-
Committer:
Olivier Tilloy
-
Date:
2019-07-30 19:02:42 UTC
-
mfrom:
(1277.1.130 xenial-beta)
-
Revision ID:
olivier.tilloy@canonical.com-20190730190242-3dlvn6r5aeikjb5x
* Upstream release: 76.0.3809.87
- CVE-2019-5850: Use-after-free in offline page fetcher.
- CVE-2019-5860: Use-after-free in PDFium.
- CVE-2019-5853: Memory corruption in regexp length check.
- CVE-2019-5851: Use-after-poison in offline audio context.
- CVE-2019-5859: res: URIs can load alternative browsers.
- CVE-2019-5856: Insufficient checks on filesystem: URI permissions.
- CVE-2019-5863: Use-after-free in WebUSB on Windows.
- CVE-2019-5855: Integer overflow in PDFium.
- CVE-2019-5865: Site isolation bypass from compromised renderer.
- CVE-2019-5858: Insufficient filtering of Open URL service parameters.
- CVE-2019-5864: Insufficient port filtering in CORS for extensions.
- CVE-2019-5862: AppCache not robust to compromised renderers.
- CVE-2019-5861: Click location incorrectly checked.
- CVE-2019-5857: Comparison of -0 and null yields crash.
- CVE-2019-5854: Integer overflow in PDFium text rendering.
- CVE-2019-5852: Object leak of utility functions.
* debian/patches/chromium_useragent.patch: refreshed
* debian/patches/closure-compiler-java-no-client-vm.patch: refreshed
* debian/patches/disable-sse2: refreshed
* debian/patches/fix-extra-arflags.patch: refreshed
* debian/patches/fix-ffmpeg-ia32-build.patch: removed, no longer needed
* debian/patches/pffft-no-neon.patch: removed, no longer needed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/skia-undef-HWCAP_CRC32.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/upstream-fix-blink-build-iterators.patch: added