-
Committer:
Chad MILLER
-
Date:
2016-04-14 15:13:07 UTC
-
mfrom:
(1157.1.67 wily-working)
-
Revision ID:
chad.miller@canonical.com-20160414151307-1hknqjxke2ktbwga
* Upstream release 50.0.2661.75:
- CVE-2016-1652: Universal XSS in extension bindings.
- CVE-2016-1653: Out-of-bounds write in V8.
- CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding.
- CVE-2016-1654: Uninitialized memory read in media.
- CVE-2016-1655: Use-after-free related to extensions.
- CVE-2016-1656: Android downloaded file path restriction bypass.
- CVE-2016-1657: Address bar spoofing.
- CVE-2016-1658: Potential leak of sensitive information to malicious extensions.
- CVE-2015-1659: Various fixes from internal audits, fuzzing and other initiatives.
* debian/patches/seccomp-allow-set-robust-list: pass through syscall
set_robust_list. glibc nptl thread creation uses it.