UbuntuUpdates.org

Package "chromium-browser"

Name: chromium-browser

Description:

Chromium web browser, open-source version of Chrome

Latest version: 89.0.4389.90-0ubuntu0.16.04.2
Release: xenial (16.04)
Level: updates
Repository: universe
Homepage: https://chromium.googlesource.com/chromium/src/

Links


Download "chromium-browser"


Other versions of "chromium-browser" in Xenial

Repository Area Version
base universe 49.0.2623.108-0ubuntu1.1233
security universe 89.0.4389.90-0ubuntu0.16.04.2
PPA: Mint Upstream 2020.10.27
PPA: Mint Upstream 2020.10.27

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 89.0.4389.90-0ubuntu0.16.04.2 2021-03-24 21:07:06 UTC

  chromium-browser (89.0.4389.90-0ubuntu0.16.04.2) xenial; urgency=medium

  * debian/control: add an explicit runtime dependency on libx11-xcb1
    (LP: #1919146)

 -- Olivier Tilloy <email address hidden> Thu, 18 Mar 2021 15:10:59 +0100

Source diff to previous version
1919146 Missing runtime dependency on libx11-xcb1

Version: 89.0.4389.82-0ubuntu0.16.04.1 2021-03-13 14:06:17 UTC

  chromium-browser (89.0.4389.82-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 89.0.4389.82

 -- Olivier Tilloy <email address hidden> Sun, 07 Mar 2021 06:35:41 +0100

Source diff to previous version

Version: 87.0.4280.66-0ubuntu0.16.04.1 2020-12-02 12:06:44 UTC

  chromium-browser (87.0.4280.66-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 87.0.4280.66
    - CVE-2020-16018: Use after free in payments.
    - CVE-2020-16019: Inappropriate implementation in filesystem.
    - CVE-2020-16020: Inappropriate implementation in cryptohome.
    - CVE-2020-16021: Race in ImageBurner.
    - CVE-2020-16022: Insufficient policy enforcement in networking.
    - CVE-2020-16015: Insufficient data validation in WASM.
    - CVE-2020-16014: Use after free in PPAPI.
    - CVE-2020-16023: Use after free in WebCodecs.
    - CVE-2020-16024: Heap buffer overflow in UI.
    - CVE-2020-16025: Heap buffer overflow in clipboard.
    - CVE-2020-16026: Use after free in WebRTC.
    - CVE-2020-16027: Insufficient policy enforcement in developer tools.
    - CVE-2020-16028: Heap buffer overflow in WebRTC.
    - CVE-2020-16029: Inappropriate implementation in PDFium.
    - CVE-2020-16030: Insufficient data validation in Blink.
    - CVE-2019-8075: Insufficient data validation in Flash.
    - CVE-2020-16031: Incorrect security UI in tab preview.
    - CVE-2020-16032: Incorrect security UI in sharing.
    - CVE-2020-16033: Incorrect security UI in WebUSB.
    - CVE-2020-16034: Inappropriate implementation in WebRTC.
    - CVE-2020-16035: Insufficient data validation in cros-disks.
    - CVE-2020-16012: Side-channel information leakage in graphics.
    - CVE-2020-16036: Inappropriate implementation in cookies.
  * debian/rules: set chrome_pgo_phase build flag to 0 to disable PGO, because
    the upstream profile data is not compatible with the version of clang used
    to build chromium
  * debian/patches/default-allocator: refreshed
  * debian/patches/fix-different-language-linkage-error.patch: removed, no
    longer needed
  * debian/patches/fix-ptrace-header-include.patch: refreshed
  * debian/patches/gtk-symbols-conditional.patch: updated
  * debian/patches/revert-getrandom.patch: added
  * debian/patches/revert-newer-xcb-requirement.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/stl-util-old-clang-compatibility.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/use-clang-versioned.patch: refreshed

 -- Olivier Tilloy <email address hidden> Tue, 17 Nov 2020 23:09:47 +0100

Source diff to previous version
CVE-2019-8075 Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Info

Version: 86.0.4240.198-0ubuntu0.16.04.1 2020-11-17 20:06:24 UTC

  chromium-browser (86.0.4240.198-0ubuntu0.16.04.1) xenial; urgency=medium

  * Stable channel update: 86.0.4240.198
    - CVE-2020-16013: Inappropriate implementation in V8.
    - CVE-2020-16017: Use after free in site isolation.

 -- Olivier Tilloy <email address hidden> Thu, 12 Nov 2020 07:13:56 +0100

Source diff to previous version

Version: 86.0.4240.75-0ubuntu0.16.04.1 2020-10-16 05:06:47 UTC

  chromium-browser (86.0.4240.75-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 86.0.4240.75
    - CVE-2020-15967: Use after free in payments.
    - CVE-2020-15968: Use after free in Blink.
    - CVE-2020-15969: Use after free in WebRTC.
    - CVE-2020-15970: Use after free in NFC.
    - CVE-2020-15971: Use after free in printing.
    - CVE-2020-15972: Use after free in audio.
    - CVE-2020-15990: Use after free in autofill.
    - CVE-2020-15991: Use after free in password manager.
    - CVE-2020-15973: Insufficient policy enforcement in extensions.
    - CVE-2020-15974: Integer overflow in Blink.
    - CVE-2020-15975: Integer overflow in SwiftShader.
    - CVE-2020-15976: Use after free in WebXR.
    - CVE-2020-6557: Inappropriate implementation in networking.
    - CVE-2020-15977: Insufficient data validation in dialogs.
    - CVE-2020-15978: Insufficient data validation in navigation.
    - CVE-2020-15979: Inappropriate implementation in V8.
    - CVE-2020-15980: Insufficient policy enforcement in Intents.
    - CVE-2020-15981: Out of bounds read in audio.
    - CVE-2020-15982: Side-channel information leakage in cache.
    - CVE-2020-15983: Insufficient data validation in webUI.
    - CVE-2020-15984: Insufficient policy enforcement in Omnibox.
    - CVE-2020-15985: Inappropriate implementation in Blink.
    - CVE-2020-15986: Integer overflow in media.
    - CVE-2020-15987: Use after free in WebRTC.
    - CVE-2020-15992: Insufficient policy enforcement in networking.
    - CVE-2020-15988: Insufficient policy enforcement in downloads.
    - CVE-2020-15989: Uninitialized Use in PDFium.
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/default-allocator: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/fix-c++17ism.patch: added
  * debian/patches/fix-different-language-linkage-error.patch: added
  * debian/patches/gtk-symbols-conditional.patch: refreshed
  * debian/patches/import-missing-fcntl-defines.patch: added
  * debian/patches/node-use-system-wide.patch: refreshed
  * debian/patches/revert-newer-xcb-requirement.patch: added
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/stl-util-old-clang-compatibility.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/touch-v35: updated
  * debian/patches/upstream-fix-crash-in-MediaSerializer-base-Location.patch:
    removed, no longer needed
  * debian/patches/widevine-enable-version-string.patch: refreshed
  * debian/patches/widevine-other-locations: refreshed

 -- Olivier Tilloy <email address hidden> Wed, 07 Oct 2020 22:00:46 +0200




About   -   Send Feedback to @ubuntu_updates