Your message dated Fri, 24 Mar 2017 12:32:10 +0000
with message-id <[email protected]>
and subject line Bug#855434: fixed in chromium-browser 57.0.2987.98-1~deb8u1
has caused the Debian Bug report #855434,
regarding chromium: builds with experimental features enabled
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
855434: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855434
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: chromium
Version: 56.0.2924.76-3
Severity: important
For some sites, namely google.com, Chromium will fail to connect with
ERR_SSL_PROTOCOL_ERROR ( $SITE sent an invalid response ). Some sites will
still work over SSL, I am not sure what is the differentiator between these.
The site works fine on chrome so it is not the site itself or a MITM or
similar.
-- System Information:
Debian Release: 9.0
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages chromium depends on:
ii libasound2 1.1.3-4
ii libatk1.0-0 2.22.0-1
ii libavcodec57 7:3.2.4-1
ii libavformat57 7:3.2.4-1
ii libavutil55 7:3.2.4-1
ii libc6 2.24-9
ii libcairo2 1.14.8-1
ii libcups2 2.2.1-8
ii libdbus-1-3 1.10.14-1
ii libevent-2.0-5 2.0.21-stable-2.1
ii libexpat1 2.2.0-2
ii libflac8 1.3.2-1
ii libfontconfig1 2.11.0-6.7
ii libfreetype6 2.6.3-3+b1
ii libgcc1 1:6.3.0-6
ii libgdk-pixbuf2.0-0 2.36.4-1
ii libglib2.0-0 2.50.2-2
ii libgtk2.0-0 2.24.31-2
ii libharfbuzz0b 1.4.2-1
ii libicu57 57.1-5
ii libjpeg62-turbo 1:1.5.1-2
ii libminizip1 1.1-8
ii libnspr4 2:4.12-6
ii libnss3 2:3.26.2-1
ii libpango-1.0-0 1.40.3-3
ii libpangocairo-1.0-0 1.40.3-3
ii libpng16-16 1.6.28-1
ii libpulse0 10.0-1
ii libre2-3 20170101+dfsg-1
ii libsnappy1v5 1.1.3-3
ii libstdc++6 6.3.0-6
ii libvpx4 1.6.1-2
ii libwebp6 0.5.2-1
ii libwebpdemux2 0.5.2-1
ii libx11-6 2:1.6.4-3
ii libx11-xcb1 2:1.6.4-3
ii libxcb1 1.12-1
ii libxcomposite1 1:0.4.4-2
ii libxcursor1 1:1.1.14-1+b1
ii libxdamage1 1:1.1.4-2+b1
ii libxext6 2:1.3.3-1
ii libxfixes3 1:5.0.3-1
ii libxi6 2:1.7.9-1
ii libxml2 2.9.4+dfsg1-2.2
ii libxrandr2 2:1.5.1-1
ii libxrender1 1:0.9.10-1
ii libxslt1.1 1.1.29-2
ii libxss1 1:1.2.2-1
ii libxtst6 2:1.2.3-1
ii x11-utils 7.7+3
ii xdg-utils 1.1.1-1
ii zlib1g 1:1.2.8.dfsg-5
Versions of packages chromium recommends:
ii fonts-liberation 1:1.07.4-2
Versions of packages chromium suggests:
pn chromium-driver <none>
pn chromium-l10n <none>
pn chromium-shell <none>
pn chromium-widevine <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: chromium-browser
Source-Version: 57.0.2987.98-1~deb8u1
We believe that the bug you reported is fixed in the latest version of
chromium-browser, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Gilbert <[email protected]> (supplier of updated chromium-browser
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 26 Feb 2017 03:18:38 +0000
Source: chromium-browser
Binary: chromium chromium-dbg chromium-l10n chromium-inspector chromedriver
Architecture: source i386 all
Version: 57.0.2987.98-1~deb8u1
Distribution: jessie-security
Urgency: medium
Maintainer: Debian Chromium Maintainers
<[email protected]>
Changed-By: Michael Gilbert <[email protected]>
Description:
chromedriver - web browser - WebDriver support
chromium - web browser
chromium-dbg - web browser - debugging symbols
chromium-inspector - web browser - page inspection support
chromium-l10n - web browser - language packs
Closes: 855434
Changes:
chromium-browser (57.0.2987.98-1~deb8u1) jessie-security; urgency=medium
.
* New upstream stable release.
