Change log for chromium-browser package in Ubuntu
| 1 → 75 of 614 results | First • Previous • Next • Last |
| Published in oracular-release |
| Published in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
chromium-browser (2:1snap1-0ubuntu2) noble; urgency=low
* d/control: Add chromium to Provides (LP:2060094).
- An autosynced Debian package added a dependency on it.
Thanks to Jemery Bicha for noticing and suggesting the change.
-- Nathan Pratta Teodosio <email address hidden> Wed, 03 Apr 2024 08:42:36 +0200
Available diffs
- diff from 2:1snap1-0ubuntu1 to 2:1snap1-0ubuntu2 (588 bytes)
chromium-browser (2:1snap1-0ubuntu1) noble; urgency=low * Modify the version scheme of the package (LP: #2007702). Epoch bumped to 2. Since this is a package that install the Chromium snap, there is no point in updating it just for the sake of the version number whenever there is a new Chromium release. On the other hand, we don't want to leave it stuck in a number such as 85 because it misleads users into believing the package will install Chromium 85, which would be severily outdated. -- Nathan Pratta Teodosio <email address hidden> Mon, 13 Nov 2023 10:20:10 +0100
Available diffs
chromium-browser (112.0.5615.49-0ubuntu0.18.04.1) bionic; urgency=medium * Upstream release: 112.0.5615.49. -- Nathan Pratta Teodosio <email address hidden> Mon, 10 Apr 2023 08:59:04 -0300
Available diffs
- diff from 111.0.5563.64-0ubuntu0.18.04.5 to 112.0.5615.49-0ubuntu0.18.04.1 (pending)
- diff from 112.0.5615.39+1-0ubuntu0.18.04.14 to 112.0.5615.49-0ubuntu0.18.04.1 (pending)
chromium-browser (111.0.5563.64-0ubuntu0.18.04.5) bionic; urgency=medium * Upstream release: 111.0.5563.64. * d/p/widevine-enable-*.patch: extended for ARM. * d/p/partition-allocator-missing-ioctl.patch: refreshed. -- Nathan Pratta Teodosio <email address hidden> Thu, 19 Jan 2023 10:13:40 -0300
Available diffs
- diff from 110.0.5481.100-0ubuntu0.18.04.1 to 111.0.5563.64-0ubuntu0.18.04.5 (pending)
chromium-browser (110.0.5481.100-0ubuntu0.18.04.1) bionic; urgency=medium * Upstream release: 110.0.5481.100. * d/p/warning-to-error.patch: refreshed. * Refreshed patches hunks. -- Nathan Pratta Teodosio <email address hidden> Thu, 16 Feb 2023 10:13:40 -0300
Available diffs
- diff from 109.0.5414.74-0ubuntu0.18.04.14 to 110.0.5481.100-0ubuntu0.18.04.1 (pending)
- diff from 110.0.5481.77-0ubuntu0.18.04.1 to 110.0.5481.100-0ubuntu0.18.04.1 (36.2 KiB)
chromium-browser (1:85.0.4183.83-0ubuntu0.20.04.3) focal; urgency=medium
[ Olivier Tilloy ]
* debian/apport/chromium-browser.py: update the apport hook to collect
up-to-date information from the chromium snap (LP: #1993191)
-- Nathan Pratta Teodosio <email address hidden> Mon, 17 Oct 2022 18:53:30 +0200
Available diffs
chromium-browser (1:85.0.4183.83-0ubuntu2.22.10.1) kinetic; urgency=medium
[ Olivier Tilloy ]
* debian/apport/chromium-browser.py: update the apport hook to collect
up-to-date information from the chromium snap (LP: #1993191)
-- Nathan Pratta Teodosio <email address hidden> Mon, 17 Oct 2022 18:53:30 +0200
Available diffs
chromium-browser (1:85.0.4183.83-0ubuntu2.22.04.1) jammy; urgency=medium
[ Olivier Tilloy ]
* debian/apport/chromium-browser.py: update the apport hook to collect
up-to-date information from the chromium snap (LP: #1993191)
-- Nathan Pratta Teodosio <email address hidden> Mon, 17 Oct 2022 18:53:30 +0200
Available diffs
| Superseded in noble-release |
| Published in mantic-release |
| Published in lunar-release |
| Deleted in lunar-proposed (Reason: Moved to lunar) |
chromium-browser (1:85.0.4183.83-0ubuntu3) lunar; urgency=medium
[ Olivier Tilloy ]
* debian/apport/chromium-browser.py: update the apport hook to collect
up-to-date information from the chromium snap (LP: #1993191)
-- Nathan Pratta Teodosio <email address hidden> Mon, 17 Oct 2022 18:53:30 +0200
Available diffs
chromium-browser (109.0.5414.74-0ubuntu0.18.04.14) bionic; urgency=medium
* Upstream release: 109.0.5414.74.
* d/p/constexpr-doesnt-*.patch: refreshed & hunk added.
* d/p/build-with-old-libva-no-av1.patch: refreshed.
* d/p/c-std-17.patch: refreshed.
* d/p/gsimple-template-names.patch: added.
* d/p/use-python3-7.patch: added.
* d/p/warning-to-error.patch: added back with narrowing disable.
* d/rules:
- delete use_allocator and use_allocator_shim from common_defines.
- symbol_level 1->0.
* d/control:
- Python 3.7 is build dependency.
-- Nathan Pratta Teodosio <email address hidden> Fri, 13 Jan 2023 08:28:33 -0300
Available diffs
- diff from 108.0.5359.71-0ubuntu0.18.04.5 to 109.0.5414.74-0ubuntu0.18.04.14 (pending)
- diff from 109.0.5414.74-0ubuntu0.18.04.13 to 109.0.5414.74-0ubuntu0.18.04.14 (1.2 KiB)
chromium-browser (108.0.5359.71-0ubuntu0.18.04.5) bionic; urgency=medium * Upstream release: 108.0.5359.71. * d/p/libaom-armhf-build-cpudetect.patch: dropped. * d/p/c-std-17.patch: added. * d/p/undefined-mulodi4.patch: added * d/p/suppress-newer-clang-warning-flags.patch: refreshed. * d/control: add qt5-default. * chromium-browser.sh.in: enable page translation. -- Nathan Pratta Teodosio <email address hidden> Thu, 01 Dec 2022 07:25:00 -0300
Available diffs
- diff from 107.0.5304.87-0ubuntu11.18.04.1 to 108.0.5359.71-0ubuntu0.18.04.5 (67.4 MiB)
- diff from 108.0.5359.71-0ubuntu0.18.04.4 to 108.0.5359.71-0ubuntu0.18.04.5 (pending)
chromium-browser (107.0.5304.87-0ubuntu11.18.04.1) bionic; urgency=medium * constexpr-doesnt-produce-constant-expression.patch: added -- Nathan Pratta Teodosio <email address hidden> Mon, 02 Oct 2022 19:41:59 -0200
Available diffs
- diff from 105.0.5195.102-0ubuntu0.18.04.1 to 107.0.5304.87-0ubuntu11.18.04.1 (pending)
- diff from 107.0.5304.87-0ubuntu10.18.04.1 to 107.0.5304.87-0ubuntu11.18.04.1 (807 bytes)
chromium-browser (105.0.5195.102-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 105.0.5195.102
- CVE-2022-3075: Insufficient data validation in Mojo.
-- Nathan Pratta Teodosio <email address hidden> Tue, 06 Sep 2022 11:57:11 -0300
Available diffs
- diff from 104.0.5112.101-0ubuntu0.18.04.1 to 105.0.5195.102-0ubuntu0.18.04.1 (pending)
- diff from 105.0.5195.52-0ubuntu0.18.04.1 to 105.0.5195.102-0ubuntu0.18.04.1 (11.3 MiB)
chromium-browser (104.0.5112.101-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 104.0.5112.101
- CVE-2022-2852: Use after free in FedCM.
- CVE-2022-2854: Use after free in SwiftShader.
- CVE-2022-2855: Use after free in ANGLE.
- CVE-2022-2857: Use after free in Blink.
- CVE-2022-2858: Use after free in Sign-In Flow.
- CVE-2022-2853: Heap buffer overflow in Downloads.
- CVE-2022-2856: Insufficient validation of untrusted input in Intents.
- CVE-2022-2859: Use after free in Chrome OS Shell.
- CVE-2022-2860: Insufficient policy enforcement in Cookies.
