-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 13 Aug 2014 22:56:16 +0000 Source: chromium-browser Binary: chromium chromium-dbg chromium-l10n chromium-inspector chromedriver Architecture: source all amd64 Version: 37.0.2062.120-1 Distribution: unstable Urgency: medium Maintainer: Debian Chromium Maintainers <pkg-chromium-ma...@lists.alioth.debian.org> Changed-By: Michael Gilbert <mgilb...@debian.org> Description: chromedriver - WebDriver driver for Chromium browser chromium - A web browser built for speed, simplicity, and security chromium-dbg - Debugging symbols for the chromium web browser chromium-inspector - page inspector for the Chromium browser chromium-l10n - chromium-browser language packages Closes: 667591 751652 751848 753761 754182 758143 761090 Changes: chromium-browser (37.0.2062.120-1) unstable; urgency=medium . * New upstream stable release (closes: #761090): - CVE-2014-3160: Same-Origin-Policy bypass in SVG. Credit to Christian Schneider. - CVE-2014-3162: Various fixes from internal audits, fuzzing and other initiatives. - CVE-2014-3165: Use-after-free in web sockets. Credit to Collin Payne. - CVE-2014-3166: Information disclosure in SPDY. Credit to Antoine Delignat-Lavaud. - CVE-2014-3167: Various fixes from internal audits, fuzzing and other initiatives. - CVE-2014-3168: Use-after-free in SVG. Credit to cloudfuzzer. - CVE-2014-3169: Use-after-free in DOM. Credit to Andrzej Dyjak. - CVE-2014-3170: Extension permission dialog spoofing. Credit to Rob Wu. - CVE-2014-3171: Use-after-free in bindings. Credit to cloudfuzzer. - CVE-2014-3172: Issue related to extension debugging. Credit to Eli Grey. - CVE-2014-3173: Uninitialized memory read in WebGL. Credit to jmuizelaar. - CVE-2014-3174: Uninitialized memory read in Web Audio. Credit to Atte Kettunen from OUSPG. - CVE-2014-3175: Various fixes from internal audits, fuzzing and other initiatives. - CVE-2014-3176: A special reward to lokihardt@asrt for a combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox. - CVE-2014-3177: A special reward to lokihardt@asrt for a combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox. - CVE-2014-3178: Use-after-free in rendering. Credit to miaubiz. - CVE-2014-3179: Various fixes from internal audits, fuzzing and other initiatives. - Fixes segfault in angle with gcc 4.9 (closes: #751652). - Includes an embedded pdf viewer (closes: #667591). * Use pristine upstream that doesn't have pre-built nacl (closes: #753761). * Correct webbrowser spelling in the desktop file (closes: #758143). * Remove leftover conffiles (closes: #751848). * Build using gcc 4.9 (closes: #754182). Checksums-Sha1: b2a668dc79fd988be38381d5a5a269807f013a77 4122 chromium-browser_37.0.2062.120-1.dsc 23795ec3bd1a5d090e3b46a2bf77a701124756c6 223332628 chromium-browser_37.0.2062.120.orig.tar.xz 5dfcb7d3160bd5b6e82254da7a2109496bdfc6a3 188180 chromium-browser_37.0.2062.120-1.debian.tar.xz 5a7e9c32496d45bf4c2ba7d087226651a519cdb2 2915062 chromium-l10n_37.0.2062.120-1_all.deb 8b0cf1e68a1ce6edf22a43e3749bf40cf76772dc 787362 chromium-inspector_37.0.2062.120-1_all.deb c7b768793ef81d8205e791141fc30cee4b8416df 40600626 chromium_37.0.2062.120-1_amd64.deb 939bb595d274453f8db0636526ed5127586b281b 563029358 chromium-dbg_37.0.2062.120-1_amd64.deb b0eace651f3cc8495bde1c21a83a965fb4b4c5b6 