Package "chromium-browser"
Name: |
chromium-browser
|
Description: |
Chromium web browser, open-source version of Chrome
|
Latest version: |
90.0.4430.72-0ubuntu0.16.04.1 |
Release: |
xenial (16.04) |
Level: |
updates |
Repository: |
universe |
Homepage: |
https://chromium.googlesource.com/chromium/src/ |
Links
Download "chromium-browser"
Other versions of "chromium-browser" in Xenial
Packages in group
Deleted packages are displayed in grey.
Changelog
chromium-browser (90.0.4430.72-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 90.0.4430.72
- CVE-2021-21201: Use after free in permissions.
- CVE-2021-21202: Use after free in extensions.
- CVE-2021-21203: Use after free in Blink.
- CVE-2021-21204: Use after free in Blink.
- CVE-2021-21205: Insufficient policy enforcement in navigation.
- CVE-2021-21221: Insufficient validation of untrusted input in Mojo.
- CVE-2021-21207: Use after free in IndexedDB.
- CVE-2021-21208: Insufficient data validation in QR scanner.
- CVE-2021-21209: Inappropriate implementation in storage.
- CVE-2021-21210: Inappropriate implementation in Network.
- CVE-2021-21211: Inappropriate implementation in Navigation.
- CVE-2021-21212: Incorrect security UI in Network Config UI.
- CVE-2021-21213: Use after free in WebMIDI.
- CVE-2021-21214: Use after free in Network API.
- CVE-2021-21215: Inappropriate implementation in Autofill.
- CVE-2021-21216: Inappropriate implementation in Autofill.
- CVE-2021-21217: Uninitialized Use in PDFium.
- CVE-2021-21218: Uninitialized Use in PDFium.
- CVE-2021-21219: Uninitialized Use in PDFium.
* debian/patches/blink-animation-old-clang-compatibility.patch: added
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/define__libc_malloc.patch: refreshed
* debian/patches/disable-sse2: removed, no longer needed
* debian/patches/evdev-undefined-switch.patch: added
* debian/patches/fix-c++17ism.patch: refreshed
* debian/patches/gtk-symbols-conditional.patch: refreshed
* debian/patches/import-missing-fcntl-defines.patch: updated
* debian/patches/libaom-armhf-build-cpudetect.patch: added
* debian/patches/revert-getrandom.patch: refreshed
* debian/patches/revert-sequence-checker-capability-name.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/use-clang-versioned.patch: refreshed
* debian/patches/wayland-scanner-add-missing-include.patch: refreshed
* debian/patches/widevine-enable-version-string.patch: refreshed
* debian/patches/widevine-other-locations: refreshed
-- Olivier Tilloy <email address hidden> Thu, 15 Apr 2021 12:08:22 +0200
|
Source diff to previous version |
chromium-browser (89.0.4389.90-0ubuntu0.16.04.2) xenial; urgency=medium
* debian/control: add an explicit runtime dependency on libx11-xcb1
(LP: #1919146)
-- Olivier Tilloy <email address hidden> Thu, 18 Mar 2021 15:10:59 +0100
|
Source diff to previous version |
1919146 |
Missing runtime dependency on libx11-xcb1 |
|
chromium-browser (89.0.4389.82-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 89.0.4389.82
-- Olivier Tilloy <email address hidden> Sun, 07 Mar 2021 06:35:41 +0100
|
Source diff to previous version |
chromium-browser (87.0.4280.66-0ubuntu0.16.04.1) xenial; urgency=medium
* Upstream release: 87.0.4280.66
- CVE-2020-16018: Use after free in payments.
- CVE-2020-16019: Inappropriate implementation in filesystem.
- CVE-2020-16020: Inappropriate implementation in cryptohome.
- CVE-2020-16021: Race in ImageBurner.
- CVE-2020-16022: Insufficient policy enforcement in networking.
- CVE-2020-16015: Insufficient data validation in WASM.
- CVE-2020-16014: Use after free in PPAPI.
- CVE-2020-16023: Use after free in WebCodecs.
- CVE-2020-16024: Heap buffer overflow in UI.
- CVE-2020-16025: Heap buffer overflow in clipboard.
- CVE-2020-16026: Use after free in WebRTC.
- CVE-2020-16027: Insufficient policy enforcement in developer tools.
- CVE-2020-16028: Heap buffer overflow in WebRTC.
- CVE-2020-16029: Inappropriate implementation in PDFium.
- CVE-2020-16030: Insufficient data validation in Blink.
- CVE-2019-8075: Insufficient data validation in Flash.
- CVE-2020-16031: Incorrect security UI in tab preview.
- CVE-2020-16032: Incorrect security UI in sharing.
- CVE-2020-16033: Incorrect security UI in WebUSB.
- CVE-2020-16034: Inappropriate implementation in WebRTC.
- CVE-2020-16035: Insufficient data validation in cros-disks.
- CVE-2020-16012: Side-channel information leakage in graphics.
- CVE-2020-16036: Inappropriate implementation in cookies.
* debian/rules: set chrome_pgo_phase build flag to 0 to disable PGO, because
the upstream profile data is not compatible with the version of clang used
to build chromium
* debian/patches/default-allocator: refreshed
* debian/patches/fix-different-language-linkage-error.patch: removed, no
longer needed
* debian/patches/fix-ptrace-header-include.patch: refreshed
* debian/patches/gtk-symbols-conditional.patch: updated
* debian/patches/revert-getrandom.patch: added
* debian/patches/revert-newer-xcb-requirement.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/stl-util-old-clang-compatibility.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/use-clang-versioned.patch: refreshed
-- Olivier Tilloy <email address hidden> Tue, 17 Nov 2020 23:09:47 +0100
|
Source diff to previous version |
CVE-2019-8075 |
Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Info |
|
chromium-browser (86.0.4240.198-0ubuntu0.16.04.1) xenial; urgency=medium
* Stable channel update: 86.0.4240.198
- CVE-2020-16013: Inappropriate implementation in V8.
- CVE-2020-16017: Use after free in site isolation.
-- Olivier Tilloy <email address hidden> Thu, 12 Nov 2020 07:13:56 +0100
|
About
-
Send Feedback to @ubuntu_updates