-
chromium-browser (65.0.3325.181-0ubuntu0.14.04.1) trusty; urgency=medium
* Upstream release: 65.0.3325.181
-- Olivier Tilloy <email address hidden> Wed, 21 Mar 2018 14:32:29 +0100
-
chromium-browser (64.0.3282.167-0ubuntu0.14.04.1) trusty; urgency=medium
* Upstream release: 64.0.3282.167
- CVE-2018-6056: Incorrect derived class instantiation in V8.
-- Olivier Tilloy <email address hidden> Wed, 14 Feb 2018 12:02:53 +0100
-
chromium-browser (64.0.3282.140-0ubuntu0.14.04.1) trusty; urgency=medium
* Upstream release: 64.0.3282.140
-- Olivier Tilloy <email address hidden> Fri, 02 Feb 2018 15:39:55 +0100
-
chromium-browser (64.0.3282.119-0ubuntu0.14.04.1) trusty; urgency=medium
* Upstream release: 64.0.3282.119
- CVE-2018-6031: Use after free in PDFium.
- CVE-2018-6032: Same origin bypass in Shared Worker.
- CVE-2018-6033: Race when opening downloaded files.
- CVE-2018-6034: Integer overflow in Blink.
- CVE-2018-6035: Insufficient isolation of devtools from extensions.
- CVE-2018-6036: Integer underflow in WebAssembly.
- CVE-2018-6037: Insufficient user gesture requirements in autofill.
- CVE-2018-6038: Heap buffer overflow in WebGL.
- CVE-2018-6039: XSS in DevTools.
- CVE-2018-6040: Content security policy bypass.
- CVE-2018-6041: URL spoof in Navigation.
- CVE-2018-6042: URL spoof in OmniBox.
- CVE-2018-6043: Insufficient escaping with external URL handlers.
- CVE-2018-6045: Insufficient isolation of devtools from extensions.
- CVE-2018-6046: Insufficient isolation of devtools from extensions.
- CVE-2018-6047: Cross origin URL leak in WebGL.
- CVE-2018-6048: Referrer policy bypass in Blink.
- CVE-2017-15420: URL spoofing in Omnibox.
- CVE-2018-6049: UI spoof in Permissions.
- CVE-2018-6050: URL spoof in OmniBox.
- CVE-2018-6051: Referrer leak in XSS Auditor.
- CVE-2018-6052: Incomplete no-referrer policy implementation.
- CVE-2018-6053: Leak of page thumbnails in New Tab Page.
- CVE-2018-6054: Use after free in WebUI.
* debian/control: update reference URL for chromedriver
* debian/rules:
- remove enable_hotwording build flag
- exclude build artifacts from the binary package (LP: #1742653)
* debian/patches/add-missing-cstddef-include.patch: added
* debian/patches/build-with-gcc-mozilla.patch: refreshed
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/disable-sse2: refreshed
* debian/patches/enable-chromecast-by-default.patch: refreshed
* debian/patches/fix-c++14-compilation.patch: added
* debian/patches/fix-c++14-compilation-2.patch: added
* debian/patches/fix-ffmpeg-ia32-build.patch: added
* debian/patches/fix-missing-include.patch: added
* debian/patches/gtk-3-10.patch: added
* debian/patches/last-commit-position: refreshed
* debian/patches/no-new-ninja-flag.patch: refreshed
* debian/patches/relax-ninja-version-requirement.patch: refreshed
* debian/patches/restore-clang-no-integrated-as.patch: added
* debian/patches/revert-clang-nostdlib++.patch: updated
* debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/touch-v35: refreshed
* debian/patches/widevine-other-locations: updated (LP: #1738149)
* debian/known_gn_gen_args-*: remove enable_hotwording build flag
-- Olivier Tilloy <email address hidden> Wed, 24 Jan 2018 23:44:17 +0100
-
chromium-browser (63.0.3239.132-0ubuntu0.14.04.1) trusty; urgency=medium
* Upstream release: 63.0.3239.132
* debian/rules: do not install files used for building only (LP: #1742653)
-- Olivier Tilloy <email address hidden> Sun, 14 Jan 2018 21:37:42 +0100
-
chromium-browser (63.0.3239.84-0ubuntu0.14.04.1) trusty; urgency=medium
* Upstream release: 63.0.3239.84
- CVE-2017-15407: Out of bounds write in QUIC.
- CVE-2017-15408: Heap buffer overflow in PDFium.
- CVE-2017-15409: Out of bounds write in Skia.
- CVE-2017-15410: Use after free in PDFium.
- CVE-2017-15411: Use after free in PDFium.
- CVE-2017-15412: Use after free in libXML.
- CVE-2017-15413: Type confusion in WebAssembly.
- CVE-2017-15415: Pointer information disclosure in IPC call.
- CVE-2017-15416: Out of bounds read in Blink.
- CVE-2017-15417: Cross origin information disclosure in Skia.
- CVE-2017-15418: Use of uninitialized value in Skia.
- CVE-2017-15419: Cross origin leak of redirect URL in Blink.
- CVE-2017-15420: URL spoofing in Omnibox.
- CVE-2017-15422: Integer overflow in ICU.
- CVE-2017-15423: Issue with SPAKE implementation in BoringSSL.
- CVE-2017-15424: URL Spoof in Omnibox.
- CVE-2017-15425: URL Spoof in Omnibox.
- CVE-2017-15426: URL Spoof in Omnibox.
- CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox.
* debian/control: build-depend on gcc-mozilla (which is effectively gcc 4.9
on trusty)
* debian/rules:
- change use_gold GN flag to false
- remove linux_use_bundled_binutils=false GN flag
- replace allow_posix_link_time_opt=false by use_lld=false, is_cfi=false
and use_thin_lto=false
- rename use_vulcanize GN flag to optimize_webui
- generate the man page as it's not being built with chromium any
longer (since commit 64b961499bebc54fe48478f5e37477252c7887fa)
* debian/patches/arm-neon.patch: refreshed
* debian/patches/build-with-gcc-mozilla.patch: added
* debian/patches/c++-compatibility.patch: removed, no longer needed
* debian/patches/disable-sse2: refreshed
* debian/patches/fix-gn-bootstrap.patch: removed, no longer needed
* debian/patches/fix_building_widevinecdm_with_chromium.patch: replaced by
debian/patches/widevine-revision.patch
* debian/patches/no-new-ninja-flag.patch: refreshed
* debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: added
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: updated
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/touch-v35: refreshed
* debian/patches/use-clang-versioned.patch: refreshed
* debian/patches/widevine-other-locations: updated (LP: #1652110)
* debian/patches/widevine-revision.patch: added (LP: #1652110)
-- Olivier Tilloy <email address hidden> Thu, 07 Dec 2017 13:51:08 +0100
-
chromium-browser (62.0.3202.94-0ubuntu0.14.04.1215) trusty; urgency=medium
* Upstream release: 62.0.3202.94
-- Olivier Tilloy <email address hidden> Mon, 13 Nov 2017 23:38:02 +0100
-
chromium-browser (62.0.3202.89-0ubuntu0.14.04.1213) trusty; urgency=medium
* Upstream release: 62.0.3202.89
- CVE-2017-15398: Stack buffer overflow in QUIC.
- CVE-2017-15399: Use after free in V8.
-- Olivier Tilloy <email address hidden> Mon, 06 Nov 2017 23:01:32 +0100
-
chromium-browser (62.0.3202.75-0ubuntu0.14.04.1211) trusty; urgency=medium
* Upstream release: 62.0.3202.75
- CVE-2017-15396: Stack overflow in V8.
* debian/control: bump Standards-Version to 4.1.1
* debian/patches/set-rpath-on-chromium-executables.patch: updated
* debian/tests/*:
- removed stale autopkgtests
- added new autopkgtests based on chromium's new headless mode
* debian/source/include-binaries: updated to reflect new binary data in tests
-- Olivier Tilloy <email address hidden> Fri, 27 Oct 2017 19:53:25 +0200
-
chromium-browser (62.0.3202.62-0ubuntu0.14.04.1204) trusty; urgency=medium
* Upstream release: 62.0.3202.62
- CVE-2017-5124: UXSS with MHTML.
- CVE-2017-5125: Heap overflow in Skia.
- CVE-2017-5126: Use after free in PDFium.
- CVE-2017-5127: Use after free in PDFium.
- CVE-2017-5128: Heap overflow in WebGL.
- CVE-2017-5129: Use after free in WebAudio.
- CVE-2017-5132: Incorrect stack manipulation in WebAssembly.
- CVE-2017-5130: Heap overflow in libxml2.
- CVE-2017-5131: Out of bounds write in Skia.
- CVE-2017-5133: Out of bounds write in Skia.
- CVE-2017-15386: UI spoofing in Blink.
- CVE-2017-15387: Content security bypass.
- CVE-2017-15388: Out of bounds read in Skia.
- CVE-2017-15389: URL spoofing in OmniBox.
- CVE-2017-15390: URL spoofing in OmniBox.
- CVE-2017-15391: Extension limitation bypass in Extensions.
- CVE-2017-15392: Incorrect registry key handling in PlatformIntegration.
- CVE-2017-15393: Referrer leak in Devtools.
- CVE-2017-15394: URL spoofing in extensions UI.
- CVE-2017-15395: Null pointer dereference in ImageCapture.