2182466 chromedriver_37.0.2062.120-1_amd64.deb Checksums-Sha256: b958de9662f23c4a83ee00fc53e25f04b6b00223790432906b937b30fcfd266b 4122 chromium-browser_37.0.2062.120-1.dsc b3073758b6caf384d30de20ba7514ee52cce5c1460bc768cd28d15f53f0c6efb 223332628 chromium-browser_37.0.2062.120.orig.tar.xz ba3dede6079a3a2ac6359e25a04c989404771c0317aca8bbd57504cf3cfa7e5e 188180 chromium-browser_37.0.2062.120-1.debian.tar.xz 5e53164ad21167ff15c13a12c79a92eb16543de2c8eb2837be6bf0972032b939 2915062 chromium-l10n_37.0.2062.120-1_all.deb 5bce6a5a96ab059c879f995934eee34e9270730fdb11541b347c4fd46c1fa965 787362 chromium-inspector_37.0.2062.120-1_all.deb ff8b04b6cd3a642e10d5f4b915c15c26373aa2f29fd6617a5a0863f999a89223 40600626 chromium_37.0.2062.120-1_amd64.deb 9364627a80463ebe0a38e124af76daf337b231d59900014449d565be74788210 563029358 chromium-dbg_37.0.2062.120-1_amd64.deb 0cd8633df4fa5eb477fd008d22351495db6bdd65c394d8deafd71f6c3f2abbde 2182466 chromedriver_37.0.2062.120-1_amd64.deb Files: 1367e6ef799aec790fbed84fc291a837 2915062 localization optional chromium-l10n_37.0.2062.120-1_all.deb 9fdb76e2218ae5b5f3347780a4be0dbc 787362 web optional chromium-inspector_37.0.2062.120-1_all.deb ac66bada98f7ec8da9dfb10eb61c5926 40600626 web optional chromium_37.0.2062.120-1_amd64.deb bfffaa287b4fa22d001e90c93eec792f 563029358 debug extra chromium-dbg_37.0.2062.120-1_amd64.deb d851124833da31aca1f5948dca07b123 2182466 web optional chromedriver_37.0.2062.120-1_amd64.deb abca0a2c27aba85a74583414f88c0106 4122 web optional chromium-browser_37.0.2062.120-1.dsc 733541eb61e2625900173462eabfe203 223332628 web optional chromium-browser_37.0.2062.120.orig.tar.xz 8b8718dcd661f051b4a7181b5592ee6f 188180 web optional chromium-browser_37.0.2062.120-1.debian.tar.xz
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQQcBAEBCgAGBQJUHyEqAAoJELjWss0C1vRzkKcgALILDlHXG7gxbXibOr9ahZs3 IUusBqTI1iIICjPRXAdnsUk5J8ryXMYFs9uHQOn9843YYLJNnCY0WCMt8gZhw39C 5Ta6wy68v7uO51vU8D2jiFAeRO5V8Ksx0TUmhh0gIuAaProCTJwCOtS3I+si6Jw7 rHZiFJ4g8F/7rfipX6fBS94ULbZnauYmpvx3IqqdjW6SlYGkejVI9byMdq3x3r55 Naqre14/wP1WzwRIsrxOw5XRZ/Zu9EF3I2dLnOU23d15qrJ7wsxeBtxek4jHOPL9 Xb/FvhBVg8VITE+gshds2zfjOdAu90WVtEXHZq6mnmskIAPghobfNODk7o5Gx0GO IS1HxTz3iGakdDpvpPtGO4Jtl+9D21VioipkBWYElxIEobkYTOuMypxpi1GA6feC SfUnRi95RVAPe2MVes0+4jM7ADLl1cm0beZhjj8AtvmLETdbWg6J3pP136mFLVD+ sx/5d1qjqNZbdzXzxnWr2WqUzbBs/upJLvix8RXp/aPh4X/55BEx8Eaqc2q5G5nf C8bPeI7qjrCpFQHiXl+O2Vs23EDJbMlH+5b9mynbYJ5DNh9yw5JkBU68/LSwY87r Yx0csf4LMPxdsratST1rj0cZBcXEy60eTkbAI1iFwxd9cDmvudgy22j3kAmnAhVm YX2xtzypXrqXzTYNjnJ51J3T6vq45wMwORoWN0tsWzaEd5uqRNgzL7w8+7lvyAua 9ar/+aP9moDcYbJSYnMQKOml+FGgvfMcxtk2XgMPhi8QGO04xjsYOxDFols+Cq4N DI9ZM0YKl1LOb5eBz7gVG0F96asXUZSKb9RWzaNAYfryBpbpmxsINuEYa7VS6Cv9 XhYLOgfUxFs+7EM2WYVQJmXAsVraXai+2zSCGO+/wo9awTG7IDzHBjCzUYYUeACt W+gXUXLNXCi8zq1bGYj6fAV6iYHjRCF4vVuuvqihcOA4FVMFHzwFaFPMEOHkDJes bzC8/mV3wwOBcSk0Yx2oMgjZOYkdiIKEHH9qZzOgjlxKkefl7BMKpJNd0qTYKMp2 I1tykL3iHHbm3KsprMTVR9b0JlU2r8gwrN3wM7gRi2rt0FQvRObKYpIgQ6FEqSHl PSdEYnY1wTrG1IJ/H/hqviKwJD4F18nxs3MzR9BE0Z0Arxhj/3OFVWzfTTKoupfO 0bxqRkDzlSVmWRiZ8cY7K4qslZBxPIxWzxgJ644dtqIfJrJ/xaRrMK08oBtKk6yz 1qzDxerMOE+UkFiIsJBdHtqOLETMGR0VfigbHbpZir5fhxqihSVsyW8+F2UG8vtn QnhrjHi1V5LO9zsnJYKbDHIF0EGbFqlIV7CBEn4ZFjhsKGTsWcl2TFygv+oBtBw= =loax -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1xvoct-0007ng...@franck.debian.org