Back to chromium-browser PTS page

Accepted chromium-browser 59.0.3071.86-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted chromium-browser 59.0.3071.86-1 (source) into unstable
From: Michael Gilbert <mgilbert@debian.org>
Date: Tue, 06 Jun 2017 00:51:49 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1dI2ir-000AT6-Ju@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 05 Jun 2017 23:09:28 +0000
Source: chromium-browser
Binary: chromium chromium-l10n chromium-shell chromium-widevine chromium-driver chromedriver
Architecture: source
Version: 59.0.3071.86-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Chromium Maintainers <pkg-chromium-maint@lists.alioth.debian.org>
Changed-By: Michael Gilbert <mgilbert@debian.org>
Description:
 chromedriver - web browser - WebDriver support transitional package
 chromium   - web browser
 chromium-driver - web browser - WebDriver support
 chromium-l10n - web browser - language packs
 chromium-shell - web browser - minimal shell
 chromium-widevine - web browser - widevine content decryption support
Changes:
 chromium-browser (59.0.3071.86-1) unstable; urgency=medium
 .
   * New upstream stable release.
     - CVE-2017-5070: Type confusion in V8. Reported by Zhao Qixun
     - CVE-2017-5071: Out of bounds read in V8. Reported by Choongwoo Han
     - CVE-2017-5072: Address spoofing in Omnibox. Reported by Rayyan Bijoora
     - CVE-2017-5073: Use after free in print preview. Reported by Khalil Zhani
     - CVE-2017-5074: Use after free in Apps Bluetooth. Reported by anonymous
     - CVE-2017-5075: Information leak in CSP reporting. Reported by Emmanuel
       Gil Peyrot
     - CVE-2017-5076: Address spoofing in Omnibox. Reported by Samuel Erb
     - CVE-2017-5077: Heap buffer overflow in Skia. Reported by Sweetchip
     - CVE-2017-5078: Possible command injection in mailto handling. Reported
       by Jose Carlos Exposito Bueno
     - CVE-2017-5079: UI spoofing in Blink. Reported by Khalil Zhani
     - CVE-2017-5080: Use after free in credit card autofill. Reported by
       Khalil Zhani
     - CVE-2017-5081: Extension verification bypass. Reported by Andrey Kovalev
     - CVE-2017-5082: Insufficient hardening in credit card editor. Reported by
       Nightwatch Cybersecurity Research
     - CVE-2017-5083: UI spoofing in Blink. Reported by Khalil Zhani
     - CVE-2017-5085: Inappropriate javascript execution on WebUI pages.
       Reported by Zhiyang Zeng
     - CVE-2017-5086: Address spoofing in Omnibox. Reported by Rayyan Bijoora
Checksums-Sha1:
 01555afb11fad9a7c9711d6ac15706571a64c4f6 4324 chromium-browser_59.0.3071.86-1.dsc
