chromium-browser (43.0.2357.130-0ubuntu0.15.04.1.1174) vivid-security; urgency=medium
[Chad Miller]
* Upstream release 43.0.2357.130:
- CVE-2015-1266: Scheme validation error in WebUI.
- CVE-2015-1268: Cross-origin bypass in Blink.
- CVE-2015-1267: Cross-origin bypass in Blink.
- CVE-2015-1269: Normalization error in HSTS/HPKP preload list.
* debian/tests/smoketest-actual: Capture web-server log so we can
get port and test retreival. Fixes autopkgtest failures.
* debian/patches/widevine-other-locations: Search Chrome install
location to find widevine plugins.
* Use new Flash plugin name in apport collector.
* debian/patches/gpu_default_disabled: Make GPU activation a (default off)
preference instead of blacklisting.
[Iain Lane]
* Test fixes.
* debian/tests/control: Add a test-dep on python3-httplib2 and dbus-x11
which are required by the testsuite.
* debian/tests/smoketest-actual: Redirect webserver-out and webserver-err so
that the test can read these.
-- Chad MILLER <email address hidden> Mon, 29 Jun 2015 15:54:16 -0400