This bug was fixed in the package chromium-browser -
67.0.3396.62-0ubuntu1
---------------
chromium-browser (67.0.3396.62-0ubuntu1) cosmic; urgency=medium
* Upstream release: 67.0.3396.62
- CVE-2018-6123: Use after free in Blink.
- CVE-2018-6124: Type confusion in Blink.
- CVE-2018-6125: Overly permissive policy in WebUSB.
- CVE-2018-6126: Heap buffer overflow in Skia.
- CVE-2018-6127: Use after free in indexedDB.
- CVE-2018-6128: uXSS in Chrome on iOS.
- CVE-2018-6129: Out of bounds memory access in WebRTC.
- CVE-2018-6130: Out of bounds memory access in WebRTC.
- CVE-2018-6131: Incorrect mutability protection in WebAssembly.
- CVE-2018-6132: Use of uninitialized memory in WebRTC.
- CVE-2018-6133: URL spoof in Omnibox.
- CVE-2018-6134: Referrer Policy bypass in Blink.
- CVE-2018-6135: UI spoofing in Blink.
- CVE-2018-6136: Out of bounds memory access in V8.
- CVE-2018-6137: Leak of visited status of page in Blink.
- CVE-2018-6138: Overly permissive policy in Extensions.
- CVE-2018-6139: Restrictions bypass in the debugger extension API.
- CVE-2018-6140: Restrictions bypass in the debugger extension API.
- CVE-2018-6141: Heap buffer overflow in Skia.
- CVE-2018-6142: Out of bounds memory access in V8.
- CVE-2018-6143: Out of bounds memory access in V8.
- CVE-2018-6144: Out of bounds memory access in PDFium.
- CVE-2018-6145: Incorrect escaping of MathML in Blink.
- CVE-2018-6147: Password fields not taking advantage of OS protections in
Views.
* debian/rules: stop installing an outdated chromium-browser.svg icon
(LP: #1771847)
* debian/chromium-browser.svg: removed (outdated)
* debian/patches/additional-search-engines.patch: refreshed
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/default-allocator: refreshed
* debian/patches/disable-sse2: updated
* debian/patches/fix-crashpad-linux-compat.patch: added
* debian/patches/fix-extra-arflags.patch: added
* debian/patches/revert-clang-nostdlib++.patch: refreshed
* debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/skia-disable-neon.patch: removed, no longer needed
* debian/patches/skia-undef-HWCAP_CRC32.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/widevine-allow-enable.patch: added
* debian/patches/widevine-other-locations: updated
-- Olivier Tilloy <olivier.til...@canonical.com> Wed, 30 May 2018
12:22:22 +0200
** Changed in: chromium-browser (Ubuntu)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6123
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6124
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6125
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6126
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6127
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6128
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6129
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6130
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6131
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6132
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6133
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6134
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6135
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6136
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6137
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6138
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6139
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6140
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6141
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6142
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6143
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6144
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6145
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6147
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1771847
Title:
chromium-browser.svg icon is outdated
Status in chromium-browser package in Ubuntu:
Fix Released
Bug description:
The chromium-browser package installs an SVG icon
(/usr/share/icons/hicolor/scalable/apps/chromium-browser.svg) - that
file comes from the debian/ directory, not from the upstream tarballs,
and as such is outdated in comparison with the PNG icons at various
sizes that come from the tarballs.
I wasn't able to find a recent version of the chromium icon in SVG
form, so that icon should be removed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1771847/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
![[Desktop-packages] [Bug 1771847] Re: chromium-browser.svg icon is outdated](/search?l=desktop-packages@lists.launchpad.net&q=subject:%22%5C%5BDesktop%5C-packages%5C%5D+%5C%5BBug+1771847%5C%5D+Re%5C%3A+chromium%5C-browser.svg+icon+is%09outdated%22&o=newest){kind=link}
