-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 27 May 2016 01:52:42 +0000 Source: chromium-browser Binary: chromium chromium-l10n chromedriver Architecture: source Version: 51.0.2704.63-1 Distribution: unstable Urgency: medium Maintainer: Debian Chromium Maintainers <pkg-chromium-ma...@lists.alioth.debian.org> Changed-By: Michael Gilbert <mgilb...@debian.org> Description: chromedriver - web browser - WebDriver support chromium - web browser chromium-l10n - web browser - language packs Changes: chromium-browser (51.0.2704.63-1) unstable; urgency=medium . * New upstream stable release: - CVE-2016-1667: Same origin bypass in DOM. Credit to Mariusz Mlynski. - CVE-2016-1668: Same origin bypass in Blink V8 bindings. Credit to Mariusz Mlynski. - CVE-2016-1669: Buffer overflow in V8. Credit to Choongwoo Han. - CVE-2016-1670: Race condition in loader. Credit to anonymous. - CVE-2016-1672: Cross-origin bypass in extension bindings. Credit to Mariusz Mlynski. - CVE-2016-1673: Cross-origin bypass in Blink. Credit to Mariusz Mlynski. - CVE-2016-1674: Cross-origin bypass in extensions. Credit to Mariusz Mlynski. - CVE-2016-1675: Cross-origin bypass in Blink. Credit to Mariusz Mlynski. - CVE-2016-1676: Cross-origin bypass in extension bindings. Credit to Rob Wu. - CVE-2016-1677: Type confusion in V8. Credit to Guang Gong. - CVE-2016-1678: Heap overflow in V8. Credit to Christian Holler. - CVE-2016-1679: Heap use-after-free in V8 bindings. Credit to Rob Wu. - CVE-2016-1680: Heap use-after-free in Skia. Credit to Atte Kettunen. - CVE-2016-1681: Heap overflow in PDFium. Credit to Aleksandar Nikolic. - CVE-2016-1682: CSP bypass for ServiceWorker. Credit to KingstonTime. - CVE-2016-1683: Out-of-bounds access in libxslt. Credit to Nicolas Gregoire. - CVE-2016-1684: Integer overflow in libxslt. Credit to Nicolas Gregoire. - CVE-2016-1685: Out-of-bounds read in PDFium. Credit to Ke Liu. - CVE-2016-1686: Out-of-bounds read in PDFium. Credit to Ke Liu. - CVE-2016-1687: Information leak in extensions. Credit to Rob Wu. - CVE-2016-1688: Out-of-bounds read in V8. Credit to Max Korenko. - CVE-2016-1689: Heap buffer overflow in media. Credit to Atte Kettunen. - CVE-2016-1690: Heap use-after-free in Autofill. Credit to Rob Wu. - CVE-2016-1691: Heap buffer-overflow in Skia. Credit to Atte Kettunen. - CVE-2016-1692: Limited cross-origin bypass in ServiceWorker. Credit to Til Jasper Ullrich. - CVE-2016-1693: HTTP Download of Software Removal Tool. Credit to Khalil Zhani. - CVE-2016-1694: HPKP pins removed on cache clearance. Credit to Ryan