Sisyphus repository
Last update: 2018-07-22 20:06:32 +0400 | SRPMs: 18630 | Sign in or Sign up
en ru uk br
ALT Linux repositories
hide window
Sisyphus: 67.0.3396.87-alt1
p8: 61.0.3163.100-alt0.M80P.1
p7: 38.0.2125.122-alt0.M70P.2
t7: 38.0.2125.122-alt0.M70P.2
Platform6: 37.0.2062.94-alt0.M60P.1
t6: 37.0.2062.94-alt0.M60P.1

Group :: Networking/WWW
Source RPM: chromium

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs and FR (8/35)   Repocop 

Current version: 67.0.3396.87-alt1
Built: 21 days ago
FTBFS: 0 weeks on x86_64
Size: 701 MB
Repocop status: ok

Home page:   http://www.chromium.org

License: BSD-3-Clause and LGPL-2.1+
Summary: An open source web browser developed by Google
Description:

Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all Internet users to experience the web.

Current maintainer: Alexey Gladkov

List of contributors: ACL: List of rpms provided by this srpm:
  • chromium
  • chromium-debuginfo
  • chromium-gnome
  • chromium-kde
Recent changes (last three changelog entries):

2018-06-17 Alexey Gladkov <legion at altlinux.ru> 67.0.3396.87-alt1

    - New version (67.0.3396.87).
    - Use ninja-build.
    - Security fixes:
    - CVE-2018-6149: Out of bounds write in V8.
    - CVE-2018-6148: Incorrect handling of CSP header.
    - CVE-2018-6123: Use after free in Blink.
    - CVE-2018-6124: Type confusion in Blink.
    - CVE-2018-6125: Overly permissive policy in WebUSB.
    - CVE-2018-6126: Heap buffer overflow in Skia.
    - CVE-2018-6127: Use after free in indexedDB.
    - CVE-2018-6128: uXSS in Chrome on iOS.
    - CVE-2018-6129: Out of bounds memory access in WebRTC.
    - CVE-2018-6130: Out of bounds memory access in WebRTC.
    - CVE-2018-6131: Incorrect mutability protection in WebAssembly.
    - CVE-2018-6132: Use of uninitialized memory in WebRTC.
    - CVE-2018-6133: URL spoof in Omnibox.
    - CVE-2018-6134: Referrer Policy bypass in Blink.
    - CVE-2018-6135: UI spoofing in Blink.
    - CVE-2018-6136: Out of bounds memory access in V8.
    - CVE-2018-6137: Leak of visited status of page in Blink.
    - CVE-2018-6138: Overly permissive policy in Extensions.
    - CVE-2018-6139: Restrictions bypass in the debugger extension API.
    - CVE-2018-6140: Restrictions bypass in the debugger extension API.
    - CVE-2018-6141: Heap buffer overflow in Skia.
    - CVE-2018-6142: Out of bounds memory access in V8.
    - CVE-2018-6143: Out of bounds memory access in V8.
    - CVE-2018-6144: Out of bounds memory access in PDFium.
    - CVE-2018-6145: Incorrect escaping of MathML in Blink.
    - CVE-2018-6147: Password fields not taking advantage of OS protections in Views.

2018-04-19 Alexey Gladkov <legion at altlinux.ru> 66.0.3359.117-alt1

    - New version (66.0.3359.117).
    - Security fixes:
    - CVE-2018-6085: Use after free in Disk Cache.
    - CVE-2018-6086: Use after free in Disk Cache.
    - CVE-2018-6087: Use after free in WebAssembly.
    - CVE-2018-6088: Use after free in PDFium.
    - CVE-2018-6089: Same origin policy bypass in Service Worker.
    - CVE-2018-6090: Heap buffer overflow in Skia.
    - CVE-2018-6091: Incorrect handling of plug-ins by Service Worker.
    - CVE-2018-6092: Integer overflow in WebAssembly.
    - CVE-2018-6093: Same origin bypass in Service Worker.
    - CVE-2018-6094: Exploit hardening regression in Oilpan.
    - CVE-2018-6095: Lack of meaningful user interaction requirement before file upload.
    - CVE-2018-6096: Fullscreen UI spoof.
    - CVE-2018-6097: Fullscreen UI spoof.
    - CVE-2018-6098: URL spoof in Omnibox.
    - CVE-2018-6099: CORS bypass in ServiceWorker.
    - CVE-2018-6100: URL spoof in Omnibox.
    - CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools .
    - CVE-2018-6102: URL spoof in Omnibox.
    - CVE-2018-6103: UI spoof in Permissions.
    - CVE-2018-6104: URL spoof in Omnibox.
    - CVE-2018-6105: URL spoof in Omnibox.
    - CVE-2018-6106: Incorrect handling of promises in V8.
    - CVE-2018-6107: URL spoof in Omnibox.
    - CVE-2018-6108: URL spoof in Omnibox.
    - CVE-2018-6109: Incorrect handling of files by FileAPI.
    - CVE-2018-6110: Incorrect handling of plaintext files via file:// .
    - CVE-2018-6111: Heap-use-after-free in DevTools.
    - CVE-2018-6112: Incorrect URL handling in DevTools.
    - CVE-2018-6113: URL spoof in Navigation.
    - CVE-2018-6114: CSP bypass.
    - CVE-2018-6115: SmartScreen bypass in downloads.
    - CVE-2018-6116: Incorrect low memory handling in WebAssembly.
    - CVE-2018-6117: Confusing autofill settings.
    - CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS.

2018-03-30 Alexey Gladkov <legion at altlinux.ru> 65.0.3325.181-alt1

    - New version (65.0.3325.181).

 
© 2009–2018 Igor Zubkov