- CVE-2022-2861: Inappropriate implementation in Extensions API.
-- Olivier Tilloy <email address hidden> Wed, 17 Aug 2022 09:22:37 +0200
Available diffs
chromium-browser (103.0.5060.134-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 103.0.5060.134
- CVE-2022-2477 : Use after free in Guest View.
- CVE-2022-2478 : Use after free in PDF.
- CVE-2022-2479 : Insufficient validation of untrusted input in File.
- CVE-2022-2480 : Use after free in Service Worker API.
- CVE-2022-2481: Use after free in Views.
- CVE-2022-2163: Use after free in Cast UI and Toolbar.
-- Olivier Tilloy <email address hidden> Wed, 20 Jul 2022 07:09:27 +0200
Available diffs
chromium-browser (101.0.4951.64-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 101.0.4951.64
- CVE-2022-1633: Use after free in Sharesheet.
- CVE-2022-1634: Use after free in Browser UI.
- CVE-2022-1635: Use after free in Permission Prompts.
- CVE-2022-1636: Use after free in Performance APIs.
- CVE-2022-1637: Inappropriate implementation in Web Contents.
- CVE-2022-1638: Heap buffer overflow in V8 Internationalization.
- CVE-2022-1639: Use after free in ANGLE.
- CVE-2022-1640: Use after free in Sharing.
- CVE-2022-1641: Use after free in Web UI Diagnostics.
-- Olivier Tilloy <email address hidden> Wed, 11 May 2022 09:49:30 +0200
Available diffs
- diff from 100.0.4896.127-0ubuntu0.18.04.1 to 101.0.4951.64-0ubuntu0.18.04.1 (pending)
- diff from 101.0.4951.54-0ubuntu0.18.04.1 to 101.0.4951.64-0ubuntu0.18.04.1 (pending)
chromium-browser (100.0.4896.127-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 100.0.4896.127
- CVE-2022-1364: Type Confusion in V8.
-- Olivier Tilloy <email address hidden> Fri, 15 Apr 2022 09:07:28 +0200
Available diffs
- diff from 99.0.4844.84-0ubuntu0.18.04.1 to 100.0.4896.127-0ubuntu0.18.04.1 (pending)
- diff from 100.0.4896.88-0ubuntu0.18.04.1 to 100.0.4896.127-0ubuntu0.18.04.1 (pending)
chromium-browser (99.0.4844.84-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 99.0.4844.84
- CVE-2022-1096: Type Confusion in V8.
-- Olivier Tilloy <email address hidden> Sat, 26 Mar 2022 14:32:42 +0100
Available diffs
- diff from 99.0.4844.51-0ubuntu0.18.04.1 to 99.0.4844.84-0ubuntu0.18.04.1 (pending)
- diff from 99.0.4844.82-0ubuntu0.18.04.1 to 99.0.4844.84-0ubuntu0.18.04.1 (pending)
chromium-browser (99.0.4844.51-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 99.0.4844.51
- CVE-2022-0789: Heap buffer overflow in ANGLE.
- CVE-2022-0790: Use after free in Cast UI.
- CVE-2022-0791: Use after free in Omnibox.
- CVE-2022-0792: Out of bounds read in ANGLE.
- CVE-2022-0793: Use after free in Views.
- CVE-2022-0794: Use after free in WebShare.
- CVE-2022-0795: Type Confusion in Blink Layout.
- CVE-2022-0796: Use after free in Media.
- CVE-2022-0797: Out of bounds memory access in Mojo.
- CVE-2022-0798: Use after free in MediaStream.
- CVE-2022-0799: Insufficient policy enforcement in Installer.
- CVE-2022-0800: Heap buffer overflow in Cast UI.
- CVE-2022-0801: Inappropriate implementation in HTML parser.
- CVE-2022-0802: Inappropriate implementation in Full screen mode.
- CVE-2022-0803: Inappropriate implementation in Permissions.
- CVE-2022-0804: Inappropriate implementation in Full screen mode.
- CVE-2022-0805: Use after free in Browser Switcher.
- CVE-2022-0806: Data leak in Canvas.
- CVE-2022-0807: Inappropriate implementation in Autofill.
- CVE-2022-0808: Use after free in Chrome OS Shell.
- CVE-2022-0809: Out of bounds memory access in WebXR.
* debian/rules: exclude unnecessary build artifacts (LP: #1961565)
* debian/patches/arm64-no-pointer-authentication.patch: added
* debian/patches/build-with-old-libva-missing-defines.patch: refreshed
* debian/patches/build-with-old-libva-no-av1.patch: refreshed
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/define__libc_malloc.patch: updated
* debian/patches/gn-no-std-equal_to.patch: added
* debian/patches/libaom-armhf-build-cpudetect.patch: refreshed
* debian/patches/revert-sequence-checker-capability-name.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
* debian/patches/use-clang-versioned.patch: refreshed
* debian/patches/widevine-enable-version-string.patch: refreshed
-- Olivier Tilloy <email address hidden> Tue, 01 Mar 2022 21:43:44 +0100
Available diffs
- diff from 97.0.4692.71-0ubuntu0.18.04.1 to 99.0.4844.51-0ubuntu0.18.04.1 (pending)
- diff from 98.0.4758.102-0ubuntu0.18.04.1 to 99.0.4844.51-0ubuntu0.18.04.1 (pending)
chromium-browser (97.0.4692.71-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 97.0.4692.71
- CVE-2022-0096: Use after free in Storage.
- CVE-2022-0097: Inappropriate implementation in DevTools.
- CVE-2022-0098: Use after free in Screen Capture.
- CVE-2022-0099: Use after free in Sign-in.
- CVE-2022-0100: Heap buffer overflow in Media streams API.
- CVE-2022-0101: Heap buffer overflow in Bookmarks.
- CVE-2022-0102: Type Confusion in V8.
- CVE-2022-0103: Use after free in SwiftShader.
- CVE-2022-0104: Heap buffer overflow in ANGLE.
- CVE-2022-0105: Use after free in PDF.
- CVE-2022-0106: Use after free in Autofill.
- CVE-2022-0107: Use after free in File Manager API.
- CVE-2022-0108: Inappropriate implementation in Navigation.
- CVE-2022-0109: Inappropriate implementation in Autofill.
- CVE-2022-0110: Incorrect security UI in Autofill.
- CVE-2022-0111: Inappropriate implementation in Navigation.
- CVE-2022-0112: Incorrect security UI in Browser UI.
- CVE-2022-0113: Inappropriate implementation in Blink.
- CVE-2022-0114: Out of bounds memory access in Web Serial.
- CVE-2022-0115: Uninitialized Use in File API.
- CVE-2022-0116: Inappropriate implementation in Compositing.
- CVE-2022-0117: Policy bypass in Service Workers.
- CVE-2022-0118: Inappropriate implementation in WebShare.
- CVE-2022-0120: Inappropriate implementation in Passwords.
* debian/patches/blink-math-constexpr.patch: added
* debian/patches/blink-math-constexpr2.patch: added
* debian/patches/build-with-old-libva-missing-defines.patch: refreshed
* debian/patches/build-with-old-libva-no-av1.patch: refreshed
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/use-clang-versioned.patch: updated
* debian/patches/widevine-other-locations: refreshed
-- Olivier Tilloy <email address hidden> Fri, 07 Jan 2022 21:05:03 +0100
Available diffs
- diff from 95.0.4638.69-0ubuntu0.18.04.1 to 97.0.4692.71-0ubuntu0.18.04.1 (pending)
- diff from 96.0.4664.110-0ubuntu0.18.04.1 to 97.0.4692.71-0ubuntu0.18.04.1 (pending)
chromium-browser (95.0.4638.69-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 95.0.4638.69
- CVE-2021-37997 : Use after free in Sign-In.
- CVE-2021-37998 : Use after free in Garbage Collection.
- CVE-2021-37999 : Insufficient data validation in New Tab Page.
- CVE-2021-38000 : Insufficient validation of untrusted input in Intents.
- CVE-2021-38001 : Type Confusion in V8.
- CVE-2021-38002 : Use after free in Web Transport.
- CVE-2021-38003 : Inappropriate implementation in V8.
-- Olivier Tilloy <email address hidden> Fri, 29 Oct 2021 12:13:58 +0200
Available diffs
chromium-browser (94.0.4606.81-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 94.0.4606.81
- CVE-2021-37977 : Use after free in Garbage Collection.
