-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 26 Jan 2017 01:42:21 +0000 Source: chromium-browser Binary: chromium chromium-l10n chromium-shell chromium-widevine chromium-driver chromedriver Architecture: source Version: 56.0.2924.76-1 Distribution: experimental Urgency: medium Maintainer: Debian Chromium Maintainers <pkg-chromium-ma...@lists.alioth.debian.org> Changed-By: Michael Gilbert <mgilb...@debian.org> Description: chromedriver - web browser - WebDriver support transitional package chromium - web browser chromium-driver - web browser - WebDriver support chromium-l10n - web browser - language packs chromium-shell - web browser - minimal shell chromium-widevine - web browser - widevine content decryption support Changes: chromium-browser (56.0.2924.76-1) experimental; urgency=medium . * New upstream stable release: - CVE-2017-5007: Universal XSS in Blink. Credit to Mariusz Mlynski - CVE-2017-5006: Universal XSS in Blink. Credit to Mariusz Mlynski - CVE-2017-5008: Universal XSS in Blink. Credit to Mariusz Mlynski - CVE-2017-5010: Universal XSS in Blink. Credit to Mariusz Mlynski - CVE-2017-5011: Unauthorised file access in Devtools. Credit to Khalil Zhani - CVE-2017-5009: Out of bounds memory access in WebRTC. Credit to Sean Stanek and Chip Bradford - CVE-2017-5012: Heap overflow in V8. Credit to Gergely Nagy - CVE-2017-5013: Address spoofing in Omnibox. Credit to Haosheng Wang - CVE-2017-5014: Heap overflow in Skia. Credit to sweetchip - CVE-2017-5015: Address spoofing in Omnibox. Credit to Armin Razmdjou - CVE-2017-5019: Use after free in Renderer. Credit to Wadih Matar - CVE-2017-5016: UI spoofing in Blink. Credit to Haosheng Wang - CVE-2017-5017: Uninitialised memory access in webm video. Credit to danberm - CVE-2017-5018: Universal XSS in chrome://apps. Credit to Rob Wu - CVE-2017-5020: Universal XSS in chrome://downloads. Credit to Rob Wu - CVE-2017-5021: Use after free in Extensions. Credit to Rob Wu - CVE-2017-5022: Bypass of Content Security Policy in Blink. Credit to PKAV Team. - CVE-2017-5023: Type confusion in metrics. Credit to the UK's National Cyber Security Centre (NCSC) - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing Checksums-Sha1: 7053713c1298a1c5f1691a06d7e860151ab8cb79 4287 chromium-browser_56.0.2924.76-1.dsc 1ac234f83f86d204d32f1edb0907a31bed0cf1e8 474574576 chromium-browser_56.0.2924.76.orig.tar.xz 80e3b429e0d80d6165d06d588a8b6867ef9605b7 130960 chromium-browser_56.0.2924.76-1.debian.tar.xz Checksums-Sha256: 7275e316dee90fb6de46016c878bf7a1a9b3c2d6606ffb95eba60b671fe44388 4287 chromium-browser_56.0.2924.76-1.dsc b72f79eb9ef4e65e2834c7d5ef59c63ffd100824d664ffd4de3971ec5495c89f 474574576 chromium-browser_56.0.2924.76.orig.tar.xz 764643554c248cf67a7e5bd755c854b06e2c514f3b24bef0bd33e204718bd7e1 130960 chromium-browser_56.0.2924.76-1.debian.tar.xz Files: 15eef75df9ae3d71357918b8a5efeb76 4287 web optional chromium-browser_56.0.2924.76-1.dsc 69e439925bad14f0fd3b68354aca160e 474574576 web optional chromium-browser_56.0.2924.76.orig.tar.xz 8fd62e5ee747cbf9924b8993492395f5 130960 web optional chromium-browser_56.0.2924.76-1.debian.tar.xz
-----BEGIN PGP SIGNATURE----- iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAliLR10ACgkQuNayzQLW 9HPGsyAAik46o50fbvcIRNA2ZotHxk4e0YKxmotADw998N3EGsiOxfe8s+dUTYCb PzvdDVfWKRqlw9Ma+zYrEQADFx64ooxuvwA2dtIuJc4NrK7KmCbkG9/VTWQE4gb6 /JEJ1xETOzZdhY1gO8sKsFk/DgbtO2LBCYqPCs1l+85owz/z2WF8e4s0WR61jiYF eLU3KO3TAH4U3NOYK/u2K4bIDWc4fPiyO1tXMldurluRwkJmYHeRtyX/NGnhyKYc 6nSiPRhnSRLhBo9xsJdr4uLb7RmCNn2tCSUmGCv5mksiEUgaNdVaoQuXDXlOBQRA M76iv47CnTvxQS8YE0A3VWjl29Mihea6IF6mFnROeBRk6KS1PsHfFjTD6wI5xG+q hYAJsB5ZdeYIvCat2RIZOM51Mo+WrH1as0GuhGe+9MGl1gKrCYXNgFkCoEwGtNhp gURVZI+bxyaR7Sfurk3HcJ1mZ1QeS2pE3InLUlmE4XQvWBOWZAy3kCHW33lomTlB ml6FAoPgqcVRXjixIoVxIWebCobJtfhV1LbZHHFMwrlDQB264j5743xpNK0P5NcZ 0RoaFKovOeDSfRVdPi7p6W9T7L3N8PfZsg01dv7quTSN+NmMqtSC2440llSljTGy JNrPAbVaSpwgFQAfJ12YrwrBQuvuZLVY5gVRdWRHtVD2sD45j5BPlJCrEyhVA9Z6 Goq7DpH8g2WU0cum/XFVUtpmOWTN3O4XFrmQ70wXbPdBr8PQzVnfyGnbNF+Iyzh5 xt1kxbckaM2VI7D8YCH/SA5BszMuhPaZ1IMnRyh2USNc6ljxFV6ZJDl4UaHmKKNl G/j1CV8lkm5jEkzZy01mXPsBRV2OG4xWkc+S3r6i+yO0DGFtkxYHHjDgDsopTHgZ 0/z50cCUDqnP97kkqEVtF6jdyJfH0oTP2Q6gbLm5+m+WhXVRO3cR8hoTFjdnh55Q ckzTTChqkV1IxoufTL+p8m5jGQE8YRvVz5VnW8czd6gGGRxATthjHZhble6n35fF 0psQolJZ7lkRRbRYUGY6V4NhlQq6BwrEYxf7JoZU4+bpR84jBU2IxjWLh+CXluec Scwj0Z9P/d3oosYskLcSPAjvIzlJ/8eaGTGafPTqOq8W5sjhkiprJvXlVhijFeMa pEQI7NKNLqeTdGKC9t8jFGOoKeArWCgItXFbOUIESeA2sSgvoFotCQ3uIsxVKync G9oDRPJ6c/gJ11W52FOpawDH6L8iu+NEqOz29PODmR/4TJHCEs9ZZZHyebU6q98o OpuY10hLGH7W00cvscehPCJN81QPZ2k/viTIwMFIb5pyFuP1xd650dq0qtWQ01EV kU5KjHS2Nq3lUFRRTiZXFuBGIek8dQ== =q72G -----END PGP SIGNATURE-----