Viewing all changes in revision 1419.
- Committer: Olivier Tilloy
- Date: 2018-05-30 13:29:43 UTC
- mfrom: (1349.1.82 artful-beta)
- Revision ID: olivier.tilloy@canonical.com-20180530132943-qezcobeuag0pcsr6
* Upstream release: 67.0.3396.62
- CVE-2018-6123: Use after free in Blink.
- CVE-2018-6124: Type confusion in Blink.
- CVE-2018-6125: Overly permissive policy in WebUSB.
- CVE-2018-6126: Heap buffer overflow in Skia.
- CVE-2018-6127: Use after free in indexedDB.
- CVE-2018-6128: uXSS in Chrome on iOS.
- CVE-2018-6129: Out of bounds memory access in WebRTC.
- CVE-2018-6130: Out of bounds memory access in WebRTC.
- CVE-2018-6131: Incorrect mutability protection in WebAssembly.
- CVE-2018-6132: Use of uninitialized memory in WebRTC.
- CVE-2018-6133: URL spoof in Omnibox.
- CVE-2018-6134: Referrer Policy bypass in Blink.
- CVE-2018-6135: UI spoofing in Blink.
- CVE-2018-6136: Out of bounds memory access in V8.
- CVE-2018-6137: Leak of visited status of page in Blink.
- CVE-2018-6138: Overly permissive policy in Extensions.
- CVE-2018-6139: Restrictions bypass in the debugger extension API.
- CVE-2018-6140: Restrictions bypass in the debugger extension API.
- CVE-2018-6141: Heap buffer overflow in Skia.
- CVE-2018-6142: Out of bounds memory access in V8.
- CVE-2018-6143: Out of bounds memory access in V8.
- CVE-2018-6144: Out of bounds memory access in PDFium.
- CVE-2018-6145: Incorrect escaping of MathML in Blink.
- CVE-2018-6147: Password fields not taking advantage of OS protections in Views.
* debian/patches/additional-search-engines.patch: refreshed
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/default-allocator: refreshed
* debian/patches/disable-sse2: updated
* debian/patches/fix-crashpad-linux-compat.patch: added
* debian/patches/fix-extra-arflags.patch: added
* debian/patches/libcxxabi-arm-ehabi-fix.patch: refreshed
* debian/patches/revert-clang-nostdlib++.patch: refreshed
* debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/skia-disable-neon.patch: removed, no longer needed
* debian/patches/skia-undef-HWCAP_CRC32.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/use-clang-versioned.patch: refreshed
* debian/patches/widevine-allow-enable.patch: added
* debian/patches/widevine-other-locations: updated
- CVE-2018-6123: Use after free in Blink.
- CVE-2018-6124: Type confusion in Blink.
- CVE-2018-6125: Overly permissive policy in WebUSB.
- CVE-2018-6126: Heap buffer overflow in Skia.
- CVE-2018-6127: Use after free in indexedDB.
- CVE-2018-6128: uXSS in Chrome on iOS.
- CVE-2018-6129: Out of bounds memory access in WebRTC.
- CVE-2018-6130: Out of bounds memory access in WebRTC.
- CVE-2018-6131: Incorrect mutability protection in WebAssembly.
- CVE-2018-6132: Use of uninitialized memory in WebRTC.
- CVE-2018-6133: URL spoof in Omnibox.
- CVE-2018-6134: Referrer Policy bypass in Blink.
- CVE-2018-6135: UI spoofing in Blink.
- CVE-2018-6136: Out of bounds memory access in V8.
- CVE-2018-6137: Leak of visited status of page in Blink.
- CVE-2018-6138: Overly permissive policy in Extensions.
- CVE-2018-6139: Restrictions bypass in the debugger extension API.
- CVE-2018-6140: Restrictions bypass in the debugger extension API.
- CVE-2018-6141: Heap buffer overflow in Skia.
- CVE-2018-6142: Out of bounds memory access in V8.
- CVE-2018-6143: Out of bounds memory access in V8.
- CVE-2018-6144: Out of bounds memory access in PDFium.
- CVE-2018-6145: Incorrect escaping of MathML in Blink.
- CVE-2018-6147: Password fields not taking advantage of OS protections in Views.
* debian/patches/additional-search-engines.patch: refreshed
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/default-allocator: refreshed
* debian/patches/disable-sse2: updated
* debian/patches/fix-crashpad-linux-compat.patch: added
* debian/patches/fix-extra-arflags.patch: added
* debian/patches/libcxxabi-arm-ehabi-fix.patch: refreshed
* debian/patches/revert-clang-nostdlib++.patch: refreshed
* debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/skia-disable-neon.patch: removed, no longer needed
* debian/patches/skia-undef-HWCAP_CRC32.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/use-clang-versioned.patch: refreshed
* debian/patches/widevine-allow-enable.patch: added
* debian/patches/widevine-other-locations: updated
- files added:
- debian/patches/fix-crashpad-linux-compat.patch
- files removed:
- debian/patches/skia-disable-neon.patch
- files modified:
- debian/changelog
expand all
collapse all
added
removed
