Accepted chromium 71.0.3578.80-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 05 Dec 2018 00:45:35 +0000
Source: chromium
Binary: chromium chromium-l10n chromium-shell chromium-driver chromium-common chromium-sandbox
Architecture: source
Version: 71.0.3578.80-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Chromium Team <chromium-browser@packages.debian.org>
Changed-By: Michael Gilbert <mgilbert@debian.org>
Description:
chromium - web browser
chromium-common - web browser - common resources used by the chromium packages
chromium-driver - web browser - WebDriver support
chromium-l10n - web browser - language packs
chromium-sandbox - web browser - setuid security sandbox for chromium
chromium-shell - web browser - minimal shell
Changes:
chromium (71.0.3578.80-1) unstable; urgency=medium
.
* New upstream stable release.
- CVE-2018-17480: Out of bounds write in V8. Reported by Guang Gong
- CVE-2018-17481: Use after frees in PDFium. Reported by Anonymous
- CVE-2018-18335: Heap buffer overflow in Skia. Reported by Anonymous
- CVE-2018-18336: Use after free in PDFium. Reported by Huyna
- CVE-2018-18337: Use after free in Blink. Reported by cloudfuzzer
- CVE-2018-18338: Heap buffer overflow in Canvas. Reported by Zhe Jin
- CVE-2018-18339: Use after free in WebAudio. Reported by cloudfuzzer
- CVE-2018-18340: Use after free in MediaRecorder. Reported by Anonymous
- CVE-2018-18341: Heap buffer overflow in Blink. Reported by cloudfuzzer
- CVE-2018-18342: Out of bounds write in V8. Reported by Guang Gong
- CVE-2018-18343: Use after free in Skia. Reported by Tran Tien Hung
- CVE-2018-18344: Inappropriate implementation in Extensions. Reported by
Jann Horn
- CVE-2018-18345: Inappropriate implementation in Site Isolation. Reported
by Masato Kinugawa and Jun Kokatsu
- CVE-2018-18346: Incorrect security UI in Blink. Reported by Luan Herrera
- CVE-2018-18347: Inappropriate implementation in Navigation. Reported by
Luan Herrera
- CVE-2018-18348: Inappropriate implementation in Omnibox. Reported by
Ahmed Elsobky
- CVE-2018-18349: Insufficient policy enforcement in Blink. Reported by
David Erceg
- CVE-2018-18350: Insufficient policy enforcement in Blink. Reported by
Jun Kokatsu
- CVE-2018-18351: Insufficient policy enforcement in Navigation. Reported
by Jun Kokatsu
- CVE-2018-18352: Inappropriate implementation in Media. Reported by Jun
Kokatsu
- CVE-2018-18353: Inappropriate implementation in Network Authentication.
Reported by Wenxu Wu
- CVE-2018-18354: Insufficient data validation in Shell Integration.
Reported by Wenxu Wu
- CVE-2018-18355: Insufficient policy enforcement in URL Formatter.
Reported by evi1m0
- CVE-2018-18356: Use after free in Skia. Reported by Tran Tien Hung
- CVE-2018-18357: Insufficient policy enforcement in URL Formatter.
