UbuntuUpdates.org

Package "chromium-browser"

Name: chromium-browser

Description:

Chromium web browser, open-source version of Chrome

Latest version: 86.0.4240.198-0ubuntu0.18.04.1
Release: bionic (18.04)
Level: updates
Repository: universe
Homepage: https://chromium.googlesource.com/chromium/src/

Links


Download "chromium-browser"


Other versions of "chromium-browser" in Bionic

Repository Area Version
base universe 65.0.3325.181-0ubuntu1
security universe 86.0.4240.198-0ubuntu0.18.04.1
PPA: Mint Upstream 2020.10.27

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 86.0.4240.198-0ubuntu0.18.04.1 2020-11-17 20:06:26 UTC

  chromium-browser (86.0.4240.198-0ubuntu0.18.04.1) bionic; urgency=medium

  * Stable channel update: 86.0.4240.198
    - CVE-2020-16013: Inappropriate implementation in V8.
    - CVE-2020-16017: Use after free in site isolation.

 -- Olivier Tilloy <email address hidden> Thu, 12 Nov 2020 07:20:39 +0100

Source diff to previous version

Version: 86.0.4240.75-0ubuntu0.18.04.1 2020-10-16 05:06:53 UTC

  chromium-browser (86.0.4240.75-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 86.0.4240.75
    - CVE-2020-15967: Use after free in payments.
    - CVE-2020-15968: Use after free in Blink.
    - CVE-2020-15969: Use after free in WebRTC.
    - CVE-2020-15970: Use after free in NFC.
    - CVE-2020-15971: Use after free in printing.
    - CVE-2020-15972: Use after free in audio.
    - CVE-2020-15990: Use after free in autofill.
    - CVE-2020-15991: Use after free in password manager.
    - CVE-2020-15973: Insufficient policy enforcement in extensions.
    - CVE-2020-15974: Integer overflow in Blink.
    - CVE-2020-15975: Integer overflow in SwiftShader.
    - CVE-2020-15976: Use after free in WebXR.
    - CVE-2020-6557: Inappropriate implementation in networking.
    - CVE-2020-15977: Insufficient data validation in dialogs.
    - CVE-2020-15978: Insufficient data validation in navigation.
    - CVE-2020-15979: Inappropriate implementation in V8.
    - CVE-2020-15980: Insufficient policy enforcement in Intents.
    - CVE-2020-15981: Out of bounds read in audio.
    - CVE-2020-15982: Side-channel information leakage in cache.
    - CVE-2020-15983: Insufficient data validation in webUI.
    - CVE-2020-15984: Insufficient policy enforcement in Omnibox.
    - CVE-2020-15985: Inappropriate implementation in Blink.
    - CVE-2020-15986: Integer overflow in media.
    - CVE-2020-15987: Use after free in WebRTC.
    - CVE-2020-15992: Insufficient policy enforcement in networking.
    - CVE-2020-15988: Insufficient policy enforcement in downloads.
    - CVE-2020-15989: Uninitialized Use in PDFium.
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/default-allocator: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/node-use-system-wide.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/touch-v35: updated
  * debian/patches/widevine-enable-version-string.patch: refreshed
  * debian/patches/widevine-other-locations: refreshed

 -- Olivier Tilloy <email address hidden> Wed, 07 Oct 2020 22:13:11 +0200

Source diff to previous version

Version: 85.0.4183.121-0ubuntu0.18.04.1 2020-09-30 07:06:56 UTC

  chromium-browser (85.0.4183.121-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 85.0.4183.121
    - CVE-2020-15960: Heap buffer overflow in storage.
    - CVE-2020-15961: Insufficient policy enforcement in extensions.
    - CVE-2020-15962: Insufficient policy enforcement in serial.
    - CVE-2020-15963: Insufficient policy enforcement in extensions.
    - CVE-2020-15965: Type Confusion in V8.
    - CVE-2020-15966: Insufficient policy enforcement in extensions.
    - CVE-2020-15964: Insufficient data validation in media.

 -- Olivier Tilloy <email address hidden> Mon, 21 Sep 2020 22:11:46 +0200

Source diff to previous version
CVE-2020-15960 Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access
CVE-2020-15961 Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious
CVE-2020-15962 Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memor
CVE-2020-15963 Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious
CVE-2020-15965 Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a craft
CVE-2020-15966 Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious
CVE-2020-15964 Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a

Version: 85.0.4183.83-0ubuntu0.18.04.2 2020-09-08 14:06:32 UTC

  chromium-browser (85.0.4183.83-0ubuntu0.18.04.2) bionic; urgency=medium

  * debian/rules: install libEGL.so and libGLESv2.so, needed for
    hardware-accelerated rendering

 -- Olivier Tilloy <email address hidden> Mon, 31 Aug 2020 15:19:38 +0200

Source diff to previous version

Version: 84.0.4147.105-0ubuntu0.18.04.1 2020-08-04 21:06:30 UTC

  chromium-browser (84.0.4147.105-0ubuntu0.18.04.1) bionic; urgency=medium

  * Upstream release: 84.0.4147.105
    - CVE-2020-6537: Type Confusion in V8.
    - CVE-2020-6538: Inappropriate implementation in WebView.
    - CVE-2020-6532: Use after free in SCTP.
    - CVE-2020-6539: Use after free in CSS.
    - CVE-2020-6540: Heap buffer overflow in Skia.
    - CVE-2020-6541: Use after free in WebUSB.

 -- Olivier Tilloy <email address hidden> Tue, 28 Jul 2020 11:28:16 +0200




About   -   Send Feedback to @ubuntu_updates