-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 03 Dec 2017 15:26:02 +0000
Source: chromium-browser
Binary: chromium chromium-l10n chromium-shell chromium-widevine chromium-driver 
chromedriver
Architecture: source
Version: 63.0.3239.84-1~deb9u1
Distribution: stretch-security
Urgency: medium
Maintainer: Debian Chromium Maintainers 
<pkg-chromium-ma...@lists.alioth.debian.org>
Changed-By: Michael Gilbert <mgilb...@debian.org>
Description:
 chromedriver - web browser - WebDriver support transitional package
 chromium   - web browser
 chromium-driver - web browser - WebDriver support
 chromium-l10n - web browser - language packs
 chromium-shell - web browser - minimal shell
 chromium-widevine - web browser - widevine content decryption support
Changes:
 chromium-browser (63.0.3239.84-1~deb9u1) stretch-security; urgency=medium
 .
   * New upstream stable release.
     - CVE-2017-15407: Out of bounds write in QUIC. Reported by Ned Williamson
     - CVE-2017-15408: Heap buffer overflow in PDFium. Reported by Ke Liu
     - CVE-2017-15409: Out of bounds write in Skia. Reported by Anonymous
     - CVE-2017-15410: Use after free in PDFium. Reported by Luật Nguyễn
     - CVE-2017-15411: Use after free in PDFium. Reported by Luật Nguyễn
     - CVE-2017-15413: Type confusion in WebAssembly. Reported by Gaurav Dewan
     - CVE-2017-15415: Pointer information disclosure in IPC call. Reported by
       Viktor Brange
     - CVE-2017-15416: Out of bounds read in Blink. Reported by Ned Williamson
     - CVE-2017-15417: Cross origin information disclosure in Skia . Reported by
       Max May
     - CVE-2017-15418: Use of uninitialized value in Skia. Reported by Kushal
       Arvind Shah
     - CVE-2017-15419: Cross origin leak of redirect URL in Blink. Reported by
       Jun Kokatsu
     - CVE-2017-15420: URL spoofing in Omnibox. Reported by WenXu Wu
     - CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. Reported by
       Greg Hudson
     - CVE-2017-15424: URL Spoof in Omnibox. Reported by Khalil Zhani
     - CVE-2017-15425: URL Spoof in Omnibox. Reported by xisigr
     - CVE-2017-15426: URL Spoof in Omnibox. Reported by WenXu Wu
     - CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. Reported
       by Junaid Farhan
Checksums-Sha1:
 414794fe3ec24f68319a091a11e8fd21ed8a2640 4352 
chromium-browser_63.0.3239.84-1~deb9u1.dsc
 f5e73f37f5d629eba5f56a2ce2bf1cfe469100a6 453410544 
chromium-browser_63.0.3239.84.orig.tar.xz
 5083088abd66483b2d2221bcc48551b09116c1d6 134112 
chromium-browser_63.0.3239.84-1~deb9u1.debian.tar.xz
 335698892411b4f3b59a9b3fe0995875b1a38e0b 19645 
chromium-browser_63.0.3239.84-1~deb9u1_source.buildinfo
Checksums-Sha256:
 d099256bfe01d46e278c694cf42afb7a4c8c170d85ad2b75fdd1b211d54fd798 4352 
chromium-browser_63.0.3239.84-1~deb9u1.dsc
 70ba5f11dcf433c35ff964ca65f138e9faaf5f2c7c1980c8a4a1f79ca9c176a4 453410544 
chromium-browser_63.0.3239.84.orig.tar.xz
 91e9f1b2edebd2e220058af8b8088d9924d421b75f5dd73b86ea9e39dbd55caa 134112 
chromium-browser_63.0.3239.84-1~deb9u1.debian.tar.xz
 ef32683a037d4c059d2dce4f9cd8d325379f8c29055ccc4a0c63c95d5f3ac313 19645 
chromium-browser_63.0.3239.84-1~deb9u1_source.buildinfo
Files:
 8fa60db860eb35b0337dac647c8b1ca5 4352 web optional 
chromium-browser_63.0.3239.84-1~deb9u1.dsc
 be13fd185f0de5835f2fddb8041ff9ad 453410544 web optional 
chromium-browser_63.0.3239.84.orig.tar.xz
 2dd75865e8753ab96e0f2a1b1fbc3ec2 134112 web optional 
chromium-browser_63.0.3239.84-1~deb9u1.debian.tar.xz
 f09b4c75d97ac9151094c9b2609c79d5 19645 web optional 
chromium-browser_63.0.3239.84-1~deb9u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAlotrcIACgkQuNayzQLW
9HNbKh/9HJ8iTICgSTH8i9zpbLkkz5MExivKGcTcEsWqv42AAgLYrvPlO1wJ4uQQ
PPh0NOtenkOh8QJTpebBgH0n0Glabb1HzXtkCe4bSs+1psL99QLvRmjotgQKIytF
XI6ZyM+85E+8jrksa5k5S3V83/cEsaaxCpflmW5OQ42mBxLn8+7dJPjMvTHrLcnv
obFHIWcwuPb+Z0sb4Oc6qQsqKv8Tu8sAuASD8yKujEP0QHBpMTR1XSGzjPIYxAFt
OXrRATzR/oodFJLRBQwzoR4EbaRNWgBF4Kttqrrhvaw7Ag94jWNZcKwkwc4oU8A+
wcoMnlKP1q4WOwmm9w4yggBDJZkZfPEMDwY53Cfb64HyEkRt1MzWzdsEbTJXrX5y
EiN8RPb2d6FX3WWXr3IxE/bvS23uCe2NEzcEE0OAWGwT5d2V2KVL8eqXKgLf12JV
bHxy8l+rG57pFzj4z9+uRVgpnGlU/KOV5EA6foZgCT+Pk6OExo8fyqICyarXBYqx
TivYyzMvXvozgpfo4rXIwn1aWpYTLeAfmf4CelonXZeB9XKAYme04oYsJsTcXkuA
viYSVrYzau0PndXTAspceL0eX9U2/oXIIdAISJxOmqUrkVJUyHzMEG/YdVgmrY7j
d97XOHKabjrzU5gajOj7+g6pOBcYbCAbz1q7hJTTuHCoU4OK7rviR0pEyuwZNo8k
LPU8OCPlWA9jo6yNEuxBkYaTU+rR+e1yIYRraQvNA8HRBB0qCxZ+3V5nqyERD3pY
S2dU8khq0HkAsPW9lRF6zqNNEHQis8s0M813o15DSQdj3ptJ8HWeTzELCtHJiqqq
y07GzU5sjwsNz/11RYb8jf5axhAo34q1qLMOCJcntQ/zxc9VnPZ8pm782p99If0X
RI0L6FpMpN98fwTQa9UkEcqZvEa0tMpdkz4gPzvdMigwombjYqszaKXv9DQCpO3N
cxLtmNBWt2AtUz1x69YPRkWtnO0x+74pdWiIcRNLeoco5yyGMemZ3hSkh2ElZP0k
eFNnxLptI1Mf6TBZRms8aVdHKW5mGV5Meg8tfZYTKCbhhYpqDRNI+jN8ABfMNT9e
5gvie7Y9aF0x3bbmVSntOFwrs57J0rrg8DxClepIFvPdOsTdE0ncL1AXcPTWwTmR
Af86DM6qx8Kz4sDA1kbQ2/f6QR/yd5tPzNIcUsTeowvsQcJDFeC4hUipaextvvXR
/e0JaD77y8K7jl81Z9o6R6cjbKyGFUN8RtLvHsAnofH6lWv5ktwoRfM1OAVwR0ND
PulJSC7CE4VOCt+BmaoBDsONJEDmbkWD0xwhWL67Lahkyd5TQovYnMIrQtPvAp1j
y/9kYga0ZcAFXBCBn7f0+bQRGI5acA==
=IacN
-----END PGP SIGNATURE-----

Reply via email to