chromium-browser 55.0.2883.87-0ubuntu0.16.10.1328 source package in Ubuntu

Changelog

chromium-browser (55.0.2883.87-0ubuntu0.16.10.1328) yakkety-security; urgency=medium

  * Upstream release of 55.0.2883.87:
    - Change Flash running default to important content only.
  * debian/chromium-browser.sh.in: Insert the Flash version if empty and
    detectable.
  * debian/rules, debian/control: Use gcc/g++ 4.8 to build.
  * Upstream release of 55.0.2883.75:
    - CVE-2016-9651: Private property access in V8.
    - CVE-2016-5208: Universal XSS in Blink.
    - CVE-2016-5207: Universal XSS in Blink.
    - CVE-2016-5206: Same-origin bypass in PDFium.
    - CVE-2016-5205: Universal XSS in Blink.
    - CVE-2016-5204: Universal XSS in Blink.
    - CVE-2016-5209: Out of bounds write in Blink.
    - CVE-2016-5203: Use after free in PDFium.
    - CVE-2016-5210: Out of bounds write in PDFium.
    - CVE-2016-5212: Local file disclosure in DevTools.
    - CVE-2016-5211: Use after free in PDFium.
    - CVE-2016-5213: Use after free in V8.
    - CVE-2016-5214: File download protection bypass.
    - CVE-2016-5216: Use after free in PDFium.
    - CVE-2016-5215: Use after free in Webaudio.
    - CVE-2016-5217: Use of unvalidated data in PDFium.
    - CVE-2016-5218: Address spoofing in Omnibox.
    - CVE-2016-5219: Use after free in V8.
    - CVE-2016-5221: Integer overflow in ANGLE.
    - CVE-2016-5220: Local file access in PDFium.
    - CVE-2016-5222: Address spoofing in Omnibox.
    - CVE-2016-9650: CSP Referrer disclosure.
    - CVE-2016-5223: Integer overflow in PDFium.
    - CVE-2016-5226: Limited XSS in Blink.
    - CVE-2016-5225: CSP bypass in Blink.
    - CVE-2016-5224: Same-origin bypass in SVG
    - CVE-2016-9652: Various fixes from internal audits, fuzzing and other
      initiatives
  * Upstream release of 54.0.2840.100:
    - CVE-2016-5199: Heap corruption in FFmpeg.
    - CVE-2016-5200: Out of bounds memory access in V8.
    - CVE-2016-5201: Info leak in extensions.
    - CVE-2016-5202: Various fixes from internal audits, fuzzing and other
      initiatives
  * Move to using GN to build chromium.
    - debian/known_gn_gen_args
    - debian/rules
    patches
  * debian/rules, lintians, installs, script: Move component libs out of
    libs/, to /usr/lib/chromium-browser/ only.
  * debian/patches/do-not-use-bundled-clang: Use clang from path.
  * debian/control: Express that binary packages could be on "any"
    architecture.
  * debian/control: additionally build-dep on libgtk-3-dev
  * debian/patches/arm64-support: Fail nicer if aarch64/arm64 mismatch.
  * Upstrem release of 54.0.2840.59:
    - CVE-2016-5181: Universal XSS in Blink.
    - CVE-2016-5182: Heap overflow in Blink.
    - CVE-2016-5183: Use after free in PDFium.
    - CVE-2016-5184: Use after free in PDFium.
    - CVE-2016-5185: Use after free in Blink.
    - CVE-2016-5187: URL spoofing.
    - CVE-2016-5188: UI spoofing.
    - CVE-2016-5192: Cross-origin bypass in Blink.
    - CVE-2016-5189: URL spoofing.
    - CVE-2016-5186: Out of bounds read in DevTools.
    - CVE-2016-5191: Universal XSS in Bookmarks.
    - CVE-2016-5190: Use after free in Internals.
    - CVE-2016-5193: Scheme bypass.
    - CVE-2016-5194: Various fixes from internal audits, fuzzing and other
      initiatives
  * debian/patches/allow-component-build: Hard-code, override
    release -> no component logic.
  * debian/known_gyp_flags: Remove old GYP known-flags list.
  * debian/default-allocator: Insist on not using tcmalloc allocator.
  * debian/rules: Set LDFLAGS to limit memory usage.
  * debian/control: Remove extraneous dependencies.

 -- Chad MILLER <email address hidden>  Sat, 03 Dec 2016 09:55:37 -0500

Upload details

Uploaded by:
Chad Miller
Uploaded to:
Yakkety
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
web
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
chromium-browser_55.0.2883.87.orig.tar.xz 487.6 MiB e81bd3140d9c84dfee04d9a94686dfe6a20ae79475d84f17154c5536dcb81a58
chromium-browser_55.0.2883.87-0ubuntu0.16.10.1328.debian.tar.xz 531.2 KiB 8ea5764cbd241346723ccf6a42fb70a4e402aa176c25c12c0662214e2c4318eb
chromium-browser_55.0.2883.87-0ubuntu0.16.10.1328.dsc 2.9 KiB 99fe3ea44ca7558ab8c207899676654adb89178708a23b85291aa19032515462

View changes file

Binary packages built by this source

chromium-browser: No summary available for chromium-browser in ubuntu yakkety.

No description available for chromium-browser in ubuntu yakkety.

chromium-browser-dbgsym: No summary available for chromium-browser-dbgsym in ubuntu yakkety.

No description available for chromium-browser-dbgsym in ubuntu yakkety.

chromium-browser-l10n: No summary available for chromium-browser-l10n in ubuntu yakkety.

No description available for chromium-browser-l10n in ubuntu yakkety.

chromium-chromedriver: No summary available for chromium-chromedriver in ubuntu yakkety.

No description available for chromium-chromedriver in ubuntu yakkety.

chromium-chromedriver-dbgsym: No summary available for chromium-chromedriver-dbgsym in ubuntu yakkety.

No description available for chromium-chromedriver-dbgsym in ubuntu yakkety.

chromium-codecs-ffmpeg: No summary available for chromium-codecs-ffmpeg in ubuntu yakkety.

No description available for chromium-codecs-ffmpeg in ubuntu yakkety.

chromium-codecs-ffmpeg-dbgsym: No summary available for chromium-codecs-ffmpeg-dbgsym in ubuntu yakkety.

No description available for chromium-codecs-ffmpeg-dbgsym in ubuntu yakkety.

chromium-codecs-ffmpeg-extra: No summary available for chromium-codecs-ffmpeg-extra in ubuntu yakkety.

No description available for chromium-codecs-ffmpeg-extra in ubuntu yakkety.

chromium-codecs-ffmpeg-extra-dbgsym: No summary available for chromium-codecs-ffmpeg-extra-dbgsym in ubuntu yakkety.

No description available for chromium-codecs-ffmpeg-extra-dbgsym in ubuntu yakkety.