-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 03 Dec 2017 15:26:02 +0000 Source: chromium-browser Binary: chromium chromium-l10n chromium-shell chromium-widevine chromium-driver chromedriver Architecture: all Version: 63.0.3239.84-1~deb9u1 Distribution: stretch-security Urgency: medium Maintainer: all Build Daemon (x86-csail-02) Changed-By: Michael Gilbert Description: chromedriver - web browser - WebDriver support transitional package chromium - web browser chromium-driver - web browser - WebDriver support chromium-l10n - web browser - language packs chromium-shell - web browser - minimal shell chromium-widevine - web browser - widevine content decryption support Changes: chromium-browser (63.0.3239.84-1~deb9u1) stretch-security; urgency=medium . * New upstream stable release. - CVE-2017-15407: Out of bounds write in QUIC. Reported by Ned Williamson - CVE-2017-15408: Heap buffer overflow in PDFium. Reported by Ke Liu - CVE-2017-15409: Out of bounds write in Skia. Reported by Anonymous - CVE-2017-15410: Use after free in PDFium. Reported by Luật Nguyễn - CVE-2017-15411: Use after free in PDFium. Reported by Luật Nguyễn - CVE-2017-15413: Type confusion in WebAssembly. Reported by Gaurav Dewan - CVE-2017-15415: Pointer information disclosure in IPC call. Reported by Viktor Brange - CVE-2017-15416: Out of bounds read in Blink. Reported by Ned Williamson - CVE-2017-15417: Cross origin information disclosure in Skia . Reported by Max May - CVE-2017-15418: Use of uninitialized value in Skia. Reported by Kushal Arvind Shah - CVE-2017-15419: Cross origin leak of redirect URL in Blink. Reported by Jun Kokatsu - CVE-2017-15420: URL spoofing in Omnibox. Reported by WenXu Wu - CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. Reported by Greg Hudson - CVE-2017-15424: URL Spoof in Omnibox. Reported by Khalil Zhani - CVE-2017-15425: URL Spoof in Omnibox. Reported by xisigr - CVE-2017-15426: URL Spoof in Omnibox. Reported by WenXu Wu - CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. Reported by Junaid Farhan Checksums-Sha1: af97f70da4a49c943d567e2e82acfa618eae7f82 19105 chromium-browser_63.0.3239.84-1~deb9u1_all.buildinfo 7a7875a90029fe6c4a002bef25d2b65254592e82 2769362 chromium-l10n_63.0.3239.84-1~deb9u1_all.deb Checksums-Sha256: b764db567022ed9667a16903248e28fb018270e16161e4d20900064e786cc7aa 19105 chromium-browser_63.0.3239.84-1~deb9u1_all.buildinfo 0aeee81cdb96811c68c45bb98055ec9e8cd8ae2dcb40bde1957d74e687b00655 2769362 chromium-l10n_63.0.3239.84-1~deb9u1_all.deb Files: ae5794b89f84963f461d8e4bdb5e8b60 19105 web optional chromium-browser_63.0.3239.84-1~deb9u1_all.buildinfo f6897e91888a16049371e2ec9a91c8b3 2769362 localization optional chromium-l10n_63.0.3239.84-1~deb9u1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEENh9Xd2En6FxMvD+8d6k1rHLDnqsFAlotyv4ACgkQd6k1rHLD nqtErw//ZV63gt7UTpvWPTGLraf9/sXUBQ23LELkjExekNmdaqbtMEQ9LLZhQtfV xMP0oed2jxvnEs1NpsvlTPUi4H3iR7Em/k80lFfPHZw+JmHbnQ6YfrAjGU2Hb/vZ 4TrGhUHasa0Gpxsvk6IzDmizion/q8zT8kjFbJpvJqPtwVd+YAPCnWOmE16+2qr0 tjyVN8r2JMB9S0UgbfqrDyT6JthLc6CcpT/m0XfXBz5aB8cVmUScabtvxJIvDSlc RpSrrwS+EIGsC5QNXLka8pFgaEBOstWWoRdWBr2XfXyESx0AizbpymFift0FRGNT LpSxlRJSDXUvd8s9W7Ftj1zy/stSPcoxR07au0puQ6hD0aUS41/Rw7fbO9Bcjn+r 6sVwMaExjdNeqgHVV49BEpeh4Mqe5xoDoM695bSRwJbGD/G7do1KxDh4sBbQ4Om9 3iEAKUHTSeEl3mW73Tj4VuAsOd59OPmffd10XQ4aHrbD5k8KP2INy1R04D2EILf5 wu8mORt4ylmQ8xCOr+ZRbdVLxIPXPaCP2YpxW9MYqJt/QylG/4Ni6SZK1rjbEoEo WZ8v4We75ux8PT2SEAOvlGwf1sA5JYszrNRNN/IrIBe76OymP+2sq+s33Ixu5i+h uds3LK7+eRpS6gmiIaYdf8EX+hpIbwM6m4zRvTf8ViY52sO30X0= =ju1y -----END PGP SIGNATURE-----