- CVE-2021-37978 : Heap buffer overflow in Blink.
- CVE-2021-37979 : Heap buffer overflow in WebRTC.
- CVE-2021-37980 : Inappropriate implementation in Sandbox.
-- Olivier Tilloy <email address hidden> Fri, 08 Oct 2021 10:54:21 +0200
Available diffs
chromium-browser (94.0.4606.71-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 94.0.4606.71
- CVE-2021-37974 : Use after free in Safe Browsing.
- CVE-2021-37975 : Use after free in V8.
- CVE-2021-37976 : Information leak in core.
-- Olivier Tilloy <email address hidden> Fri, 01 Oct 2021 06:56:50 +0200
Available diffs
chromium-browser (93.0.4577.63-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 93.0.4577.63
- CVE-2021-30606: Use after free in Blink.
- CVE-2021-30607: Use after free in Permissions.
- CVE-2021-30608: Use after free in Web Share.
- CVE-2021-30609: Use after free in Sign-In.
- CVE-2021-30610: Use after free in Extensions API.
- CVE-2021-30611: Use after free in WebRTC.
- CVE-2021-30612: Use after free in WebRTC.
- CVE-2021-30613: Use after free in Base internals.
- CVE-2021-30614: Heap buffer overflow in TabStrip.
- CVE-2021-30615: Cross-origin data leak in Navigation.
- CVE-2021-30616: Use after free in Media.
- CVE-2021-30617: Policy bypass in Blink.
- CVE-2021-30618: Inappropriate implementation in DevTools.
- CVE-2021-30619: UI Spoofing in Autofill.
- CVE-2021-30620: Insufficient policy enforcement in Blink.
- CVE-2021-30621: UI Spoofing in Autofill.
- CVE-2021-30622: Use after free in WebApp Installs.
- CVE-2021-30623: Use after free in Bookmarks.
- CVE-2021-30624: Use after free in Autofill.
* debian/patches/build-with-old-libva-missing-defines.patch: refreshed
* debian/patches/build-with-old-libva-no-av1.patch: refreshed
* debian/patches/enable-chromecast-by-default.patch: removed, no longer needed
* debian/patches/libaom-armhf-build-cpudetect.patch: refreshed
* debian/patches/no-dirmd.patch: refreshed
* debian/patches/qualify-ambiguous-name-lookup.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/use-clang-versioned.patch: refreshed
* debian/patches/v8-add-missing-constexpr-arm64.patch: removed, no longer
needed (upstreamed)
* debian/patches/widevine-enable-version-string.patch: refreshed
-- Olivier Tilloy <email address hidden> Wed, 25 Aug 2021 13:05:12 +0200
Available diffs
chromium-browser (92.0.4515.159-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 92.0.4515.159
- CVE-2021-30598: Type Confusion in V8.
- CVE-2021-30599: Type Confusion in V8.
- CVE-2021-30600: Use after free in Printing.
- CVE-2021-30601: Use after free in Extensions API.
- CVE-2021-30602: Use after free in WebRTC.
- CVE-2021-30603: Race in WebAudio.
- CVE-2021-30604: Use after free in ANGLE.
-- Olivier Tilloy <email address hidden> Tue, 17 Aug 2021 09:23:53 +0200
Available diffs
chromium-browser (91.0.4472.101-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 91.0.4472.101
- CVE-2021-30544: Use after free in BFCache.
- CVE-2021-30545: Use after free in Extensions.
- CVE-2021-30546: Use after free in Autofill.
- CVE-2021-30547: Out of bounds write in ANGLE.
- CVE-2021-30548: Use after free in Loader.
- CVE-2021-30549: Use after free in Spell check.
- CVE-2021-30550: Use after free in Accessibility.
- CVE-2021-30551: Type Confusion in V8.
- CVE-2021-30552: Use after free in Extensions.
- CVE-2021-30553: Use after free in Network service.
-- Olivier Tilloy <email address hidden> Thu, 10 Jun 2021 22:21:25 +0200
Available diffs
chromium-browser (91.0.4472.77-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 91.0.4472.77
- CVE-2021-30521: Heap buffer overflow in Autofill.
- CVE-2021-30522: Use after free in WebAudio.
- CVE-2021-30523: Use after free in WebRTC.
- CVE-2021-30524: Use after free in TabStrip.
- CVE-2021-30525: Use after free in TabGroups.
- CVE-2021-30526: Out of bounds write in TabStrip.
- CVE-2021-30527: Use after free in WebUI.
- CVE-2021-30528: Use after free in WebAuthentication.
- CVE-2021-30529: Use after free in Bookmarks.
- CVE-2021-30530: Out of bounds memory access in WebAudio.
- CVE-2021-30531: Insufficient policy enforcement in Content Security Policy.
- CVE-2021-30532: Insufficient policy enforcement in Content Security Policy.
- CVE-2021-30533: Insufficient policy enforcement in PopupBlocker.
- CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox.
- CVE-2021-30535: Double free in ICU.
- CVE-2021-21212: Insufficient data validation in networking.
- CVE-2021-30536: Out of bounds read in V8.
- CVE-2021-30537: Insufficient policy enforcement in cookies.
- CVE-2021-30538: Insufficient policy enforcement in content security policy.
- CVE-2021-30539: Insufficient policy enforcement in content security policy.
- CVE-2021-30540: Incorrect security UI in payments.
* debian/control: add a build dependency on libcurl4-openssl-dev
* debian/patches/build-with-old-libva-missing-defines.patch: refreshed
* debian/patches/build-with-old-libva-no-av1.patch: updated
* debian/patches/closure-compiler-use-system-wide-java.patch: added
* debian/patches/gn-no-last-commit-position.patch: refreshed
* debian/patches/node-use-system-wide.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
* debian/patches/use-clang-versioned.patch: refreshed
* debian/patches/widevine-enable-version-string.patch: refreshed
-- Olivier Tilloy <email address hidden> Wed, 26 May 2021 13:02:18 +0200
Available diffs
chromium-browser (90.0.4430.93-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 90.0.4430.93
- CVE-2021-21227: Insufficient data validation in V8.
- CVE-2021-21232: Use after free in Dev Tools.
- CVE-2021-21233: Heap buffer overflow in ANGLE.
- CVE-2021-21228: Insufficient policy enforcement in extensions.
- CVE-2021-21229: Incorrect security UI in downloads.
- CVE-2021-21230: Type Confusion in V8.
- CVE-2021-21231: Insufficient data validation in V8.
-- Olivier Tilloy <email address hidden> Wed, 28 Apr 2021 10:01:55 +0200
Available diffs
chromium-browser (90.0.4430.72-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 90.0.4430.72
- CVE-2021-21201: Use after free in permissions.
- CVE-2021-21202: Use after free in extensions.
- CVE-2021-21203: Use after free in Blink.
- CVE-2021-21204: Use after free in Blink.
- CVE-2021-21205: Insufficient policy enforcement in navigation.
- CVE-2021-21221: Insufficient validation of untrusted input in Mojo.
- CVE-2021-21207: Use after free in IndexedDB.
- CVE-2021-21208: Insufficient data validation in QR scanner.
- CVE-2021-21209: Inappropriate implementation in storage.
- CVE-2021-21210: Inappropriate implementation in Network.
- CVE-2021-21211: Inappropriate implementation in Navigation.
- CVE-2021-21212: Incorrect security UI in Network Config UI.
- CVE-2021-21213: Use after free in WebMIDI.
- CVE-2021-21214: Use after free in Network API.
- CVE-2021-21215: Inappropriate implementation in Autofill.
- CVE-2021-21216: Inappropriate implementation in Autofill.
- CVE-2021-21217: Uninitialized Use in PDFium.
- CVE-2021-21218: Uninitialized Use in PDFium.
- CVE-2021-21219: Uninitialized Use in PDFium.
* debian/patches/build-with-old-libva.patch: refreshed and renamed to
debian/patches/build-with-old-libva-missing-defines.patch
* debian/patches/build-with-old-libva-no-av1.patch: added
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/define__libc_malloc.patch: refreshed
* debian/patches/disable-sse2: removed, no longer needed
* debian/patches/libaom-armhf-build-cpudetect.patch: added
* debian/patches/revert-sequence-checker-capability-name.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/use-clang-versioned.patch: refreshed
* debian/patches/widevine-enable-version-string.patch: refreshed
* debian/patches/widevine-other-locations: refreshed
-- Olivier Tilloy <email address hidden> Thu, 15 Apr 2021 12:25:19 +0200
Available diffs
chromium-browser (90.0.4430.72-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 90.0.4430.72
- CVE-2021-21201: Use after free in permissions.
