Sisyphus repository
Last update: 2017-02-28 01:06:39 +0300 | SRPMs: 17837 | Sign in or Sign up
en ru uk br
ALT Linux repositories
hide window
Sisyphus: 56.0.2924.87-alt1
p8: 56.0.2924.87-alt0.M80P.1
p7: 38.0.2125.122-alt0.M70P.2
t7: 38.0.2125.122-alt0.M70P.2
Platform6: 37.0.2062.94-alt0.M60P.1
t6: 37.0.2062.94-alt0.M60P.1

Group :: Networking/WWW
Source RPM: chromium

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs and FR (7/26)   Repocop 

Current version: 56.0.2924.87-alt1
Built: 18 days ago
Size: 697 MB
Repocop status: ok

Home page:   http://www.chromium.org

License: BSD-3-Clause and LGPL-2.1+
Summary: An open source web browser developed by Google
Description:

Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all Internet users to experience the web.

Current maintainer: Alexey Gladkov

List of contributors: ACL: List of rpms provided by this srpm:
  • chromium
  • chromium-debuginfo
  • chromium-gnome
  • chromium-kde
Recent changes (last three changelog entries):

2017-02-08 Alexey Gladkov <legion at altlinux.ru> 56.0.2924.87-alt1

    - New version (56.0.2924.87).
    - Security fixes:
    - CVE-2017-5007: Universal XSS in Blink. Credit to Mariusz Mlynski
    - CVE-2017-5006: Universal XSS in Blink. Credit to Mariusz Mlynski
    - CVE-2017-5008: Universal XSS in Blink. Credit to Mariusz Mlynski
    - CVE-2017-5010: Universal XSS in Blink. Credit to Mariusz Mlynski
    - CVE-2017-5011: Unauthorised file access in Devtools. Credit to Khalil Zhani
    - CVE-2017-5009: Out of bounds memory access in WebRTC. Credit to Sean Stanek and Chip Bradford
    - CVE-2017-5012: Heap overflow in V8. Credit to Gergely Nagy (Tresorit)
    - CVE-2017-5013: Address spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah)
    - CVE-2017-5014: Heap overflow in Skia. Credit to sweetchip
    - CVE-2017-5015: Address spoofing in Omnibox. Credit to Armin Razmdjou
    - CVE-2017-5019: Use after free in Renderer. Credit to Wadih Matar
    - CVE-2017-5016: UI spoofing in Blink. Credit to Haosheng Wang (@gnehsoah)
    - CVE-2017-5017: Uninitialised memory access in webm video. Credit to Dan Berman
    - CVE-2017-5018: Universal XSS in chrome://apps. Credit to Rob Wu
    - CVE-2017-5020: Universal XSS in chrome://downloads. Credit to Rob Wu
    - CVE-2017-5021: Use after free in Extensions. Credit to Rob Wu
    - CVE-2017-5022: Bypass of Content Security Policy in Blink. Credit to evi1m0#ly.com
    - CVE-2017-5023: Type confusion in metrics. Credit to the UK's National Cyber Security Centre (NCSC)
    - CVE-2017-5024: Heap overflow in FFmpeg. Credit to Paul Mehta
    - CVE-2017-5025: Heap overflow in FFmpeg. Credit to Paul Mehta
    - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing
    - CVE-2017-5027: Bypass of Content Security Policy in Blink.

2016-12-08 Alexey Gladkov <legion at altlinux.ru> 55.0.2883.75-alt1

    - New version (55.0.2883.75).
    - Security fixes:
    - CVE-2016-9651: Private property access in V8. Credit to Guang Gong of Alpha Team Of Qihoo 360
    - CVE-2016-5208: Universal XSS in Blink. Credit to Mariusz Mlynski
    - CVE-2016-5207: Universal XSS in Blink. Credit to Mariusz Mlynski
    - CVE-2016-5206: Same-origin bypass in PDFium. Credit to Rob Wu (robwu.nl)
    - CVE-2016-5205: Universal XSS in Blink. Credit to Anonymous
    - CVE-2016-5204: Universal XSS in Blink. Credit to Mariusz Mlynski
    - CVE-2016-5209: Out of bounds write in Blink. Credit to Giwan Go of STEALIEN
    - CVE-2016-5203: Use after free in PDFium. Credit to Anonymous
    - CVE-2016-5210: Out of bounds write in PDFium. Credit to Ke Liu of Tencent's Xuanwu LAB
    - CVE-2016-5212: Local file disclosure in DevTools. Credit to Khalil Zhani
    - CVE-2016-5211: Use after free in PDFium. Credit to Anonymous
    - CVE-2016-5213: Use after free in V8. Credit to Khalil Zhani
    - CVE-2016-5214: File download protection bypass. Credit to Jonathan Birch and MSVR
    - CVE-2016-5216: Use after free in PDFium. Credit to Anonymous
    - CVE-2016-5215: Use after free in Webaudio. Credit to Looben Yang
    - CVE-2016-5217: Use of unvalidated data in PDFium. Credit to Rob Wu (robwu.nl)
    - CVE-2016-5218: Address spoofing in Omnibox. Credit to Abdulrahman Alqabandi (@qab)
    - CVE-2016-5219: Use after free in V8. Credit to Rob Wu (robwu.nl)
    - CVE-2016-5221: Integer overflow in ANGLE. Credit to Tim Becker of ForAllSecure
    - CVE-2016-5220: Local file access in PDFium. Credit to Rob Wu (robwu.nl)
    - CVE-2016-5222: Address spoofing in Omnibox. Credit to xisigr of Tencent's Xuanwu Lab
    - CVE-2016-9650: CSP Referrer disclosure. Credit to Jakub Zoczek
    - CVE-2016-5223: Integer overflow in PDFium. Credit to Hwiwon Lee
    - CVE-2016-5226: Limited XSS in Blink. Credit to Jun Kokatsu (@shhnjk)
    - CVE-2016-5225: CSP bypass in Blink. Credit to Scott Helme (@Scott_Helme, scotthelme.co.uk)
    - CVE-2016-5224: Same-origin bypass in SVG. Credit to Roeland Krak
    - CVE-2016-9652: Various fixes from internal audits, fuzzing and other initiatives

2016-10-30 Alexey Gladkov <legion at altlinux.ru> 54.0.2840.59-alt3

    - Fix Requires.
    - Add debuginfo.

 
© 2009–2016 Igor Zubkov