[Bug 1738149] Re: [snap] Cannot use libwidevinecdm.so to play back DRM-encrypted video

Tue, 30 Jan 2018 16:01:59 -0800 

This bug was fixed in the package chromium-browser -
64.0.3282.119-0ubuntu1

---------------
chromium-browser (64.0.3282.119-0ubuntu1) bionic; urgency=medium

  * Upstream release: 64.0.3282.119
    - CVE-2018-6031: Use after free in PDFium.
    - CVE-2018-6032: Same origin bypass in Shared Worker.
    - CVE-2018-6033: Race when opening downloaded files.
    - CVE-2018-6034: Integer overflow in Blink.
    - CVE-2018-6035: Insufficient isolation of devtools from extensions.
    - CVE-2018-6036: Integer underflow in WebAssembly.
    - CVE-2018-6037: Insufficient user gesture requirements in autofill.
    - CVE-2018-6038: Heap buffer overflow in WebGL.
    - CVE-2018-6039: XSS in DevTools.
    - CVE-2018-6040: Content security policy bypass.
    - CVE-2018-6041: URL spoof in Navigation.
    - CVE-2018-6042: URL spoof in OmniBox.
    - CVE-2018-6043: Insufficient escaping with external URL handlers.
    - CVE-2018-6045: Insufficient isolation of devtools from extensions.
    - CVE-2018-6046: Insufficient isolation of devtools from extensions.
    - CVE-2018-6047: Cross origin URL leak in WebGL.
    - CVE-2018-6048: Referrer policy bypass in Blink.
    - CVE-2017-15420: URL spoofing in Omnibox.
    - CVE-2018-6049: UI spoof in Permissions.
    - CVE-2018-6050: URL spoof in OmniBox.
    - CVE-2018-6051: Referrer leak in XSS Auditor.
    - CVE-2018-6052: Incomplete no-referrer policy implementation.
    - CVE-2018-6053: Leak of page thumbnails in New Tab Page.
    - CVE-2018-6054: Use after free in WebUI.
  * debian/control: update reference URL for chromedriver
  * debian/rules:
    - remove enable_hotwording build flag
    - exclude build artifacts from the binary package (LP: #1742653)
  * debian/patches/add-missing-cstddef-include.patch: added
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/enable-chromecast-by-default.patch: refreshed
  * debian/patches/fix-ffmpeg-ia32-build.patch: added
  * debian/patches/last-commit-position: refreshed
  * debian/patches/no-xlocale-header.patch: removed, no longer needed
  * debian/patches/revert-clang-nostdlib++.patch: updated
  * debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/touch-v35: refreshed
  * debian/patches/widevine-other-locations: updated (LP: #1738149)
  * debian/known_gn_gen_args-*: remove enable_hotwording build flag

 -- Olivier Tilloy <[email protected]>  Wed, 24 Jan 2018
23:18:03 +0100

** Changed in: chromium-browser (Ubuntu)
       Status: In Progress => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15420

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6031

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6032

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6033

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6034

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6035

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6036

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6037

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6038

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6039

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6040

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6041

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6042

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6043

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6045

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6046

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6047

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6048

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6049

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6050

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6051

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6052

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6053

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6054

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1738149

Title:
  [snap] Cannot use libwidevinecdm.so to play back DRM-encrypted video

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1738149/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to