 c8aa0ab2ed04b6d396a5dabf3e8d76b23a167eda 443596456 chromium-browser_59.0.3071.86.orig.tar.xz
 7da273747d2cbef4f787799cc23b173db77bd7b9 134276 chromium-browser_59.0.3071.86-1.debian.tar.xz
 6595c0788f10cd6c2765a61251fbe06ac5c7f4ec 19427 chromium-browser_59.0.3071.86-1_source.buildinfo
Checksums-Sha256:
 b0cf9622f7316ad2ea64ba096bc1d84f57fbcd68e56d2e4065c8c939a09bae40 4324 chromium-browser_59.0.3071.86-1.dsc
 5ac7dfa731adde6a51b1dcb910e95019ec85a04e65ecd783c4884b1f3d6d69fc 443596456 chromium-browser_59.0.3071.86.orig.tar.xz
 8532c9b6580043fbef76addc9de6a58fedb5d1d602f688ba6433ce85483f9698 134276 chromium-browser_59.0.3071.86-1.debian.tar.xz
 2041dd2786b8021b09278ede3feb1e5afd44397b86db530efe3a323cf78ec883 19427 chromium-browser_59.0.3071.86-1_source.buildinfo
Files:
 aab5e682bfd7c688766491113c0a2557 4324 web optional chromium-browser_59.0.3071.86-1.dsc
 43d3d7db660b8a14773dd56b181a5198 443596456 web optional chromium-browser_59.0.3071.86.orig.tar.xz
 38e7c110d3ed6134959884fcb7e45a90 134276 web optional chromium-browser_59.0.3071.86-1.debian.tar.xz
 941a08de309762bb29a0e7e49c09441f 19427 web optional chromium-browser_59.0.3071.86-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAlk168UACgkQuNayzQLW
9HMh4x/6Axx3fcKA+FvvjGY4pIlnE6Cwsaxrgw1zw0ym4+59Atgwrv23FEGDb5le
qeU2TQYoHTwtLUyx9ueRAIueHpsBihVPmR9WwZRv/ycjD+1xY+YqKGxnaTTv9K6s
C6pOgFrkmtk2rgetJEIgg/5p9f7aCmkLK71sKy1ArCqYqE8n16pcP9qVAJC6J73+
/1xvj9vZj94b6VY1yh8FwuGCsQg8DgwI4Yg2LkOxwQOBRZupVrGhRoqzYQuL8t32
Nu8XgY55ZgHeKsRsZBmGT5O5rXoaNi0ODK7fHcL2M6C5BmRsts38s7te1bBg11D9
Rn1+u1ZHcJ4AtSeAAdeu1YPp0hvqdtnQrYYds5++d2I5+Y1nYRFZQzsXJ22bC8VX
1o0KuZ758Zg3lyen5cV3jfABn63E9ovwH/BwkSlY+B7FZEN3srvCzvCafGVGj3CB
4pd7oI0u317pplUnD9xYDUFIDBvFz63bvG7bnry805RIRupSeSU7wNtqtkP1YTLx
eUvnbFOsFXJHjOPKioBF5OqmxhMtOUg8xvKnb6dgpmmq+Bd3X4Txy+m3xVvZrRaf
Qiw4IJ57GQQzqP9AjCmTb1OEFvdaHsvU2BibisgREvuhTagpqH0LFG0FgE3/rvbT
r5GqVLN19/9rFF4AXujRZltkzp4AvBQYmVF7aY3AJH0y2LMNGnrxr4v/umUaPPdh
QjwtCIEnHRYX1L4qoC0tGW5h2/vmM5Nv6q9tyHbjuPKCqymv4c3XwS5gJVF02Ftm
dfOg8XLkzvANjzjYcwv3ntKiC46GmPJ11KO6ZKKerT6BjIf0HZGVbjkxItpHHLfQ
ZjZ5HYCp+iggEDy78U4UcH144sxE6IQOxSGPHDElEVOTCy7odZKfxwM4IjvrvXAw
ay/qj2YNWUzuZpLPfK3CIx72KryK804ze8a1ONO03wp31jsQBwGMM2ZtDF5BdJAx
6Wrw82p+skAELFqpfnRfZ9Z6de3qbIt/XOhbO97TOynuiF+sA3O0x9EwVI8SlFUE
fASQSqf9KyJKQHOpp6SVVcDe7Y/t27154tsCgEPizz6dcyKof3wyJWnyxrtXT9Vz
Oj0ASDabBIxS+/3mLRsthRM1QRUIJaiJtFMoAV7x90LbAsNP42eF53RIgKT7HXqw
AgOStpkMEPBPJKWqHhWBvoEyVJXNFtJkyAwJN7w2zaC7hTVAoHsRJ+lKNQ/21fIh
61CCNcv8mXRgEywy0s3+/r2esYuRzMT2CcQTwZNJY5ZjjPjI4oOUhcLwDeDZK3AP
oabTOv3CAhMTvS1pJpDy6qRYJnhucSMQKplryoX9nih1C5cmFnu1T3qrtlqlggfK
vZIehl4ZKY3iSXNbyW1Zg6pjGcmgtw==
=J+2y
-----END PGP SIGNATURE-----