Back to chromium-browser PTS page

Accepted chromium-browser 70.0.3538.67-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted chromium-browser 70.0.3538.67-1 (source) into unstable
From: Michael Gilbert <mgilbert@debian.org>
Date: Wed, 17 Oct 2018 03:51:22 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1gCcri-000FUP-Cb@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 16 Oct 2018 12:36:22 +0000
Source: chromium-browser
Binary: chromium chromium-l10n chromium-shell chromium-driver chromium-common
Architecture: source
Version: 70.0.3538.67-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Chromium Team <chromium-browser@packages.debian.org>
Changed-By: Michael Gilbert <mgilbert@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-l10n - web browser - language packs
 chromium-shell - web browser - minimal shell
Closes: 911056
Changes:
 chromium-browser (70.0.3538.67-1) unstable; urgency=medium
 .
   * New upstream stable release.
     - CVE-2018-17462: Sandbox escape in AppCache. Reported by Ned Williamson
       and Niklas Baumstark
     - CVE-2018-17463: Remote code execution in V8. Reported by Ned Williamson
       and Niklas Baumstark
     - Heap buffer overflow in Little CMS in PDFium. Reported by Quang Nguyễn
     - CVE-2018-17464: URL spoof in Omnibox. Reported by xisigr
     - CVE-2018-17465: Use after free in V8. Reported by Lin Zuojian
     - CVE-2018-17466: Memory corruption in Angle. Reported by Omair
     - CVE-2018-17467: URL spoof in Omnibox. Reported by Khalil Zhani
     - CVE-2018-17468: Cross-origin URL disclosure in Blink. Reported by James
       Lee
     - CVE-2018-17469: Heap buffer overflow in PDFium. Reported by Zhen Zhou
     - CVE-2018-17470: Memory corruption in GPU Internals. Reported by Zhe Jin
     - CVE-2018-17471: Security UI occlusion in full screen mode. Reported by
       Lnyas Zhang
     - CVE-2018-17473: URL spoof in Omnibox. Reported by Khalil Zhani
     - CVE-2018-17474: Use after free in Blink. Reported by Zhe Jin
     - CVE-2018-17475: URL spoof in Omnibox. Reported by Vladimir Metnew
     - CVE-2018-17476: Security UI occlusion in full screen mode. Reported by
       Khalil Zhani
     - CVE-2018-5179: Lack of limits on update() in ServiceWorker. Reported by
       Yannic Bonenberger
     - CVE-2018-17477: UI spoof in Extensions. Reported by Aaron Muir Hamilton
   * Fix build failure on i386.
   * Fix installation path of the master preferences file (closes: #911056).
Checksums-Sha1:
 4109b0cfd203feef4bb2be1c8a5e09d6905ca780 4205 chromium-browser_70.0.3538.67-1.dsc