* debian/control:
- build with clang 4.0
- bump Standards-Version to 4.1.0
* debian/rules:
- build with clang 4.0
- also build gn with clang 4.0
- do not disable swiftshader on i386 (LP: #1697496)
- when building on armhf, pass symbol_level=0 to gn in the hope that
Launchpad builders won't run out of memory when linking
* debian/patches/additional-search-engines.patch: refreshed
* debian/patches/allow-component-build: removed, unused
* debian/patches/arm64-vpx-alignment: removed, no longer needed
* debian/patches/c++-compatibility.patch: added
* debian/patches/defang-ct-timebomb: removed, unused
* debian/patches/disable-sse2: refreshed
* debian/patches/enable-chromecast-by-default.patch: refreshed
* debian/patches/fix-argument-evaluation-order.patch: removed, no longer
needed
* debian/patches/fix-compilation-for-atk.patch: removed, no longer needed
* debian/patches/fix-compilation-for-atk-version-check.patch: removed, no
longer needed
* debian/patches/fix-gn-bootstrap.patch: updated
* debian/patches/fix_building_widevinecdm_with_chromium.patch: refreshed
* debian/patches/gcc-compilation-fixes.patch: removed, no longer needed
* debian/patches/make-base-numerics-build-with-gcc.patch: removed, no longer
needed
* debian/patches/no-new-ninja-flag.patch: added
* debian/patches/protobuf-fullness: removed, unused
* debian/patches/really-disable-swiftshader-on-x86.patch: removed, no longer
needed
* debian/patches/reduce-ld-memory-usage.patch: removed, no longer needed
* debian/patches/revert-clang-nostdlib++.patch: added
* debian/patches/revert-llvm-ar.patch: removed, no longer needed
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: added
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/use-clang-versioned.patch: added
* debian/patches/use-gcc-versioned: removed, no longer needed
* debian/patches/vulkan-c99.patch: removed, no longer needed
* debian/patches/widevine-other-locations: refreshed
* debian/known_gyp_flags: removed, unused
* debian/known_gn_gen_args-[i386,amd64,armhf]: added
-- Olivier Tilloy <email address hidden> Thu, 19 Oct 2017 11:07:58 +0200
-
chromium-browser (61.0.3163.100-0ubuntu0.14.04.1202) trusty; urgency=medium
* debian/patches/set-rpath-on-chromium-executables.patch: added
(LP: #1718885)
* debian/chromium-browser.sh.in: remove LD_LIBRARY_PATH manipulation,
made unnecessary by patch above
-- Olivier Tilloy <email address hidden> Tue, 26 Sep 2017 10:01:47 -0400
-
chromium-browser (61.0.3163.79-0ubuntu0.14.04.1196) trusty; urgency=medium
* Upstream release: 61.0.3163.79
- CVE-2017-5111: Use after free in PDFium.
- CVE-2017-5112: Heap buffer overflow in WebGL.
- CVE-2017-5113: Heap buffer overflow in Skia.
- CVE-2017-5114: Memory lifecycle issue in PDFium.
- CVE-2017-5115: Type confusion in V8.
- CVE-2017-5116: Type confusion in V8.
- CVE-2017-5117: Use of uninitialized value in Skia.
- CVE-2017-5118: Bypass of Content Security Policy in Blink.
- CVE-2017-5119: Use of uninitialized value in Skia.
- CVE-2017-5120: Potential HTTPS downgrade during redirect navigation.
* debian/control: bump Standards-Version to 4.0.0
* debian/rules:
- build with use_custom_libcxx=false to force the use of the system
libstdc++
- build with is_component_build=false, is_official_build=true,
allow_posix_link_time_opt=false and fatal_linker_warnings=false
* debian/patches/additional-search-engines.patch: refreshed
* debian/patches/define__libc_malloc.patch: added
* debian/patches/disable-sse2: refreshed
* debian/patches/enable-chromecast-by-default.patch: refreshed
* debian/patches/fix-compilation-for-atk.patch: added
* debian/patches/fix-compilation-for-atk-version-check.patch: added
* debian/patches/fix-gn-bootstrap.patch: updated
* debian/patches/fix-webkit-layout-build-with-g++.patch: removed,
no longer needed
* debian/patches/fix_building_widevinecdm_with_chromium.patch: refreshed
* debian/patches/gcc-compilation-fixes.patch: added
* debian/patches/make-base-numerics-build-with-gcc.patch: added
* debian/patches/really-disable-swiftshader-on-x86.patch: updated
* debian/patches/reduce-ld-memory-usage.patch: added
* debian/patches/relax-ninja-version-requirement.patch: added
* debian/patches/revert-llvm-ar.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/use-gcc-versioned: refreshed
-- Olivier Tilloy <email address hidden> Mon, 11 Sep 2017 23:12:48 +0200
-
chromium-browser (60.0.3112.113-0ubuntu0.14.04.1194) trusty; urgency=medium
* Upstream release: 60.0.3112.113
-- Olivier Tilloy <email address hidden> Fri, 25 Aug 2017 08:16:05 +0200
-
chromium-browser (60.0.3112.78-0ubuntu0.14.04.1190) trusty; urgency=medium
* Upstream release: 60.0.3112.78
- CVE-2017-5091: Use after free in IndexedDB.
- CVE-2017-5092: Use after free in PPAPI.
- CVE-2017-5093: UI spoofing in Blink.
- CVE-2017-5094: Type confusion in extensions.
- CVE-2017-5095: Out-of-bounds write in PDFium.
- CVE-2017-5096: User information leak via Android intents.
- CVE-2017-5097: Out-of-bounds read in Skia.
- CVE-2017-5098: Use after free in V8.
- CVE-2017-5099: Out-of-bounds write in PPAPI.
- CVE-2017-5100: Use after free in Chrome Apps.
- CVE-2017-5101: URL spoofing in OmniBox.
- CVE-2017-5102: Uninitialized use in Skia.
- CVE-2017-5103: Uninitialized use in Skia.
- CVE-2017-5104: UI spoofing in browser.
- CVE-2017-5105: URL spoofing in OmniBox.
- CVE-2017-5106: URL spoofing in OmniBox.
- CVE-2017-5107: User information leak via SVG.
- CVE-2017-5108: Type confusion in PDFium.
- CVE-2017-5109: UI spoofing in browser.
- CVE-2017-5110: UI spoofing in payments dialog.
- CVE-2017-7000: Pointer disclosure in SQLite.
* debian/patches/additional-search-engines.patch: refreshed
* debian/patches/default-allocator: refreshed
* debian/patches/disable-sse2: refreshed
* debian/patches/fix_building_widevinecdm_with_chromium.patch: refreshed
* debian/patches/fix-gn-bootstrap.patch: added
* debian/patches/fix-webkit-layout-build-with-g++.patch: added
* debian/patches/last-commit-position: refreshed
* debian/patches/linux-dma-buf.patch: removed, no longer needed
* debian/patches/memory-free-assertion-failure: removed, no longer needed
* debian/patches/really-disable-swiftshader-on-x86.patch: refreshed
* debian/patches/revert-llvm-ar.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/snapshot-library-link: removed, no longer needed
* debian/patches/stdatomic: removed, no longer needed
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/vulkan-c99.patch: added
-- Olivier Tilloy <email address hidden> Mon, 31 Jul 2017 18:02:45 +0200
-
chromium-browser (59.0.3071.109-0ubuntu0.14.04.1188) trusty; urgency=medium
* debian/patches/fix-argument-evaluation-order.patch: added (LP: #1702407)
-- Olivier Tilloy <email address hidden> Fri, 07 Jul 2017 10:57:00 +0200
-
chromium-browser (59.0.3071.109-0ubuntu0.14.04.1186) trusty; urgency=medium
* Upstream release: 59.0.3071.109
-- Olivier Tilloy <email address hidden> Wed, 21 Jun 2017 06:54:41 +0200
-
chromium-browser (58.0.3029.110-0ubuntu0.14.04.1176) trusty; urgency=medium
* Upstream release: 58.0.3029.110
* debian/control: bump Standards-Version to 3.9.8
-- Olivier Tilloy <email address hidden> Wed, 10 May 2017 07:25:53 +0200
-
chromium-browser (58.0.3029.96-0ubuntu0.14.04.1174) trusty; urgency=medium
* Upstream release: 58.0.3029.96
- CVE-2017-5068: Race condition in WebRTC.
-- Olivier Tilloy <email address hidden> Wed, 03 May 2017 06:56:50 +0200
-
chromium-browser (58.0.3029.81-0ubuntu0.14.04.1172) trusty; urgency=medium
* Upstream release: 58.0.3029.81
- CVE-2017-5057: Type confusion in PDFium.
- CVE-2017-5058: Heap use after free in Print Preview.
- CVE-2017-5059: Type confusion in Blink.
- CVE-2017-5060: URL spoofing in Omnibox.
- CVE-2017-5061: URL spoofing in Omnibox.
- CVE-2017-5062: Use after free in Chrome Apps.
- CVE-2017-5063: Heap overflow in Skia.
- CVE-2017-5064: Use after free in Blink.
- CVE-2017-5065: Incorrect UI in Blink.
- CVE-2017-5066: Incorrect signature handing in Networking.
- CVE-2017-5067: URL spoofing in Omnibox.
- CVE-2017-5069: Cross-origin bypass in Blink.
* debian/patches/arm.patch: removed, no longer needed
* debian/patches/gtk-ui-stdmove: removed, no longer needed (upstreamed)
* debian/patches/screen_capturer: removed, no longer needed (upstreamed)
* debian/patches/default-allocator: refreshed
* debian/patches/disable-sse2: refreshed
* debian/patches/enable-chromecast-by-default: refreshed
* debian/patches/fix_building_widevinecdm_with_chromium.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/snapshot-library-link: refreshed
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/fix-gn-bootstrap.patch: added
* debian/rules: disable the use of Vulcanize, the required node.js modules
are not readily available
-- Olivier Tilloy <email address hidden> Mon, 24 Apr 2017 11:56:01 +0200
-
chromium-browser (53.0.2785.143-0ubuntu0.14.04.1.1145) trusty-security; urgency=medium
* debian/patches/defang-ct-timebomb: backport TLS cert invalidity based
on build-time. (LP: #1641380)
-- Chad MILLER <email address hidden> Mon, 14 Nov 2016 10:06:44 -0500
-
chromium-browser (53.0.2785.143-0ubuntu0.14.04.1.1142) trusty-security; urgency=medium
* Upstream release 53.0.2785.143:
- CVE-2016-5177: Use after free in V8.
- CVE-2016-5178: Various fixes from internal audits, fuzzing and other
initiatives.
* Upstream release 53.0.2785.113:
- CVE-2016-5170: Use after free in Blink.
- CVE-2016-5171: Use after free in Blink.
- CVE-2016-5172: Arbitrary Memory Read in v8.
- CVE-2016-5173: Extension resource access.
- CVE-2016-5174: Popup not correctly suppressed.
- CVE-2016-5175: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/rules: Use gold ld to link.
* debian/rules: Kill delete-null-pointer-checks. In the javascript engine,
we can not assume a memory access to address zero always results in a
trap.
