chromium-browser 64.0.3282.119-1 source package in Debian


chromium-browser (64.0.3282.119-1) unstable; urgency=medium

  * New upstream stable release.
    - CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall
    - CVE-2017-15429: UXSS in V8. Reported by Anonymous
    - CVE-2018-6031: Use after free in PDFium. Reported by Anonymous
    - CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun
    - CVE-2018-6033: Race when opening downloaded files. Reported by Juho
    - CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein
    - CVE-2018-6035: Insufficient isolation of devtools from extensions.
      Reported by Rob Wu
    - CVE-2018-6036: Integer underflow in WebAssembly. Reported by The UK's
      National Cyber Security Centre
    - CVE-2018-6037: Insufficient user gesture requirements in autofill.
      Reported by Paul Stone
    - CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer
    - CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen
    - CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu
    - CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera
    - CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani
    - CVE-2018-6043: Insufficient escaping with external URL handlers. Reported
      by 0x09AL
    - CVE-2018-6045: Insufficient isolation of devtools from extensions.
      Reported by Rob Wu
    - CVE-2018-6046: Insufficient isolation of devtools from extensions.
      Reported by Rob Wu
    - CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato
    - CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu
    - CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu
    - CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew
    - CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso
    - CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by
      Tanner Emek
    - CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset
    - CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu

 -- Michael Gilbert <email address hidden>  Sun, 28 Jan 2018 01:00:12 +0000

Upload details

Uploaded by:
Debian Chromium Maintainers
Uploaded to:
Original maintainer:
Debian Chromium Maintainers
i386 amd64 arm64 armhf all
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section



File Size SHA-256 Checksum
chromium-browser_64.0.3282.119-1.dsc 4.2 KiB 7f65c40346f3ba71233314cb58e9a139b88273514f330eebca5446522f8dc69c
chromium-browser_64.0.3282.119.orig.tar.xz 377.9 MiB fa500ab844b3985fd9a9983d8ce6cba2b551c878ea03986bd9bf13af5d692d36
chromium-browser_64.0.3282.119-1.debian.tar.xz 134.1 KiB 23ce4f3b81a237846a3a7a9ea494f7109310d4aca7c616e68e4261fbe540fc7d

No changes file available.

Binary packages built by this source