Package "chromium-browser-l10n"

  chromium-browser (97.0.4692.71-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 97.0.4692.71
    - CVE-2022-0096: Use after free in Storage.
    - CVE-2022-0097: Inappropriate implementation in DevTools.
    - CVE-2022-0098: Use after free in Screen Capture.
    - CVE-2022-0099: Use after free in Sign-in.
    - CVE-2022-0100: Heap buffer overflow in Media streams API.
    - CVE-2022-0101: Heap buffer overflow in Bookmarks.
    - CVE-2022-0102: Type Confusion in V8.
    - CVE-2022-0103: Use after free in SwiftShader.
    - CVE-2022-0104: Heap buffer overflow in ANGLE.
    - CVE-2022-0105: Use after free in PDF.
    - CVE-2022-0106: Use after free in Autofill.
    - CVE-2022-0107: Use after free in File Manager API.
    - CVE-2022-0108: Inappropriate implementation in Navigation.
    - CVE-2022-0109: Inappropriate implementation in Autofill.
    - CVE-2022-0110: Incorrect security UI in Autofill.
    - CVE-2022-0111: Inappropriate implementation in Navigation.
    - CVE-2022-0112: Incorrect security UI in Browser UI.
    - CVE-2022-0113: Inappropriate implementation in Blink.
    - CVE-2022-0114: Out of bounds memory access in Web Serial.
    - CVE-2022-0115: Uninitialized Use in File API.
    - CVE-2022-0116: Inappropriate implementation in Compositing.
    - CVE-2022-0117: Policy bypass in Service Workers.
    - CVE-2022-0118: Inappropriate implementation in WebShare.
    - CVE-2022-0120: Inappropriate implementation in Passwords.
  * debian/patches/blink-math-constexpr.patch: added
  * debian/patches/blink-math-constexpr2.patch: added
  * debian/patches/build-with-old-libva-missing-defines.patch: refreshed
  * debian/patches/build-with-old-libva-no-av1.patch: refreshed
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/use-clang-versioned.patch: updated
  * debian/patches/widevine-other-locations: refreshed

 -- Olivier Tilloy <email address hidden> Fri, 07 Jan 2022 21:05:03 +0100

  chromium-browser (95.0.4638.69-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 95.0.4638.69
    - CVE-2021-37997 : Use after free in Sign-In.
    - CVE-2021-37998 : Use after free in Garbage Collection.
    - CVE-2021-37999 : Insufficient data validation in New Tab Page.
    - CVE-2021-38000 : Insufficient validation of untrusted input in Intents.
    - CVE-2021-38001 : Type Confusion in V8.
    - CVE-2021-38002 : Use after free in Web Transport.
    - CVE-2021-38003 : Inappropriate implementation in V8.

 -- Olivier Tilloy <email address hidden> Fri, 29 Oct 2021 12:13:58 +0200

  chromium-browser (94.0.4606.81-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 94.0.4606.81
    - CVE-2021-37977 : Use after free in Garbage Collection.
    - CVE-2021-37978 : Heap buffer overflow in Blink.
    - CVE-2021-37979 : Heap buffer overflow in WebRTC.
    - CVE-2021-37980 : Inappropriate implementation in Sandbox.

 -- Olivier Tilloy <email address hidden> Fri, 08 Oct 2021 10:54:21 +0200

  chromium-browser (94.0.4606.71-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 94.0.4606.71
    - CVE-2021-37974 : Use after free in Safe Browsing.
    - CVE-2021-37975 : Use after free in V8.
    - CVE-2021-37976 : Information leak in core.

 -- Olivier Tilloy <email address hidden> Fri, 01 Oct 2021 06:56:50 +0200

  chromium-browser (93.0.4577.63-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 93.0.4577.63
    - CVE-2021-30606: Use after free in Blink.
    - CVE-2021-30607: Use after free in Permissions.
    - CVE-2021-30608: Use after free in Web Share.
    - CVE-2021-30609: Use after free in Sign-In.
    - CVE-2021-30610: Use after free in Extensions API.
    - CVE-2021-30611: Use after free in WebRTC.
    - CVE-2021-30612: Use after free in WebRTC.
    - CVE-2021-30613: Use after free in Base internals.
    - CVE-2021-30614: Heap buffer overflow in TabStrip.
    - CVE-2021-30615: Cross-origin data leak in Navigation.
    - CVE-2021-30616: Use after free in Media.
    - CVE-2021-30617: Policy bypass in Blink.
    - CVE-2021-30618: Inappropriate implementation in DevTools.
    - CVE-2021-30619: UI Spoofing in Autofill.
    - CVE-2021-30620: Insufficient policy enforcement in Blink.
    - CVE-2021-30621: UI Spoofing in Autofill.
    - CVE-2021-30622: Use after free in WebApp Installs.
    - CVE-2021-30623: Use after free in Bookmarks.
    - CVE-2021-30624: Use after free in Autofill.
  * debian/patches/build-with-old-libva-missing-defines.patch: refreshed
  * debian/patches/build-with-old-libva-no-av1.patch: refreshed
  * debian/patches/enable-chromecast-by-default.patch: removed, no longer needed
  * debian/patches/libaom-armhf-build-cpudetect.patch: refreshed
  * debian/patches/no-dirmd.patch: refreshed
  * debian/patches/qualify-ambiguous-name-lookup.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/use-clang-versioned.patch: refreshed
  * debian/patches/v8-add-missing-constexpr-arm64.patch: removed, no longer
    needed (upstreamed)
  * debian/patches/widevine-enable-version-string.patch: refreshed

 -- Olivier Tilloy <email address hidden> Wed, 25 Aug 2021 13:05:12 +0200