-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 26 Feb 2017 03:18:38 +0000 Source: chromium-browser Binary: chromium chromium-dbg chromium-l10n chromium-inspector chromedriver Architecture: source i386 all Version: 57.0.2987.98-1~deb8u1 Distribution: jessie-security Urgency: medium Maintainer: Debian Chromium Maintainers <pkg-chromium-maint@lists.alioth.debian.org> Changed-By: Michael Gilbert <mgilbert@debian.org> Description: chromedriver - web browser - WebDriver support chromium - web browser chromium-dbg - web browser - debugging symbols chromium-inspector - web browser - page inspection support chromium-l10n - web browser - language packs Closes: 855434 Changes: chromium-browser (57.0.2987.98-1~deb8u1) jessie-security; urgency=medium . * New upstream stable release. - CVE-2017-5030: Memory corruption in V8. Credit to Brendon Tiszka - CVE-2017-5031: Use after free in ANGLE. Credit to Looben Yang - CVE-2017-5032: Out of bounds write in PDFium. Credit to Ashfaq Ansari - CVE-2017-5029: Integer overflow in libxslt. Credit to Holger Fuhrmannek - CVE-2017-5034: Use after free in PDFium. Credit to Ke Liu - CVE-2017-5035: Incorrect security UI in Omnibox. Credit to Enzo Aguado - CVE-2017-5036: Use after free in PDFium. Credit to Anonymous - CVE-2017-5037: Multiple out of bounds writes in ChunkDemuxer. Credit to Yongke Wang - CVE-2017-5039: Use after free in PDFium. Credit to jinmo123 - CVE-2017-5040: Information disclosure in V8. Credit to Choongwoo Han - CVE-2017-5041: Address spoofing in Omnibox. Credit to Jordi Chancel - CVE-2017-5033: Bypass of Content Security Policy in Blink. Credit to Nicolai Grødum - CVE-2017-5042: Incorrect handling of cookies in Cast. Credit to Mike Ruddy - CVE-2017-5038: Use after free in GuestView. Credit to Anonymous - CVE-2017-5043: Use after free in GuestView. Credit to Anonymous - CVE-2017-5044: Heap overflow in Skia. Credit to Kushal Arvind Shah - CVE-2017-5045: Information disclosure in XSS Auditor. Credit to Dhaval Kapil - CVE-2017-5046: Information disclosure in Blink. Credit to Masato Kinugawa * Configure with fieldtrial_testing_like_official_build=true to avoid building with experimental features enabled (closes: #855434). Checksums-Sha1: d65e05e74c1eafbc9bdc90ed8092e6f9243bc676 4087 chromium-browser_57.0.2987.98-1~deb8u1.dsc 22a8c32dc35bcfbe57159f9ca7b396d799567fb6 481398480 chromium-browser_57.0.2987.98.orig.tar.xz 2f8da2f001e738577bce9fc75a20435360bb6e69 185220 chromium-browser_57.0.2987.98-1~deb8u1.debian.tar.xz 3a8b19a4dc82ebf0143c3630e2cfa71176a561fb 45803392 chromium_57.0.2987.98-1~deb8u1_i386.deb 41faf95223c484103e0f6200bf7b2a61293ea9d3 7301426 chromium-dbg_57.0.2987.98-1~deb8u1_i386.deb 8ecf0a4f17e27b9299122eccf6be136cfd7f6359 3371274 chromium-l10n_57.0.2987.98-1~deb8u1_all.deb 95c966c80bb53b3f4264cac1abb2c9dd20586b78 1415072 chromium-inspector_57.0.2987.98-1~deb8u1_all.deb 2867c26a26f7d4e65c0f14a694ffeabdb11ef4bf 2810780 chromedriver_57.0.2987.98-1~deb8u1_i386.deb Checksums-Sha256: fd2cc713e10bba251baad7f609e11733012623c56512d022bea45f494204ab39 4087 chromium-browser_57.0.2987.98-1~deb8u1.dsc 6c7bfd6e226a0e94dca91479b94c444c162d2a834d65e08208d25692bc1e0e9c 