- CVE-2021-21202: Use after free in extensions.
- CVE-2021-21203: Use after free in Blink.
- CVE-2021-21204: Use after free in Blink.
- CVE-2021-21205: Insufficient policy enforcement in navigation.
- CVE-2021-21221: Insufficient validation of untrusted input in Mojo.
- CVE-2021-21207: Use after free in IndexedDB.
- CVE-2021-21208: Insufficient data validation in QR scanner.
- CVE-2021-21209: Inappropriate implementation in storage.
- CVE-2021-21210: Inappropriate implementation in Network.
- CVE-2021-21211: Inappropriate implementation in Navigation.
- CVE-2021-21212: Incorrect security UI in Network Config UI.
- CVE-2021-21213: Use after free in WebMIDI.
- CVE-2021-21214: Use after free in Network API.
- CVE-2021-21215: Inappropriate implementation in Autofill.
- CVE-2021-21216: Inappropriate implementation in Autofill.
- CVE-2021-21217: Uninitialized Use in PDFium.
- CVE-2021-21218: Uninitialized Use in PDFium.
- CVE-2021-21219: Uninitialized Use in PDFium.
* debian/patches/blink-animation-old-clang-compatibility.patch: added
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/define__libc_malloc.patch: refreshed
* debian/patches/disable-sse2: removed, no longer needed
* debian/patches/evdev-undefined-switch.patch: added
* debian/patches/fix-c++17ism.patch: refreshed
* debian/patches/gtk-symbols-conditional.patch: refreshed
* debian/patches/import-missing-fcntl-defines.patch: updated
* debian/patches/libaom-armhf-build-cpudetect.patch: added
* debian/patches/revert-getrandom.patch: refreshed
* debian/patches/revert-sequence-checker-capability-name.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/use-clang-versioned.patch: refreshed
* debian/patches/wayland-scanner-add-missing-include.patch: refreshed
* debian/patches/widevine-enable-version-string.patch: refreshed
* debian/patches/widevine-other-locations: refreshed
-- Olivier Tilloy <email address hidden> Thu, 15 Apr 2021 12:08:22 +0200
Available diffs
chromium-browser (89.0.4389.90-0ubuntu0.16.04.2) xenial; urgency=medium
* debian/control: add an explicit runtime dependency on libx11-xcb1
(LP: #1919146)
-- Olivier Tilloy <email address hidden> Thu, 18 Mar 2021 15:10:59 +0100
Available diffs
chromium-browser (89.0.4389.90-0ubuntu0.18.04.2) bionic; urgency=medium
* debian/control: add an explicit runtime dependency on libx11-xcb1
(LP: #1919146)
-- Olivier Tilloy <email address hidden> Wed, 17 Mar 2021 18:52:33 +0100
Available diffs
- diff from 89.0.4389.82-0ubuntu0.18.04.1 to 89.0.4389.90-0ubuntu0.18.04.2 (302.5 KiB)
- diff from 89.0.4389.90-0ubuntu0.18.04.1 to 89.0.4389.90-0ubuntu0.18.04.2 (pending)
chromium-browser (89.0.4389.82-0ubuntu0.18.04.1) bionic; urgency=medium * Upstream release: 89.0.4389.82 -- Olivier Tilloy <email address hidden> Sun, 07 Mar 2021 06:47:29 +0100
Available diffs
chromium-browser (89.0.4389.82-0ubuntu0.16.04.1) xenial; urgency=medium * Upstream release: 89.0.4389.82 -- Olivier Tilloy <email address hidden> Sun, 07 Mar 2021 06:35:41 +0100
Available diffs
chromium-browser (87.0.4280.66-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 87.0.4280.66
- CVE-2020-16018: Use after free in payments.
- CVE-2020-16019: Inappropriate implementation in filesystem.
- CVE-2020-16020: Inappropriate implementation in cryptohome.
- CVE-2020-16021: Race in ImageBurner.
- CVE-2020-16022: Insufficient policy enforcement in networking.
- CVE-2020-16015: Insufficient data validation in WASM.
- CVE-2020-16014: Use after free in PPAPI.
- CVE-2020-16023: Use after free in WebCodecs.
- CVE-2020-16024: Heap buffer overflow in UI.
- CVE-2020-16025: Heap buffer overflow in clipboard.
- CVE-2020-16026: Use after free in WebRTC.
- CVE-2020-16027: Insufficient policy enforcement in developer tools.
- CVE-2020-16028: Heap buffer overflow in WebRTC.
- CVE-2020-16029: Inappropriate implementation in PDFium.
- CVE-2020-16030: Insufficient data validation in Blink.
- CVE-2019-8075: Insufficient data validation in Flash.
- CVE-2020-16031: Incorrect security UI in tab preview.
- CVE-2020-16032: Incorrect security UI in sharing.
- CVE-2020-16033: Incorrect security UI in WebUSB.
- CVE-2020-16034: Inappropriate implementation in WebRTC.
- CVE-2020-16035: Insufficient data validation in cros-disks.
- CVE-2020-16012: Side-channel information leakage in graphics.
- CVE-2020-16036: Inappropriate implementation in cookies.
* debian/rules: set chrome_pgo_phase build flag to 0 to disable PGO, because
the upstream profile data is not compatible with the version of clang used
to build chromium
* debian/patches/default-allocator: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/use-clang-versioned.patch: refreshed
-- Olivier Tilloy <email address hidden> Tue, 17 Nov 2020 23:14:09 +0100
Available diffs
- diff from 84.0.4147.105-0ubuntu0.18.04.1 to 87.0.4280.66-0ubuntu0.18.04.1 (206.0 MiB)
- diff from 86.0.4240.198-0ubuntu0.18.04.1 to 87.0.4280.66-0ubuntu0.18.04.1 (pending)
chromium-browser (87.0.4280.66-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 87.0.4280.66
- CVE-2020-16018: Use after free in payments.
- CVE-2020-16019: Inappropriate implementation in filesystem.
- CVE-2020-16020: Inappropriate implementation in cryptohome.
- CVE-2020-16021: Race in ImageBurner.
- CVE-2020-16022: Insufficient policy enforcement in networking.
- CVE-2020-16015: Insufficient data validation in WASM.
- CVE-2020-16014: Use after free in PPAPI.
- CVE-2020-16023: Use after free in WebCodecs.
- CVE-2020-16024: Heap buffer overflow in UI.
- CVE-2020-16025: Heap buffer overflow in clipboard.
- CVE-2020-16026: Use after free in WebRTC.
- CVE-2020-16027: Insufficient policy enforcement in developer tools.
- CVE-2020-16028: Heap buffer overflow in WebRTC.
- CVE-2020-16029: Inappropriate implementation in PDFium.
- CVE-2020-16030: Insufficient data validation in Blink.
- CVE-2019-8075: Insufficient data validation in Flash.
- CVE-2020-16031: Incorrect security UI in tab preview.
- CVE-2020-16032: Incorrect security UI in sharing.
- CVE-2020-16033: Incorrect security UI in WebUSB.
- CVE-2020-16034: Inappropriate implementation in WebRTC.
- CVE-2020-16035: Insufficient data validation in cros-disks.
- CVE-2020-16012: Side-channel information leakage in graphics.
- CVE-2020-16036: Inappropriate implementation in cookies.
* debian/rules: set chrome_pgo_phase build flag to 0 to disable PGO, because
the upstream profile data is not compatible with the version of clang used
to build chromium
* debian/patches/default-allocator: refreshed
* debian/patches/fix-different-language-linkage-error.patch: removed, no
longer needed
* debian/patches/fix-ptrace-header-include.patch:Â refreshed
* debian/patches/gtk-symbols-conditional.patch: updated
* debian/patches/revert-getrandom.patch: added
* debian/patches/revert-newer-xcb-requirement.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/stl-util-old-clang-compatibility.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/use-clang-versioned.patch: refreshed
-- Olivier Tilloy <email address hidden> Tue, 17 Nov 2020 23:09:47 +0100
Available diffs
- diff from 86.0.4240.198-0ubuntu0.16.04.1 to 87.0.4280.66-0ubuntu0.16.04.1 (pending)
chromium-browser (86.0.4240.198-0ubuntu0.18.04.1) bionic; urgency=medium
* Stable channel update: 86.0.4240.198
- CVE-2020-16013: Inappropriate implementation in V8.
