Accepted chromium 72.0.3626.81-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 02 Feb 2019 05:05:43 +0000
Source: chromium
Architecture: source
Version: 72.0.3626.81-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Michael Gilbert <mgilbert@debian.org>
Closes: 856255 916320
Changes:
chromium (72.0.3626.81-1) unstable; urgency=medium
.
* New upstream stable release.
- Stack buffer overflow in Skia. Reported by Ivan Fratric
- Use after free in Mojo, FileAPI, and Payments. Reported by Mark Brand
- CVE-2018-17481: Use after free in PDFium. Reported by Anonymous
- CVE-2019-5754: Inappropriate implementation in QUIC Networking. Reported
by Klzgrad
- CVE-2019-5755: Inappropriate implementation in V8. Reported by Jay
Bosamiya
- CVE-2019-5756: Use after free in PDFium. Reported by Anonymous
- CVE-2019-5757: Type Confusion in SVG. Reported by Alexandru Pitis
- CVE-2019-5758: Use after free in Blink. Reported by Zhe Jin
- CVE-2019-5759: Use after free in HTML select elements. Reported by Almog
Benin
- CVE-2019-5760: Use after free in WebRTC. Reported by Zhe Jin
- CVE-2019-5762: Use after free in PDFium. Reported by Anonymous
- CVE-2019-5763: Insufficient validation of untrusted input in V8.
Reported by Guang Gong
- CVE-2019-5764: Use after free in WebRTC. Reported by Eyal Itkin
- CVE-2019-5765: Insufficient policy enforcement in the browser. Reported
by Sergey Toshin
- CVE-2019-5766: Insufficient policy enforcement in Canvas. Reported by
David Erceg
- CVE-2019-5767: Incorrect security UI in WebAPKs. Reported by Haoran Lu,
Yifan Zhang, Luyi Xing, and Xiaojing Liao
- CVE-2019-5768: Insufficient policy enforcement in DevTools. Reported by
Rob Wu
- CVE-2019-5769: Insufficient validation of untrusted input in Blink.
Reported by Guy Eshel
- CVE-2019-5770: Heap buffer overflow in WebGL. Reported by hemidallt
- CVE-2019-5772: Use after free in PDFium. Reported by Zhen Zhou
- CVE-2019-5773: Insufficient data validation in IndexedDB. Reported by
Yongke Wang
- CVE-2019-5774: Insufficient validation of untrusted input in
SafeBrowsing. Reported by Junghwan Kang and Juno Im
- CVE-2019-5775: Insufficient policy enforcement in Omnibox. Reported by
evi1m0
- CVE-2019-5776: Insufficient policy enforcement in Omnibox. Reported by
Lnyas Zhang
- CVE-2019-5777: Insufficient policy enforcement in Omnibox. Reported by
Khalil Zhani
- CVE-2019-5778: Insufficient policy enforcement in Extensions. Reported
by David Erceg
- CVE-2019-5779: Insufficient policy enforcement in ServiceWorker.
Reported by David Erceg
- CVE-2019-5780: Insufficient policy enforcement. Reported by Andreas
Hegenberg
- CVE-2019-5781: Insufficient policy enforcement in Omnibox. Reported by
evi1m0
- CVE-2019-5782: Inappropriate implementation in V8 reported by Qixun Zhao
- CVE-2019-5783: Insufficient validation of untrusted input in DevTools.
Reported by Shintaro Kobori
* Opt out of all Google web service options by default (closes: #916320).
* Enable support for hardware accelerated video decoding (closes: #856255).
- Thanks to Akarshan Biswas.
