511afcc691bd8a8ed1946848ce56f7 452527444 chromium-browser_49.0.2623.75.orig.tar.xz 9b02c98d6539799463a4d5cce1cc398bf2f1e9cc 179896 chromium-browser_49.0.2623.75-1~deb8u1.debian.tar.xz 37b789a8c6fe8f5cbca4c5eee5fb9dbfecb54e1a 39992430 chromium_49.0.2623.75-1~deb8u1_i386.deb a04f98aead7942e7736d6980e6e4356e2d7367e0 7320550 chromium-dbg_49.0.2623.75-1~deb8u1_i386.deb 0abb4ecc574b7d4e08b96b052d89d312e44f4146 3118310 chromium-l10n_49.0.2623.75-1~deb8u1_all.deb 7bc60481446870e2284d1e987f54ac3127d86ee0 1303652 chromium-inspector_49.0.2623.75-1~deb8u1_all.deb 62ac0b114043f14bc8daf5dbf2ef6141ffdda4c3 2562456 chromedriver_49.0.2623.75-1~deb8u1_i386.deb Checksums-Sha256: df9d5bc171ca103a031e40c161d1276d4dd793772a3e13aa69741ad11b9d815f 4072 chromium-browser_49.0.2623.75-1~deb8u1.dsc 687e11ab1353c082c176ee7fb60389f69a61c5856de812fe3ceb29ff93c49c56 452527444 chromium-browser_49.0.2623.75.orig.tar.xz 3492a9b71e789dfc64efe8e375de6b90e3fda2bc87c02e2fd66706493eccb9fa 179896 chromium-browser_49.0.2623.75-1~deb8u1.debian.tar.xz 0372d8ca9d8ce4beab15f6d9ee6843e703dd1012626bd44ab2af36d1cbef18b4 39992430 chromium_49.0.2623.75-1~deb8u1_i386.deb 89a86e1d20888c801c12fbb849a0ccb97ba6c04945eeff04cc3bfe1fff94afdb 7320550 chromium-dbg_49.0.2623.75-1~deb8u1_i386.deb 73445c7ce8bda6108f695d13b703445064a7efa7e20a8a9aec0aa85473878ac5 3118310 chromium-l10n_49.0.2623.75-1~deb8u1_all.deb da88a23241eb76c39b4299ae8f8675e12956e276f327899c93e187759b712536 1303652 chromium-inspector_49.0.2623.75-1~deb8u1_all.deb 2601bf81a081e20ce2e62213dc6e2a4a322c98e02b3bcb72c35e4d9e70819003 2562456 chromedriver_49.0.2623.75-1~deb8u1_i386.deb Files: 3f091b061a44843c3285560ea0ac087c 4072 web optional chromium-browser_49.0.2623.75-1~deb8u1.dsc 858e0a03e836cab5c062343584318f5b 452527444 web optional chromium-browser_49.0.2623.75.orig.tar.xz 3365fcea9087e2abff6f57e47bc9e98e 179896 web optional chromium-browser_49.0.2623.75-1~deb8u1.debian.tar.xz e1576e65ef6e43d5e2f5d042446fe9de 39992430 web optional chromium_49.0.2623.75-1~deb8u1_i386.deb fb8da7d0ba2daee230057db5d0f680c0 7320550 debug extra chromium-dbg_49.0.2623.75-1~deb8u1_i386.deb f4bb808e27efc0fd6f4ea066495427cb 3118310 localization optional chromium-l10n_49.0.2623.75-1~deb8u1_all.deb e1dfe1d5f677ff7de886744b8c45389d 1303652 web optional chromium-inspector_49.0.2623.75-1~deb8u1_all.deb e854fde9f1e5cda0ccd9364c85ec04a4 2562456 web optional chromedriver_49.0.2623.75-1~deb8u1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQQcBAEBCgAGBQJW2ku0AAoJELjWss0C1vRzZGof/ikE1792ih0fToR2udBiT8/T arVDNx2XckvZVTWZdqXpcg/a2RS6bppLXiWKGtzO9UC2GuiqoxxwBm/Yrovm5SR3 gr1uqIA6ljXLuEfv/aq/eRCpZbHge6lXOMIF5TuSrcgiG8HqvhfLIqlr8kuVKQf7 W4DeF+XuWZCgG1600FKqlMMzImx/q5mKEQw5psG+TUKv/n0UmgGq0b5Igq4STMof ITODAuJezJHagOOMKDaUop2EqFT138pteWJe/E5OpP09WCHtRBQ8cjrcf5LHmcCu NwjAongjOYidQB/NODWMA3mrXJE++57Q7x+REhtl3HpD25O+jhfibXtTqb5k1JuX zHKdqivFICPdkSTxWd1LUyzjjLHV3Rg18PRk+maZxtiZtuU8l3NdDpoCIMgFkgU6 tUlHcG9GLaaNvO22+6njofuVFXmLG8NJTpXsJEEGmXNe3wHF6x3dZebG/7HDxHHU Gj3ScSVR6BkAuLNIEX9HBFmR167WB0ffSt0nmn9Zmujvg7ksRZ0TYCD1nTsR1rwS DRX1ktjvsw7Icbxpjl3K32FEHIV+/rb96OJKzfYIqppvNAlG5W+QwWsRbmScULhR 1MeMJHDZXF8bO7ooWtGr2ZQ57UpLKRxrk+58P+xOAVrTjfQYNBgiO1JCTVL+uP91 YDiB+jm4IChWMWh+0Pw4fdvDVKKou/7/W6E1Cr8BVT41aqzn3WtcQCF+19Cm8irC KimCrFdcteGFdYav/UDFXcxa5m8Y2eeYDM9Ro2omnCRmA/ESatMJpPXIfTErgFtY 8a/jh4LzBdIjFYcKkd5NcGp0ZQa0E/874L8FxJ68GqFZY7+jfUoHbcNiosnj3ga+ z5bjp6oBE1CPQ3M9Ysj+gI/P+pKX7PEuw4SXqOh7MFFY6+XsezCVVbe7H8OunW0R RMpUw0Z6rFdUbhVZ/D5oRxuhYCPt7JwAmU77YkzoEApiY8ezY3X/YGev5VD2gWkI 8seNSDikif5AonJhQ21sVTALA0vAuomXnXiYFP44EBOiRU+7Mkp4o3syx6ccnBwP oZWOZpsfeRI+iWdGSaiTJ04NcNmNs9jDH8jQ4J9/j4Y2CkRbyu+jeyI4YMQCVBXv 8v7nqFB+z/PwqjFIobkkZBFouNDpBwwmRpbW898H2Jhik/RgZxxFIYFTVIiS7HDs cZKeduPKZl+uQFSEF1c0v8R+HKObYIMPa3SME4iwxV3riodduPkGLy4fIvPRzBuC fbV9aBk1kx23QEqmRJMxjF+8D1oEaYjbTEH2yndSLQKz6Zc5SG5jXs6EzFm77GJs 4PwYEu9HPFOd9M1iDsSvljQqCh6tciBaAU0czb0UBeKlIEMUhRKf9IFJfyTeJGo= =Et2P -----END PGP SIGNATURE-----