News for package chromium-browser

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 3.0 (quilt)
Source: chromium-browser
Binary: chromium, chromium-l10n, chromium-shell, chromium-widevine, chromium-driver, chromedriver
Architecture: i386 amd64 arm64 armhf all
Version: 67.0.3396.87-1~deb9u1
Maintainer: Debian Chromium Maintainers <pkg-chromium-maint@lists.alioth.debian.org>
Uploaders:  Michael Gilbert <mgilbert@debian.org>, Riku Voipio <riku.voipio@linaro.org>
Homepage: http://www.chromium.org/Home
Standards-Version: 3.9.8
Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-chromium/pkg-chromium.git
Vcs-Git: git://anonscm.debian.org/pkg-chromium/pkg-chromium.git
Build-Depends: debhelper (>= 9), python3, pkg-config, ninja-build, python-jinja2, ca-certificates, wget, flex, yasm, xvfb, wdiff, gperf, bison, valgrind, xz-utils, x11-apps, xfonts-base, libglewmx-dev, libgl1-mesa-dev, libglu1-mesa-dev, libegl1-mesa-dev, libgles2-mesa-dev, mesa-common-dev, libxt-dev, libre2-dev, libgbm-dev, libpng-dev, libxss-dev, libelf-dev, libvpx-dev, libpci-dev, libcap-dev, libdrm-dev, libicu-dev, libffi-dev, libkrb5-dev, libexif-dev, libflac-dev, libudev-dev, libopus-dev, libwebp-dev, libxtst-dev, libsrtp-dev, libjpeg-dev, libxml2-dev, libgtk-3-dev, libgtk2.0-dev, libxslt1-dev, libpulse-dev, libpam0g-dev, libsnappy-dev, libgconf2-dev, libavutil-dev, libavcodec-dev (>= 7:3.0), libavformat-dev, libglib2.0-dev, libasound2-dev, libsqlite3-dev, libjsoncpp-dev, libspeechd-dev (>= 0.8.4), libminizip-dev, libhunspell-dev, libharfbuzz-dev (>= 1.2.7), libusb-1.0-0-dev, libmodpbase64-dev, libgnome-keyring-dev, libnss3-dev (>= 3.12.3), libnspr4-dev (>= 2:4.9), libcups2-dev (>= 1.5.0), libevent-dev (>= 1.4.13), libjs-jquery, libjs-excanvas, libjs-jquery-flot, libgcrypt20-dev, fonts-ipafont-gothic, fonts-ipafont-mincho
Package-List:
 chromedriver deb web optional arch=i386,amd64,arm64,armhf
 chromium deb web optional arch=i386,amd64,arm64,armhf
 chromium-driver deb web optional arch=i386,amd64,arm64,armhf
 chromium-l10n deb localization optional arch=all
 chromium-shell deb web optional arch=i386,amd64,arm64,armhf
 chromium-widevine deb contrib/web optional arch=i386,amd64,arm64,armhf
Checksums-Sha1:
 abdaf339fcc3a35d19c319aa6f134ff9f0b190e5 420694684 chromium-browser_67.0.3396.87.orig.tar.xz
 b1d7d372833466f7f6077b04075f299d5d9ec103 148628 chromium-browser_67.0.3396.87-1~deb9u1.debian.tar.xz
Checksums-Sha256:
 4745b1e51cc4831193f86684b74ff47cad2dd5800b52c04704df927e85c6e8f4 420694684 chromium-browser_67.0.3396.87.orig.tar.xz
 423eb12d353f4a51fe75987189113d1cc00bc3002e1463152db2ea59d5ab3038 148628 chromium-browser_67.0.3396.87-1~deb9u1.debian.tar.xz
Files:
 bba246fb81e374d005aadcd882beefe3 420694684 chromium-browser_67.0.3396.87.orig.tar.xz
 42758fd298658f5826e5fb64fd728322 148628 chromium-browser_67.0.3396.87-1~deb9u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAls3H2kACgkQuNayzQLW
9HOWXyAAiMMcJdmVwFhcOh/R3Kema1Gnv7sUT96Z2fvsdmaAjGYhVvixKlO1fJak
lVhIuXE3UV1Jx9Tzb+GpyXGZqU09nzyCzABPawV52zthmcHuboJTB/cp2ESQ8i0b
ZiPMZOvpJk0qegiiFm56zy4UJLyWTOIiefxCb6zUnOrzD4+9a7hs9JuR4MN54ved
bxRcXeexqiN9qTdHFjZIqBPFgVR9+jG9rzw1uWRSyKMPkt/Qz06SXqzpvXPDzbjH
7PEx9NYIU3wNBU/vkBQICK+E6LW9Le3F7oY/osgQlRl7LOkJ5jFIjh6DWclTgMm+
GybQkM0a8Rj6wwHlitKdcgJDJdN1HuREILVDbIt8lUEMvI52inR1Dg9U/HMUQ9SW
qC1bVdL7xkyxKCSbaH3L4qtzJ4R2CCzRz6zMuHu7WKjZLY3QXlRiMUL5Wjjkosd5
zOVzx9yz88REyuctsXwRZvyhQAqWk7wCiprWaXDCAQ5F783/oFBKfS6LcDkBtZcN
bgwgxOZzPqF9kHNkEQemkVlVZcUqmWnatYqPiOazh4VuKxsnLe064v/jeG/0zgOj
eQIZ+IsGE03YxrPcp9wjgVTzwkyBZuLIsPSDPfBe+m95KZTVfwjZz1I/fSVJGmxz
wl4zofQNhLSvU5j3SdAE3VJEXqdzATt9faQvu9yoqGgIzqIp4AkDUzsdL0nE8514
qU56jTP/Zw0Jnnk4eyjwS4B6lSjtiqTjOzZ1cnrca59wlb0zIr2idCyRgbPiTjVw
O45v6Jkj66ZFnrLFrWqTn7fiQoDYkzVSr9LcDa3XQkXRoswsqtItgwqS+W/SvCI/
JMX3jSlVzOgXfnaMNwYeTK+W7bn/DsHyJQhMZhBFq8Z6qGmQar6l3mBO4kWIF2h/
4kCUQnLfAY8lgE1fcz4gqzaszc8fXb6Aim4zPBj3VzM+dPZQeYnJmTMHQDIhbBkk
HnuT+/mss12OQO+ZNmYvkncsWpd9S26XpeWtcTIm7uzJnkPLkYLguYfJ3A+jusO4
I9kwR/CqH9ynZTSXpgGsbZ58mDZ4jpz2U3JqjofJ2zZZP9dzBGVXIQ+aszTiLT/H
TYXdZn3z6J8w+CW7WeN9ePKrQ3Z7nJk9Z3i7AEO6DCEh5erdjOL8xB9VxTO6/xEy
pIq3aeNRa08aIqSFTCgcgj25nF28uqODgKyMO8CkiEgUiOv/Wmh0SUXGoX0rdigS
GbgpcmeTNymgLKl1iO38xZTTQfieXzcSQkKxOVkW5y1cmwWaGSyHh1WP3pkbvd66
1UnRqqlxMGUqCEIn+sO+2V7KvVgIKzfTGTOO5QIann0ZcBo23rwLbju5hvYp/+X8
YUFlsO20mbq7M6TckcMxvcOM2+4WEA==
=Ctbq
-----END PGP SIGNATURE-----

