Back to chromium-browser PTS page

Accepted chromium-browser 69.0.3497.81-1~deb9u1 (source) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted chromium-browser 69.0.3497.81-1~deb9u1 (source) into proposed-updates->stable-new, proposed-updates
From: Michael Gilbert <mgilbert@debian.org>
Date: Mon, 10 Sep 2018 19:02:35 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1fzRSF-000CNB-FJ@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 12 Aug 2018 01:10:32 +0000
Source: chromium-browser
Binary: chromium chromium-l10n chromium-shell chromium-widevine chromium-driver chromedriver
Architecture: source
Version: 69.0.3497.81-1~deb9u1
Distribution: stretch-security
Urgency: medium
Maintainer: Debian Chromium Maintainers <pkg-chromium-maint@lists.alioth.debian.org>
Changed-By: Michael Gilbert <mgilbert@debian.org>
Description:
 chromedriver - web browser - WebDriver support transitional package
 chromium   - web browser
 chromium-driver - web browser - WebDriver support
 chromium-l10n - web browser - language packs
 chromium-shell - web browser - minimal shell
 chromium-widevine - web browser - widevine content decryption support
Closes: 904796 904798
Changes:
 chromium-browser (69.0.3497.81-1~deb9u1) stretch-security; urgency=medium
 .
   * New upstream stable release.
     - CVE-2018-16065: Out of bounds write in V8. Reported by Brendon Tiszka
     - CVE-2018-16066: Out of bounds read in Blink. Reported by cloudfuzzer
     - CVE-2018-16067: Out of bounds read in WebAudio. Reported by Zhe Jin
     - CVE-2018-16068: Out of bounds write in Mojo. Reported by Mark Brand
     - CVE-2018-16069: Out of bounds read in SwiftShader. Reported by Mark Brand
     - CVE-2018-16070: Integer overflow in Skia. Reported by Ivan Fratric
     - CVE-2018-16071: Use after free in WebRTC. Reported by Natalie Silvanovich
     - CVE-2018-16073: Site Isolation bypass after tab restore. Reported by Jun
       Kokatsu
     - CVE-2018-16074: Site Isolation bypass using Blob URLS. Reported by Jun
       Kokatsu
     - CVE-2018-16075: Local file access in Blink. Reported by Pepe Vila
     - CVE-2018-16076: Out of bounds read in PDFium. Reported by Aleksandar
       Nikolic
     - CVE-2018-16077: Content security policy bypass in Blink. Reported by
       Manuel Caballero
     - CVE-2018-16078: Credit card information leak in Autofill. Reported by
       Cailan Sacks
     - CVE-2018-16079: URL spoof in permission dialogs. Reported by Markus
       Vervier and Michele Orrù
     - CVE-2018-16080: URL spoof in full screen mode. Reported by Khalil Zhani
     - CVE-2018-16081: Local file access in DevTools. Reported by Jann Horn
     - CVE-2018-16082: Stack buffer overflow in SwiftShader. Reported by Omair
     - CVE-2018-16083: Out of bounds read in WebRTC. Reported by Natalie
       Silvanovich
     - CVE-2018-16084: User confirmation bypass in external protocol handling.
       Reported by Jun Kokatsu
     - CVE-2018-16085: Use after free in Memory Instrumentation. Reported by
       Roman Kuksin
   * Replace files from chromium-common on upgrade (closes: #904798).
   * Fix build failure on arm64 caused by binutils in stretch (closes: #904796).
