[Desktop-packages] [Bug 1961565] Re: Package in bionic installs unnecessary build artifacts

[Launchpad Bug Tracker]

This bug was fixed in the package chromium-browser -
99.0.4844.51-0ubuntu0.18.04.1

---------------
chromium-browser (99.0.4844.51-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 99.0.4844.51
    - CVE-2022-0789: Heap buffer overflow in ANGLE.
    - CVE-2022-0790: Use after free in Cast UI.
    - CVE-2022-0791: Use after free in Omnibox.
    - CVE-2022-0792: Out of bounds read in ANGLE.
    - CVE-2022-0793: Use after free in Views.
    - CVE-2022-0794: Use after free in WebShare.
    - CVE-2022-0795: Type Confusion in Blink Layout.
    - CVE-2022-0796: Use after free in Media.
    - CVE-2022-0797: Out of bounds memory access in Mojo.
    - CVE-2022-0798: Use after free in MediaStream.
    - CVE-2022-0799: Insufficient policy enforcement in Installer.
    - CVE-2022-0800: Heap buffer overflow in Cast UI.
    - CVE-2022-0801: Inappropriate implementation in HTML parser.
    - CVE-2022-0802: Inappropriate implementation in Full screen mode.
    - CVE-2022-0803: Inappropriate implementation in Permissions.
    - CVE-2022-0804: Inappropriate implementation in Full screen mode.
    - CVE-2022-0805: Use after free in Browser Switcher.
    - CVE-2022-0806: Data leak in Canvas.
    - CVE-2022-0807: Inappropriate implementation in Autofill.
    - CVE-2022-0808: Use after free in Chrome OS Shell.
    - CVE-2022-0809: Out of bounds memory access in WebXR.
  * debian/rules: exclude unnecessary build artifacts (LP: #1961565)
  * debian/patches/arm64-no-pointer-authentication.patch: added
  * debian/patches/build-with-old-libva-missing-defines.patch: refreshed
  * debian/patches/build-with-old-libva-no-av1.patch: refreshed
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/define__libc_malloc.patch: updated
  * debian/patches/gn-no-std-equal_to.patch: added
  * debian/patches/libaom-armhf-build-cpudetect.patch: refreshed
  * debian/patches/revert-sequence-checker-capability-name.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
  * debian/patches/use-clang-versioned.patch: refreshed
  * debian/patches/widevine-enable-version-string.patch: refreshed

 -- Olivier Tilloy <olivier.til...@canonical.com>  Tue, 01 Mar 2022
21:43:44 +0100

** Changed in: chromium-browser (Ubuntu Bionic)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0789

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0790

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0791

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0792

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0793

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0794

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0795

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0796

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0797

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0798

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0799

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0800

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0801

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0802

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0803

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0804

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0805

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0806

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0807

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0808

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0809

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1961565

Title:
  Package in bionic installs unnecessary build artifacts

Status in chromium-browser package in Ubuntu:
  In Progress
Status in chromium-browser source package in Bionic:
  Fix Released

Bug description:
  Not sure when this started happening, but today I noticed while
  testing chromium-browser 98.0.4758.102-0ubuntu0.18.04.1 that the
  chromium-browser binary package installs a lot of build artifacts that
  increase unnecessarily the size of the package.

  These artifacts include *.runtime_deps files, as well as binaries such
  as transport_security_state_generator or protozero_plugin.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1961565/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp