Comment 1 for bug 1490237

This bug was fixed in the package chromium-browser - 45.0.2454.85-0ubuntu0.15.04.1.1181

---------------
chromium-browser (45.0.2454.85-0ubuntu0.15.04.1.1181) vivid-security; urgency=medium

  * Upstream release 45.0.2454.85:
    - CVE-2015-1291: Cross-origin bypass in DOM.
    - CVE-2015-1292: Cross-origin bypass in ServiceWorker.
    - CVE-2015-1293: Cross-origin bypass in DOM.
    - CVE-2015-1294: Use-after-free in Skia.
    - CVE-2015-1295: Use-after-free in Printing.
    - CVE-2015-1296: Character spoofing in omnibox.
    - CVE-2015-1297: Permission scoping error in WebRequest.
    - CVE-2015-1298: URL validation error in extensions.
    - CVE-2015-1299: Use-after-free in Blink.
    - CVE-2015-1300: Information leak in Blink.
    - CVE-2015-1301: Various fixes from internal audits, fuzzing and other
      initiatives.
  * debian/patches/search-credit.patch: Don't add GET param if search URL
    doesn't already use them. (LP: #1490237)
  * debian/source/lintian-overrides: Ignore new binaries in orig tar.
  * debian/patches/gpu_default_disabled: No longer disable GPU rendering by
    default.
  * debian/patches/disable-sse2: SSE exclusion is smarter now. Re-include.

 -- Chad MILLER <email address hidden> Mon, 14 Sep 2015 20:11:00 -0400