481398480 chromium-browser_57.0.2987.98.orig.tar.xz c7b02dc64baba418fffe9233a806397cf534ceadea6eb590d3b7a9119c9c21d6 185220 chromium-browser_57.0.2987.98-1~deb8u1.debian.tar.xz 9270ee7e27b54c327027c02dfcbab734b093435bdb4eefc7285b9024c49db63b 45803392 chromium_57.0.2987.98-1~deb8u1_i386.deb 11fbfa5300edbe55cfdd7accb510cfa9c59af9cda23080834d2304baf0bf9891 7301426 chromium-dbg_57.0.2987.98-1~deb8u1_i386.deb 80627193c888b8ba2c99d7c12b5c1ca826b0226e6431a648bccf7a92261b443e 3371274 chromium-l10n_57.0.2987.98-1~deb8u1_all.deb 6665400b33fb3ef26e71edda1973f267e7a217d653468a0cc035ccab33f0a1e6 1415072 chromium-inspector_57.0.2987.98-1~deb8u1_all.deb 29edfb7ded9e952d2a46db64197ddca7dc2f26847b0228f8c4bf359c0fecf3ec 2810780 chromedriver_57.0.2987.98-1~deb8u1_i386.deb Files: 136c31a3ec580ae2d421ad8f3bcb4eac 4087 web optional chromium-browser_57.0.2987.98-1~deb8u1.dsc e5b393a2b3000f5cadf3c0ee4b11e206 481398480 web optional chromium-browser_57.0.2987.98.orig.tar.xz a21d3051d0ad84bcced131743f2879cf 185220 web optional chromium-browser_57.0.2987.98-1~deb8u1.debian.tar.xz 3fb7024ee36d01e9e60d75cfe1e56d8c 45803392 web optional chromium_57.0.2987.98-1~deb8u1_i386.deb 020de755dfd39e6af8656279981e873d 7301426 debug extra chromium-dbg_57.0.2987.98-1~deb8u1_i386.deb f1c3e4e8ef3b8df543d643636d8b1a03 3371274 localization optional chromium-l10n_57.0.2987.98-1~deb8u1_all.deb 33c974d9f157c04be905dca4ece76165 1415072 web optional chromium-inspector_57.0.2987.98-1~deb8u1_all.deb 92f9bcfaec77274e910135cbedc8c998 2810780 web optional chromedriver_57.0.2987.98-1~deb8u1_i386.deb -----BEGIN PGP SIGNATURE----- iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAljGAWQACgkQuNayzQLW 9HMRCyAAmVP8L5hwFKjvYCoqHBR5HVpW0ZjewI1tzyTlwaIBHaCZqMEhWOPPwsfp G16+VSTym9C0RoQy/7RCfIo5BEVa4IOy86jes/je9r8AWBLxg/u05R7U7EDszmtj 099r7QpNNpZeUYbHQDqpnVFM+CdfRigJy0FmwGmWOMg7mb+tyr25EUWmXg25FsXl PyXKRHHem3K4AqGTWJxiNMg7sEZVWXrUp0fqx3lCz0mSldA+tP4nob8vNn066jyu byc0nadAxn5TIrgRbayhiNpEoMJA12goKan5AFWg/drHCigAQiK04qSjmViiQrJG k8LAZ07GWam+e0Z4Ax+fY4FAibRjQFZHWQgk4/DHd3DmUon0xanO41zj4BbprLFA MhW6UJ9XTzSAS9SXA+MWCjxPf1mvILUnbcrLqz/nO7598GRExM/OghDpvkx5/0Oa 86zMmqZvsZMNsveElEjbJZZoG4a9hqVnm93Opqu0wMjYrqdnrn+NsF/cwWewAY9h 3yhxtlbuF0/nkxusQ70dpT/hTW4QVso7Wxc5sjHpu5qr6Z9rGL1bwEr+DXpyg/jj lT4b8yaEBE59KnTlFYaR7QgjJN1EtQeDDMhs3/d+aoEyiPSDAQ6pREcuGbdIzulX PJtUC8FqsHNqQ04GJCWWkbp0eFVfrVBGPfzeWezJ83w1cuz1s+3bQiq/TPPFWBZW zjTaWcU+4c5WxaHmhlGdFYj6785ZcSdkTO3Wyjf/aGBoSySDzF7Zte1/N8Znx80F cshQh/YKJi6hm4ebd+79DiQwHJ/V7Oz2Pel24C3oexSyG2y13Np/VuIlsYQgG7p+ 5OPNeICMePSLsl19f45DfWmRHv94Opw959sRTe+E2BaMtNLDLGHMfV8iBNuvxVOj AW9vaa2c3GTjEUJnQTj2/P6/sQy3lqI9A2zbQ8rbduZkdOAugKr2XILL5akPPnl2 HNHecHK7xEy+D/v1guCyN3RxcS3UOVscaJsHrmacRQkVHj/FpKh8qura3boYlieU ZVaIfedrhuG5dqb+/TShEbh1nWFgaLOVeDMRiXS7BXbgM1hkWJbALOr07wzuXVG7 NDh2lTLYv9+NXsIEC3lj03VLb1LgyycJcVdXCW9oTOX1bMpao1QOR1GpeuETlX9j WRD7eeU19wBdXm4GuasQhqK1vMIcflJ4/5q78YRUTKYE0tV6ru3S17/+btiyH1w9 c/iTRx7PYvGQ78nJyv7BDo14mVA/KypWKCgpyWViG8XIyS7PTdQIG4gv1mHFwGKN /ivkx5YXgWNTWhFxuQ898h7vLJwTIK6HQQox0NNcxec8+3FxC3BUZe5X3fWRdzsh 7P13mq1uhq7R5YMU7S1uGGVLzEcxGQ== =v9Iz -----END PGP SIGNATURE-----