- CVE-2017-5030: Memory corruption in V8. Credit to Brendon Tiszka
- CVE-2017-5031: Use after free in ANGLE. Credit to Looben Yang
- CVE-2017-5032: Out of bounds write in PDFium. Credit to Ashfaq Ansari
- CVE-2017-5029: Integer overflow in libxslt. Credit to Holger Fuhrmannek
- CVE-2017-5034: Use after free in PDFium. Credit to Ke Liu
- CVE-2017-5035: Incorrect security UI in Omnibox. Credit to Enzo Aguado
- CVE-2017-5036: Use after free in PDFium. Credit to Anonymous
- CVE-2017-5037: Multiple out of bounds writes in ChunkDemuxer. Credit to
Yongke Wang
- CVE-2017-5039: Use after free in PDFium. Credit to jinmo123
- CVE-2017-5040: Information disclosure in V8. Credit to Choongwoo Han
- CVE-2017-5041: Address spoofing in Omnibox. Credit to Jordi Chancel
- CVE-2017-5033: Bypass of Content Security Policy in Blink. Credit to
Nicolai Grødum
- CVE-2017-5042: Incorrect handling of cookies in Cast. Credit to Mike
Ruddy
- CVE-2017-5038: Use after free in GuestView. Credit to Anonymous
- CVE-2017-5043: Use after free in GuestView. Credit to Anonymous
- CVE-2017-5044: Heap overflow in Skia. Credit to Kushal Arvind Shah
- CVE-2017-5045: Information disclosure in XSS Auditor. Credit to Dhaval
Kapil
- CVE-2017-5046: Information disclosure in Blink. Credit to Masato Kinugawa
* Configure with fieldtrial_testing_like_official_build=true to avoid
building with experimental features enabled (closes: #855434).
Checksums-Sha1:
d65e05e74c1eafbc9bdc90ed8092e6f9243bc676 4087
chromium-browser_57.0.2987.98-1~deb8u1.dsc
22a8c32dc35bcfbe57159f9ca7b396d799567fb6 481398480
chromium-browser_57.0.2987.98.orig.tar.xz
2f8da2f001e738577bce9fc75a20435360bb6e69 185220
chromium-browser_57.0.2987.98-1~deb8u1.debian.tar.xz
3a8b19a4dc82ebf0143c3630e2cfa71176a561fb 45803392
chromium_57.0.2987.98-1~deb8u1_i386.deb
41faf95223c484103e0f6200bf7b2a61293ea9d3 7301426
chromium-dbg_57.0.2987.98-1~deb8u1_i386.deb
8ecf0a4f17e27b9299122eccf6be136cfd7f6359 3371274
chromium-l10n_57.0.2987.98-1~deb8u1_all.deb
95c966c80bb53b3f4264cac1abb2c9dd20586b78 1415072
chromium-inspector_57.0.2987.98-1~deb8u1_all.deb
2867c26a26f7d4e65c0f14a694ffeabdb11ef4bf 2810780
chromedriver_57.0.2987.98-1~deb8u1_i386.deb
Checksums-Sha256:
fd2cc713e10bba251baad7f609e11733012623c56512d022bea45f494204ab39 4087
chromium-browser_57.0.2987.98-1~deb8u1.dsc
6c7bfd6e226a0e94dca91479b94c444c162d2a834d65e08208d25692bc1e0e9c 481398480
chromium-browser_57.0.2987.98.orig.tar.xz
c7b02dc64baba418fffe9233a806397cf534ceadea6eb590d3b7a9119c9c21d6 185220
chromium-browser_57.0.2987.98-1~deb8u1.debian.tar.xz
9270ee7e27b54c327027c02dfcbab734b093435bdb4eefc7285b9024c49db63b 45803392
chromium_57.0.2987.98-1~deb8u1_i386.deb
11fbfa5300edbe55cfdd7accb510cfa9c59af9cda23080834d2304baf0bf9891 7301426