- CVE-2020-16017: Use after free in site isolation.
-- Olivier Tilloy <email address hidden> Thu, 12 Nov 2020 07:20:39 +0100
Available diffs
- diff from 86.0.4240.75-0ubuntu0.18.04.1 to 86.0.4240.198-0ubuntu0.18.04.1 (pending)
- diff from 86.0.4240.193-0ubuntu0.18.04.1 to 86.0.4240.198-0ubuntu0.18.04.1 (pending)
chromium-browser (86.0.4240.198-0ubuntu0.16.04.1) xenial; urgency=medium
* Stable channel update: 86.0.4240.198
- CVE-2020-16013: Inappropriate implementation in V8.
- CVE-2020-16017: Use after free in site isolation.
-- Olivier Tilloy <email address hidden> Thu, 12 Nov 2020 07:13:56 +0100
Available diffs
- diff from 86.0.4240.75-0ubuntu0.16.04.1 to 86.0.4240.198-0ubuntu0.16.04.1 (pending)
- diff from 86.0.4240.193-0ubuntu0.16.04.1 to 86.0.4240.198-0ubuntu0.16.04.1 (pending)
chromium-browser (1:85.0.4183.83-0ubuntu0.20.04.2) focal; urgency=medium
[ Sébastien Bacher ]
* debian/apport/chromium-browser.py:
- the profile is now installed in the common directory (LP: #1900170)
-- Olivier Tilloy <email address hidden> Thu, 22 Oct 2020 18:07:20 +0200
Available diffs
| Superseded in lunar-release |
| Obsolete in kinetic-release |
| Published in jammy-release |
| Obsolete in impish-release |
| Obsolete in hirsute-release |
| Obsolete in groovy-release |
| Deleted in groovy-proposed (Reason: moved to Release) |
chromium-browser (1:85.0.4183.83-0ubuntu2) groovy; urgency=medium
[ Sébastien Bacher ]
* debian/apport/chromium-browser.py:
- the profile is now installed in the common directory (LP: #1900170)
-- Olivier Tilloy <email address hidden> Fri, 16 Oct 2020 18:46:11 +0200
Available diffs
chromium-browser (86.0.4240.75-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 86.0.4240.75
- CVE-2020-15967: Use after free in payments.
- CVE-2020-15968: Use after free in Blink.
- CVE-2020-15969: Use after free in WebRTC.
- CVE-2020-15970: Use after free in NFC.
- CVE-2020-15971: Use after free in printing.
- CVE-2020-15972: Use after free in audio.
- CVE-2020-15990: Use after free in autofill.
- CVE-2020-15991: Use after free in password manager.
- CVE-2020-15973: Insufficient policy enforcement in extensions.
- CVE-2020-15974: Integer overflow in Blink.
- CVE-2020-15975: Integer overflow in SwiftShader.
- CVE-2020-15976: Use after free in WebXR.
- CVE-2020-6557: Inappropriate implementation in networking.
- CVE-2020-15977: Insufficient data validation in dialogs.
- CVE-2020-15978: Insufficient data validation in navigation.
- CVE-2020-15979: Inappropriate implementation in V8.
- CVE-2020-15980: Insufficient policy enforcement in Intents.
- CVE-2020-15981: Out of bounds read in audio.
- CVE-2020-15982: Side-channel information leakage in cache.
- CVE-2020-15983: Insufficient data validation in webUI.
- CVE-2020-15984: Insufficient policy enforcement in Omnibox.
- CVE-2020-15985: Inappropriate implementation in Blink.
- CVE-2020-15986: Integer overflow in media.
- CVE-2020-15987: Use after free in WebRTC.
- CVE-2020-15992: Insufficient policy enforcement in networking.
- CVE-2020-15988: Insufficient policy enforcement in downloads.
- CVE-2020-15989: Uninitialized Use in PDFium.
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/default-allocator: refreshed
* debian/patches/disable-sse2: refreshed
* debian/patches/node-use-system-wide.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/touch-v35: updated
* debian/patches/widevine-enable-version-string.patch: refreshed
* debian/patches/widevine-other-locations: refreshed
-- Olivier Tilloy <email address hidden> Wed, 07 Oct 2020 22:13:11 +0200
Available diffs
- diff from 85.0.4183.121-0ubuntu0.18.04.1 to 86.0.4240.75-0ubuntu0.18.04.1 (pending)
chromium-browser (86.0.4240.75-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 86.0.4240.75
- CVE-2020-15967: Use after free in payments.
- CVE-2020-15968: Use after free in Blink.
- CVE-2020-15969: Use after free in WebRTC.
- CVE-2020-15970: Use after free in NFC.
- CVE-2020-15971: Use after free in printing.
- CVE-2020-15972: Use after free in audio.
- CVE-2020-15990: Use after free in autofill.
- CVE-2020-15991: Use after free in password manager.
- CVE-2020-15973: Insufficient policy enforcement in extensions.
- CVE-2020-15974: Integer overflow in Blink.
- CVE-2020-15975: Integer overflow in SwiftShader.
- CVE-2020-15976: Use after free in WebXR.
- CVE-2020-6557: Inappropriate implementation in networking.
- CVE-2020-15977: Insufficient data validation in dialogs.
- CVE-2020-15978: Insufficient data validation in navigation.
- CVE-2020-15979: Inappropriate implementation in V8.
- CVE-2020-15980: Insufficient policy enforcement in Intents.
- CVE-2020-15981: Out of bounds read in audio.
- CVE-2020-15982: Side-channel information leakage in cache.
- CVE-2020-15983: Insufficient data validation in webUI.
- CVE-2020-15984: Insufficient policy enforcement in Omnibox.
- CVE-2020-15985: Inappropriate implementation in Blink.
- CVE-2020-15986: Integer overflow in media.
- CVE-2020-15987: Use after free in WebRTC.
- CVE-2020-15992: Insufficient policy enforcement in networking.
- CVE-2020-15988: Insufficient policy enforcement in downloads.
- CVE-2020-15989: Uninitialized Use in PDFium.
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/default-allocator: refreshed
* debian/patches/disable-sse2: refreshed
* debian/patches/fix-c++17ism.patch: added
* debian/patches/fix-different-language-linkage-error.patch: added
* debian/patches/gtk-symbols-conditional.patch: refreshed
* debian/patches/import-missing-fcntl-defines.patch: added
* debian/patches/node-use-system-wide.patch: refreshed
* debian/patches/revert-newer-xcb-requirement.patch: added
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/stl-util-old-clang-compatibility.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/touch-v35: updated
* debian/patches/upstream-fix-crash-in-MediaSerializer-base-Location.patch:
removed, no longer needed
* debian/patches/widevine-enable-version-string.patch: refreshed
* debian/patches/widevine-other-locations: refreshed
-- Olivier Tilloy <email address hidden> Wed, 07 Oct 2020 22:00:46 +0200
Available diffs
- diff from 85.0.4183.121-0ubuntu0.16.04.1 to 86.0.4240.75-0ubuntu0.16.04.1 (pending)
chromium-browser (85.0.4183.121-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 85.0.4183.121
- CVE-2020-15960: Heap buffer overflow in storage.
- CVE-2020-15961: Insufficient policy enforcement in extensions.
- CVE-2020-15962: Insufficient policy enforcement in serial.
- CVE-2020-15963: Insufficient policy enforcement in extensions.
- CVE-2020-15965: Type Confusion in V8.
- CVE-2020-15966: Insufficient policy enforcement in extensions.
- CVE-2020-15964: Insufficient data validation in media.
-- Olivier Tilloy <email address hidden> Mon, 21 Sep 2020 22:11:46 +0200
Available diffs
- diff from 85.0.4183.83-0ubuntu0.18.04.2 to 85.0.4183.121-0ubuntu0.18.04.1 (pending)
- diff from 85.0.4183.102-0ubuntu0.18.04.1 to 85.0.4183.121-0ubuntu0.18.04.1 (pending)
chromium-browser (85.0.4183.121-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 85.0.4183.121
- CVE-2020-15960: Heap buffer overflow in storage.
- CVE-2020-15961: Insufficient policy enforcement in extensions.
- CVE-2020-15962: Insufficient policy enforcement in serial.
- CVE-2020-15963: Insufficient policy enforcement in extensions.
- CVE-2020-15965: Type Confusion in V8.
