Format: 1.8 Date: Sat, 17 Dec 2016 12:05:53 -0500 Source: chromium-browser Binary: chromium-browser chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-extra chromium-chromedriver Architecture: amd64 all Version: 55.0.2883.87-0ubuntu0.16.04.1263 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Chad MILLER Description: chromium-browser - Chromium web browser, open-source version of Chrome chromium-browser-l10n - chromium-browser language packages chromium-chromedriver - WebDriver driver for the Chromium Browser chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser Changes: chromium-browser (55.0.2883.87-0ubuntu0.16.04.1263) xenial-security; urgency=medium . * debian/rules: Build extra codecs as part of main chromium program, and libre/crippled/h.264less on its own. Seems to make h.264 work again. Weird. * debian/chromium-browser.links: Make link to ./ instead of / to fix path problems that codec-using other apps might see. * Upstream release of 55.0.2883.87: - Change Flash running default to important content only. * debian/chromium-browser.sh.in: Insert the Flash version if empty and detectable. * debian/rules, debian/control: Use gcc/g++ 4.8 to build. * Upstream release of 55.0.2883.75: - CVE-2016-9651: Private property access in V8. - CVE-2016-5208: Universal XSS in Blink. - CVE-2016-5207: Universal XSS in Blink. - CVE-2016-5206: Same-origin bypass in PDFium. - CVE-2016-5205: Universal XSS in Blink. - CVE-2016-5204: Universal XSS in Blink. - CVE-2016-5209: Out of bounds write in Blink. - CVE-2016-5203: Use after free in PDFium. - CVE-2016-5210: Out of bounds write in PDFium. - CVE-2016-5212: Local file disclosure in DevTools. - CVE-2016-5211: Use after free in PDFium. - CVE-2016-5213: Use after free in V8. - CVE-2016-5214: File download protection bypass. - CVE-2016-5216: Use after free in PDFium. - CVE-2016-5215: Use after free in Webaudio. - CVE-2016-5217: Use of unvalidated data in PDFium. - CVE-2016-5218: Address spoofing in Omnibox. - CVE-2016-5219: Use after free in V8. - CVE-2016-5221: Integer overflow in ANGLE. - CVE-2016-5220: Local file access in PDFium. - CVE-2016-5222: Address spoofing in Omnibox. - CVE-2016-9650: CSP Referrer disclosure. - CVE-2016-5223: Integer overflow in PDFium. - CVE-2016-5226: Limited XSS in Blink. - CVE-2016-5225: CSP bypass in Blink. - CVE-2016-5224: Same-origin bypass in SVG - CVE-2016-9652: Various fixes from internal audits, fuzzing and other initiatives * Upstream release of 54.0.2840.100: - CVE-2016-5199: Heap corruption in FFmpeg. - CVE-2016-5200: Out of bounds memory access in V8. - CVE-2016-5201: Info leak in extensions. - CVE-2016-5202: Various fixes from internal audits, fuzzing and other initiatives * Move to using GN to build chromium. - debian/known_gn_gen_args - debian/rules patches * debian/rules, lintians, installs, script: Move component libs out of libs/, to /usr/lib/chromium-browser/ only. * debian/patches/do-not-use-bundled-clang: Use clang from path. * debian/control: Express that binary packages could be on "any" architecture. * debian/control: additionally build-dep on libgtk-3-dev * debian/patches/arm64-support: Fail nicer if aarch64/arm64 mismatch. * Upstrem release of 54.0.2840.59: - CVE-2016-5181: Universal XSS in Blink. - CVE-2016-5182: Heap overflow in Blink. - CVE-2016-5183: Use after free in PDFium. - CVE-2016-5184: Use after free in PDFium. - CVE-2016-5185: Use after free in Blink. - CVE-2016-5187: URL spoofing. - CVE-2016-5188: UI spoofing. - CVE-2016-5192: Cross-origin bypass in Blink. - CVE-2016-5189: URL spoofing. - CVE-2016-5186: Out of bounds read in DevTools. - CVE-2016-5191: Universal XSS in Bookmarks. - CVE-2016-5190: Use after free in Internals. - CVE-2016-5193: Scheme bypass. - CVE-2016-5194: Various fixes from internal audits, fuzzing