-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 03 Dec 2017 15:26:02 +0000
Source: chromium-browser
Binary: chromium chromium-l10n chromium-shell chromium-widevine chromium-driver chromedriver
Architecture: i386
Version: 63.0.3239.84-1~deb9u1
Distribution: stretch-security
Urgency: medium
Maintainer: amd64 / i386 Build Daemon (x86-csail-01) <buildd_amd64-x86-csail-01@buildd.debian.org>
Changed-By: Michael Gilbert <mgilbert@debian.org>
Description:
 chromedriver - web browser - WebDriver support transitional package
 chromium   - web browser
 chromium-driver - web browser - WebDriver support
 chromium-l10n - web browser - language packs
 chromium-shell - web browser - minimal shell
 chromium-widevine - web browser - widevine content decryption support
Changes:
 chromium-browser (63.0.3239.84-1~deb9u1) stretch-security; urgency=medium
 .
   * New upstream stable release.
     - CVE-2017-15407: Out of bounds write in QUIC. Reported by Ned Williamson
     - CVE-2017-15408: Heap buffer overflow in PDFium. Reported by Ke Liu
     - CVE-2017-15409: Out of bounds write in Skia. Reported by Anonymous
     - CVE-2017-15410: Use after free in PDFium. Reported by Luật Nguyễn
     - CVE-2017-15411: Use after free in PDFium. Reported by Luật Nguyễn
     - CVE-2017-15413: Type confusion in WebAssembly. Reported by Gaurav Dewan
     - CVE-2017-15415: Pointer information disclosure in IPC call. Reported by
       Viktor Brange
     - CVE-2017-15416: Out of bounds read in Blink. Reported by Ned Williamson
     - CVE-2017-15417: Cross origin information disclosure in Skia . Reported by
       Max May
     - CVE-2017-15418: Use of uninitialized value in Skia. Reported by Kushal
       Arvind Shah
     - CVE-2017-15419: Cross origin leak of redirect URL in Blink. Reported by
       Jun Kokatsu
     - CVE-2017-15420: URL spoofing in Omnibox. Reported by WenXu Wu
     - CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. Reported by
       Greg Hudson
     - CVE-2017-15424: URL Spoof in Omnibox. Reported by Khalil Zhani
     - CVE-2017-15425: URL Spoof in Omnibox. Reported by xisigr
     - CVE-2017-15426: URL Spoof in Omnibox. Reported by WenXu Wu
     - CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. Reported
       by Junaid Farhan
Checksums-Sha1:
 823c4573608b2d1ca2ccc1347ae6bb1088207e3d 123696 chromedriver_63.0.3239.84-1~deb9u1_i386.deb
 5990eca16e1d53d05c063bf4d99b62f9a1ba5f28 21224 chromium-browser_63.0.3239.84-1~deb9u1_i386.buildinfo
 ee26c2407faa2d357453c799dc13feb1d2404177 7601712 chromium-dbgsym_63.0.3239.84-1~deb9u1_i386.deb
 e897ee571e522e731f1bd63582c610a06a70298c 441704 chromium-driver-dbgsym_63.0.3239.84-1~deb9u1_i386.deb
 1d233c31f734f544bfb0beecb7e1dd3adab3fcd8 3768668 chromium-driver_63.0.3239.84-1~deb9u1_i386.deb
 fa8cfc9ed51e14f075202db9d3ab202b86ab68c8 5050006 chromium-shell-dbgsym_63.0.3239.84-1~deb9u1_i386.deb
 4a3ea63fda35658620fa48699119e929c5c71af5 25613382 chromium-shell_63.0.3239.84-1~deb9u1_i386.deb