chromium-dbg_57.0.2987.98-1~deb8u1_i386.deb
80627193c888b8ba2c99d7c12b5c1ca826b0226e6431a648bccf7a92261b443e 3371274
chromium-l10n_57.0.2987.98-1~deb8u1_all.deb
6665400b33fb3ef26e71edda1973f267e7a217d653468a0cc035ccab33f0a1e6 1415072
chromium-inspector_57.0.2987.98-1~deb8u1_all.deb
29edfb7ded9e952d2a46db64197ddca7dc2f26847b0228f8c4bf359c0fecf3ec 2810780
chromedriver_57.0.2987.98-1~deb8u1_i386.deb
Files:
136c31a3ec580ae2d421ad8f3bcb4eac 4087 web optional
chromium-browser_57.0.2987.98-1~deb8u1.dsc
e5b393a2b3000f5cadf3c0ee4b11e206 481398480 web optional
chromium-browser_57.0.2987.98.orig.tar.xz
a21d3051d0ad84bcced131743f2879cf 185220 web optional
chromium-browser_57.0.2987.98-1~deb8u1.debian.tar.xz
3fb7024ee36d01e9e60d75cfe1e56d8c 45803392 web optional
chromium_57.0.2987.98-1~deb8u1_i386.deb
020de755dfd39e6af8656279981e873d 7301426 debug extra
chromium-dbg_57.0.2987.98-1~deb8u1_i386.deb
f1c3e4e8ef3b8df543d643636d8b1a03 3371274 localization optional
chromium-l10n_57.0.2987.98-1~deb8u1_all.deb
33c974d9f157c04be905dca4ece76165 1415072 web optional
chromium-inspector_57.0.2987.98-1~deb8u1_all.deb
92f9bcfaec77274e910135cbedc8c998 2810780 web optional
chromedriver_57.0.2987.98-1~deb8u1_i386.deb
-----BEGIN PGP SIGNATURE-----
iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAljGAWQACgkQuNayzQLW
9HMRCyAAmVP8L5hwFKjvYCoqHBR5HVpW0ZjewI1tzyTlwaIBHaCZqMEhWOPPwsfp
G16+VSTym9C0RoQy/7RCfIo5BEVa4IOy86jes/je9r8AWBLxg/u05R7U7EDszmtj
099r7QpNNpZeUYbHQDqpnVFM+CdfRigJy0FmwGmWOMg7mb+tyr25EUWmXg25FsXl
PyXKRHHem3K4AqGTWJxiNMg7sEZVWXrUp0fqx3lCz0mSldA+tP4nob8vNn066jyu
byc0nadAxn5TIrgRbayhiNpEoMJA12goKan5AFWg/drHCigAQiK04qSjmViiQrJG
k8LAZ07GWam+e0Z4Ax+fY4FAibRjQFZHWQgk4/DHd3DmUon0xanO41zj4BbprLFA
MhW6UJ9XTzSAS9SXA+MWCjxPf1mvILUnbcrLqz/nO7598GRExM/OghDpvkx5/0Oa
86zMmqZvsZMNsveElEjbJZZoG4a9hqVnm93Opqu0wMjYrqdnrn+NsF/cwWewAY9h
3yhxtlbuF0/nkxusQ70dpT/hTW4QVso7Wxc5sjHpu5qr6Z9rGL1bwEr+DXpyg/jj
lT4b8yaEBE59KnTlFYaR7QgjJN1EtQeDDMhs3/d+aoEyiPSDAQ6pREcuGbdIzulX
PJtUC8FqsHNqQ04GJCWWkbp0eFVfrVBGPfzeWezJ83w1cuz1s+3bQiq/TPPFWBZW
zjTaWcU+4c5WxaHmhlGdFYj6785ZcSdkTO3Wyjf/aGBoSySDzF7Zte1/N8Znx80F
cshQh/YKJi6hm4ebd+79DiQwHJ/V7Oz2Pel24C3oexSyG2y13Np/VuIlsYQgG7p+
5OPNeICMePSLsl19f45DfWmRHv94Opw959sRTe+E2BaMtNLDLGHMfV8iBNuvxVOj
AW9vaa2c3GTjEUJnQTj2/P6/sQy3lqI9A2zbQ8rbduZkdOAugKr2XILL5akPPnl2
HNHecHK7xEy+D/v1guCyN3RxcS3UOVscaJsHrmacRQkVHj/FpKh8qura3boYlieU
ZVaIfedrhuG5dqb+/TShEbh1nWFgaLOVeDMRiXS7BXbgM1hkWJbALOr07wzuXVG7
NDh2lTLYv9+NXsIEC3lj03VLb1LgyycJcVdXCW9oTOX1bMpao1QOR1GpeuETlX9j
WRD7eeU19wBdXm4GuasQhqK1vMIcflJ4/5q78YRUTKYE0tV6ru3S17/+btiyH1w9
c/iTRx7PYvGQ78nJyv7BDo14mVA/KypWKCgpyWViG8XIyS7PTdQIG4gv1mHFwGKN
/ivkx5YXgWNTWhFxuQ898h7vLJwTIK6HQQox0NNcxec8+3FxC3BUZe5X3fWRdzsh
7P13mq1uhq7R5YMU7S1uGGVLzEcxGQ==
=v9Iz
-----END PGP SIGNATURE-----
--- End Message ---
