Debian Package Tracker

From: Michael Gilbert <mgilbert@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted chromium-browser 54.0.2840.101-1 (source) into unstable
Date: Sat, 26 Nov 2016 04:21:26 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 18 Nov 2016 01:36:36 +0000
Source: chromium-browser
Binary: chromium chromium-l10n chromedriver
Architecture: source
Version: 54.0.2840.101-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Chromium Maintainers <pkg-chromium-maint@lists.alioth.debian.org>
Changed-By: Michael Gilbert <mgilbert@debian.org>
Description:
 chromedriver - web browser - WebDriver support
 chromium   - web browser
 chromium-l10n - web browser - language packs
Changes:
 chromium-browser (54.0.2840.101-1) unstable; urgency=medium
 .
   * New upstream stable release:
     - CVE-2016-5181: Universal XSS in Blink. Credit to Anonymous
     - CVE-2016-5182: Heap overflow in Blink. Credit to Giwan Go
     - CVE-2016-5183: Use after free in PDFium. Credit to Anonymous
     - CVE-2016-5184: Use after free in PDFium. Credit to Anonymous
     - CVE-2016-5185: Use after free in Blink. Credit to cloudfuzzer
     - CVE-2016-5187: URL spoofing. Credit to Luan Herrera
     - CVE-2016-5188: UI spoofing. Credit to Luan Herrera
     - CVE-2016-5192: Cross-origin bypass in Blink. Credit to
       haojunhou@gmail.com
     - CVE-2016-5189: URL spoofing. Credit to xisigr
     - CVE-2016-5186: Out of bounds read in DevTools. Credit to Abdulrahman
       Alqabandi
     - CVE-2016-5191: Universal XSS in Bookmarks. Credit to Gareth Hughes
     - CVE-2016-5190: Use after free in Internals. Credit to Atte Kettunen
     - CVE-2016-5193: Scheme bypass. Credit to Yuyang ZHOU
     - CVE-2016-5194: Various fixes from internal audits, fuzzing and other
       initiatives
     - CVE-2016-5198: Out of bounds memory access in V8. Credit to Tencent Keen
       Security Lab
     - CVE-2016-5200: Out of bounds memory access in V8. Credit to Choongwoo Han
     - CVE-2016-5201: Info leak in extensions. Credit to Rob Wu
     - CVE-2016-5202: Various fixes from internal audits, fuzzing and other
       initiatives
   * Remove libxslt symlinks from the upstream taball.
   * Drop cups patch that's been applied upstream.
   * Build using gn and drop gyp dependency.
   * Update debian/copyright.
Checksums-Sha1:
 4e858ffdba5a83ab59a5e30dcf1b9b35ec96e6b4 3997 chromium-browser_54.0.2840.101-1.dsc
 bd7fa6e433396c9574aed636ab59f1159a1a7677 486638088 chromium-browser_54.0.2840.101.orig.tar.xz
 a2c099cbf7379433547d57b7ad77969131f33b99 113788 chromium-browser_54.0.2840.101-1.debian.tar.xz
Checksums-Sha256:
 ea31a7a628c1ce6930c077a577f1d8f57eee73c777d240c56aa43a17dd56025e 3997 chromium-browser_54.0.2840.101-1.dsc
 e4ec2eaa8586df81cad4c9e565f82054bc7fca1b1fcd82b15546f2ed906ff4d0 486638088 chromium-browser_54.0.2840.101.orig.tar.xz
 d97729c9cc14ac426ab358dae618ff05582552dacb2c042a229104111828778b 113788 chromium-browser_54.0.2840.101-1.debian.tar.xz
Files:
 ba7aaed38dd63a8afdccefd1bfb9a9cc 3997 web optional chromium-browser_54.0.2840.101-1.dsc
 65cddd837503a96db7521a5ac2bd16dd 486638088 web optional chromium-browser_54.0.2840.101.orig.tar.xz
 8fdd643f676b5fc0384ae8b88ff271ea 113788 web optional chromium-browser_54.0.2840.101-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAlg4+RgACgkQuNayzQLW
9HOSyR/5AfNdtM3w+901RpPnNE7fUu0ZVskjHsx4uNKsOIVFj4oqoMYw0qFErqpX
AtI8sxRSNuh6HSCuymZnYEKfJosEOa5E7jPB4sHgjKxBvnWMQHFm/dCiKyUCQfot
sLk9Lp7YvtiHUVFxr4RBG+FLn55mZXDlQn/TwDhvdpd13NuBFd1XCf9Wx6ldlf5s
PrEuMX0+XK1PfNPztKOdIV9bIJHdNtZ9SmStItkKYmvap/QkofkJuI99gXDGuwnF
RYZkVMBpoN06OWyZ0Yj4s/Ov+EY3OpFdD+vi/VQznSVHqL6JdZ++B6xhq0oY/dm5
jCBRckcCqIhTs3hJgT3q/fJmzStHW8bk+o6U59nv4y2kIlZKtJ1Bsu0g4sIkgQMh
XHro24PqVqDOWKs7dKxJj+mAChoGiT1V+Hog1NJupXV4xF9L9K1U7/+zIhX5OG3g
8xGSIds711T1NwqAbiHRfTxHgxy04HRw7Kt3uln9k9R/cYqbl7ydjgd33XVY8OKc
YmKwH9FcaSp38zL89nzk+DL5t2I8PDxOcGPLfppe/CarGiqcPyOS/yhGFvKjIYAT
mzFgyj6HB+EBrIkpz00d0yemPvkQJisVisgsKmPKxMH1yMweSw/LYJAI6RnljFbY
fm9V+qqsujybz58TZrm+1e0h4+yRIPTnP/v9AEizRqYmC/REBgbfWRqzPfnYmFbG
zYP2BO0GI558aDjJGsEdT9o/HfEo2uYVVnS9Q3jUyaWsFT3e207u+pfW5AnmGrCc
xoahPQWCtVmsc3d6qntx1xH0qt4LAoZZejHioKsMCFeqHt+ItHSXFyjqQT/Xs0cd
+keTfls9oZni8pYRj24RrMEwfDcVCy2Ea9fmSfkD0Y2hAXMMGPseXus9kvRbh0pa
RxSMt2Zv771lWeoNyHGgdSKktcBld0FVq9Zr4irCSEGn9J1CRDyZ+a+GaHyW4FR9
gjpMgVzjpLJnSQF1P0KkYMiodfIh6Ak+0M3yh0zPfF3U+ss5atGj21rPzh6IvtIv
pHmeqDyiQrEeEo7V/I1oY37aSSKf9LzDwxxYmmbUAMMaelDaGhwdGUQW2hrK/02g
Vd0bbZgkmLDMC4vOrJXPzZwgikgpcxd2FPF0svG1XuNtdArj/puCa98x3KCdCYnO
ng7wZJq4ZEX9tTvvtaqvTq8YuRQvfiiHioiFKFpMunjIMnw8COQKupKVbPRUQe9G
m1/rlrqM3FMl2Hd02hl7o2QLSpEF9qn0x9N+EZbCDFuO6ZTpT/nRVMNj5dmpkEDf
0K1CwOLBOJWkH1f4XJQ7KRV1te4FSIyRSP0V/wfrqidqcAAuYx8xf+QZ4MnsKSIv
NKmSOJl87KCigWYQ8eUcy9q37/YNaA==
=xY79
-----END PGP SIGNATURE-----
News for package chromium-browser
