Format: 1.8
Date: Fri, 16 Sep 2016 12:56:44 -0400
Source: chromium-browser
Binary: chromium-browser chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-extra chromium-chromedriver
Architecture: armhf
Version: 53.0.2785.143-0ubuntu0.16.04.1.1254
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos01-arm64-034.buildd>
Changed-By: Chad MILLER <chad.miller@canonical.com>
Description:
 chromium-browser - Chromium web browser, open-source version of Chrome
 chromium-browser-l10n - chromium-browser language packages
 chromium-chromedriver - WebDriver driver for the Chromium Browser
 chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
Changes:
 chromium-browser (53.0.2785.143-0ubuntu0.16.04.1.1254) xenial-security; urgency=medium
 .
   * Upstream release 53.0.2785.143:
     - CVE-2016-5177: Use after free in V8.
     - CVE-2016-5178: Various fixes from internal audits, fuzzing and other
       initiatives.
   * Upstream release 53.0.2785.113:
     - CVE-2016-5170: Use after free in Blink.
     - CVE-2016-5171: Use after free in Blink.
     - CVE-2016-5172: Arbitrary Memory Read in v8.
     - CVE-2016-5173: Extension resource access.
     - CVE-2016-5174: Popup not correctly suppressed.
     - CVE-2016-5175: Various fixes from internal audits, fuzzing and other
       initiatives.
   * debian/rules: Use gold ld to link.
   * debian/rules: Kill delete-null-pointer-checks. In the javascript engine,
     we can not assume a memory access to address zero always results in a
     trap.
   * debian/patches/gsettings-display-scaling,
     debian/patches/display-scaling-default-value, reenable DPI scaling taken
     from dconf.
   * debian/rules: explicitly set target arch for arm64.
   * debian/control, debian/rules: re-add -dbg transitional packages.
   * Upstream release 53.0.2785.89:
     - CVE-2016-5147: Universal XSS in Blink.
     - CVE-2016-5148: Universal XSS in Blink.
     - CVE-2016-5149: Script injection in extensions.
     - CVE-2016-5150: Use after free in Blink.
     - CVE-2016-5151: Use after free in PDFium.
     - CVE-2016-5152: Heap overflow in PDFium.
     - CVE-2016-5153: Use after destruction in Blink.
     - CVE-2016-5154: Heap overflow in PDFium.
     - CVE-2016-5155: Address bar spoofing.
     - CVE-2016-5156: Use after free in event bindings.
     - CVE-2016-5157: Heap overflow in PDFium.
     - CVE-2016-5158: Heap overflow in PDFium.
     - CVE-2016-5159: Heap overflow in PDFium.
     - CVE-2016-5161: Type confusion in Blink.
     - CVE-2016-5162: Extensions web accessible resources bypass.
     - CVE-2016-5163: Address bar spoofing.
     - CVE-2016-5164: Universal XSS using DevTools.
     - CVE-2016-5165: Script injection in DevTools.
     - CVE-2016-5166: SMB Relay Attack via Save Page As.
     - CVE-2016-5160: Extensions web accessible resources bypass.
     - CVE-2016-5167: Various fixes from internal audits, fuzzing and other
       initiatives.
   * debian/patches/cups-include-deprecated-ppd, debian/rules: include cups
     functions.
   * debian/rules, debian/control: Force using gcc-5 compiler.
   * Use system libraries for expat, speex, zlib, opus, png, jpeg.
   * Also build for arm64 architecture.
   * Don't compile in cups support by default on all architectures.
   * debian/control: remvove build-dep on clang.
   * debian/patches/linux45-madvfree: If MADV_FREE is not defined, do not allow
     it in sandbox filter. Also, undefine it so we don't use MADV_FREE and
     thereby depend on it at runtime.
   * debian/rules: Use gold ld to link.
   * debian/rules: Kill delete-null-pointer-checks. In the javascript engine,
     we can not assume a memory access to address zero always results in a
     trap.
   * debian/patches/series, debian/rules: Re-enable widevine component.
Checksums-Sha1:
 c1aea6167f9d4cdfc553651b2c71f0bc8cb5861e 667241674 chromium-browser-dbgsym_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.ddeb
 9279f63e1fc9ce5f5738911abf1c8db26a6248f8 48164282 chromium-browser_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.deb
 11c35f1b8044ae4eec7ccac4766aa1cf9203690e 3025332 chromium-chromedriver-dbgsym_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.ddeb
 0d284a98bbf5bd7e14e349f2a6e38f3bdbe5a282 345114 chromium-chromedriver_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.deb
 ad8ef56535bfb6a18afbc6f86b9023f13193e761 792888 chromium-codecs-ffmpeg-dbgsym_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.ddeb
 7884ed2db7815b40d9cc6fe2a0e6660190741c9f 1530360 chromium-codecs-ffmpeg-extra-dbgsym_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.ddeb
 8a063b6460fc065706694989f1651cea93d996e8 799220 chromium-codecs-ffmpeg-extra_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.deb
 0757df927485946ad0173de446bf7dbea06183a4 488876 chromium-codecs-ffmpeg_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.deb
Checksums-Sha256:
 cf4844a0a4a28e59a307e21dde9285f0f21312821eec077df7f323d5f551a6df 667241674 chromium-browser-dbgsym_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.ddeb
 28017a5fe231f6685029578de8ddebe19bce4d8c0cbb4a41a9ceab2764eb2d30 48164282 chromium-browser_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.deb
 ce04ebd1610ec7a341ecff3cc51917a2199c2cedcfa66f56093651589add3dbc 3025332 chromium-chromedriver-dbgsym_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.ddeb
 6c3a6bb6959c8e44a8166300845526671c5d87360eaf919276ffd5df34a78695 345114 chromium-chromedriver_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.deb
 1db8a3b8bdd9d797975719460dde3d594dc013b96510a5b82fb6837f061f69cd 792888 chromium-codecs-ffmpeg-dbgsym_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.ddeb
 94ea9e84ba301435d50918ceb04b9054d15cc71844037df441ce0e89ba6a5565 1530360 chromium-codecs-ffmpeg-extra-dbgsym_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.ddeb
 cd5729809dbccbdd53b314263e683ab6cb60516a1f17cf5d67286cf54885d38d 799220 chromium-codecs-ffmpeg-extra_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.deb
 39afc15ac51e2f9f14e9a4c84baff8984cf9416433d44d933ec95f44c65f6135 488876 chromium-codecs-ffmpeg_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.deb
Files:
 57af25786e908f210385211d2adb8289 667241674 web extra chromium-browser-dbgsym_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.ddeb
 05453ad1505bf2df5b6b1a75bd2ef5c0 48164282 web optional chromium-browser_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.deb
 60ada05b166cb59609379209b5d7e904 3025332 web extra chromium-chromedriver-dbgsym_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.ddeb
 4a27bb8beaf5da3a591427f9d9b8b42b 345114 web optional chromium-chromedriver_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.deb
 36ef780749ce1dd6817f030b545db020 792888 web extra chromium-codecs-ffmpeg-dbgsym_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.ddeb
 d009d717750e428526263ec40bdbcc26 1530360 web extra chromium-codecs-ffmpeg-extra-dbgsym_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.ddeb
 4a39e0457173f4e4d8259034895d5563 799220 web optional chromium-codecs-ffmpeg-extra_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.deb
 fb581d69e274828a965742d26447d7ab 488876 web optional chromium-codecs-ffmpeg_53.0.2785.143-0ubuntu0.16.04.1.1254_armhf.deb