* debian/patches/gsettings-display-scaling,
debian/patches/display-scaling-default-value, reenable DPI scaling taken
from dconf.
* debian/rules: explicitly set target arch for arm64.
* debian/control, debian/rules: re-add -dbg transitional packages.
* Upstream release 53.0.2785.89:
- CVE-2016-5147: Universal XSS in Blink.
- CVE-2016-5148: Universal XSS in Blink.
- CVE-2016-5149: Script injection in extensions.
- CVE-2016-5150: Use after free in Blink.
- CVE-2016-5151: Use after free in PDFium.
- CVE-2016-5152: Heap overflow in PDFium.
- CVE-2016-5153: Use after destruction in Blink.
- CVE-2016-5154: Heap overflow in PDFium.
- CVE-2016-5155: Address bar spoofing.
- CVE-2016-5156: Use after free in event bindings.
- CVE-2016-5157: Heap overflow in PDFium.
- CVE-2016-5158: Heap overflow in PDFium.
- CVE-2016-5159: Heap overflow in PDFium.
- CVE-2016-5161: Type confusion in Blink.
- CVE-2016-5162: Extensions web accessible resources bypass.
- CVE-2016-5163: Address bar spoofing.
- CVE-2016-5164: Universal XSS using DevTools.
- CVE-2016-5165: Script injection in DevTools.
- CVE-2016-5166: SMB Relay Attack via Save Page As.
- CVE-2016-5160: Extensions web accessible resources bypass.
- CVE-2016-5167: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/patches/cups-include-deprecated-ppd, debian/rules: include cups
functions.
* Use system libraries for expat, speex, zlib, opus, png, jpeg.
* Also build for arm64 architecture.
* Don't compile in cups support by default on all architectures.
* debian/control: remvove build-dep on clang.
* debian/patches/linux45-madvfree: If MADV_FREE is not defined, do not allow
it in sandbox filter. Also, undefine it so we don't use MADV_FREE and
thereby depend on it at runtime.
* debian/rules: Use gold ld to link.
* debian/rules: Kill delete-null-pointer-checks. In the javascript engine,
we can not assume a memory access to address zero always results in a
trap.
* debian/patches/series, debian/rules: Re-enable widevine component.
* debian/patches/expat-config: Avoid "memmove does not exist".
-- Chad MILLER <email address hidden> Fri, 16 Sep 2016 12:56:44 -0400
-
chromium-browser (52.0.2743.116-0ubuntu0.14.04.1.1134) trusty-security; urgency=medium
* Upstream release 52.0.2743.116:
- CVE-2016-5141 Address bar spoofing.
- CVE-2016-5142 Use-after-free in Blink.
- CVE-2016-5139 Heap overflow in pdfium.
- CVE-2016-5140 Heap overflow in pdfium.
- CVE-2016-5145 Same origin bypass for images in Blink.
- CVE-2016-5143 Parameter sanitization failure in DevTools.
- CVE-2016-5144 Parameter sanitization failure in DevTools.
- CVE-2016-5146: Various fixes from internal audits, fuzzing and other
initiatives.
* Exclude harfbuzz from system-library use.
* Upstream release 52.0.2743.82:
- CVE-2016-1706: Sandbox escape in PPAPI.
- CVE-2016-1707: URL spoofing on iOS.
- CVE-2016-1708: Use-after-free in Extensions.
- CVE-2016-1709: Heap-buffer-overflow in sfntly.
- CVE-2016-1710: Same-origin bypass in Blink.
- CVE-2016-1711: Same-origin bypass in Blink.
- CVE-2016-5127: Use-after-free in Blink.
- CVE-2016-5128: Same-origin bypass in V8.
- CVE-2016-5129: Memory corruption in V8.
- CVE-2016-5130: URL spoofing.
- CVE-2016-5131: Use-after-free in libxml.
- CVE-2016-5132: Limited same-origin bypass in Service Workers.
- CVE-2016-5133: Origin confusion in proxy authentication.
- CVE-2016-5134: URL leakage via PAC script.
- CVE-2016-5135: Content-Security-Policy bypass.
- CVE-2016-5136: Use after free in extensions.
- CVE-2016-5137: History sniffing with HSTS and CSP.
- CVE-2016-1705: Various fixes from internal audits, fuzzing and other
initiatives
* Upstream release 51.0.2704.106
* Upstream release 51.0.2704.103:
- CVE-2016-1704: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/control: remvove build-dep on clang.
* Sync many things from debian:
- No longer build remoting, or install its locale files.
- Use many system libraries, adding build-dep on
- libre2-dev,
- yasm,
- libopus-dev,
- zlib1g-dev,
- libspeex-dev,
- libspeechd-dev,
- libexpat1-dev,
- libpng-dev,
- libxml2-dev,
- libjpeg-dev,
- libwebp-dev,
- libxslt-dev,
- libsrtp-dev,
- libjsoncpp-dev,
- libevent-dev,
- Clean up many parts of debian/rules, wrt variable names
- Set hardening on.
- Use gold linker.
- Disable Google Now. Creepy. Might mean downloads of opaque programs too.
- Disable Wallet service.
* debian/compat: Use dh version 9.
* debian/rules: Improve "cd;foo" logic.
* debian/rules: Remove files in tar-copy pipelines, to conserve space. Fixes
build failures in servers.
* debian/rules: Move check steps into install steps. No need to be separate,
and simplifies target names.
* debian/rules: Make en-us locale files less magical, and simplify install.
* debian/rules: Work around change to tar command param order with
--exclude.
* debian/rules: Don't use tcmalloc on armhf.
* debian/rules: Remove precise-specific conditions. More simple.
* debian/rules: In install-validation, don't use mktemp. Hard-code
destination.
* debian/patches/gsettings-display-scaling: Disable because code moved and
needs refactoring.
* debian/patches/display-scaling-default-value: Disable because probbly not
needed any more.
* debian/rules: widevine cdm is not really available in this source. No
longer lie about that.
* Set new GOOG keys to bisect service overuse problem.
-- Chad MILLER <email address hidden> Wed, 24 Aug 2016 13:30:26 -0400
-
chromium-browser (51.0.2704.79-0ubuntu0.14.04.1.1121) trusty-security; urgency=medium
* Upstream release 51.0.2704.79:
- CVE-2016-1696: Cross-origin bypass in Extension bindings.
- CVE-2016-1697: Cross-origin bypass in Blink.
- CVE-2016-1698: Information leak in Extension bindings.
- CVE-2016-1699: Parameter sanitization failure in DevTools.
- CVE-2016-1700: Use-after-free in Extensions.
- CVE-2016-1701: Use-after-free in Autofill.
- CVE-2016-1702: Out-of-bounds read in Skia.
- CVE-2016-1703: Various fixes from internal audits, fuzzing and other
initiatives.
* Upstream release 51.0.2704.63:
- CVE-2016-1672: Cross-origin bypass in extension bindings.
- CVE-2016-1673: Cross-origin bypass in Blink.
- CVE-2016-1674: Cross-origin bypass in extensions.
- CVE-2016-1675: Cross-origin bypass in Blink.
- CVE-2016-1676: Cross-origin bypass in extension bindings.
- CVE-2016-1677: Type confusion in V8.
- CVE-2016-1678: Heap overflow in V8.
- CVE-2016-1679: Heap use-after-free in V8 bindings.
- CVE-2016-1680: Heap use-after-free in Skia.
- CVE-2016-1681: Heap overflow in PDFium.
- CVE-2016-1682: CSP bypass for ServiceWorker.
- CVE-2016-1683: Out-of-bounds access in libxslt.
- CVE-2016-1684: Integer overflow in libxslt.
- CVE-2016-1685: Out-of-bounds read in PDFium.
- CVE-2016-1686: Out-of-bounds read in PDFium.
- CVE-2016-1687: Information leak in extensions.
- CVE-2016-1688: Out-of-bounds read in V8.
- CVE-2016-1689: Heap buffer overflow in media.
- CVE-2016-1690: Heap use-after-free in Autofill.
- CVE-2016-1691: Heap buffer-overflow in Skia.
- CVE-2016-1692: Limited cross-origin bypass in ServiceWorker.
- CVE-2016-1693: HTTP Download of Software Removal Tool.
- CVE-2016-1694: HPKP pins removed on cache clearance.
- CVE-2016-1695: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/patches/blink-platform-export-class: remove patch. Unnecessary.
-- Chad MILLER <email address hidden> Thu, 26 May 2016 10:54:29 -0400
-
chromium-browser (50.0.2661.102-0ubuntu0.14.04.1.1117) trusty-security; urgency=medium
* Upstream release 50.0.2661.102:
- CVE-2016-1667: Same origin bypass in DOM.
- CVE-2016-1668: Same origin bypass in Blink V8 bindings.
- CVE-2016-1669: Buffer overflow in V8.
- CVE-2016-1670: Race condition in loader.
- CVE-2016-1671: Directory traversal using the file scheme on Android.
* Upstream release 50.0.2661.94:
- CVE-2016-1660: Out-of-bounds write in Blink.
- CVE-2016-1661: Memory corruption in cross-process frames.
- CVE-2016-1662: Use-after-free in extensions.
- CVE-2016-1663: Use-after-free in Blink’s V8 bindings.
- CVE-2016-1664: Address bar spoofing.
- CVE-2016-1665: Information leak in V8.
- CVE-2016-1666: Various fixes from internal audits, fuzzing and other
initiatives.
* Upstream release 50.0.2661.75:
- CVE-2016-1652: Universal XSS in extension bindings.
- CVE-2016-1653: Out-of-bounds write in V8.
- CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding.
- CVE-2016-1654: Uninitialized memory read in media.
- CVE-2016-1655: Use-after-free related to extensions.
- CVE-2016-1656: Android downloaded file path restriction bypass.
- CVE-2016-1657: Address bar spoofing.
- CVE-2016-1658: Potential leak of sensitive information to malicious
extensions.
- CVE-2015-1659: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/patches/seccomp-allow-set-robust-list: pass through syscall
set_robust_list. glibc nptl thread creation uses it.
* debian/rules: use new libsecret way of contacting keyring.
* debian/patches/blink-platform-export-class: avoid Trusty bug where
WebKit Platform class vtable not found at link time.