- CVE-2020-15966: Insufficient policy enforcement in extensions.
- CVE-2020-15964: Insufficient data validation in media.
-- Olivier Tilloy <email address hidden> Mon, 21 Sep 2020 22:05:10 +0200
Available diffs
- diff from 85.0.4183.83-0ubuntu0.16.04.2 to 85.0.4183.121-0ubuntu0.16.04.1 (pending)
- diff from 85.0.4183.102-0ubuntu0.16.04.1 to 85.0.4183.121-0ubuntu0.16.04.1 (pending)
chromium-browser (85.0.4183.83-0ubuntu0.18.04.2) bionic; urgency=medium
* debian/rules: install libEGL.so and libGLESv2.so, needed for
hardware-accelerated rendering
-- Olivier Tilloy <email address hidden> Mon, 31 Aug 2020 15:19:38 +0200
Available diffs
- diff from 84.0.4147.105-0ubuntu0.18.04.1 to 85.0.4183.83-0ubuntu0.18.04.2 (pending)
- diff from 85.0.4183.83-0ubuntu0.18.04.1 to 85.0.4183.83-0ubuntu0.18.04.2 (pending)
chromium-browser (85.0.4183.83-0ubuntu0.16.04.2) xenial; urgency=medium
* debian/rules: install libEGL.so and libGLESv2.so, needed for
hardware-accelerated rendering
-- Olivier Tilloy <email address hidden> Mon, 31 Aug 2020 14:57:48 +0200
Available diffs
- diff from 84.0.4147.105-0ubuntu0.16.04.1 to 85.0.4183.83-0ubuntu0.16.04.2 (pending)
- diff from 85.0.4183.83-0ubuntu0.16.04.1 to 85.0.4183.83-0ubuntu0.16.04.2 (pending)
chromium-browser (1:85.0.4183.83-0ubuntu0.20.04.1) focal; urgency=medium
* New upstream release: 85.0.4183.83
* Bump epoch to 1 to ensure always working upgrade path from bionic
(LP: #1892724)
-- Olivier Tilloy <email address hidden> Wed, 26 Aug 2020 17:30:25 +0200
Available diffs
chromium-browser (1:85.0.4183.83-0ubuntu1) groovy; urgency=medium * New upstream release: 85.0.4183.83 -- Olivier Tilloy <email address hidden> Wed, 26 Aug 2020 17:33:07 +0200
Available diffs
chromium-browser (1:84.0.4147.135-0ubuntu1) groovy; urgency=medium
* New upstream release: 84.0.4147.135
* Bump epoch to 1 to ensure always working upgrade path from bionic
(LP: #1892724)
-- Olivier Tilloy <email address hidden> Mon, 24 Aug 2020 15:49:01 +0200
Available diffs
chromium-browser (84.0.4147.105-0ubuntu0.20.04.1) focal; urgency=medium * New upstream release: 84.0.4147.105 (LP: #1889106) -- Olivier Tilloy <email address hidden> Fri, 07 Aug 2020 15:49:00 +0200
Available diffs
chromium-browser (84.0.4147.105-0ubuntu1) groovy; urgency=medium * New upstream release: 84.0.4147.105 (LP: #1889106) -- Olivier Tilloy <email address hidden> Fri, 07 Aug 2020 15:47:14 +0200
Available diffs
chromium-browser (84.0.4147.105-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 84.0.4147.105
- CVE-2020-6537: Type Confusion in V8.
- CVE-2020-6538: Inappropriate implementation in WebView.
- CVE-2020-6532: Use after free in SCTP.
- CVE-2020-6539: Use after free in CSS.
- CVE-2020-6540: Heap buffer overflow in Skia.
- CVE-2020-6541: Use after free in WebUSB.
-- Olivier Tilloy <email address hidden> Tue, 28 Jul 2020 11:28:16 +0200
Available diffs
- diff from 83.0.4103.61-0ubuntu0.18.04.1 to 84.0.4147.105-0ubuntu0.18.04.1 (pending)
- diff from 84.0.4147.89-0ubuntu0.18.04.2 to 84.0.4147.105-0ubuntu0.18.04.1 (pending)
chromium-browser (84.0.4147.105-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 84.0.4147.105
- CVE-2020-6537: Type Confusion in V8.
- CVE-2020-6538: Inappropriate implementation in WebView.
- CVE-2020-6532: Use after free in SCTP.
- CVE-2020-6539: Use after free in CSS.
- CVE-2020-6540: Heap buffer overflow in Skia.
- CVE-2020-6541: Use after free in WebUSB.
-- Olivier Tilloy <email address hidden> Tue, 28 Jul 2020 11:21:33 +0200
Available diffs
- diff from 81.0.4044.138-0ubuntu0.16.04.1 to 84.0.4147.105-0ubuntu0.16.04.1 (pending)
- diff from 84.0.4147.89-0ubuntu0.16.04.3 to 84.0.4147.105-0ubuntu0.16.04.1 (pending)
| Superseded in focal-proposed |
chromium-browser (84.0.4147.89-0ubuntu0.20.04.1) focal; urgency=medium * New upstream release: 84.0.4147.89 (LP: #1889106) -- Olivier Tilloy <email address hidden> Mon, 27 Jul 2020 18:24:34 +0200
Available diffs
chromium-browser (84.0.4147.89-0ubuntu1) groovy; urgency=medium * New upstream release: 84.0.4147.89 (LP: #1889106) -- Olivier Tilloy <email address hidden> Mon, 27 Jul 2020 18:39:43 +0200
Available diffs
chromium-browser (83.0.4103.97-0ubuntu0.20.04.1) focal; urgency=medium
* New upstream release: 83.0.4103.97
* Do not attempt to install the snap on systems where snapd isn't running
(including chroots and WSL) (LP: #1882232)
-- Olivier Tilloy <email address hidden> Mon, 08 Jun 2020 22:48:58 +0200
Available diffs
chromium-browser (83.0.4103.97-0ubuntu1) groovy; urgency=medium
* New upstream release: 83.0.4103.97
* Do not attempt to install the snap on systems where snapd isn't running
(including chroots and WSL) (LP: #1882232)
-- Olivier Tilloy <email address hidden> Mon, 08 Jun 2020 17:49:24 +0200
Available diffs
chromium-browser (83.0.4103.61-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 83.0.4103.61
- CVE-2020-6465: Use after free in reader mode.
- CVE-2020-6466: Use after free in media.
- CVE-2020-6467: Use after free in WebRTC.
- CVE-2020-6468: Type Confusion in V8.
- CVE-2020-6469: Insufficient policy enforcement in developer tools.
- CVE-2020-6470: Insufficient validation of untrusted input in clipboard.
- CVE-2020-6471: Insufficient policy enforcement in developer tools.
- CVE-2020-6472: Insufficient policy enforcement in developer tools.
- CVE-2020-6473: Insufficient policy enforcement in Blink.
- CVE-2020-6474: Use after free in Blink.
- CVE-2020-6475: Incorrect security UI in full screen.
- CVE-2020-6476: Insufficient policy enforcement in tab strip.
- CVE-2020-6477: Inappropriate implementation in installer.
- CVE-2020-6478: Inappropriate implementation in full screen.
- CVE-2020-6479: Inappropriate implementation in sharing.
- CVE-2020-6480: Insufficient policy enforcement in enterprise.
- CVE-2020-6481: Insufficient policy enforcement in URL formatting.
- CVE-2020-6482: Insufficient policy enforcement in developer tools.
- CVE-2020-6483: Insufficient policy enforcement in payments.
- CVE-2020-6484: Insufficient data validation in ChromeDriver.
- CVE-2020-6485: Insufficient data validation in media router.
- CVE-2020-6486: Insufficient policy enforcement in navigations.
- CVE-2020-6487: Insufficient policy enforcement in downloads.
- CVE-2020-6488: Insufficient policy enforcement in downloads.
- CVE-2020-6489: Inappropriate implementation in developer tools.
- CVE-2020-6490: Insufficient data validation in loader.
- CVE-2020-6491: Incorrect security UI in site information.
