Package "chromium-browser"
| Name: |
chromium-browser
|
Description: |
Chromium web browser, open-source version of Chrome
|
| Latest version: |
90.0.4430.72-0ubuntu0.16.04.1 |
| Release: |
xenial (16.04) |
| Level: |
security |
| Repository: |
universe |
| Homepage: |
https://chromium.googlesource.com/chromium/src/ |
Links
Download "chromium-browser"
Other versions of "chromium-browser" in Xenial
Packages in group
Deleted packages are displayed in grey.
Changelog
|
chromium-browser (86.0.4240.75-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 86.0.4240.75
- CVE-2020-15967: Use after free in payments.
- CVE-2020-15968: Use after free in Blink.
- CVE-2020-15969: Use after free in WebRTC.
- CVE-2020-15970: Use after free in NFC.
- CVE-2020-15971: Use after free in printing.
- CVE-2020-15972: Use after free in audio.
- CVE-2020-15990: Use after free in autofill.
- CVE-2020-15991: Use after free in password manager.
- CVE-2020-15973: Insufficient policy enforcement in extensions.
- CVE-2020-15974: Integer overflow in Blink.
- CVE-2020-15975: Integer overflow in SwiftShader.
- CVE-2020-15976: Use after free in WebXR.
- CVE-2020-6557: Inappropriate implementation in networking.
- CVE-2020-15977: Insufficient data validation in dialogs.
- CVE-2020-15978: Insufficient data validation in navigation.
- CVE-2020-15979: Inappropriate implementation in V8.
- CVE-2020-15980: Insufficient policy enforcement in Intents.
- CVE-2020-15981: Out of bounds read in audio.
- CVE-2020-15982: Side-channel information leakage in cache.
- CVE-2020-15983: Insufficient data validation in webUI.
- CVE-2020-15984: Insufficient policy enforcement in Omnibox.
- CVE-2020-15985: Inappropriate implementation in Blink.
- CVE-2020-15986: Integer overflow in media.
- CVE-2020-15987: Use after free in WebRTC.
- CVE-2020-15992: Insufficient policy enforcement in networking.
- CVE-2020-15988: Insufficient policy enforcement in downloads.
- CVE-2020-15989: Uninitialized Use in PDFium.
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/default-allocator: refreshed
* debian/patches/disable-sse2: refreshed
* debian/patches/fix-c++17ism.patch: added
* debian/patches/fix-different-language-linkage-error.patch: added
* debian/patches/gtk-symbols-conditional.patch: refreshed
* debian/patches/import-missing-fcntl-defines.patch: added
* debian/patches/node-use-system-wide.patch: refreshed
* debian/patches/revert-newer-xcb-requirement.patch: added
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/stl-util-old-clang-compatibility.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/touch-v35: updated
* debian/patches/upstream-fix-crash-in-MediaSerializer-base-Location.patch:
removed, no longer needed
* debian/patches/widevine-enable-version-string.patch: refreshed
* debian/patches/widevine-other-locations: refreshed
-- Olivier Tilloy <email address hidden> Wed, 07 Oct 2020 22:00:46 +0200
|
| Source diff to previous version |
|
chromium-browser (85.0.4183.121-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 85.0.4183.121
- CVE-2020-15960: Heap buffer overflow in storage.
- CVE-2020-15961: Insufficient policy enforcement in extensions.
- CVE-2020-15962: Insufficient policy enforcement in serial.
- CVE-2020-15963: Insufficient policy enforcement in extensions.
- CVE-2020-15965: Type Confusion in V8.
- CVE-2020-15966: Insufficient policy enforcement in extensions.
- CVE-2020-15964: Insufficient data validation in media.
-- Olivier Tilloy <email address hidden> Mon, 21 Sep 2020 22:05:10 +0200
|
| Source diff to previous version |
| CVE-2020-15960 |
Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access |
| CVE-2020-15961 |
Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious |
| CVE-2020-15962 |
Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memor |
| CVE-2020-15963 |
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious |
| CVE-2020-15965 |
Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a craft |
| CVE-2020-15966 |
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious |
| CVE-2020-15964 |
Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a |
|
|
chromium-browser (85.0.4183.83-0ubuntu0.16.04.2) xenial; urgency=medium
* debian/rules: install libEGL.so and libGLESv2.so, needed for
hardware-accelerated rendering
-- Olivier Tilloy <email address hidden> Mon, 31 Aug 2020 14:57:48 +0200
|
| Source diff to previous version |
|
chromium-browser (84.0.4147.105-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 84.0.4147.105
- CVE-2020-6537: Type Confusion in V8.
- CVE-2020-6538: Inappropriate implementation in WebView.
- CVE-2020-6532: Use after free in SCTP.
- CVE-2020-6539: Use after free in CSS.
- CVE-2020-6540: Heap buffer overflow in Skia.
- CVE-2020-6541: Use after free in WebUSB.
-- Olivier Tilloy <email address hidden> Tue, 28 Jul 2020 11:21:33 +0200
|
| Source diff to previous version |
|
chromium-browser (81.0.4044.138-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 81.0.4044.138
- CVE-2020-6831: Stack buffer overflow in SCTP.
- CVE-2020-6464: Type Confusion in Blink.
-- Olivier Tilloy <email address hidden> Wed, 06 May 2020 08:52:03 +0200
|
About
-
Send Feedback to @ubuntu_updates