<span id="changes">Changes:</span>
chromium-browser (67.0.3396.87-1~deb9u1) stretch-security; urgency=medium

  * New upstream stable release.
    - CVE-2018-6123: Use after free in Blink. Reported by Looben Yang
    - CVE-2018-6124: Type confusion in Blink. Reported by Guang Gong
    - CVE-2018-6125: Overly permissive policy in WebUSB. Reported by Yubico
    - CVE-2018-6126: Heap buffer overflow in Skia. Reported by Ivan Fratric
    - CVE-2018-6127: Use after free in indexedDB. Reported by Looben Yang
    - CVE-2018-6129: Out of bounds memory access in WebRTC. Reported by Natalie
      Silvanovich
    - CVE-2018-6130: Out of bounds memory access in WebRTC. Reported by Natalie
      Silvanovich
    - CVE-2018-6131: Incorrect mutability protection in WebAssembly. Reported
      by Natalie Silvanovich
    - CVE-2018-6132: Use of uninitialized memory in WebRTC. Reported by Ronald
      E. Crane
    - CVE-2018-6133: URL spoof in Omnibox. Reported by Khalil Zhani
    - CVE-2018-6134: Referrer Policy bypass in Blink. Reported by Jun Kokatsu
    - CVE-2018-6135: UI spoofing in Blink. Reported by Jasper Rebane
    - CVE-2018-6136: Out of bounds memory access in V8. Reported by Peter Wong
    - CVE-2018-6137: Leak of visited status of page in Blink. Reported by
      Michael Smith
    - CVE-2018-6138: Overly permissive policy in Extensions. Reported by
      François Lajeunesse-Robert
    - CVE-2018-6139: Restrictions bypass in the debugger extension API.
      Reported by Rob Wu
    - CVE-2018-6140: Restrictions bypass in the debugger extension API.
      Reported by Rob Wu
    - CVE-2018-6141: Heap buffer overflow in Skia. Reported by Yangkang
    - CVE-2018-6142: Out of bounds memory access in V8. Reported by Choongwoo
      Han
    - CVE-2018-6143: Out of bounds memory access in V8. Reported by Guang Gong
    - CVE-2018-6144: Out of bounds memory access in PDFium. Reported by pdknsk
    - CVE-2018-6145: Incorrect escaping of MathML in Blink. Reported by Masato
      Kinugawa
    - CVE-2018-6147: Password fields not taking advantage of OS protections in
      Views. Reported by Michail Pishchagin
    - CVE-2018-6148: Incorrect handling of CSP header. Reported by Michał
      Bentkowski
    - CVE-2018-6149: Out of bounds write in V8. Reported by Yu Zhou and
      Jundong Xie
  * The widevine adaptor package is now empty, it is no longer required to
    use the widevine content decryption module.

 -- Michael Gilbert <mgilbert@debian.org>  Fri, 29 Jun 2018 23:47:08 +0000