Lester and Bryant Zadegan. - CVE-2016-1695: Various fixes from internal audits, fuzzing and other initiatives. Checksums-Sha1: 9ebedd01053e8f583dc5d488033e6668868210b9 3910 chromium-browser_51.0.2704.63-1.dsc 30416dc16eb472e466280f99ffc6c11e5cee5c3e 459977248 chromium-browser_51.0.2704.63.orig.tar.xz 29431d7281f379f0991b52e3932bc1ecd4fc9b40 119932 chromium-browser_51.0.2704.63-1.debian.tar.xz Checksums-Sha256: 5f64edf29c15bea9be93dc85de0d123fb7be3bf412ecc042bd1cc42c8786ad01 3910 chromium-browser_51.0.2704.63-1.dsc ff056403384b531d447bf80455b615c83ae3f66205ea0642c727e29da7e664b7 459977248 chromium-browser_51.0.2704.63.orig.tar.xz 945518aefc6784c4c861938402a912a656f59be59d0eb3b90653abeb98664a27 119932 chromium-browser_51.0.2704.63-1.debian.tar.xz Files: 99b2f1593333a84d7890a6053916ac5b 3910 web optional chromium-browser_51.0.2704.63-1.dsc 381433c3910d12f66acee7268cba87f6 459977248 web optional chromium-browser_51.0.2704.63.orig.tar.xz b6b737c4649073a06d5abc1334629602 119932 web optional chromium-browser_51.0.2704.63-1.debian.tar.xz
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQQcBAEBCgAGBQJXR7F0AAoJELjWss0C1vRzhrcgAKZXm7LCpgnI+QA6sr9ccwR4 nb68O9p4S/rXM5vfOnnmC0poCI1wrJjEHcbd726B6AGpdkl3atSUC7odkrRJQjQS 2k74jSPT+bjWJziaCruCiOTs0LkMoA0kBg7W819KF3cySPD7I+EgJrl/wMxI8wih laEBcCpXRCei5o7bOOc4WaU13ShmyIsS/dDemS/Wd9GvoPaYov24G5NT1Of9Y37E ykbttWlQRxHTKMP3gFZqL5naeMOZI1JbarXSvO+5bSwKW0a3W2ZWu8ze7zEF5tzK 3QS/yH8cWTvlv/v+mtdnToNsRRMr3y9lCZpCuC/3zsOqCXOdcCcuDPkKhv1n6Ajw 2s5kG2WkbSiTnNdPDGI3V4kIAejEv3GOGWKXLaJJsCmnCN0+qhILiN540BqYH1y8 xUl+KDL2eaKDPk/KjdGq5pV+nTHn3bfGf1X6pWpawdd4szN1azWm1G14zHRmEM3/ 4NCJHeXor3XBVyy9LojYTIyLFDA3EqEzOm8+Q+c6oYPsuYPPrVyP9UZqkx46Xvct 9Jj7Mc3Pr/P4PuxABFHcJ46VHnWdRXyG9d7mcXzCSTiv432uD4bzrjdRSUdgruHg EQ7HzIq5j/n66D/1a/ToeA4tCdTVk2zJgCAyvK/c9esIg+Y5qZjWMqUnvsGiT/JY Gr7IOamiekDPSUuvopT1HRSnSLCGWP/7PIg35QdfOE6lc7zWaIff1N60zt4FIYCg UfrUVkeZr7pIAHiB8nzRIRdprvSeVEzo3g/c+REptxt3louHI/XxaET8/uZ3OFXl WEk7Jb+n71k17WdrpjS6sn73UWKFCo52WjwSltHS12V7HgpiPvOCT4EqFmBbTFYk H4LvE2aDGCA1MvEuJ9mAFvCmE/91aQzXTLuzE/H/S1I2emOOzEEmDbgnayCd+XLq nZwYoPx6mLZr7uiRQ9yQ9z+6KQvNoLVFODFQa7+8TbMliLD1kxH9izpLMcfhTTzo mxOGror/7oZGoG2FnvcPEhkJ3gaJa39qfWNnv+Zi0T8iuPARQbUg15gi99sxuCIq xsXJWQPJtZoPlYZUS8uX211IYltmMZlm87UDrQt/CYoh7HDtomxVVfo/FfFs2HCF W7JHOr3bHZ1iX2ZsMqwR5KFth55oe8ExQa0DBrIe/CDnF55OLSvXkmmQqCmUD7jR ADTieWQBU232RUBXWCx442Zr+zAtwFX4MLklo4yvaXFwI75UV0BrYPpzSCqq+BkP Y8WqeoBXA45DyqHi5I5UqCvfBUAgI/90XUNhqqvgbG6+F3JffjE9ozlZIRw7krWe K1RTgt45GnUUaqqJDvVUWm4KVj+PkSftU1eg9gIOfBVf+NIWdyYBy21wyB/UN0U= =ak0K -----END PGP SIGNATURE-----