Changelog
chromium-browser (65.0.3325.146-1) unstable; urgency=medium
* New upstream stable release release.
- CVE-2018-6056: Incorrect derived class instantiation in V8. Reported by
lokihardt
- CVE-2018-6060: Use after free in Blink. Reported by Omair
- CVE-2018-6061: Race condition in V8. Reported by Guang Gong
- CVE-2018-6062: Heap buffer overflow in Skia. Reported by Anonymous
- CVE-2018-6057: Incorrect permissions on shared memory. Reported by Gal
Beniamini
- CVE-2018-6063: Incorrect permissions on shared memory. Reported by Gal
Beniamini
- CVE-2018-6064: Type confusion in V8. Reported by lokihardt
- CVE-2018-6065: Integer overflow in V8. Reported by Mark Brand
- CVE-2018-6066: Same Origin Bypass via canvas. Reported by Masato Kinugawa
- CVE-2018-6067: Buffer overflow in Skia. Reported by Ned Williamson
- CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab. Reported by
Luan Herrera
- CVE-2018-6069: Stack buffer overflow in Skia. Reported by Wanglu &
Yangkang
- CVE-2018-6070: CSP bypass through extensions. Reported by Rob Wu
- CVE-2018-6071: Heap bufffer overflow in Skia. Reported by Anonymous
- CVE-2018-6072: Integer overflow in PDFium. Reported by Atte Kettunen
- CVE-2018-6073: Heap bufffer overflow in WebGL. Reported by Omair
- CVE-2018-6074: Mark-of-the-Web bypass. Reported by Abdulrahman Alqabandi
- CVE-2018-6075: Overly permissive cross origin downloads. Reported by Inti
De Ceukelaire
- CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink.
Reported by Mateusz Krzeszowiec
- CVE-2018-6077: Timing attack using SVG filters. Reported by Khalil Zhani
- CVE-2018-6078: URL Spoof in OmniBox. Reported by Khalil Zhani
- CVE-2018-6079: Information disclosure via texture data in WebGL. Reported
by Ivars Atteka
- CVE-2018-6080: Information disclosure in IPC call. Reported by Gal
Beniamini
- CVE-2018-6081: XSS in interstitials. Reported by Rob Wu
- CVE-2018-6082: Circumvention of port blocking. Reported by WenXu Wu
- CVE-2018-6083: Incorrect processing of AppManifests. Reported by Jun
Kokatsu
* Enable support for vp9 (closes: #891831).
-- Michael Gilbert <email address hidden> Mon, 05 Mar 2018 01:26:31 +0000