* debian/apport/chromium-browser.py: Handle case when crash and no
chromium directory exists. Still report errors in apport.
-- Chad MILLER <email address hidden> Fri, 13 May 2016 10:52:23 -0400
-
chromium-browser (49.0.2623.108-0ubuntu0.14.04.1.1113) trusty-security; urgency=medium
* Upstream release 49.0.2623.108:
- CVE-2016-1646: Out-of-bounds read in V8.
- CVE-2016-1647: Use-after-free in Navigation.
- CVE-2016-1648: Use-after-free in Extensions.
- CVE-2016-1649: Buffer overflow in libANGLE.
- CVE-2016-1650: Various fixes from internal audits, fuzzing and other
initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch
(currently 4.9.385.33).
-- Chad MILLER <email address hidden> Thu, 24 Mar 2016 16:52:52 -0400
-
chromium-browser (49.0.2623.87-0ubuntu0.14.04.1.1112) trusty-security; urgency=medium
* debian/patches/system-xdg-settings: Insist on using system xdg utilities.
* Upstream release 49.0.2623.87:
- CVE-2016-1643: Type confusion in Blink.
- CVE-2016-1644: Use-after-free in Blink.
- CVE-2016-1645: Out-of-bounds write in PDFium.
* Upstream release 49.0.2623.75:
- CVE-2016-1630: Same-origin bypass in Blink.
- CVE-2016-1631: Same-origin bypass in Pepper Plugin.
- CVE-2016-1632: Bad cast in Extensions.
- CVE-2016-1633: Use-after-free in Blink.
- CVE-2016-1634: Use-after-free in Blink.
- CVE-2016-1635: Use-after-free in Blink.
- CVE-2016-1636: SRI Validation Bypass.
- CVE-2015-8126: Out-of-bounds access in libpng.
- CVE-2016-1637: Information Leak in Skia.
- CVE-2016-1638: WebAPI Bypass.
- CVE-2016-1639: Use-after-free in WebRTC.
- CVE-2016-1640: Origin confusion in Extensions UI.
- CVE-2016-1641: Use-after-free in Favicon.
- CVE-2016-1642: Various fixes from internal audits, fuzzing and other
initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch
(currently 4.9.385.26).
* debian/rules: No longer fabricate snap package as side effect.
* debian/control: build-dep on libffi-dev, mesa-common-dev.
* debian/patches/format-flag: Remove patch.
-- Chad MILLER <email address hidden> Tue, 15 Mar 2016 09:42:48 -0400
-
chromium-browser (48.0.2564.116-0ubuntu0.14.04.1.1111) trusty-security; urgency=medium
* Upstream release 48.0.2564.109:
- CVE-2016-1622: Same-origin bypass in Extensions.
- CVE-2016-1623: Same-origin bypass in DOM.
- CVE-2016-1624: Buffer overflow in Brotli.
- CVE-2016-1625: Navigation bypass in Chrome Instant.
- CVE-2016-1626: Out-of-bounds read in PDFium.
- CVE-2016-1627: Various fixes from internal audits, fuzzing and other
initiatives.
* Upstream release 48.0.2564.116:
- CVE-2016-1629: Same-origin bypass in Blink and Sandbox escape in Chrome.
-- Chad MILLER <email address hidden> Thu, 18 Feb 2016 17:55:30 -0500
-
chromium-browser (48.0.2564.82-0ubuntu0.14.04.1.1108) trusty-security; urgency=medium
* Upstream release 48.0.2564.82:
- CVE-2016-1612: Bad cast in V8.
- CVE-2016-1613: Use-after-free in PDFium.
- CVE-2016-1614: Information leak in Blink.
- CVE-2016-1615: Origin confusion in Omnibox.
- CVE-2016-1616: URL Spoofing.
- CVE-2016-1617: History sniffing with HSTS and CSP.
- CVE-2016-1618: Weak random number generator in Blink.
- CVE-2016-1619: Out-of-bounds read in PDFium.
- CVE-2016-1620: Various fixes from internal audits, fuzzing and other
initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 4.8 branch
(currently 4.8.271.17).
-- Chad MILLER <email address hidden> Thu, 21 Jan 2016 08:39:10 -0500
-
chromium-browser (47.0.2526.106-0ubuntu0.14.04.1.1107) trusty-security; urgency=medium
* Upstream release 47.0.2526.106:
- CVE-2015-6792: Fixes from internal audits and fuzzing.
* Upstream release 47.0.2526.80:
- CVE-2015-6788: Type confusion in extensions.
- CVE-2015-6789: Use-after-free in Blink.
- CVE-2015-6790: Escaping issue in saved pages.
- CVE-2015-6791: Various fixes from internal audits, fuzzing and other
- Multiple vulnerabilities in V8 fixed at the tip of the 4.7 branch
(currently 4.7.80.23).
* debian/rules: Don't use bundled binutils. Remove execute bits on programs
so we can be sure they aren't run.
-- Chad MILLER <email address hidden> Wed, 16 Dec 2015 10:35:12 -0500
-
chromium-browser (47.0.2526.73-0ubuntu0.14.04.1.1106) trusty-security; urgency=medium
* Upstream release 47.0.2526.73:
- CVE-2015-6765: Use-after-free in AppCache.
- CVE-2015-6766: Use-after-free in AppCache.
- CVE-2015-6767: Use-after-free in AppCache.
- CVE-2015-6768: Cross-origin bypass in DOM.
- CVE-2015-6769: Cross-origin bypass in core.
- CVE-2015-6770: Cross-origin bypass in DOM.
- CVE-2015-6771: Out of bounds access in v8.
- CVE-2015-6772: Cross-origin bypass in DOM.
- CVE-2015-6764: Out of bounds access in v8.
- CVE-2015-6773: Out of bounds access in Skia.
- CVE-2015-6774: Use-after-free in Extensions.
- CVE-2015-6775: Type confusion in PDFium.
- CVE-2015-6776: Out of bounds access in PDFium.
- CVE-2015-6777: Use-after-free in DOM.
- CVE-2015-6778: Out of bounds access in PDFium.
- CVE-2015-6779: Scheme bypass in PDFium.
- CVE-2015-6780: Use-after-free in Infobars.
- CVE-2015-6781: Integer overflow in Sfntly.
- CVE-2015-6782: Content spoofing in Omnibox.
- CVE-2015-6783: Signature validation issue in Android Crazy Linker.
- CVE-2015-6784: Escaping issue in saved pages.
- CVE-2015-6785: Wildcard matching issue in CSP.
- CVE-2015-6786: Scheme bypass in CSP.
- CVE-2015-6787: Various fixes from internal audits, fuzzing and other
initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 4.7 branch
(currently 4.7.80.23).
* Upstream release 46.0.2490.86:
- CVE-2015-1302: Information leak in PDF viewer.
* Upstream release 46.0.2490.71:
- CVE-2015-6755: Cross-origin bypass in Blink.
- CVE-2015-6756: Use-after-free in PDFium.
- CVE-2015-6757: Use-after-free in ServiceWorker.
- CVE-2015-6758: Bad-cast in PDFium.
- CVE-2015-6759: Information leakage in LocalStorage.
- CVE-2015-6760: Improper error handling in libANGLE.
- CVE-2015-6761: Memory corruption in FFMpeg.
- CVE-2015-6762: CORS bypass via CSS fonts.
- CVE-2015-6763: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/patches/gpu-hangs: remove. Not useful.
* debian/rules: Explicitly create remoting resources.
* debian/patches/cr46-missing-test-files:
* debian/rules: support screen sharing in Hangouts.
* debian/patches/xdg-settings-multiexec-desktopfiles.patch: Always prefer
local xdg-settings.
* debian/chromium-browser.desktop: Don't override WM class matching.
-- Chad MILLER <email address hidden> Tue, 01 Dec 2015 15:37:11 -0500
-
chromium-browser (45.0.2454.101-0ubuntu0.14.04.1.1099) trusty-security; urgency=medium
* Upstream release 45.0.2454.101:
- CVE-2015-1303: Cross-origin bypass in DOM.
- CVE-2015-1304: Cross-origin bypass in V8.
* debian/tests/testdata/xx-test-tool-is-functional-if-this-prints-functional.sikuli
Only use GUI test tool to test IF it works on its own. If it is broken,
don't use that to test chromium.
* debian/rules: Include our own "xdg-settings" file until a bug is fixed.
* debian/patches/xdg-settings-multiexec-desktopfiles.patch : Locally fix
aforementioned bug. More than one Exec line in a destop file (like ours)
triggers a bug in badly-written shell code in portland xdg-utils-common.in
-- Chad MILLER <email address hidden> Tue, 29 Sep 2015 08:06:37 -0400
-
chromium-browser (45.0.2454.85-0ubuntu0.14.04.1.1097) trusty-security; urgency=medium
* Upstream release 45.0.2454.85:
- CVE-2015-1291: Cross-origin bypass in DOM.
- CVE-2015-1292: Cross-origin bypass in ServiceWorker.
- CVE-2015-1293: Cross-origin bypass in DOM.
- CVE-2015-1294: Use-after-free in Skia.
- CVE-2015-1295: Use-after-free in Printing.
- CVE-2015-1296: Character spoofing in omnibox.
- CVE-2015-1297: Permission scoping error in WebRequest.
- CVE-2015-1298: URL validation error in extensions.
- CVE-2015-1299: Use-after-free in Blink.
- CVE-2015-1300: Information leak in Blink.
- CVE-2015-1301: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/patches/search-credit.patch: Don't add GET param if search URL
doesn't already use them. (LP: #1490237)
* debian/source/lintian-overrides: Ignore new binaries in orig tar.
* debian/patches/gpu_default_disabled: No longer disable GPU rendering by
default.
* debian/patches/disable-sse2: SSE exclusion is smarter now. Re-include.
-- Chad MILLER <email address hidden> Mon, 14 Sep 2015 20:11:00 -0400
-
chromium-browser (44.0.2403.89-0ubuntu0.14.04.1.1095) trusty-security; urgency=medium
* Upstream release 44.0.2403.89: (LP: #1477662)
- CVE-2015-1271: Heap-buffer-overflow in pdfium.
- CVE-2015-1273: Heap-buffer-overflow in pdfium.
- CVE-2015-1274: Settings allowed executable files to run immediately
after download.
- CVE-2015-1275: UXSS in Chrome for Android.
- CVE-2015-1276: Use-after-free in IndexedDB.
- CVE-2015-1279: Heap-buffer-overflow in pdfium.
- CVE-2015-1280: Memory corruption in skia.
- CVE-2015-1281: CSP bypass.
- CVE-2015-1282: Use-after-free in pdfium.
- CVE-2015-1283: Heap-buffer-overflow in expat.
- CVE-2015-1284: Use-after-free in blink.
- CVE-2015-1286: UXSS in blink.
- CVE-2015-1287: SOP bypass with CSS.
- CVE-2015-1270: Uninitialized memory read in ICU.
- CVE-2015-1272: Use-after-free related to unexpected GPU process
termination.
- CVE-2015-1277: Use-after-free in accessibility.
- CVE-2015-1278: URL spoofing using pdf files.
- CVE-2015-1285: Information leak in XSS auditor.
- CVE-2015-1288: Spell checking dictionaries fetched over HTTP.
- CVE-2015-1289: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/rules, debian/chromium-codecs-ffmpeg{,-extra}.install: ffmpeg is a
first-class component library now, not a special snowflake. Still, build
it differently, but build flags are different.
* debian/tests/smoketest-actual: Remove some innocuous mentions of "error"
before testing for actual errors.
* debian/control: codec library packages replace the libffmpeg.so that
was in chromium packages before now.
* debian/control: codec packages can't reasonably be updated separately
than chromium. Depend with version specification also.
-- Chad MILLER <email address hidden> Tue, 28 Jul 2015 11:19:11 -0400
-
chromium-browser (43.0.2357.130-0ubuntu0.14.04.1.1092) trusty-security; urgency=medium
[Chad Miller]
* Upstream release 43.0.2357.130:
- CVE-2015-1266: Scheme validation error in WebUI.
- CVE-2015-1268: Cross-origin bypass in Blink.
- CVE-2015-1267: Cross-origin bypass in Blink.
- CVE-2015-1269: Normalization error in HSTS/HPKP preload list.
* debian/tests/smoketest-actual: Capture web-server log so we can
get port and test retreival. Fixes autopkgtest failures.
* debian/patches/widevine-other-locations: Search Chrome install
location to find widevine plugins.
* Use new Flash plugin name in apport collector.
* debian/patches/gpu_default_disabled: Make GPU activation a (default off)
preference instead of blacklisting.
[Iain Lane]
* Test fixes.
* debian/tests/control: Add a test-dep on python3-httplib2 and dbus-x11
which are required by the testsuite.
* debian/tests/smoketest-actual: Redirect webserver-out and webserver-err so
that the test can read these.
-- Chad MILLER <email address hidden> Mon, 29 Jun 2015 15:54:16 -0400
-
chromium-browser (43.0.2357.81-0ubuntu0.14.04.1.1089) trusty-security; urgency=medium
* Upstream release 43.0.2357.81.
- "Icons not displaying properly on Linux" (LP: #1449063)
* Upstream release 43.0.2357.65:
- CVE-2015-1252: Sandbox escape in Chrome.
- CVE-2015-1253: Cross-origin bypass in DOM.
- CVE-2015-1254: Cross-origin bypass in Editing.
- CVE-2015-1255: Use-after-free in WebAudio.
- CVE-2015-1256: Use-after-free in SVG.
- CVE-2015-1251: Use-after-free in Speech.
- CVE-2015-1257: Container-overflow in SVG.
- CVE-2015-1258: Negative-size parameter in Libvpx.
- CVE-2015-1259: Uninitialized value in PDFium.
- CVE-2015-1260: Use-after-free in WebRTC.
- CVE-2015-1261: URL bar spoofing.
- CVE-2015-1262: Uninitialized value in Blink.
- CVE-2015-1263: Insecure download of spellcheck dictionary.
- CVE-2015-1264: Cross-site scripting in bookmarks.
- CVE-2015-1265: Various fixes from internal audits, fuzzing and other
initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 4.3 branch
(currently 4.3.61.21).
* debian/patches/display-scaling-report-hardware-info: removed, unnecessary.
* debian/patches/coordinate-space-map: removed, unnecessary.
* debian/patches/enable_vaapi_on_linux.diff: Temporarily disable patch until
ARM works.
* debian/chromium-browser.sh.in: Add --verbose to get logging info.
* debian/patches/{notifications-nicer,mir-support}: disable unnecessary
patches.
* debian/control, debian/chromium-browser.sh.in: Prompt nothing about
Flash plugin. Send Help clicks to Wiki instead.
-- Chad MILLER <email address hidden> Mon, 01 Jun 2015 15:29:04 -0400
-
chromium-browser (41.0.2272.76-0ubuntu0.14.04.1.1076) trusty-security; urgency=medium
* Upstream release 41.0.2272.76:
- CVE-2015-1212: Out-of-bounds write in media.
- CVE-2015-1213: Out-of-bounds write in skia filters.
- CVE-2015-1214: Out-of-bounds write in skia filters.
- CVE-2015-1215: Out-of-bounds write in skia filters.
- CVE-2015-1216: Use-after-free in v8 bindings.
- CVE-2015-1217: Type confusion in v8 bindings.
- CVE-2015-1218: Use-after-free in dom.
- CVE-2015-1219: Integer overflow in webgl.
- CVE-2015-1220: Use-after-free in gif decoder.
- CVE-2015-1221: Use-after-free in web databases.
- CVE-2015-1222: Use-after-free in service workers.
- CVE-2015-1223: Use-after-free in dom.
- CVE-2015-1230: Type confusion in v8.
- CVE-2015-1224: Out-of-bounds read in vpxdecoder.
- CVE-2015-1225: Out-of-bounds read in pdfium.
- CVE-2015-1226: Validation issue in debugger.
- CVE-2015-1227: Uninitialized value in blink.
- CVE-2015-1228: Uninitialized value in rendering.
- CVE-2015-1229: Cookie injection via proxies.
- CVE-2015-1231: Various fixes from internal audits, fuzzing and other
initiatives.
* Upstream release 40.0.2214.115.
* debian/patches/coordinate-space-map: Backport v43 and unofficial
coordinate mapping to fix some high-dpi problems in popup menu placement.
* debian/apport/chromium-browser.py: Simplify. Use more standard functions
from apport utility. Add CPU usage information. Add bargraph of "running"
processes, so bugpatterns can sort away busy machines, and then classify
remainder according to procline "gpu-vendor=id" param.
* debian/patches/gpu-hangs: Extend the GPU watchdog to 30 seconds. If the
GPU is really hung, the extra time matters little. It's probably not
recoverable. Reviews of apport reports find no common thread among GPUs
vendors. Notes at crbug.com/221882 suggest busy CPUs could trigger hang.
Will additionally use apport bugpatterns to comb dmesg for actual crashes
and route to specific GPU-driver bugs.
-- Chad MILLER <email address hidden> Wed, 04 Mar 2015 10:25:03 -0500
-
chromium-browser (40.0.2214.111-0ubuntu0.14.04.1.1069) trusty-security; urgency=medium
* Upstream release 40.0.2214.111:
- CVE-2015-1209: Use-after-free in DOM.
- CVE-2015-1210: Cross-origin-bypass in V8 bindings.
- CVE-2015-1211: Privilege escalation using service workers.
- CVE-2015-1212: Various fixes from internal audits, fuzzing and other
initiatives.
-- Chad MILLER <email address hidden> Fri, 06 Feb 2015 09:38:15 -0500
-
chromium-browser (40.0.2214.94-0ubuntu0.14.04.1.1068) trusty-security; urgency=medium
* Upstream release 40.0.2214.94.
* Upstream release 40.0.2214.93.
* Upstream release 40.0.2214.91. (LP: #1414753)
- CVE-2014-7923: Memory corruption in ICU.
- CVE-2014-7924: Use-after-free in IndexedDB.
- CVE-2014-7925: Use-after-free in WebAudio.
- CVE-2014-7926: Memory corruption in ICU.
- CVE-2014-7927: Memory corruption in V8.
- CVE-2014-7928: Memory corruption in V8.
- CVE-2014-7930: Use-after-free in DOM.
- CVE-2014-7931: Memory corruption in V8.
- CVE-2014-7929: Use-after-free in DOM.
- CVE-2014-7932: Use-after-free in DOM.
- CVE-2014-7933: Use-after-free in FFmpeg.
- CVE-2014-7934: Use-after-free in DOM.
- CVE-2014-7935: Use-after-free in Speech.
- CVE-2014-7936: Use-after-free in Views.
- CVE-2014-7937: Use-after-free in FFmpeg.
- CVE-2014-7938: Memory corruption in Fonts.
- CVE-2014-7939: Same-origin-bypass in V8.
- CVE-2014-7940: Uninitialized-value in ICU.
- CVE-2014-7941: Out-of-bounds read in UI.
- CVE-2014-7942: Uninitialized-value in Fonts.
- CVE-2014-7943: Out-of-bounds read in Skia.
- CVE-2014-7944: Out-of-bounds read in PDFium.
- CVE-2014-7945: Out-of-bounds read in PDFium.
- CVE-2014-7946: Out-of-bounds read in Fonts.
- CVE-2014-7947: Out-of-bounds read in PDFium.
- CVE-2014-7948: Caching error in AppCache.
* debian/patch/search-credit: Don't force client in GOOG suggestions search.
(LP: #1398900)
* debian/patches/dri3-within-sandbox: Backport V41 sandbox, fixing DRI3.
(LP: #1378627)
* debian/patches/macro-templates-not-match: Remove. No longer necessary.
* debian/patches/arm-neon.patch: Kill armv7=neon assumption. Fix typos.
* debian/rules: chrpath for all packages. (LP: #1415555)
-- Chad MILLER <email address hidden> Fri, 30 Jan 2015 15:48:09 -0500
-
chromium-browser (39.0.2171.65-0ubuntu0.14.04.1.1064) trusty-security; urgency=medium
* Upstream release 39.0.2171.65:
- CVE-2014-7899: Address bar spoofing.
- CVE-2014-7900: Use-after-free in pdfium.