Checksums-Sha1:
715a40672675e56c86552aa3dec382f217792b27 4203 chromium_72.0.3626.81-1.dsc
e36e53aed6e22407f5501e3c75733480b7182c19 200911460 chromium_72.0.3626.81.orig.tar.xz
8ed5e067ae11578fb03657ba5a11ffaaac4c1036 174920 chromium_72.0.3626.81-1.debian.tar.xz
2b355c81cf389d6c159d5749662989d05c2b239c 21523 chromium_72.0.3626.81-1_source.buildinfo
Checksums-Sha256:
d860a6d102f965e03e85c72e5385be8657f8136af5d52a96ba6eb5f9ce14d6d6 4203 chromium_72.0.3626.81-1.dsc
bdd0222053c033c10ef9398c829f69a884face0e7e6426001addc60eab3d4b3d 200911460 chromium_72.0.3626.81.orig.tar.xz
49953e7e9b70edb29e2fd2a1307ccb3dbedfb83ff3e3d461dcbe54d4f4b2ff86 174920 chromium_72.0.3626.81-1.debian.tar.xz
e115a6211b1b7d932044eccae9975e8383fa6beb8d4336e362957b8d0aef7786 21523 chromium_72.0.3626.81-1_source.buildinfo
Files:
ea3867844e4f4699fc31076b3cde6c93 4203 web optional chromium_72.0.3626.81-1.dsc
0e6ca23afbab65c9f67152048285582a 200911460 web optional chromium_72.0.3626.81.orig.tar.xz
32385ef4e2b9f7206c9462799ebd14a4 174920 web optional chromium_72.0.3626.81-1.debian.tar.xz
4b892217ea2d76da417deb159109b3e5 21523 web optional chromium_72.0.3626.81-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAlxVpfcACgkQuNayzQLW
9HOIex/9HC4GWMCG/Rq+aatm2tMQ6SW/Su0gGqvv7NWnhZqm5bnvcyo8ysEHjWJ5
bdmrrp+d8vMZ9rLmGjE0uhaRdQTXGI0YOdY/lZNos0ptV3inXaUg76MVDGBoWIcD
kiG0v7iYaYSFb608Zx3zo9z8uPgxOuDaY19EQuOaCbSiHt/UYmqa6IZYnoOFSPK5
lcaCIB68I4xLaIqINVQGnKH225T8UH7k6hkRlBxuC4g6UCNdhasbXi7aXp+So17Y
7I1zHtgQexGqevC5THqXQm9px1ro6c9JRMGbtoTicD7+zzxPjGFSFPe3QxYz+7SB
d/oYMtsxV8FRwzkDV/X3vAA0w8R3mj8Z2veJIjSpql/amM7S2OyQBqYax0Q+lRp9
PKFpCyWZYbalzLEDz+0/O7/q+iRkrOfN2h4vllPUOg//GcMzx12bQMJfduLBAXna
xKk34HSk7rqqzTLiDrtukVI+sS28gEdLZ4tYHOwwZmUsSe+1ungDplQ7OymrJFE+
WEKMVk8yK8h0xxezKysnQkiO229wfcGdknLuG/pch4H1y/zmWaq3uvJW7VzmsS64
Dmr+JhJU57FG1WQbfP/L8HQB5E9mab/Y0+72FrC8nEmyuipwoOCAmRyifE1ioRe2
8plhqrqyrvH/vJyF0+Loco0ke/M1Cn6ljgTq4LDub8JzqR+E4f6ZIiCi+24VGQL/
W3R9woVqLpuZ8SgyhGtr+/BXNtSCeBJQ4uHkqFiGE85ir1tN//G1gC30a/+1XW9A
r2vsgyslNU8P/f9INZPnqDT47heFSrYrnqj6wk9ms1ShNZv1WFHcbbchWUoW6N/H
oZUlFRvXzm6RwL/LUruS6mp1QB+adLwglJcF/pzndzFlvbPrRyCox1dQmm1RQ611
YPHl6LUA0Zx6GnYl84aD8+MOufy7BSXiBnQloJm2mXkXREr170RIylJP9WxBmRqu
CVBy7aVHuF9p3ycIqigM8uJ3p6A/f+l8yroXqe3HEwl4v/oAWHgNaD5Cxng1duxU
b5vr4DRYMuJoLMcK2Fm6/l6hXRcPKH8e970o5cJVp371hgGp5rmNX6c8jJYN0COh
CaEX/WGj/lF6cYc9duxFhnn6SoetKgVPcnXjjQIRBpJyajljclWGUmBNY43QVSmC
iXiExc5aLHy641QOnV8mH5JfU/+ZN+IFdxRRFX+UM5H9Ykd0MpSYNsoR81bd7bBb
Myng6aILN+OVSGPBZ8rly140UuXQ2NktDszTfiMVl+vKjZm3Q/qUwS1fNI6eI+N6
19/Di6/CpfpIgQ4iZQCgd0vTkYYhVOSod39pohJkMUDwf4cc2pAT5eapwhy3RzH7
xYQ/c9X2mf+nZe9tVv0s0dQYSq5fZw==
=Mk7W
-----END PGP SIGNATURE-----
Reply to: