-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 05 Mar 2018 01:26:31 +0000 Source: chromium-browser Binary: chromium chromium-l10n chromium-shell chromium-widevine chromium-driver chromium-common Architecture: source Version: 65.0.3325.146-1 Distribution: unstable Urgency: medium Maintainer: Debian Chromium Maintainers <pkg-chromium-maint@lists.alioth.debian.org> Changed-By: Michael Gilbert <mgilbert@debian.org> Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-l10n - web browser - language packs chromium-shell - web browser - minimal shell chromium-widevine - web browser - widevine content decryption support Closes: 891831 Changes: chromium-browser (65.0.3325.146-1) unstable; urgency=medium . * New upstream stable release release. - CVE-2018-6056: Incorrect derived class instantiation in V8. Reported by lokihardt - CVE-2018-6060: Use after free in Blink. Reported by Omair - CVE-2018-6061: Race condition in V8. Reported by Guang Gong - CVE-2018-6062: Heap buffer overflow in Skia. Reported by Anonymous - CVE-2018-6057: Incorrect permissions on shared memory. Reported by Gal Beniamini - CVE-2018-6063: Incorrect permissions on shared memory. Reported by Gal Beniamini - CVE-2018-6064: Type confusion in V8. Reported by lokihardt - CVE-2018-6065: Integer overflow in V8. Reported by Mark Brand - CVE-2018-6066: Same Origin Bypass via canvas. Reported by Masato Kinugawa - CVE-2018-6067: Buffer overflow in Skia. Reported by Ned Williamson - CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab. Reported by Luan Herrera - CVE-2018-6069: Stack buffer overflow in Skia. Reported by Wanglu & Yangkang - CVE-2018-6070: CSP bypass through extensions. Reported by Rob Wu - CVE-2018-6071: Heap bufffer overflow in Skia. Reported by Anonymous - CVE-2018-6072: Integer overflow in PDFium. Reported by Atte Kettunen - CVE-2018-6073: Heap bufffer overflow in WebGL. Reported by Omair - CVE-2018-6074: Mark-of-the-Web bypass. Reported by Abdulrahman Alqabandi - CVE-2018-6075: Overly permissive cross origin downloads. Reported by Inti De Ceukelaire - CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink. Reported by Mateusz Krzeszowiec - CVE-2018-6077: Timing attack using SVG filters. Reported by Khalil Zhani - CVE-2018-6078: URL Spoof in OmniBox. Reported by Khalil Zhani - CVE-2018-6079: Information disclosure via texture data in WebGL. Reported by Ivars Atteka - CVE-2018-6080: Information disclosure in IPC call. Reported by Gal Beniamini - CVE-2018-6081: XSS in interstitials. Reported by Rob Wu - CVE-2018-6082: Circumvention of port blocking. Reported by WenXu Wu - CVE-2018-6083: Incorrect processing of AppManifests. Reported by Jun Kokatsu * Enable support for vp9 (closes: #891831). Checksums-Sha1: c6bd171d05a04206516d2fc670a7cfd958fa9481 4319 chromium-browser_65.0.3325.146-1.dsc bad2cec5e9c7c1133fc14d217dfc5094b2e81a89 423466848 chromium-browser_65.0.3325.146.orig.tar.xz 74b066b79dc70c2c2b822f28049005e95fd98be8 144076 chromium-browser_65.0.3325.146-1.debian.tar.xz 8da3a13193dec6dc0237380e0df9ff769273c765 18964 chromium-browser_65.0.3325.146-1_source.buildinfo Checksums-Sha256: f0ffcbad04a9dda2b87133b056101dfbe6f1bae540f9bc309d7007fcf320b126 4319 chromium-browser_65.0.3325.146-1.dsc d58772caa62a4f78a457d2844bee5e6646e3561c5696327e79028dc4bba8f018 423466848 chromium-browser_65.0.3325.146.orig.tar.xz ad447083fa52fd55be8b68c663aca974ba8f5c481954a51c6063f35f7ab93933 144076 chromium-browser_65.0.3325.146-1.debian.tar.xz 02530a9360c013c53828c8ae6e5f628d94bde6e6872757c0846730db351c92cc 18964 chromium-browser_65.0.3325.146-1_source.buildinfo Files: f1cfa633b0f881f118784a6a45215b8b 4319 web optional chromium-browser_65.0.3325.146-1.dsc 3737ce0a3357ff33d0088a21a1fd1c70 423466848 web optional chromium-browser_65.0.3325.146.orig.tar.xz 98e7db89d990c7ce1e94de934ae41427 144076 web optional chromium-browser_65.0.3325.146-1.debian.tar.xz 94bc2e5973f7a6037a2def22176135f6 18964 web optional chromium-browser_65.0.3325.146-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAlqhxzQACgkQuNayzQLW 9HNX1B/+IYVvjP1AUKTWHcn/TyQN3Dhr7U09acVKux0fgc4/Suah6zLvBYuXoAzf 38zNCfvjnnW+2y31T3UJ+I+lOK6AaQzkhSPHFcm9ujQtNiKQ1Quz5VjVu2KtxzMX UxBFhhKKkK+MDyHci/Fub2vATGTjX4pY3SwdclVw5EBtUvGseQjpymptJKX+FpUg u59b81beZMqFosBNq/JhbW/8z0VCWorRXhxf/i2StbyVeecyRgJ+fj49VezW6A1z 9Jbz7jDu073fHjE3M2BB019Q2olTFYChEYDBzZiV8Y6pCFVJKEDIXtCKBahEhrjg 3+rGvRVDtmCgVOv0S5BjO4Wbr2zeo6XXKSX3LrwBzhzKUkfGZE4SHxacF3eDMaCz iEiebhyMmEQ7bQOP8fZ/it/Q3WNe+hP3Tv3x2WEm7J0T1sQeup5bTcIrZuLdeuC0 G/Hm21bktIGatlLK3Jp3vAkp7y4GYGp+nAIXo0msI0e/gAFathdLj2I6YBmXNWXL hw/GBiq79zh8855HTWOP33/ObwjnoN+BYh9jY7V5RXH8ZvJ2JYU/dip0d9+E5PxS jgeYtGEKmCIYkQgt4/HaUqObsLGdhT5eWnb1UqutF51PXlFvIDd6yOVb+3F5wb/z FbF89+1SSz0EVZ/VBTy/udgM8MIHbv7oAvuDfuQXNn1P/uZBAfrSmyAgfuwZqxZ3 v3c9MKOFHk7CLsmMTKvS3T9LkwgG4cDxAudGpte+hvJCdfBR/AKrRrHm2uxM4jZm +6Ba7OpOYrTG4zYRQRZRk2fdX/5rfZMCrdjD4BRbbhck0kfD76ho+zSe7+hDRB8Q 5D0IVGbv+r1MCeYUYKte8jaZGP8bRbx9mjS2iWImMaMDx2lzQeJ68ctF10FeXjt2 HnXIgh5n5vr9wxrnWnq/faYoFhUmfoGi7mikfjL0Gl9Z/1LaLzqIRLljRSZvUGkp O2CV8ODuWL0Ck1zSr8ukr8k8e/b2V0nOt73wQ7mGk1wiNW4NXuIk1iqrRk7Q6MCp rid9fgQkCymWg+SQ+HN9gBHNcJExnPSSaElgRAZ/PVQi/TbKUxt2XqJpDydbaZCE S6IC/R6sMfrJpTQ0JbJAIYS1djIrzpAEFRPvhqO2Ikl2kvIOPHSTFqslWFM5IESc qm6R8P8J+A3Ee9Nc6VPYWlINqCnYR1lr7zp6aBw0w0lQ8UEoCnmwkkh9R9+22nAQ hzM6tKYDV+wKWaFt9ab/DyMmzN9A0Vd/jt0TLSLAgrR5+C6f0F1OYiZYZW8HXMbb VV7OGQ0tKlWj8QEa+nj0aQmPrM/EbhWcgcwz4vHrx2AA/7DW/VnwUO1QCCtSP5wu fJ2NPOANe3bARyGPcIwjJyBcvbNb1w== =F1Eh -----END PGP SIGNATURE-----