- CVE-2014-7901: Integer overflow in pdfium.
- CVE-2014-7902: Use-after-free in pdfium.
- CVE-2014-7903: Buffer overflow in pdfium.
- CVE-2014-7904: Buffer overflow in Skia.
- CVE-2014-7905: Flaw allowing navigation to intents that do not have the
BROWSABLE category.
- CVE-2014-7906: Use-after-free in pepper plugins.
- CVE-2014-0574: Double-free in Flash.
- CVE-2014-7907: Use-after-free in blink.
- CVE-2014-7908: Integer overflow in media.
- CVE-2014-7909: Uninitialized memory read in Skia.
- CVE-2014-7910: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/patches/search-credit.patch: Include "client" in google search
prepopulated template's parameters.
* debian/tests/testdata/9-search-credit.sikuli: Verify search URL has
parameter.
* debian/source/lintian-overrides: Ignore android tools we don't use.
* debian/chromium-browser-dbg.lintian-overrides: Ignore libraries that we
configure to have no symbols in builder (because they are humongous
otherwise).
* debian/control: Bump standards version. Version dep "bash". Remove
duplicate language from package descriptions.
* debian/tests/testdata/1-normal-extension-active.sikuli/: Destroy test
for dead NPAPI unity-webapps extension.
-- Chad MILLER <email address hidden> Sat, 22 Nov 2014 14:06:34 -0500
-
chromium-browser (38.0.2125.111-0ubuntu0.14.04.1.1061) trusty-security; urgency=medium
* Upstream release 38.0.2125.111.
* Upstream release 38.0.2125.104.
* Upstream release 38.0.2125.101: (LP: #1310163)
- CVE-2014-3188: A special thanks to Jüri Aedla for a combination of V8 and
IPC bugs that can lead to remote code execution outside of the sandbox.
- CVE-2014-3189: Out-of-bounds read in PDFium.
- CVE-2014-3190: Use-after-free in Events.
- CVE-2014-3191: Use-after-free in Rendering.
- CVE-2014-3192: Use-after-free in DOM.
- CVE-2014-3193: Type confusion in Session Management.
- CVE-2014-3194: Use-after-free in Web Workers.
- CVE-2014-3195: Information Leak in V8.
- CVE-2014-3196: Permissions bypass in Windows Sandbox.
- CVE-2014-3197: Information Leak in XSS Auditor.
- CVE-2014-3198: Out-of-bounds read in PDFium.
- CVE-2014-3199: Release Assert in V8 bindings.
- CVE-2014-3200: Various fixes from internal audits, fuzzing and other
initiatives (Chrome 38).
* debian/rules: Prefer GCC 4.8 when compiling. 4.9 remains buggy.
* Make the verification step in clean make more compare-able output.
* debian/patches/configuration-directory.patch: Account for new location of
policies directory in /etc . Change back. (LP: #1373802)
* debian/patches/lp-translations-paths: Map old third_party filenames to
new name after processor compiles.
* debian/rules: Fix patch-translations rule, workflow.
* debian/patches/macro-templates-not-match: Anonymous struct isn't sizable.
* debian/chromium-browser.sh.in: Fix broken logic of CHROMIUM_USER_FLAGS,
which has never worked. (LP: #1381644)
* debian/patches/disable-sse: Disable more SSE #includes.
* debian/rules: Omit unnecessary files from packaging.
* debian/chromium-browser.sh.in: Fix variable name bug and suggest
~/.chromium-browser.init file over hamfisted CHROMIUM_USER_FLAGS.
* debian/patches/5-desktop-integration-settings.patch: Adapt to new settings
APIs.
chromium-browser (37.0.2062.120-0ubuntu1) utopic; urgency=low
* Upstream release 37.0.2062.120:
- CVE-2014-3178: Use-after-free in rendering. Credit to miaubiz.
- CVE-2014-3179: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/rules: Simplify and rearrange.
* debian/rules, debian/known_gyp_flags: Keep better track of known GYP flags,
so we can fail when something changes unexpectedly.
* debian/rules: Fix up patch-translations rule.
chromium-browser (37.0.2062.94-0ubuntu1) utopic; urgency=low
* Upstream release 37.0.2062.94.
- CVE-2014-3165: Use-after-free in Blink websockets.
- CVE-2014-3176, CVE-2014-3177: A combination of bugs in V8, IPC, sync, and
extensions that can lead to remote code execution outside of the sandbox.
- CVE-2014-3168: Use-after-free in SVG.
- CVE-2014-3169: Use-after-free in DOM.
- CVE-2014-3170: Extension permission dialog spoofing.
- CVE-2014-3171: Use-after-free in bindings.
- CVE-2014-3172: Issue related to extension debugging.
- CVE-2014-3173: Uninitialized memory read in WebGL.
- CVE-2014-3174: Uninitialized memory read in Web Audio.
- CVE-2014-3175: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3176, CVE-2014-3177: Interaction of extensions, IPC, the sync
API, and Google V8 to execute arbitrary code.
* Fix a shell bug in the binary-wrapper that prevented USER flags
from working properly.
* debian/control: Suggests chromiumflashplugin .
* debian/apport: Significant cleanup.
* debian/rules: Disable SSE instructions on x86 to avoid SIGILL on some CPUs.
(LP: #1353185)
* debian/checkout-orig-source.mk: Don't include src/ prefix in orig tarball.
* debian/patches/*: refresh line numbers.
* debian/patches/search-credit.patch,
debian/patches/additional-search-engines.patch: Track source files moved.
* debian/patches/ffmpeg-gyp-config.patch,
debian/patches/fix-gyp-space-in-object-filename-exception.patch,
debian/patches/gyp-icu-m32-test:
Disabled. No longer needs fixing.
* debian/control: build-dep on openssl.
* debian/patches/disable-sse2: Don't require SSE/SSE2 CPU features on x86.
(LP: #1353185)
* debian/rules: Use built-in PDF support. (LP: #513745, #1009902)
-- Chad MILLER <email address hidden> Wed, 15 Oct 2014 14:22:55 -0400
-
chromium-browser (37.0.2062.120-0ubuntu0.14.04.1~pkg1049) trusty-security; urgency=medium
* Release to stage
chromium-browser (37.0.2062.120-0ubuntu1) UNRELEASED; urgency=low
* Upstream release 37.0.2062.120:
- CVE-2014-3178: Use-after-free in rendering. Credit to miaubiz.
- CVE-2014-3179: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/rules: Simplify and rearrange.
* debian/rules, debian/known_gyp_flags: Keep better track of known GYP flags,
so we can fail when something changes unexpectedly.
* debian/rules: Fix up patch-translations rule.
chromium-browser (37.0.2062.94-0ubuntu1) utopic; urgency=low
* Upstream release 37.0.2062.94.
- CVE-2014-3165: Use-after-free in Blink websockets.
- CVE-2014-3176, CVE-2014-3177: A combination of bugs in V8, IPC, sync, and
extensions that can lead to remote code execution outside of the sandbox.
- CVE-2014-3168: Use-after-free in SVG.
- CVE-2014-3169: Use-after-free in DOM.
- CVE-2014-3170: Extension permission dialog spoofing.
- CVE-2014-3171: Use-after-free in bindings.
- CVE-2014-3172: Issue related to extension debugging.
- CVE-2014-3173: Uninitialized memory read in WebGL.
- CVE-2014-3174: Uninitialized memory read in Web Audio.
- CVE-2014-3175: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3176, CVE-2014-3177: Interaction of extensions, IPC, the sync
API, and Google V8 to execute arbitrary code.
* Fix a shell bug in the binary-wrapper that prevented USER flags
from working properly.
* debian/control: Suggests chromiumflashplugin .
* debian/apport: Significant cleanup.
* debian/rules: Disable SSE instructions on x86 to avoid SIGILL on some CPUs.
(LP: #1353185)
* debian/checkout-orig-source.mk: Don't include src/ prefix in orig tarball.
* debian/patches/*: refresh line numbers.
* debian/patches/search-credit.patch,
debian/patches/additional-search-engines.patch: Track source files moved.
* debian/patches/ffmpeg-gyp-config.patch,
debian/patches/fix-gyp-space-in-object-filename-exception.patch,
debian/patches/gyp-icu-m32-test:
Disabled. No longer needs fixing.
* debian/control: build-dep on openssl.
* debian/patches/disable-sse2: Don't require SSE/SSE2 CPU features on x86.
(LP: #1353185)
* debian/rules: Use built-in PDF support. (LP: #513745, #1009902)
-- Chad MILLER <email address hidden> Tue, 16 Sep 2014 09:28:59 -0400
-
chromium-browser (37.0.2062.94-0ubuntu0.14.04.1~pkg1042) trusty-security; urgency=medium
* Release to stage
chromium-browser (37.0.2062.94-0ubuntu1) UNRELEASED; urgency=low
* Upstream release 37.0.2062.94.
- CVE-2014-3165: Use-after-free in Blink websockets.
- CVE-2014-3176, CVE-2014-3177: A combination of bugs in V8, IPC, sync, and
extensions that can lead to remote code execution outside of the sandbox.
- CVE-2014-3168: Use-after-free in SVG.
- CVE-2014-3169: Use-after-free in DOM.
- CVE-2014-3170: Extension permission dialog spoofing.
- CVE-2014-3171: Use-after-free in bindings.
- CVE-2014-3172: Issue related to extension debugging.
- CVE-2014-3173: Uninitialized memory read in WebGL.
- CVE-2014-3174: Uninitialized memory read in Web Audio.
- CVE-2014-3175: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3176, CVE-2014-3177: Interaction of extensions, IPC, the sync
API, and Google V8 to execute arbitrary code.
* Fix a shell bug in the binary-wrapper that prevented USER flags
from working properly.
* debian/control: Suggests chromiumflashplugin .
* debian/apport: Significant cleanup.
* debian/rules: Disable SSE instructions on x86 to avoid SIGILL on some CPUs.
(LP: #1353185)
* debian/checkout-orig-source.mk: Don't include src/ prefix in orig tarball.
* debian/patches/*: refresh line numbers.
* debian/patches/search-credit.patch,
debian/patches/additional-search-engines.patch: Track source files moved.