 d2558638f30a61197e65630657067a906fe647d6 155244 chromium-widevine_63.0.3239.84-1~deb9u1_i386.deb
 2ec32c2cae42b447a3d0b465123e8c7bceb78572 49630834 chromium_63.0.3239.84-1~deb9u1_i386.deb
Checksums-Sha256:
 5a548bd81dadcd4343e24c839e1254361e73e04e52f480dfb088e3c8f2f1c62a 123696 chromedriver_63.0.3239.84-1~deb9u1_i386.deb
 67c596f28dcc5d719c16793692d9d55a6b3112835c0a53b6ef2542498a6fe78a 21224 chromium-browser_63.0.3239.84-1~deb9u1_i386.buildinfo
 1699e80e7496e8d321c0e73ea920a1c1a5c4fb10b4bdeb2eeb0b33bd134d0d98 7601712 chromium-dbgsym_63.0.3239.84-1~deb9u1_i386.deb
 ca9092caac43c94a688c102ea4a3a55f357125d79ff0d788b8581b4ca0e97135 441704 chromium-driver-dbgsym_63.0.3239.84-1~deb9u1_i386.deb
 86a8e9bfed45bbad572c685898ee8f7190a7f7086fb69f375ad07b6a80cae5cb 3768668 chromium-driver_63.0.3239.84-1~deb9u1_i386.deb
 3ae8be648ea86beef240119f49089749044e1698b8fd7cc069d6dc181a0fd627 5050006 chromium-shell-dbgsym_63.0.3239.84-1~deb9u1_i386.deb
 6802a708b55006d21b01ad1dbf2a8e1ba630b4489a05dfaf583fb33b7540abc7 25613382 chromium-shell_63.0.3239.84-1~deb9u1_i386.deb
 166de42995c1645f6123109bc18faa16117620c15c1190bfc8770e7d76e29fe5 155244 chromium-widevine_63.0.3239.84-1~deb9u1_i386.deb
 8343a50074fb67c1f48ed4e3f26d8e510bbe82a9a36ed527272a419c6f01936f 49630834 chromium_63.0.3239.84-1~deb9u1_i386.deb
Files:
 6178ef5b5ec2bdbe4efcd82c77f6f14b 123696 web optional chromedriver_63.0.3239.84-1~deb9u1_i386.deb
 d1d285e8a27a55af753657b5d84b6723 21224 web optional chromium-browser_63.0.3239.84-1~deb9u1_i386.buildinfo
 6a674d5cec5a374eb1a9de8e4e447427 7601712 debug extra chromium-dbgsym_63.0.3239.84-1~deb9u1_i386.deb
 5429a39a296b006b15387943c83f4af6 441704 debug extra chromium-driver-dbgsym_63.0.3239.84-1~deb9u1_i386.deb
 a875bcf6bcfb7effcadf8dce31f9684c 3768668 web optional chromium-driver_63.0.3239.84-1~deb9u1_i386.deb
 71d95edba7d50c95fd635a259b5e49ad 5050006 debug extra chromium-shell-dbgsym_63.0.3239.84-1~deb9u1_i386.deb
 45d4e97dbc97625f993290b48561ef8a 25613382 web optional chromium-shell_63.0.3239.84-1~deb9u1_i386.deb
 ff0ffc99f470f4f64173cee0a7603df7 155244 contrib/web optional chromium-widevine_63.0.3239.84-1~deb9u1_i386.deb
 99291fcea7c3465df8defe0b552db204 49630834 web optional chromium_63.0.3239.84-1~deb9u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEevHXPYnWIBOaTTctFfcBBC0/C0gFAlot+YUACgkQFfcBBC0/
C0hkGg//YhFwzCPNNe3IPSBo+bNSc60qAb2A2STYgBzd2rZf5rx8s7foqLRc9oGe
SBfpqRCLNjy4+zTmnL/jK4ohd7HBigrtNo1HN0/NlZG4sbMJskslidKjeq1jjfLb
q5Xp3ZvMzuxSO5kmAkksQ58TqTCVOU0l2WmGYwCMbnC7vxa3/YLrjs28QHspOJo4
6902hnx56jLWKPRVV3xsB22e95HbB36wdFteTlHHJ6aG997vfTzH1ayGKfCR1XLa
1yx4wTWncQpCp9f0+TL3vcSSyZPzVFmjxlpV8Tvc9YEi+0V1Ws1/LIAv+zu+gYgz
WWVnkABUTpdrCx3lgzYAceMKTCpFSfZa3W57ObpZqbod6n3gBd5VJCYUoaq4pdYo
W3e1LPz+v3Gt7BW5k0+5GcKEmkPGPND033ZvNgoaprxH2dh5shTspyEOHxiPpJpN
FEx7eVayioUnCV03R7b82KRE79OmmLrF2mI7WaOWp5ADhBJ1/njdvlmw2MKNaNdA
TKTDdtY2FU8gCPrXmmrPgncTv3R+1whPvAzUKfswNBgSXMhObbslv+W2bd5BAR0t
dRgQlHM4MrqsAh7xDCnEZfQt3ZUnt88Fsp6xhLiPpgVDvmxJLxIEVamKiwdYSUsT
ovLzDBNdwOCwqrNUCo/xOZFNNwjztwYFO2LOwHwiczLuyyQmSk4=
=6yML
-----END PGP SIGNATURE-----