and other initiatives * debian/patches/allow-component-build: Hard-code, override release -> no component logic. * debian/known_gyp_flags: Remove old GYP known-flags list. * debian/default-allocator: Insist on not using tcmalloc allocator. * debian/rules: Set LDFLAGS to limit memory usage. * debian/control: Remove extraneous dependencies. Checksums-Sha1: bc293c755446ae8abda5097a5bb2e75ee026ba59 50212874 chromium-browser-dbgsym_55.0.2883.87-0ubuntu0.16.04.1263_amd64.ddeb 3f3b55142e27750568b962afe3b0f6f48b0c084e 3326796 chromium-browser-l10n_55.0.2883.87-0ubuntu0.16.04.1263_all.deb a9fa6dbf7d5c80682c70e47d197c4880e23647b5 58733428 chromium-browser_55.0.2883.87-0ubuntu0.16.04.1263_amd64.deb 4d6adbbf88ba026ff036f285ca736c04267bbe71 137744 chromium-chromedriver-dbgsym_55.0.2883.87-0ubuntu0.16.04.1263_amd64.ddeb 70a9a5d73aab100ee8d3f3f9adc230361158c9aa 387684 chromium-chromedriver_55.0.2883.87-0ubuntu0.16.04.1263_amd64.deb a8852152231283d4dcb2e5e0f7da87c94fc7f3eb 68274 chromium-codecs-ffmpeg-dbgsym_55.0.2883.87-0ubuntu0.16.04.1263_amd64.ddeb bafcbc90a8d277aa7ce9b2f28f4b3d9ce8819315 114118 chromium-codecs-ffmpeg-extra-dbgsym_55.0.2883.87-0ubuntu0.16.04.1263_amd64.ddeb 71606b0f5bd7a0b31afe4ff04f0f5e157b0cc215 889966 chromium-codecs-ffmpeg-extra_55.0.2883.87-0ubuntu0.16.04.1263_amd64.deb 671ffb05901e20355d4c35b0ed7d5110e491b969 538356 chromium-codecs-ffmpeg_55.0.2883.87-0ubuntu0.16.04.1263_amd64.deb Checksums-Sha256: cd975cd1de3ea1e9c5dfb78f4f46d7511a82939da5c551b3dc34408bf6177ffb 50212874 chromium-browser-dbgsym_55.0.2883.87-0ubuntu0.16.04.1263_amd64.ddeb d3d82112357c401c70f1190c00cef0a27af082f3d712f71fefd0a7c7a65428c4 3326796 chromium-browser-l10n_55.0.2883.87-0ubuntu0.16.04.1263_all.deb 8d8918a180ac9c7ec45859b90bc3550afbffc018c3720dc7952c5b1758da6c55 58733428 chromium-browser_55.0.2883.87-0ubuntu0.16.04.1263_amd64.deb 15ccf36ef0c60898c66c6e36c589a7fb1115c803c8bc3be98513dc41a3c43baa 137744 chromium-chromedriver-dbgsym_55.0.2883.87-0ubuntu0.16.04.1263_amd64.ddeb ea2934cb1804573d4b2043622c4055e24817b6819267453a30d8d15758111905 387684 chromium-chromedriver_55.0.2883.87-0ubuntu0.16.04.1263_amd64.deb 7ad6c3778d0621eec5c4f59e1b8a8bc840c825f5409ad954cc79a36b24c9fe20 68274 chromium-codecs-ffmpeg-dbgsym_55.0.2883.87-0ubuntu0.16.04.1263_amd64.ddeb a6e66a1d1ca4eb53729f90b6642c1b1d69ae6bbd800823d33d6bf166a54ab058 114118 chromium-codecs-ffmpeg-extra-dbgsym_55.0.2883.87-0ubuntu0.16.04.1263_amd64.ddeb 4f4f3f9f7731180ad0d996ed79b5c5d820410ec6b143412c0a86987fd816e448 889966 chromium-codecs-ffmpeg-extra_55.0.2883.87-0ubuntu0.16.04.1263_amd64.deb 7ae94c94f8321045d4537a00a9cc130e90e48f233690dbb726b335463d152126 538356 chromium-codecs-ffmpeg_55.0.2883.87-0ubuntu0.16.04.1263_amd64.deb Files: 3d764da4045c61a4c5e39f3d46df8dee 50212874 web extra chromium-browser-dbgsym_55.0.2883.87-0ubuntu0.16.04.1263_amd64.ddeb 45469f6d2a14f19cd87513c5f4e5f397 3326796 web optional chromium-browser-l10n_55.0.2883.87-0ubuntu0.16.04.1263_all.deb 37c1b5a4b61bb43e8c7c140b2f7cbbbe 58733428 web optional chromium-browser_55.0.2883.87-0ubuntu0.16.04.1263_amd64.deb 31be71f633470bb71e5a8eed33c5e949 137744 web extra chromium-chromedriver-dbgsym_55.0.2883.87-0ubuntu0.16.04.1263_amd64.ddeb a57d96e0d2f1898c9e677ac94467b2ec 387684 web optional chromium-chromedriver_55.0.2883.87-0ubuntu0.16.04.1263_amd64.deb e47833a9ee50c1cec09b8c045d1f4f5e 68274 web extra chromium-codecs-ffmpeg-dbgsym_55.0.2883.87-0ubuntu0.16.04.1263_amd64.ddeb 47674f74edd80171417553cd567572ef 114118 web extra chromium-codecs-ffmpeg-extra-dbgsym_55.0.2883.87-0ubuntu0.16.04.1263_amd64.ddeb b0707d549f7bb2d10efbeb68ebd6a7f1 889966 web optional chromium-codecs-ffmpeg-extra_55.0.2883.87-0ubuntu0.16.04.1263_amd64.deb d08061faa2956085fb18a9eae0270ba7 538356 web optional chromium-codecs-ffmpeg_55.0.2883.87-0ubuntu0.16.04.1263_amd64.deb