Checksums-Sha1:
 9b0585919291caa8fbca1101c6c0c24c01b47edb 4370 chromium-browser_69.0.3497.81-1~deb9u1.dsc
 0695bbc23da4160e9ce0e4dc43e1ea71ac4dbf0a 237086156 chromium-browser_69.0.3497.81.orig.tar.xz
 4702c7f7e6b9264f48c993f055a50d37baf7cc96 143180 chromium-browser_69.0.3497.81-1~deb9u1.debian.tar.xz
 e33bc82614dc954c137c8eb372650e380876e7ff 20006 chromium-browser_69.0.3497.81-1~deb9u1_source.buildinfo
Checksums-Sha256:
 b41aa8a0c2b3f8e84f738c0f302edfa8a7e56354628941add5c6e575ff62d283 4370 chromium-browser_69.0.3497.81-1~deb9u1.dsc
 4eea1bbf8555ab56c9f93d2bde6541c30ab80d8f2d708ed39c9b0d52667658ee 237086156 chromium-browser_69.0.3497.81.orig.tar.xz
 ff5f450dc00465fbd89bedd5a4997ef5d5d974352a54fc01c7f26d3db86a449e 143180 chromium-browser_69.0.3497.81-1~deb9u1.debian.tar.xz
 b1718b4c58798987d8aacfbeeb493a1a6f86c10c8f025aca1d0fdd3c0b226a57 20006 chromium-browser_69.0.3497.81-1~deb9u1_source.buildinfo
Files:
 49d5592cc2131159f113a684271811be 4370 web optional chromium-browser_69.0.3497.81-1~deb9u1.dsc
 75670f17fa49b226a78391390ebca1d9 237086156 web optional chromium-browser_69.0.3497.81.orig.tar.xz
 8a3cc52c5be20c61d2add6cf64e4dada 143180 web optional chromium-browser_69.0.3497.81-1~deb9u1.debian.tar.xz
 756379a48b1205eec3585ea4aec9ae53 20006 web optional chromium-browser_69.0.3497.81-1~deb9u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAluSdIsACgkQuNayzQLW
9HMZJyAAkbVzEX4MZzUWUpVF3Q2vYxCgIQuiLsPwT6lbRUoi3K368Ps3G2bI1/gw
5XzNnw0fbgduPPFgKJMl0q5A0Ojaf5i/ailRNYG4W1behOhaFJeFqO9FnCWkbGXj
IuPSTvN3O+uw/LVqlYxXZX2t3QpsCXjM32mreBulCAhqh/DS8vg/SgmhtnLP5pDB
DX8rDX9uijrWkVxJyHObYPMf1EikspyIxMRrOGiBmhnX1sYG6zZcqlAPueXNDo/2
+wX01O5c4VmibUk5NAuEfqTMtNAUmfVV0ixaKILVjV3yHHtDTzBPFOjTzQjsYMkc
Aj+/Lmwyh6iwtogOV/vz7aP21tSRZWp1hddG1EPpp9EOLd2/msxAHXi82KNePzJf
+eqb9KrIijWfQx6/G+oTkx8i5eBoU3YEshhjDsvaR6wDsui5DvjnzqA3scMMPfD2
3BVoslMfft014gyRbv8INjOLssTpYuaHdE9f/TqWhPZPxDqkeEDc1/BTuq9tatf1
RWuOl+hjvP2Y/Knf2Z6vGwYgnoziFzrA91sOnL3/LuRY1Os0N+taiLDOPK/josQm
sA2Z/oWxUr4y9Y0On/GQFIDaHTIT1n7L70tOcWOhwS764XEzU1JbqDOum+xIYUxL
Sh9nv4Jn9SeX1IInPWA677KSPuFiZ3mKkUPJDskZaJeNGrPJm+EUw0Lr4YIFdGf6
g91yzynoxVu4PfOd0HFK/etg6HgK6i6mfeyDzoLPe/g0vj0MUdZi9o2FQsbO4VLv
WBLY4lkbPMgSnyj51T5vKw4RlNDrlP5G+I1+30mfgL7kF/wmWx2oHzom4O0JzAUo
6Mw+KaZ3I5UGfe4nnmpfDLCAQ6RqkmxsFhywsEKOrmt4qjJwpac5+D15vvmLrCeC
Jr4lkh2W9HTQUsJE6JJklIkXXlK2atGVfJDoVv/ZPL457TfvXCtAEswP+18yxTKH
H8Gpj+nl4D0ZsNZ1WQyOK9aFwzqMrJc6kovGYcDZBlofcncX59w9l4k0yys8s7Y0
Jj062BwFnfJjBIsUKyGuo9LeB9kpNLNK142ud22jS+42Md2B9up3eBa/MJpNtBUw
hQNnI31SNHPhUCXfWmQowIGoHKcQWdKkg7DKe1v83OqaqH2+vxtDA/RrkbNA2Nqg
nZBplRohn3ndS1dvpOmPGpBkTEEEwzsAXhHDRteZqbIcQC/qZUW1TImOLO7d9avo
l9c5fivHJl2VwON/1T8Cyp8f9jVe8zAXCzJI4ra4zioht1Rtliu1Rv5YW8vy2xm5
i1pfZyskpYlJkyc2nRqctCgazHA65JSM37gdo434RACUWQSxMCRUuJ7gzTqFCjYJ
qEIQjEBGJNS6brm+cIg5r6mN1xwp8g==
=XBdF
-----END PGP SIGNATURE-----