* debian/patches/ffmpeg-gyp-config.patch,
debian/patches/fix-gyp-space-in-object-filename-exception.patch,
debian/patches/gyp-icu-m32-test:
Disabled. No longer needs fixing.
* debian/control: build-dep on openssl.
* debian/patches/disable-sse2: Don't require SSE/SSE2 CPU features on x86.
(LP: #1353185)
* debian/rules: Use built-in PDF support. (LP: #513745, #1009902)
chromium-browser (36.0.1985.143-0ubuntu1) trusty-security; urgency=low
* Upstream release 36.0.1985.143:
- CVE-2014-3165: Use-after-free in web sockets.
- CVE-2014-3166: Information disclosure in SPDY.
- CVE-2014-3167: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/rules: Avoid some unnecessary warning of invalid mv.
* debian/rules: Don't use tcmalloc on i386.
* debian/control: Don't have (unused) shlibs-depends on -dbg packages
and non-binary packages.
* debian/chromium-browser-codecs-ffmpeg-extra.dirs,
debian/chromium-browser-codecs-ffmpeg.dirs: Removed. Unused.
* debian/chromium-browser.lintian-overrides,
debian/chromium-codecs-ffmpeg-extra-dbg.lintian-overrides,
debian/chromium-codecs-ffmpeg-extra.lintian-overrides,
debian/chromium-codecs-ffmpeg.lintian-overrides,
debian/source/lintian-overrides: Add lintian overrides.
-- Chad MILLER <email address hidden> Sun, 31 Aug 2014 17:23:14 -0400
-
chromium-browser (36.0.1985.125-0ubuntu1.14.04.0~pkg1029) trusty-security; urgency=medium
* Release to stage
chromium-browser (36.0.1985.125-0ubuntu1) UNRELEASED; urgency=low
* Upstream release 36.0.1985.125:
- CVE-2014-3160: Same-Origin-Policy bypass in SVG.
- CVE-2014-3162: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/patches/*: Moved more gtk related changes to aura code.
* debian/control: Build-dep version of ninja-build should be recent.
* debian/patches/gyp-icu-m32-test: Smarter g++ test, no "echo |bad".
chromium-browser (35.0.1916.153-0ubuntu1) utopic; urgency=low
* debian/patches/display-scaling-default-value: Make default scale 1:1
when no gsettings information is available. (LP: #1302155)
* debian/patches/title-bar-default-system.patch-v34: Make window
title-bar frame default to system-provided instead of custom. Again.
* debian/patches/fix-gyp-space-in-object-filename-exception.patch: Make
is deprecated, and not well supported, but we still need it.
* debian/chromium-browser.sh.in, debian/chromium-browser.dirs: Speed up
chromium startup by avoiding execution of unnecessary programs for real
this time, and also, add a place in /etc for other packages to hook into
chromium safely.
* debian/chromium-browser-customization-example,
debian/chromium-browser.sh.in: Add support for better customization of
chromium by other packages. Files in /etc/chromium-browser/customizations/
are sourced at startup time.
* debian/patches/notifications-nicer: Make buggy background-mode processes
off by default.
* 7-npapi-permission-not-defaults-to-unauthorized.patch: Fix misapplication.
Put inside linux test, not chromeos test.
* Upstream release 35.0.1916.153.
* Upstream release 34.0.1847.137:
- CVE-2014-1740: Use-after-free in WebSockets.
- CVE-2014-1741: Integer overflow in DOM ranges.
- CVE-2014-1742: Use-after-free in editing.
* Upstream release 35.0.1916.114:
- CVE-2014-1743: Use-after-free in styles.
- CVE-2014-1744: Integer overflow in audio.
- CVE-2014-1745: Use-after-free in SVG.
- CVE-2014-1746: Out-of-bounds read in media filters.
- CVE-2014-1747: UXSS with local MHTML file.
- CVE-2014-1748: UI spoofing with scrollbar.
- CVE-2014-1749: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3152: Integer underflow in V8 fixed in version 3.25.28.16.
* debian/rules: Re-enable SSE for x86.
* debian/control: Add build-dep on libkrb5-dev.
* debian/patches/gyp-make-generator-reenabled.
* Reenable webapps patches 3,5,6,7.
* Remove old, unnecessary files, debian/cdbs, debian/cdbs/scons.mk,
debian/cdbs/tarball.mk, debian/enable-dist-patches.pl,
debian/keep-alive.sh
* Remove OS condition in webapps desktop integration patches. We know
the OS.
-- Chad MILLER <email address hidden> Thu, 31 Jul 2014 12:28:41 -0400
-
chromium-browser (34.0.1847.116-0ubuntu2) trusty; urgency=medium
* Don't recommend pepperflashplugin-nonfree, which is in multiverse. (LP:
#1307606)
-- Iain Lane <email address hidden> Mon, 14 Apr 2014 17:43:53 +0100
-
chromium-browser (34.0.1847.116-0ubuntu1~pkg1006) trusty; urgency=medium
* Release to stage
chromium-browser (34.0.1847.116-0ubuntu1) UNRELEASED; urgency=low
* New upstream release 34.0.1847.116:
- CVE-2014-1716: UXSS in V8.
- CVE-2014-1717: OOB access in V8.
- CVE-2014-1718: Integer overflow in compositor.
- CVE-2014-1719: Use-after-free in web workers.
- CVE-2014-1720: Use-after-free in DOM.
- CVE-2014-1721: Memory corruption in V8.
- CVE-2014-1722: Use-after-free in rendering.
- CVE-2014-1723: Url confusion with RTL characters.
- CVE-2014-1724: Use-after-free in speech.
- CVE-2014-1725: OOB read with window property.
- CVE-2014-1726: Local cross-origin bypass.
- CVE-2014-1727: Use-after-free in forms.
- CVE-2014-1728: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-1729: Multiple vulnerabilities in V8 fixed in version
3.24.35.22.
+ Now ignores "autocomplete=off" in web forms. (LP: #1294325)
* debian/rules: Enable high-DPI. Enable touch support. These require
using Aura toolkit.
* debian/patches/gsettings-display-scaling: Get scaling factor from
gsettings.
* debian/patches/touch: Enable touch on XInput2 slave pointer touch devices.
* debian/rules, debian/chromium-browser.sh.in: If lib dir contains a dir
matching our version, then use version dir as the new lib dir. This
is an attempto to mitigate version upgrade hangs.
* debian/chromium-browser.sh.in: Add a command line parameter to diasble
pinch gestures.
* debian/patches/display-scaling-default-value: Set default scaling to 1
on hardware, because hardware often lies, but should be recoverable at 1:1.
* debian/patches/display-scaling-report-hardware-info: Log hardware reports.
* debian/rules: Emit messages on a timer to prevent dumb build-bots from
killing long, silent linker stages.
* debian/control: Add libexif-dev, libgcrypt-dev to build-deps.
* debian/control: Add Recommend pepperflashplugin-nonfree . NPAPI is dying.
* debian/control: Drop Recommend x11-xserver-utils, x11-utils .
* debian/control: Add libexif-dev to build-deps.
* debian/apport/chromium-browser.py: Convert encoded bytes to str before
splitting. Converting these to str at all is wrong, though.
* debian/patches/flash-redirection: Redirect Flash installation through
Ubuntu wiki for better user experience.
* debian/patches/clipboard: Backport a few bug fixes.
* debian/patches/title-bar-default-system.patch-v34: Temporarily disable
system menu default to avoid window initial placement that doesn't take
into consideration the title bar.
chromium-browser (33.0.1750.152-0ubuntu1) trusty; urgency=low
* debian/rules: Enable high-DPI. Enable touch support. May not work on all devices yet.
* debian/rules, debian/chromium-browser.sh.in: If lib dir contains a dir
matching our version, then use version dir as the new lib dir. This
is an attempto to mitigate version upgrade hangs.
* debian/rules: Move log-removal into the section for "release" builds only.
* Upstream release 33.0.1750.152:
- CVE-2014-1713: Code execution outside sandbox. Use-after-free in Blink
bindings.
- CVE-2014-1714: Code execution outside sandbox. Windows clipboard
vulnerability.
- CVE-2014-1705: Code execution outside sandbox. Memory corruption in V8.
- CVE-2014-1715: Code execution outside sandbox. Directory traversal issue.
* Upstream release 33.0.1750.149:
- CVE-2014-1700: Use-after-free in speech.
- CVE-2014-1701: UXSS in events.
- CVE-2014-1702: Use-after-free in web database.
- CVE-2014-1703: Potential sandbox escape due to a use-after-free in web
sockets.
- CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version
3.23.17.18.
* Upstream release 33.0.1750.115.
* Upstream release 33.0.1750.146.
- CVE-2013-6663: Use-after-free in svg images.
- CVE-2013-6664: Use-after-free in speech recognition.
- CVE-2013-6665: Heap buffer overflow in software rendering.
- CVE-2013-6666: Chrome allows requests in flash header request.
- CVE-2013-6667: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2013-6668: Multiple vulnerabilities in V8 fixed in version
3.24.35.10.
* Add a token to get search credit at Baidu.
* debian/rules, debian/control: Switch to using ninja instead of make to
build. Switch from CDBS to dh. Remove many old hacks.
* debian/patches/disable_gn.patch: disable broken GN before build. Temporary
hack.
* debian/chromium-browser.{postinst,prerm}, add debhelper token.
* debian/rules: Split compare function into arch-dep and arch-indep versions,
since they check different things.
* debian/rules: Use actual upstream orig tarball.
* debian/control: build-dep on coreutils so we can print the checksums, too.
-- Chad MILLER <email address hidden> Sun, 13 Apr 2014 22:04:02 -0400
-
chromium-browser (33.0.1750.152-0ubuntu1~pkg995.1) trusty; urgency=medium
* Release to stage at ppa:canonical-chromium-builds/stage
chromium-browser (33.0.1750.152-0ubuntu1) trusty; urgency=low
* debian/rules: Enable high-DPI. Enable touch support. May not work on all devices yet.
* debian/rules, debian/chromium-browser.sh.in: If lib dir contains a dir
matching our version, then use version dir as the new lib dir. This
is an attempto to mitigate version upgrade hangs.
* debian/rules: Move log-removal into the section for "release" builds only.