Reported by evi1m0
- CVE-2018-18358: Insufficient policy enforcement in Proxy. Reported by
Jann Horn
- CVE-2018-18359: Out of bounds read in V8. Reported by cyrilliu
- Inappropriate implementation in PDFium. Reported by Salem Faisal
Elmrayed
- Use after free in Extensions. Reported by Zhe Jin
- Inappropriate implementation in Navigation. Reported by Luan Herrera
- Inappropriate implementation in Navigation. Reported by Jesper van den
Ende
- Insufficient policy enforcement in Navigation. Reported by Ryan Pickren
- Insufficient policy enforcement in URL Formatter. Reported by evi1m0
Checksums-Sha1:
424b4e05c82b1f9f24cfc76fa6832203faefd301 4214 chromium_71.0.3578.80-1.dsc
f1a813d96fc272943a82a78adcaf214adb8aeecb 197203632 chromium_71.0.3578.80.orig.tar.xz
71eafb06b6bc65d08a0bc4d9087a3677e7ad56b3 166880 chromium_71.0.3578.80-1.debian.tar.xz
02bf675bb279ef2901d700fbf5fa0841600104d5 21518 chromium_71.0.3578.80-1_source.buildinfo
Checksums-Sha256:
9d5439407981733af631aea98b0beefcbb165ba3f978686db2ef051101155280 4214 chromium_71.0.3578.80-1.dsc
d065973886eb8fa622102c5254b480fc5c9c8e042674139efb75bd4235a9676f 197203632 chromium_71.0.3578.80.orig.tar.xz
f6f46767ccab378a7333e08fa71ffbc2689e24344d6f63640f859af721057d79 166880 chromium_71.0.3578.80-1.debian.tar.xz
91116a2c3f483b5d68565375096f744c64a615d89881669668a83b6a8d73d77a 21518 chromium_71.0.3578.80-1_source.buildinfo
Files:
c65f54581636b04c1f45cddcde4074f9 4214 web optional chromium_71.0.3578.80-1.dsc
b1cdde04ca22df99df7cf49e6453c750 197203632 web optional chromium_71.0.3578.80.orig.tar.xz
9778f6e6af63ac0c3fb3f8853be9597f 166880 web optional chromium_71.0.3578.80-1.debian.tar.xz
59041ed011a6d643731b3aba6827498c 21518 web optional chromium_71.0.3578.80-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAlwHWyUACgkQuNayzQLW
9HPtuB/+KdObznclXUZ4n64uFLMS0GQ3uvteovgDvtXAZ1qr/H7HvnDQQ81qdyWR
hMysHbayGsBhA1yZUh1hnKZa6JEsHrUDUvdUhdWNn4YbaPY1Fq4xc/F6outjc0Hp
qS4heJavRWF42NYx+n9BnBpSO0C/3AQ8zIkOncpwTjIRpIF6WPu3kO1QBKS1MSz7
HO2knbJzzviNrtJo3TULaZGrawe/YI8fmA0gadsMAKhy+BabKt0t0kiQGT9hv7Ce
Y8NSDmv8eOY302V64Yjc40XILXjPUT62Qq4zHFcWpN2tszEhi1tajfYv1PxvCwpZ
lIBD7XiVbm8Z2IUg1X9pOd1vsZjC5zmaUFuzNnKm6Va1drfn55Ki7A8QqibFJ1tE
kX1Kzg8cW6+MhiSLmDA7OdrymBVA4B1272nNDJ+LfMBUAAz6n+qdmICOmSLGZauK
cX+nXnXuCyZvl2TZBjBJy1rc3TfXtvctUqiw/U7LXFA6w26Y4ggw9Sv06YlhTcIz
IO70bx9A3G48x8kx3Jft4NrhpCMUxMqRI3xsBMQ6qpgz25cAITFlCg7DIKbv7DIK
Fdrbr9TabDi4Q9mWdlZLg3LFGM3riehs9jxPiWU96avoPrvaJZo9Ofl0gRCEbsar
pGxpek7rhkR6+R/nIYY2W1E3k5vhK/0SMJ4iAdVvqvz1WKiaHaB4DEbf+kL1B9YM
nptmr27Zr7REh7WNCSraUJzsRjfDLu01JZ1eeT8Dga1b6oh+I2xo8q4Co/80J+74
vrqfJ1h45+amKenQ84U1MUywlLu2XSkDX1wjTn4cBL2TowaAqRzjnWie+3O/ixsS
Q50mdJX8Ga0cf901aTZrfGuLzvKIUcTlyopVdRgCSvygriEctBp/NPVi7T+3eAYs
mJuNeGxTI9awC/DKKwaWeLWy+vRdKlURvZLtNJuC9FvD8dGVSHmvW4RQvu2VS6Lo
nNadwASFMLw1bHizF63aqbm5D55i3sgCc5O6baUFF3QUsxgZ96cXydq6sElYIv/m
nqDsqe/k8emd5LmjDZXoz3gDcUMIJyUi5jDW66sOa1qozyiAmGOsFF3ZUMDj701h
LlLXsrMM8hZ7g46LA9XopO3DPsRkAF8fwRPWlkJISMv6z4vSlkrdVagmfU9GLQnZ
OZ7bZkXm3qZInJlRvCi4rgL3/dUko37PHCd5Vej09YX+ZRsI2lmAUEyDzc5jYzh7
8DwNIXoIVUIyphwZdVXtCY4VzbbsFa17vX+tZ+LSzWQruWcaRscsTyO1vTShLdUp
H+KaW5VLw1vmdPTfooGl/J0SQtcuVnmduAIqrAXsR72Jq9zD7fBaFRH+63VrX9I0
VnH01LEdOJ6kMdJMH0t/7l1bTQX51A==
=Vmym
-----END PGP SIGNATURE-----