 7a36f291c4b36b7dec2ef8b9e82e20153deae1e8 205802572 chromium-browser_70.0.3538.67.orig.tar.xz
 1729498a18276a0f07461513f720c57138497b8e 151932 chromium-browser_70.0.3538.67-1.debian.tar.xz
 cdaea1dbb514e7f1648948c35aeb9868741f73aa 18763 chromium-browser_70.0.3538.67-1_source.buildinfo
Checksums-Sha256:
 85c8ceee7477767b1d300946096e4208ad20f58e179a2c7f586976ef822f5819 4205 chromium-browser_70.0.3538.67-1.dsc
 8b5a3ec76bb4f158e5716d5782df746cf8f4b737126c9ba0b47d1962d586ffa7 205802572 chromium-browser_70.0.3538.67.orig.tar.xz
 3188f140645fc11d36ac00d0e0668c9160c4030342f60d53cf0cda6428b6113d 151932 chromium-browser_70.0.3538.67-1.debian.tar.xz
 f2a0a415028818cdfb8ee85730fa320eb304149a12ab51fe9f769ef6fd3aa08b 18763 chromium-browser_70.0.3538.67-1_source.buildinfo
Files:
 ce9fb5e1347c8733ee068892aa2281a0 4205 web optional chromium-browser_70.0.3538.67-1.dsc
 e948e133f96a511a2ec1aaa7a18955e8 205802572 web optional chromium-browser_70.0.3538.67.orig.tar.xz
 e7bfccdaa9cd2a61b7a69a7aa994f52a 151932 web optional chromium-browser_70.0.3538.67-1.debian.tar.xz
 bfeb8b500a5b0bbbd7a5e188f9c0c56d 18763 web optional chromium-browser_70.0.3538.67-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAlvGqaUACgkQuNayzQLW
9HOGkR/+KnavPvaQQ3RoRw0SGmlq/sDwwuDTBkslm7kLyD5i/xiBRcWiJueVdmuK
t09iNgjKVL81vgmWgKHClCVTIC3GAhJoLYdMEZDfndE4slbJnF6Ryzmp/CP5X3d4
zQBFtOjHAHqumo4CNH1M4Pm0BzmHRqN7DdGVF79G5cBR2Yuh00MU5Ck7S6D6tufE
l4ikF8U5L6gtEt5xVd4YmCb9s0BvRFkjwEtPUPnvLPhcxU8GifdFKz+xvHh75t+L
u+U/AdUds6dvdtX6nIscqoaerwE8L1jcuViy/sandv+wU4UFgcCA1hJvakG60HZu
nkV7LmeoaKciUzRGHbnFU0r4Zg1H2Ov3YlubvsBK+yTd8rha/SI/B1CoTYEsM8Y3
6Plpfxkgm9z9HXHE9Zlfgw4rbBGfdE5KzUU7AcBOKpbnZUZlGZPo4IDhipHaop+0
fy/4MhoSCkSTGzaaPNXh30Jh4BaFjFEfOHAzKTMgtp7tKCf/WHQ3V2iYYK4tgk4S
qLWP1vXkr7+bf3mkc3IVNL9fwnIaV0xN3QUztASDwbPLnQjdwkPryc9j33EY1Qkd
0Z5DnSNwsqMJuTWIqmMqhd/M7CKtqyYPc4KX6RT3dr1iRsgCbNycKuMZQVtCmmL8
7TwfPn0hCB/xzQGPaZRfbF/8xqU8GLu+BJXt8nwo+g8eVMmFYDZnzgqIW0hAH275
WIOymh30Tb85T62te9lP5bIR9savdh6Fv2Yu1tvwU/oFPtfZ4nC1X91Oj9Gm1QUt
OcIV3W0gH8bZzlcX48VGe51aHnVguiedNJgAPxE9qQ653l57+xIoOviNkln1EcpM
bjMIlmfduYp/ockJ5O06RO7bhTym6MODfNs0UNAAcfI0vY1EvqNyFL/mErYrJOUr
XwETCUC1WTlVRHAuCz4mU4yO+vyb8WyfAS53JeJF61/kzPMNCvUrL3W/uSX1DeMV
ketcAkRWGNkglBJYjelunfmoBEHwSB9zYc9HbxYdFuQlvANZofWiAHPfmeUf+iGB
74m6st6ZcMgppYKCLs7zFzQaw0mLX4uVTniO6XEf7ha3IE38MYyebqgKFPQW0ZVS
ROofR7l4UH6MCnLtakDJ27IVpAYJfvBUl7RA3UA3ho43+YERTqPhtUILRdj7iqHj
05gfmLmGvgFNnaAyono+Lh5KVuiES2zB2FAPVoGnvfCGV7TWlb3UgwdnO1rFFUw7
BWD3nK9dniPAQcLUSoy0U66B9qFFB94hDxr2nrnzOv8ca7O3jnxRAyoqzjf3CmCy
wHLPRYKJlVit8huOrqKea144mTKAW+e8qa4Ljmnq1PepTJTjyDkcjbdTkNClWScq
UtLN8RpGpBhkmj0BTjdZDDO+xnVCFQ==
=T8r1
-----END PGP SIGNATURE-----