-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 25 Jul 2018 00:28:20 +0000 Source: chromium-browser Binary: chromium chromium-l10n chromium-shell chromium-driver chromium-common Architecture: source Version: 68.0.3440.75-1 Distribution: unstable Urgency: medium Maintainer: Debian Chromium Team <chromium-browser@packages.debian.org> Changed-By: Michael Gilbert <mgilbert@debian.org> Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-l10n - web browser - language packs chromium-shell - web browser - minimal shell Changes: chromium-browser (68.0.3440.75-1) unstable; urgency=medium . * New upstream stable release. - CVE-2018-4117: Cross origin information leak in Blink. Reported by AhsanEjaz - CVE-2018-6044: Request privilege escalation in Extensions . Reported by Rob Wu - CVE-2018-6150: Cross origin information disclosure in Service Workers. Reported by Rob Wu - CVE-2018-6151: Bad cast in DevTools. Reported by Rob Wu - CVE-2018-6152: Local file write in DevTools. Reported by Rob Wu - CVE-2018-6153: Stack buffer overflow in Skia. Reported by Zhen Zhou - CVE-2018-6154: Heap buffer overflow in WebGL. Reported by Omair - CVE-2018-6155: Use after free in WebRTC. Reported by Natalie Silvanovich - CVE-2018-6156: Heap buffer overflow in WebRTC. Reported by Natalie Silvanovich - CVE-2018-6157: Type confusion in WebRTC. Reported by Natalie Silvanovich - CVE-2018-6158: Use after free in Blink. Reported by Zhe Jin - CVE-2018-6159: Same origin policy bypass in ServiceWorker. Reported by Jun Kokatsu - CVE-2018-6161: Same origin policy bypass in WebAudio. Reported by Jun Kokatsu - CVE-2018-6162: Heap buffer overflow in WebGL. Reported by Omair - CVE-2018-6163: URL spoof in Omnibox. Reported by Khalil Zhani - CVE-2018-6164: Same origin policy bypass in ServiceWorker. Reported by Jun Kokatsu - CVE-2018-6165: URL spoof in Omnibox. Reported by evi1m0 - CVE-2018-6166: URL spoof in Omnibox. Reported by Lnyas Zhang - CVE-2018-6167: URL spoof in Omnibox. Reported by Lnyas Zhang - CVE-2018-6168: CORS bypass in Blink. Reported by Gunes Acar and Danny Y. Huang - CVE-2018-6169: Permissions bypass in extension installation . Reported by Sam P - CVE-2018-6170: Type confusion in PDFium. Reported by Anonymous - CVE-2018-6171: Use after free in WebBluetooth. - CVE-2018-6172: URL spoof in Omnibox. Reported by Khalil Zhani - CVE-2018-6173: URL spoof in Omnibox. Reported by Khalil Zhani - CVE-2018-6174: Integer overflow in SwiftShader. Reported by Mark Brand - CVE-2018-6175: URL spoof in Omnibox. Reported by Khalil Zhani - CVE-2018-6176: Local user privilege escalation in Extensions. Reported by Jann Horn - CVE-2018-6177: Cross origin information leak in Blink. Reported by Ron Masas - CVE-2018-6178: UI spoof in Extensions. Reported by Khalil Zhani - CVE-2018-6179: Local file information leak in Extensions. Checksums-Sha1: 2fd4a49eebfce4c5fa4529839575e53f26efefee 4202 chromium-browser_68.0.3440.75-1.dsc 72e6cf3875b0b03df551cb94ba5df20f2d7ea8e2 209142896 chromium-browser_68.0.3440.75.orig.tar.xz 0b7af4154629c5776096a5c5b57e8f3ca7faa649 148816 chromium-browser_68.0.3440.75-1.debian.tar.xz 76f4d8b04e1ecbe2c51aaf59c0504f2ad96ca9d9 19590 chromium-browser_68.0.3440.75-1_source.buildinfo Checksums-Sha256: da6c13feef27b076518a5bae60f5c2ee74eab4bbe29d134f8e46ed3d7f02ab75 4202 chromium-browser_68.0.3440.75-1.dsc d5b196eab81459271f4ae98bcb96c6ce032f8c3bce53a111d6c47d99a3c09575 209142896 chromium-browser_68.0.3440.75.orig.tar.xz a62b3bb50ea631e09215044b42272cfd31192685cb500102f95c0b7a78098bc3 148816 chromium-browser_68.0.3440.75-1.debian.tar.xz 8b9549d85f73c282846e7b8e0be7d93f402c3b2a56baa5e8843307c91a9c0653 19590 chromium-browser_68.0.3440.75-1_source.buildinfo Files: f329bef1dfa10305130a35353d047ad2 4202 web optional chromium-browser_68.0.3440.75-1.dsc 7d48d695075a2c034bb58d830ed21ac7 209142896 web optional chromium-browser_68.0.3440.75.orig.tar.xz d7470ba377ef7d5ed095e48db6c19a82 148816 web optional chromium-browser_68.0.3440.75-1.debian.tar.xz d9ee4c79f6febef797f98e5946ff540c 19590 web optional chromium-browser_68.0.3440.75-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAltYck4ACgkQuNayzQLW 9HNJDx//QpCcMp/tAh3Euu2bONNl21gLRkBZrfS9XNGnRRGg/ZDBoQCsU9T843Qb LI1bZHcKmqiZfkAysIjTYNSf+JNometBL9YP0AvVxluYAYY5Fh8VC5Dhp/CcQ/uC UR/SJqsNU56EaAeqdQtgPjIy5D44lsXo0QbTIsjoUZYgZp9fN/KhPTmBlYoj7pSn ykjdQVp7ykpJetOKA9GYDoGDSZO21U48NEEuHSkwwW/zPuIeG0Pk+35F15a5yzLT LcjlKuXTFnUaFNqiKEG7sW/PF+4EWS+pfZ0px+IVdacIOiz3elzywRbp6yUR5VFi 5NkfCYlVrQYAnrNF8LQRp0BrQyxl4plNq4s5XOnzh4CO++7h2mN0Y7bGvYnPTGj7 wKXppS+ATIU/dqVsZYjYzEzQUzkhbjDgB2aatqEmz5U31paJ2/+d1pfZ8WBD0nxE pcNZXVmG8xVWlFa4Ez7O/cMebvXptnKz1ipe5i5QOX3xw4yo4iD2gDDqhYRT9FlD 185qSuE/C6qOFKGkOn7gjN1X6oofgyvCct15pLXiTlsPLIWAnU1cu9QTR1Gw7wH8 q1/9FgaL54BCoelbFNCOLvcych3c78+NciGtkpj0M1C10RU2bsNM7lxpRr4ADGTb m4mrIImZGTl22dRyPXkv3hbvuI+jtzhDroIcX/Gm2WavoqHOAORejD0RO72gzvKa m5QShCbNZ1GeODlgKWSEzxZYUSRT34W2+CSqdNToamArxaSamG0QL3FeC5iCgVO+ JTYURT8jMy1SPYn6k7bCqIIpWUYBsL57mrmkphOilxcZzEXndcVInWuT2XLIZapa 60GnXWw9kYH8TaHDQSVUYfIe8aCgesjg7X1PSlKt1cpfP/suAybnutR4qrGb8fpu N8ki6UfBF2/qjsksVMWTQn4TiP3gwnwtvZWzvof8CR4dZiI9IgUo7JjCrPPCiW65 FWFA5KnWXwaNLMB/mf+EHRvni+2GVbSma1VLDlGEd2brbM4JF8+BTlVzyJwsAQpQ qJPrjE0ehent8bZeGSyx548b7GXC66y61WpZnC2Tn3xq+B7R+FRL/45/Mnui+6yT AcpD8A0isEPEfba9/SfI0NGj9vgRR8lZ1UtwjsUuqCE4txyOr3Ih3gaHCEqvq/g8 HVQO1uhofeZFOxibYEXilIRAzg8PVFL7tp6I10bSPB3QMzQYGvc33JYnU/NXJxJt mUI9IvVIR0p0vjd2GJYbRkwu9auXDOuzy76ax2apfSaZbtWszAPOZRellNlCWOCE VYH6c5tk/2ETZ3NiHHJryfdwdBkcI1BjPS58boa6sHvaG7tw6HacT4B6vBOU6rKR hV3xqzahp9eKLMMtHL+I/wENbr6c3Q== =lL0B -----END PGP SIGNATURE-----