chromium-browser 55.0.2883.87-0ubuntu0.16.04.1263 source package in Ubuntu
Changelog
chromium-browser (55.0.2883.87-0ubuntu0.16.04.1263) xenial-security; urgency=medium
* debian/rules: Build extra codecs as part of main chromium program,
and libre/crippled/h.264less on its own. Seems to make h.264 work
again. Weird.
* debian/chromium-browser.links: Make link to ./ instead of / to fix
path problems that codec-using other apps might see.
* Upstream release of 55.0.2883.87:
- Change Flash running default to important content only.
* debian/chromium-browser.sh.in: Insert the Flash version if empty and
detectable.
* debian/rules, debian/control: Use gcc/g++ 4.8 to build.
* Upstream release of 55.0.2883.75:
- CVE-2016-9651: Private property access in V8.
- CVE-2016-5208: Universal XSS in Blink.
- CVE-2016-5207: Universal XSS in Blink.
- CVE-2016-5206: Same-origin bypass in PDFium.
- CVE-2016-5205: Universal XSS in Blink.
- CVE-2016-5204: Universal XSS in Blink.
- CVE-2016-5209: Out of bounds write in Blink.
- CVE-2016-5203: Use after free in PDFium.
- CVE-2016-5210: Out of bounds write in PDFium.
- CVE-2016-5212: Local file disclosure in DevTools.
- CVE-2016-5211: Use after free in PDFium.
- CVE-2016-5213: Use after free in V8.
- CVE-2016-5214: File download protection bypass.
- CVE-2016-5216: Use after free in PDFium.
- CVE-2016-5215: Use after free in Webaudio.
- CVE-2016-5217: Use of unvalidated data in PDFium.
- CVE-2016-5218: Address spoofing in Omnibox.
- CVE-2016-5219: Use after free in V8.
- CVE-2016-5221: Integer overflow in ANGLE.
- CVE-2016-5220: Local file access in PDFium.
- CVE-2016-5222: Address spoofing in Omnibox.
- CVE-2016-9650: CSP Referrer disclosure.
- CVE-2016-5223: Integer overflow in PDFium.
- CVE-2016-5226: Limited XSS in Blink.
- CVE-2016-5225: CSP bypass in Blink.
- CVE-2016-5224: Same-origin bypass in SVG
- CVE-2016-9652: Various fixes from internal audits, fuzzing and other
initiatives
* Upstream release of 54.0.2840.100:
- CVE-2016-5199: Heap corruption in FFmpeg.
- CVE-2016-5200: Out of bounds memory access in V8.
- CVE-2016-5201: Info leak in extensions.
- CVE-2016-5202: Various fixes from internal audits, fuzzing and other
initiatives
* Move to using GN to build chromium.
- debian/known_gn_gen_args
- debian/rules
patches
* debian/rules, lintians, installs, script: Move component libs out of
libs/, to /usr/lib/chromium-browser/ only.
* debian/patches/do-not-use-bundled-clang: Use clang from path.
* debian/control: Express that binary packages could be on "any"
architecture.
* debian/control: additionally build-dep on libgtk-3-dev
* debian/patches/arm64-support: Fail nicer if aarch64/arm64 mismatch.
* Upstrem release of 54.0.2840.59:
- CVE-2016-5181: Universal XSS in Blink.
- CVE-2016-5182: Heap overflow in Blink.
- CVE-2016-5183: Use after free in PDFium.
- CVE-2016-5184: Use after free in PDFium.
- CVE-2016-5185: Use after free in Blink.
- CVE-2016-5187: URL spoofing.
- CVE-2016-5188: UI spoofing.
- CVE-2016-5192: Cross-origin bypass in Blink.
- CVE-2016-5189: URL spoofing.
- CVE-2016-5186: Out of bounds read in DevTools.
- CVE-2016-5191: Universal XSS in Bookmarks.
- CVE-2016-5190: Use after free in Internals.
- CVE-2016-5193: Scheme bypass.
