UbuntuUpdates.org

Package "chromium-browser"

Name: chromium-browser

Description:

Chromium web browser, open-source version of Chrome

Latest version: 94.0.4606.81-0ubuntu0.18.04.1
Release: bionic (18.04)
Level: security
Repository: universe
Homepage: https://chromium.googlesource.com/chromium/src/

Links


Download "chromium-browser"


Other versions of "chromium-browser" in Bionic

Repository Area Version
base universe 65.0.3325.181-0ubuntu1
updates universe 94.0.4606.81-0ubuntu0.18.04.1
PPA: Mint Upstream 2020.10.27
PPA: Mint Upstream 2020.10.27

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 94.0.4606.81-0ubuntu0.18.04.1 2021-10-19 17:06:22 UTC

  chromium-browser (94.0.4606.81-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 94.0.4606.81
    - CVE-2021-37977 : Use after free in Garbage Collection.
    - CVE-2021-37978 : Heap buffer overflow in Blink.
    - CVE-2021-37979 : Heap buffer overflow in WebRTC.
    - CVE-2021-37980 : Inappropriate implementation in Sandbox.

 -- Olivier Tilloy <email address hidden> Fri, 08 Oct 2021 10:54:21 +0200

Source diff to previous version

Version: 94.0.4606.71-0ubuntu0.18.04.1 2021-10-07 03:06:23 UTC

  chromium-browser (94.0.4606.71-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 94.0.4606.71
    - CVE-2021-37974 : Use after free in Safe Browsing.
    - CVE-2021-37975 : Use after free in V8.
    - CVE-2021-37976 : Information leak in core.

 -- Olivier Tilloy <email address hidden> Fri, 01 Oct 2021 06:56:50 +0200

Source diff to previous version

Version: 93.0.4577.63-0ubuntu0.18.04.1 2021-09-20 23:06:17 UTC

  chromium-browser (93.0.4577.63-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 93.0.4577.63
    - CVE-2021-30606: Use after free in Blink.
    - CVE-2021-30607: Use after free in Permissions.
    - CVE-2021-30608: Use after free in Web Share.
    - CVE-2021-30609: Use after free in Sign-In.
    - CVE-2021-30610: Use after free in Extensions API.
    - CVE-2021-30611: Use after free in WebRTC.
    - CVE-2021-30612: Use after free in WebRTC.
    - CVE-2021-30613: Use after free in Base internals.
    - CVE-2021-30614: Heap buffer overflow in TabStrip.
    - CVE-2021-30615: Cross-origin data leak in Navigation.
    - CVE-2021-30616: Use after free in Media.
    - CVE-2021-30617: Policy bypass in Blink.
    - CVE-2021-30618: Inappropriate implementation in DevTools.
    - CVE-2021-30619: UI Spoofing in Autofill.
    - CVE-2021-30620: Insufficient policy enforcement in Blink.
    - CVE-2021-30621: UI Spoofing in Autofill.
    - CVE-2021-30622: Use after free in WebApp Installs.
    - CVE-2021-30623: Use after free in Bookmarks.
    - CVE-2021-30624: Use after free in Autofill.
  * debian/patches/build-with-old-libva-missing-defines.patch: refreshed
  * debian/patches/build-with-old-libva-no-av1.patch: refreshed
  * debian/patches/enable-chromecast-by-default.patch: removed, no longer needed
  * debian/patches/libaom-armhf-build-cpudetect.patch: refreshed
  * debian/patches/no-dirmd.patch: refreshed
  * debian/patches/qualify-ambiguous-name-lookup.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/use-clang-versioned.patch: refreshed
  * debian/patches/v8-add-missing-constexpr-arm64.patch: removed, no longer
    needed (upstreamed)
  * debian/patches/widevine-enable-version-string.patch: refreshed

 -- Olivier Tilloy <email address hidden> Wed, 25 Aug 2021 13:05:12 +0200

Source diff to previous version
CVE-2021-30606 Chromium: CVE-2021-30606 Use after free in Blink
CVE-2021-30607 Chromium: CVE-2021-30607 Use after free in Permissions
CVE-2021-30608 Chromium: CVE-2021-30608 Use after free in Web Share
CVE-2021-30609 Chromium: CVE-2021-30609 Use after free in Sign-In
CVE-2021-30610 Chromium: CVE-2021-30610 Use after free in Extensions API
CVE-2021-30611 Chromium: CVE-2021-30611 Use after free in WebRTC
CVE-2021-30612 Chromium: CVE-2021-30612 Use after free in WebRTC
CVE-2021-30613 Chromium: CVE-2021-30613 Use after free in Base internals
CVE-2021-30614 Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip
CVE-2021-30615 Chromium: CVE-2021-30615 Cross-origin data leak in Navigation
CVE-2021-30616 Chromium: CVE-2021-30616 Use after free in Media
CVE-2021-30617 Chromium: CVE-2021-30617 Policy bypass in Blink
CVE-2021-30618 Chromium: CVE-2021-30618 Inappropriate implementation in DevTools
CVE-2021-30619 Chromium: CVE-2021-30619 UI Spoofing in Autofill
CVE-2021-30620 Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink
CVE-2021-30621 Chromium: CVE-2021-30621 UI Spoofing in Autofill
CVE-2021-30622 Chromium: CVE-2021-30622 Use after free in WebApp Installs
CVE-2021-30623 Chromium: CVE-2021-30623 Use after free in Bookmarks
CVE-2021-30624 Chromium: CVE-2021-30624 Use after free in Autofill

Version: 92.0.4515.159-0ubuntu0.18.04.1 2021-08-19 15:06:19 UTC

  chromium-browser (92.0.4515.159-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 92.0.4515.159
    - CVE-2021-30598: Type Confusion in V8.
    - CVE-2021-30599: Type Confusion in V8.
    - CVE-2021-30600: Use after free in Printing.
    - CVE-2021-30601: Use after free in Extensions API.
    - CVE-2021-30602: Use after free in WebRTC.
    - CVE-2021-30603: Race in WebAudio.
    - CVE-2021-30604: Use after free in ANGLE.

 -- Olivier Tilloy <email address hidden> Tue, 17 Aug 2021 09:23:53 +0200

Source diff to previous version

Version: 91.0.4472.101-0ubuntu0.18.04.1 2021-06-14 17:06:24 UTC

  chromium-browser (91.0.4472.101-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 91.0.4472.101
    - CVE-2021-30544: Use after free in BFCache.
    - CVE-2021-30545: Use after free in Extensions.
    - CVE-2021-30546: Use after free in Autofill.
    - CVE-2021-30547: Out of bounds write in ANGLE.
    - CVE-2021-30548: Use after free in Loader.
    - CVE-2021-30549: Use after free in Spell check.
    - CVE-2021-30550: Use after free in Accessibility.
    - CVE-2021-30551: Type Confusion in V8.
    - CVE-2021-30552: Use after free in Extensions.
    - CVE-2021-30553: Use after free in Network service.

 -- Olivier Tilloy <email address hidden> Thu, 10 Jun 2021 22:21:25 +0200




About   -   Send Feedback to @ubuntu_updates