* debian/control: add build dependency on python-pkg-resources (needed for
jinja2, since https://chromium.googlesource.com/chromium/src/+/312b6bf)
* debian/rules: copy missing source file for gn build
* debian/patches/chromium_useragent.patch: refreshed
* debian/patches/disable-sse2: refreshed
* debian/patches/enable-chromecast-by-default.patch: refreshed
* debian/patches/fix-extra-arflags.patch: removed, no longer needed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/use-clang-versioned.patch: refreshed
-- Olivier Tilloy <email address hidden> Thu, 21 May 2020 15:28:16 +0200
Available diffs
- diff from 81.0.4044.122-0ubuntu0.18.04.1 to 83.0.4103.61-0ubuntu0.18.04.1 (pending)
- diff from 81.0.4044.138-0ubuntu0.18.04.1 to 83.0.4103.61-0ubuntu0.18.04.1 (pending)
chromium-browser (81.0.4044.138-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 81.0.4044.138
- CVE-2020-6831: Stack buffer overflow in SCTP.
- CVE-2020-6464: Type Confusion in Blink.
-- Olivier Tilloy <email address hidden> Wed, 06 May 2020 08:57:33 +0200
Available diffs
- diff from 81.0.4044.122-0ubuntu0.18.04.1 to 81.0.4044.138-0ubuntu0.18.04.1 (pending)
- diff from 81.0.4044.129-0ubuntu0.18.04.1 to 81.0.4044.138-0ubuntu0.18.04.1 (pending)
chromium-browser (81.0.4044.138-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 81.0.4044.138
- CVE-2020-6831: Stack buffer overflow in SCTP.
- CVE-2020-6464: Type Confusion in Blink.
-- Olivier Tilloy <email address hidden> Wed, 06 May 2020 08:52:03 +0200
Available diffs
- diff from 81.0.4044.122-0ubuntu0.16.04.1 to 81.0.4044.138-0ubuntu0.16.04.1 (pending)
- diff from 81.0.4044.129-0ubuntu0.16.04.1 to 81.0.4044.138-0ubuntu0.16.04.1 (pending)
chromium-browser (81.0.4044.129-0ubuntu0.19.10.1) eoan; urgency=medium
* New upstream release: 81.0.4044.129
* debian/control: add x-www-browser and gnome-www-browser to the Provides
section (LP: #1815289)
* debian/chromium-browser.postinst: install /usr/bin/chromium-browser as an
alternative for x-www-browser and gnome-www-browser (LP: #1870640)
-- Olivier Tilloy <email address hidden> Thu, 30 Apr 2020 16:34:30 +0200
Available diffs
chromium-browser (81.0.4044.129-0ubuntu0.20.04.1) focal; urgency=medium
* New upstream release: 81.0.4044.129
* debian/control: add x-www-browser and gnome-www-browser to the Provides
section (LP: #1815289)
* debian/chromium-browser.postinst: install /usr/bin/chromium-browser as an
alternative for x-www-browser and gnome-www-browser (LP: #1870640)
-- Olivier Tilloy <email address hidden> Thu, 30 Apr 2020 16:30:05 +0200
Available diffs
chromium-browser (81.0.4044.129-0ubuntu1) groovy; urgency=medium
* New upstream release: 81.0.4044.129
* debian/control:
- update Vcs-Bzr URL to point to the branch for 20.10
(codename the Groovy Gorilla)
- add x-www-browser and gnome-www-browser to the Provides section
(LP: #1815289)
* debian/chromium-browser.postinst: install /usr/bin/chromium-browser as an
alternative for x-www-browser and gnome-www-browser (LP: #1870640)
-- Olivier Tilloy <email address hidden> Thu, 30 Apr 2020 14:48:00 +0200
Available diffs
chromium-browser (81.0.4044.122-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 81.0.4044.122
- CVE-2020-6459: Use after free in payments.
- CVE-2020-6460: Insufficient data validation in URL formatting.
- CVE-2020-6458: Out of bounds read and write in PDFium.
-- Olivier Tilloy <email address hidden> Wed, 22 Apr 2020 19:41:50 +0200
Available diffs
- diff from 79.0.3945.79-0ubuntu0.18.04.1 to 81.0.4044.122-0ubuntu0.18.04.1 (pending)
- diff from 80.0.3987.163-0ubuntu0.18.04.1 to 81.0.4044.122-0ubuntu0.18.04.1 (pending)
- diff from 81.0.4044.113-0ubuntu0.18.04.1 to 81.0.4044.122-0ubuntu0.18.04.1 (pending)
chromium-browser (81.0.4044.122-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 81.0.4044.122
- CVE-2020-6459: Use after free in payments.
- CVE-2020-6460: Insufficient data validation in URL formatting.
- CVE-2020-6458: Out of bounds read and write in PDFium.
-- Olivier Tilloy <email address hidden> Wed, 22 Apr 2020 19:21:20 +0200
Available diffs
- diff from 80.0.3987.163-0ubuntu0.16.04.1 to 81.0.4044.122-0ubuntu0.16.04.1 (pending)
- diff from 81.0.4044.113-0ubuntu0.16.04.1 to 81.0.4044.122-0ubuntu0.16.04.1 (pending)
chromium-browser (80.0.3987.163-0ubuntu0.18.04.1) bionic; urgency=medium * Upstream release: 80.0.3987.163 -- Olivier Tilloy <email address hidden> Sat, 04 Apr 2020 16:28:10 +0200
Available diffs
- diff from 80.0.3987.149-0ubuntu0.18.04.1 to 80.0.3987.163-0ubuntu0.18.04.1 (pending)
- diff from 80.0.3987.162-0ubuntu0.18.04.1 to 80.0.3987.163-0ubuntu0.18.04.1 (pending)
chromium-browser (80.0.3987.163-0ubuntu0.16.04.1) xenial; urgency=medium * Upstream release: 80.0.3987.163 -- Olivier Tilloy <email address hidden> Sat, 04 Apr 2020 16:27:05 +0200
Available diffs
- diff from 80.0.3987.149-0ubuntu0.16.04.1 to 80.0.3987.163-0ubuntu0.16.04.1 (pending)
- diff from 80.0.3987.162-0ubuntu0.16.04.1 to 80.0.3987.163-0ubuntu0.16.04.1 (pending)
| Superseded in groovy-release |
| Published in focal-release |
| Deleted in focal-proposed (Reason: moved to Release) |
chromium-browser (80.0.3987.163-0ubuntu1) focal; urgency=medium * New upstream release: 80.0.3987.163 -- Olivier Tilloy <email address hidden> Fri, 03 Apr 2020 15:33:04 +0200
Available diffs
chromium-browser (80.0.3987.162-0ubuntu1) focal; urgency=medium * New upstream release: 80.0.3987.162 -- Olivier Tilloy <email address hidden> Thu, 02 Apr 2020 14:04:09 +0200
Available diffs
chromium-browser (80.0.3987.149-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 80.0.3987.149
- CVE-2019-20503: Out of bounds read in usersctplib.
- CVE-2020-6383: Type confusion in V8.
- CVE-2020-6384: Use after free in WebAudio.
- CVE-2020-6386: Use after free in speech.
- CVE-2020-6407: Out of bounds memory access in streams.
- CVE-2020-6418: Type confusion in V8.
- CVE-2020-6420: Insufficient policy enforcement in media.
- CVE-2020-6422: Use after free in WebGL.
- CVE-2020-6424: Use after free in media.
- CVE-2020-6425: Insufficient policy enforcement in extensions.
- CVE-2020-6426: Inappropriate implementation in V8.
- CVE-2020-6427: Use after free in audio.
- CVE-2020-6428: Use after free in audio.
- CVE-2020-6429: Use after free in audio.
- CVE-2020-6449: Use after free in audio.
-- Olivier Tilloy <email address hidden> Wed, 18 Mar 2020 22:16:10 +0100
Available diffs
- diff from 80.0.3987.87-0ubuntu0.18.04.1 to 80.0.3987.149-0ubuntu0.18.04.1 (pending)
chromium-browser (80.0.3987.149-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 80.0.3987.149
- CVE-2019-20503: Out of bounds read in usersctplib.
- CVE-2020-6383: Type confusion in V8.
- CVE-2020-6384: Use after free in WebAudio.
- CVE-2020-6386: Use after free in speech.
- CVE-2020-6407: Out of bounds memory access in streams.
- CVE-2020-6418: Type confusion in V8.
- CVE-2020-6420: Insufficient policy enforcement in media.
- CVE-2020-6422: Use after free in WebGL.
- CVE-2020-6424: Use after free in media.
- CVE-2020-6425: Insufficient policy enforcement in extensions.
- CVE-2020-6426: Inappropriate implementation in V8.
- CVE-2020-6427: Use after free in audio.