- CVE-2016-5194: Various fixes from internal audits, fuzzing and other
initiatives
* debian/patches/allow-component-build: Hard-code, override
release -> no component logic.
* debian/known_gyp_flags: Remove old GYP known-flags list.
* debian/default-allocator: Insist on not using tcmalloc allocator.
* debian/rules: Set LDFLAGS to limit memory usage.
* debian/control: Remove extraneous dependencies.
-- Chad MILLER <email address hidden> Sat, 17 Dec 2016 12:05:53 -0500
Upload details
- Uploaded by:
- Chad Miller
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| chromium-browser_55.0.2883.87.orig.tar.xz | 487.6 MiB | e81bd3140d9c84dfee04d9a94686dfe6a20ae79475d84f17154c5536dcb81a58 |
| chromium-browser_55.0.2883.87-0ubuntu0.16.04.1263.debian.tar.xz | 531.4 KiB | 9caf071e674024e6d04823864adc0dbcb5f9f96697654f8563fa43dfc4409e50 |
| chromium-browser_55.0.2883.87-0ubuntu0.16.04.1263.dsc | 2.9 KiB | ef4ac9b99312773d33e2e2207e194225591627404dc932a820d0383fbdd788cd |
Available diffs
Binary packages built by this source
- chromium-browser: Chromium web browser, open-source version of Chrome
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
- chromium-browser-dbgsym: debug symbols for package chromium-browser
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
- chromium-browser-l10n: chromium-browser language packages
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
.
This package contains language packages for 65 languages:
am, ar, ast, bg, bn, bs, ca, ca@valencia, cs, da, de, el, en-AU, en-GB, eo,
es-419, es, et, eu, fa, fil, fi, fr, gl, gu, he, hi, hr, hu, hy, ia, id, it,
ja, ka, kn, ko, ku, kw, lt, lv, ml, mr, ms, nb, nl, pl, pt-BR, pt-PT, ro, ru,
sk, sl, sr, sv, sw, ta, te, th, tr, ug, uk, vi, zh-CN, zh-TW
- chromium-chromedriver: WebDriver driver for the Chromium Browser
Chromedriver serves as a bridge between Chromium Browser and Selenium
WebDriver.
.
See https://sites. google. com/a/chromium. org/chromedrive r/ for details.
- chromium-chromedriver-dbgsym: debug symbols for package chromium-chromedriver
Chromedriver serves as a bridge between Chromium Browser and Selenium
WebDriver.
.
See https://sites. google. com/a/chromium. org/chromedrive r/ for details.
- chromium-codecs-ffmpeg: Free ffmpeg codecs for the Chromium Browser
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
.
This package contains the multi-threaded ffmpeg codecs needed for the HTML5
<audio> and <video> tags. Only the free ogg, vorbis and theora codecs are
included. See chromium-codecs- ffmpeg- extra for additional codecs
- chromium-codecs-ffmpeg-dbgsym: debug symbols for package chromium-codecs-ffmpeg
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
.
This package contains the multi-threaded ffmpeg codecs needed for the HTML5
<audio> and <video> tags. Only the free ogg, vorbis and theora codecs are
included. See chromium-codecs- ffmpeg- extra for additional codecs
- chromium-codecs-ffmpeg-extra: Extra ffmpeg codecs for the Chromium Browser
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
.
This package contains the multi-threaded ffmpeg codecs needed for the HTML5
<audio> and <video> tags. In addition to the patent-free ogg, vorbis and
theora codecs, aac/ac3/mpeg4audio/ h264/mov/ mp3 are also included. See
chromium-codecs- ffmpeg if you prefer only the patent-free codecs
- chromium-codecs-ffmpeg-extra-dbgsym: debug symbols for package chromium-codecs-ffmpeg-extra
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
.
This package contains the multi-threaded ffmpeg codecs needed for the HTML5
<audio> and <video> tags. In addition to the patent-free ogg, vorbis and
theora codecs, aac/ac3/mpeg4audio/ h264/mov/ mp3 are also included. See
chromium-codecs- ffmpeg if you prefer only the patent-free codecs