* Upstream release 33.0.1750.152:
- CVE-2014-1713: Code execution outside sandbox. Use-after-free in Blink
bindings.
- CVE-2014-1714: Code execution outside sandbox. Windows clipboard
vulnerability.
- CVE-2014-1705: Code execution outside sandbox. Memory corruption in V8.
- CVE-2014-1715: Code execution outside sandbox. Directory traversal issue.
* Upstream release 33.0.1750.149:
- CVE-2014-1700: Use-after-free in speech.
- CVE-2014-1701: UXSS in events.
- CVE-2014-1702: Use-after-free in web database.
- CVE-2014-1703: Potential sandbox escape due to a use-after-free in web
sockets.
- CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version
3.23.17.18.
* Upstream release 33.0.1750.115.
* Upstream release 33.0.1750.146.
- CVE-2013-6663: Use-after-free in svg images.
- CVE-2013-6664: Use-after-free in speech recognition.
- CVE-2013-6665: Heap buffer overflow in software rendering.
- CVE-2013-6666: Chrome allows requests in flash header request.
- CVE-2013-6667: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2013-6668: Multiple vulnerabilities in V8 fixed in version
3.24.35.10.
* Add a token to get search credit at Baidu.
* debian/rules, debian/control: Switch to using ninja instead of make to
build. Switch from CDBS to dh. Remove many old hacks.
* debian/patches/disable_gn.patch: disable broken GN before build. Temporary
hack.
* debian/chromium-browser.{postinst,prerm}, add debhelper token.
* debian/rules: Split compare function into arch-dep and arch-indep versions,
since they check different things.
* debian/rules: Use actual upstream orig tarball.
* debian/control: build-dep on coreutils so we can print the checksums, too.
-- Chad MILLER <email address hidden> Sat, 15 Mar 2014 17:06:07 -0400
-
chromium-browser (32.0.1700.107-0ubuntu1~20140204.977.1) trusty; urgency=low
* Release to stage at ppa:canonical-chromium-builds/stage
-- Chad MILLER <email address hidden> Tue, 04 Feb 2014 05:47:42 -0500
-
chromium-browser (31.0.1650.63-0ubuntu1~20131204.1) trusty; urgency=low
* Release to stage at ppa:canonical-chromium-builds/stage
chromium-browser (31.0.1650.63-0ubuntu1) trusty; urgency=low
* New release 31.0.1650.63:
- CVE-2013-6634: Session fixation in sync related to 302 redirects.
- CVE-2013-6635: Use-after-free in editing.
- CVE-2013-6636: Address bar spoofing related to modal dialogs.
- CVE-2013-6637: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2013-6638: Buffer overflow in v8. This issue was fixed in v8 version
3.22.24.7.
- CVE-2013-6639: Out of bounds write in v8. This issue was fixed in v8
version 3.22.24.7.
- CVE-2013-6640: Out of bounds read in v8. This issue was fixed in v8
version 3.22.24.7.
chromium-browser (31.0.1650.57-0ubuntu3) trusty; urgency=low
* debian/control: Drop libnss version number in Depends. We only need to
recompile. (LP: #1251454)
chromium-browser (31.0.1650.57-0ubuntu2) trusty; urgency=low
* debian/apport/chromium-browser.py: Include dmesg events mentioning chromium
in apport reports.
* debian/control: Abandon nss transitional package as Dependency, and add
real package with epoch version number.
chromium-browser (31.0.1650.57-0ubuntu1) trusty; urgency=low
* New release 31.0.1650.57:
- CVE-2013-6632: Multiple memory corruption issues.
* New release 31.0.1650.48: (LP: #1250579)
- CVE-2013-6621: Use after free related to speech input elements.
- CVE-2013-6622: Use after free related to media elements.
- CVE-2013-6623: Out of bounds read in SVG.
- CVE-2013-6624: Use after free related to "id" attribute strings.
- CVE-2013-6625: Use after free in DOM ranges.
- CVE-2013-6626: Address bar spoofing related to interstitial warnings.
- CVE-2013-6627: Out of bounds read in HTTP parsing.
- CVE-2013-6628: Issue with certificates not being checked during TLS
renegotiation.
- CVE-2013-2931: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo.
- CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo.
- CVE-2013-6631: Use after free in libjingle.
* debian/chromium-chromedriver.install: Drop unsupported, broken old
chromedriver v1 and add chromedriver2.
* Update webapps patches.
* Disable chromedriver testing until the new server-test client dependencies
are figured out.
* Drop base_unittests and automated_ui_tests build and automatic test and
from installation exclusion.
* Include wildcat package 'pepflashplugin-nonfree' in apport reportting.
chromium-browser (30.0.1599.114-0ubuntu1) trusty; urgency=low
* debian/patches/menu-bar-visible.patch: Don't treat object as object
reference.
* debian/patches/4-chromeless-window-launch-option.patch: Don't fix problem
introduced in menu-bar-visible patch.
* debian/rules: Fix typo of Precise conditional.
* Test the compiler for "-m32" support as the canonical test of support.
Only a problem on ARM.
* debian/patches/cr30-sandbox-async-signal-safe.patch: Backport to make
SIGSYS handler in sandbox safe and never call itself. (LP: #1195797)
* debian/rules, debian/control: Use standard hardening flags, not
hardening-wrapper.
* debian/control: Build-depend on binutils, which already includes gold
linker.
* debian/control: Drop some unused build-deps: autotools-dev, binutils,
flex, g++-multilib [amd64], libbz2-dev, libc6-dev-i386 [amd64],
libdbus-glib-1-dev, libgl1-mesa-dev, libgl1-mesa-dri, libglib2.0-dev,
libglu1-mesa-dev, libhunspell-dev, libjpeg-dev, libnspr4-dev,
libpam0g-dev, libpango1.0-dev, libspeechd-dev, libssl-dev, libxi-dev,
libxml2-dev, libxslt1-dev, libxt-dev, mesa-common-dev,
patchutils (>= 0.2.25), python-simplejson, yasm zlib1g-dev,
* debian/patches/cr31-pango-tab-titles.patch: Backport a fix that makes
tab titles disappear due to a pango bug.
* debian/tests/control: Drop Depends on obselete package
libunity-webapps-chromium.
-- Chad MILLER <email address hidden> Mon, 09 Dec 2013 21:42:54 -0500
-
chromium-browser (30.0.1599.114-0ubuntu0.13.10.2) saucy-security; urgency=low
* Test the compiler for "-m32" support as the canonical test of support.
Only a problem on ARM.
chromium-browser (30.0.1599.114-0ubuntu0.13.10.1) saucy-updates; urgency=low
* New release 30.0.1599.114.
* New release 30.0.1599.101:
- CVE-2013-2925: Use after free in XHR.
- CVE-2013-2926: Use after free in editing.
- CVE-2013-2927: Use after free in forms.
* New release 29.0.1547.76.
* New release 30.0.1599.66:
- CVE-2013-2906: Races in Web Audio.
- CVE-2013-2907: Out of bounds read in Window.prototype object.
- CVE-2013-2908: Address bar spoofing related to the “204 No Content”
status code.
- CVE-2013-2909: Use after free in inline-block rendering.
- CVE-2013-2910: Use-after-free in Web Audio.
- CVE-2013-2911: Use-after-free in XSLT.
- CVE-2013-2912: Use-after-free in PPAPI.
- CVE-2013-2913: Use-after-free in XML document parsing.
- CVE-2013-2914: Use after free in the Windows color chooser dialog.
- CVE-2013-2915: Address bar spoofing via a malformed scheme.
- CVE-2013-2916: Address bar spoofing related to the “204 No Content”
status code.
- CVE-2013-2917: Out of bounds read in Web Audio.
- CVE-2013-2918: Use-after-free in DOM.
- CVE-2013-2919: Memory corruption in V8.
- CVE-2013-2920: Out of bounds read in URL parsing.
- CVE-2013-2921: Use-after-free in resource loader.
- CVE-2013-2922: Use-after-free in template element.
- CVE-2013-2923: Various fixes from internal audits, fuzzing and other
initiatives (Chrome 30).
- CVE-2013-2924: Use-after-free in ICU.
* debian/tests/...: Make first real tests using sikuli. Probably quite
fragile on changes to upstream. (LP: #1222895)
* debian/patches/4-chromeless-window-launch-option.patch: Make new windows
use their own state instead of checking the parameters of the instance that
started all processes for whether a window has chrome or not. (LP: #1223855)
* Update autopkgtest tests.
* debian/patches/series: Drop comment references to old patches. Remove
files.
* debian/rules: Don't build 'reliability_tests' any more. It's deprecated
upstream and we don't use it anyway.
* debian/rules: debian/chromium-browser.install: Handle sandbox compilation
configuration changes by stopping our special handling and using the default,
and "you have to change the underscore from the build target into a hyphen".
* debian/rules: Process rpath of files in debian/tmp* BEFORE we copy them out.
(LP: #1226143)
* debian/testing/driver: Cheap run test to make sure chromedriver runs.
(LP: #1226143)
* debian/patches/4-chromeless-window-launch-option.patch: Fix syntax that
caused extensions to fail. (LP: #1232575)
* debian/rules: Use runtime linker for all architectures, not just 64-bit.
Component builds everywhere, now. More than 4GB is too much to expect.
* debian/rules: clean up packaging comparison code.
-- Chad MILLER <email address hidden> Sun, 27 Oct 2013 13:08:11 -0400
-
chromium-browser (29.0.1547.65-0ubuntu2) saucy; urgency=low
* debian/control: Make chromium-browser-l10n Replaces chromium-browser so
that new translations that were added in v28 packaging are now in the
correct -l10n package. (LP: #1222488)
* debian/rules: Remove unused duplicate-exclusion patterns. Again.
* debian/control: Make codecs packages no longer Depend on chromium-browser,
so that "extras" metapackages can pull them in without enormous browser.
(LP: #1208518)
* debian/tests/control: Don't use needs-build flag as we don't need it
presently. Also, disable autopkgtest "smoketest" failure until its
misbehavior on some environments can be diagnosed from log files.
* debian/patches/4-chromeless-window-launch-option.patch: Add missing
construction initializer. (LP: #1223251)
-- Chad MILLER <email address hidden> Tue, 10 Sep 2013 14:51:03 -0400