- CVE-2020-6428: Use after free in audio.
- CVE-2020-6429: Use after free in audio.
- CVE-2020-6449: Use after free in audio.
-- Olivier Tilloy <email address hidden> Wed, 18 Mar 2020 21:52:22 +0100
Available diffs
- diff from 80.0.3987.87-0ubuntu0.16.04.1 to 80.0.3987.149-0ubuntu0.16.04.1 (pending)
chromium-browser (80.0.3987.87-0ubuntu1) focal; urgency=medium * New upstream release: 80.0.3987.87 -- Olivier Tilloy <email address hidden> Mon, 10 Feb 2020 11:06:48 +0100
Available diffs
chromium-browser (80.0.3987.87-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 80.0.3987.87
- CVE-2020-6381: Integer overflow in JavaScript.
- CVE-2020-6382: Type Confusion in JavaScript.
- CVE-2019-18197: Multiple vulnerabilities in XML.
- CVE-2019-19926: Inappropriate implementation in SQLite.
- CVE-2020-6385: Insufficient policy enforcement in storage.
- CVE-2019-19880, CVE-2019-19925: Multiple vulnerabilities in SQLite.
- CVE-2020-6387: Out of bounds write in WebRTC.
- CVE-2020-6388: Out of bounds memory access in WebAudio.
- CVE-2020-6389: Out of bounds write in WebRTC.
- CVE-2020-6390: Out of bounds memory access in streams.
- CVE-2020-6391: Insufficient validation of untrusted input in Blink.
- CVE-2020-6392: Insufficient policy enforcement in extensions.
- CVE-2020-6393: Insufficient policy enforcement in Blink.
- CVE-2020-6394: Insufficient policy enforcement in Blink.
- CVE-2020-6395: Out of bounds read in JavaScript.
- CVE-2020-6396: Inappropriate implementation in Skia.
- CVE-2020-6397: Incorrect security UI in sharing.
- CVE-2020-6398: Uninitialized use in PDFium.
- CVE-2020-6399: Insufficient policy enforcement in AppCache.
- CVE-2020-6400: Inappropriate implementation in CORS.
- CVE-2020-6401: Insufficient validation of untrusted input in Omnibox.
- CVE-2020-6402: Insufficient policy enforcement in downloads.
- CVE-2020-6403: Incorrect security UI in Omnibox.
- CVE-2020-6404: Inappropriate implementation in Blink.
- CVE-2020-6405: Out of bounds read in SQLite.
- CVE-2020-6406: Use after free in audio.
- CVE-2019-19923: Out of bounds memory access in SQLite.
- CVE-2020-6408: Insufficient policy enforcement in CORS.
- CVE-2020-6409: Inappropriate implementation in Omnibox.
- CVE-2020-6410: Insufficient policy enforcement in navigation.
- CVE-2020-6411: Insufficient validation of untrusted input in Omnibox.
- CVE-2020-6412: Insufficient validation of untrusted input in Omnibox.
- CVE-2020-6413: Inappropriate implementation in Blink.
- CVE-2020-6414: Insufficient policy enforcement in Safe Browsing.
- CVE-2020-6415: Inappropriate implementation in JavaScript.
- CVE-2020-6416: Insufficient data validation in streams.
- CVE-2020-6417: Inappropriate implementation in installer.
* debian/control:
- add nodejs as a build dependency
- bump the clang and llvm build dependencies to version 9 which was
recently backported to bionic
* debian/rules: build gn with clang 9
* debian/patches/disable-sse2: refreshed
* debian/patches/fix-extra-arflags.patch: refreshed
* debian/patches/node-use-system-wide.patch: added
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/use-clang-versioned.patch: updated
* debian/patches/widevine-enable-version-string.patch: refreshed
* debian/tests/html5test: update test expectations for the removal
of the Web Components V0 APIs
(see https://www.chromestatus.com/feature/5144752345317376)
-- Olivier Tilloy <email address hidden> Wed, 05 Feb 2020 15:50:26 +0100
Available diffs
- diff from 79.0.3945.130-0ubuntu0.18.04.1 to 80.0.3987.87-0ubuntu0.18.04.1 (pending)
chromium-browser (80.0.3987.87-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 80.0.3987.87
- CVE-2020-6381: Integer overflow in JavaScript.
- CVE-2020-6382: Type Confusion in JavaScript.
- CVE-2019-18197: Multiple vulnerabilities in XML.
- CVE-2019-19926: Inappropriate implementation in SQLite.
- CVE-2020-6385: Insufficient policy enforcement in storage.
- CVE-2019-19880, CVE-2019-19925: Multiple vulnerabilities in SQLite.
- CVE-2020-6387: Out of bounds write in WebRTC.
- CVE-2020-6388: Out of bounds memory access in WebAudio.
- CVE-2020-6389: Out of bounds write in WebRTC.
- CVE-2020-6390: Out of bounds memory access in streams.
- CVE-2020-6391: Insufficient validation of untrusted input in Blink.
- CVE-2020-6392: Insufficient policy enforcement in extensions.
- CVE-2020-6393: Insufficient policy enforcement in Blink.
- CVE-2020-6394: Insufficient policy enforcement in Blink.
- CVE-2020-6395: Out of bounds read in JavaScript.
- CVE-2020-6396: Inappropriate implementation in Skia.
- CVE-2020-6397: Incorrect security UI in sharing.
- CVE-2020-6398: Uninitialized use in PDFium.
- CVE-2020-6399: Insufficient policy enforcement in AppCache.
- CVE-2020-6400: Inappropriate implementation in CORS.
- CVE-2020-6401: Insufficient validation of untrusted input in Omnibox.
- CVE-2020-6402: Insufficient policy enforcement in downloads.
- CVE-2020-6403: Incorrect security UI in Omnibox.
- CVE-2020-6404: Inappropriate implementation in Blink.
- CVE-2020-6405: Out of bounds read in SQLite.
- CVE-2020-6406: Use after free in audio.
- CVE-2019-19923: Out of bounds memory access in SQLite.
- CVE-2020-6408: Insufficient policy enforcement in CORS.
- CVE-2020-6409: Inappropriate implementation in Omnibox.
- CVE-2020-6410: Insufficient policy enforcement in navigation.
- CVE-2020-6411: Insufficient validation of untrusted input in Omnibox.
- CVE-2020-6412: Insufficient validation of untrusted input in Omnibox.
- CVE-2020-6413: Inappropriate implementation in Blink.
- CVE-2020-6414: Insufficient policy enforcement in Safe Browsing.
- CVE-2020-6415: Inappropriate implementation in JavaScript.
- CVE-2020-6416: Insufficient data validation in streams.
- CVE-2020-6417: Inappropriate implementation in installer.
* debian/control: add nodejs-mozilla as a build dependency
* debian/patches/disable-sse2: refreshed
* debian/patches/fix-extra-arflags.patch: refreshed
* debian/patches/node-use-system-wide.patch: added
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
* debian/patches/widevine-enable-version-string.patch: refreshed
* debian/tests/html5test: update test expectations for the removal
of the Web Components V0 APIs
(see https://www.chromestatus.com/feature/5144752345317376)
-- Olivier Tilloy <email address hidden> Wed, 05 Feb 2020 10:50:42 +0100
Available diffs
- diff from 79.0.3945.130-0ubuntu0.16.04.1 to 80.0.3987.87-0ubuntu0.16.04.1 (pending)
chromium-browser (79.0.3945.130-0ubuntu0.18.04.1) bionic; urgency=medium
* Upstream release: 79.0.3945.130
- CVE-2020-6378: Use-after-free in speech recognizer.
- CVE-2020-6379: Use-after-free in speech recognizer.
- CVE-2020-6380: Extension message verification error.
* debian/control: remove libgnome-keyring-dev build dependency (LP: #1828192)
* debian/rules: build with use_gnome_keyring=false
* debian/known_gn_gen_args-*: change use_gnome_keyring build flag to false
-- Olivier Tilloy <email address hidden> Mon, 27 Jan 2020 17:57:12 +0100
Available diffs
- diff from 79.0.3945.79-0ubuntu0.18.04.1 to 79.0.3945.130-0ubuntu0.18.04.1 (pending)
- diff from 79.0.3945.117-0ubuntu0.18.04.1 to 79.0.3945.130-0ubuntu0.18.04.1 (pending)
| 1 → 75 of 614 results | First • Previous • Next • Last |
