Sisyphus repository
Last update: 2017-05-30 09:06:06 +0400 | SRPMs: 17882 | Sign in or Sign up
en ru uk br
ALT Linux repositories
hide window
Sisyphus: 58.0.3029.110-alt1
p8: 58.0.3029.110-alt0.M80P.1
t7: 38.0.2125.122-alt0.M70P.2
t6: 37.0.2062.94-alt0.M60P.1

Group :: Networking/WWW
Source RPM: chromium

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs and FR (7/27)   Repocop 

Current version: 58.0.3029.110-alt1
Built: 9 days ago
Size: 608 MB
Repocop status: ok

Home page:   http://www.chromium.org

License: BSD-3-Clause and LGPL-2.1+
Summary: An open source web browser developed by Google
Description:

Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all Internet users to experience the web.

Current maintainer: Alexey Gladkov

List of contributors: ACL: List of rpms provided by this srpm:
  • chromium
  • chromium-debuginfo
  • chromium-gnome
  • chromium-kde
Recent changes (last three changelog entries):

2017-05-10 Alexey Gladkov <legion at altlinux.ru> 58.0.3029.110-alt1

    - New version (58.0.3029.110).

2017-03-27 Alexey Gladkov <legion at altlinux.ru> 57.0.2987.110-alt1

    - New version (57.0.2987.110).
    - Security fixes:
    - CVE-2017-5030: Memory corruption in V8. Credit to Brendon Tiszka
    - CVE-2017-5031: Use after free in ANGLE. Credit to Looben Yang
    - CVE-2017-5032: Out of bounds write in PDFium. Credit to Ashfaq Ansari - Project Srishti
    - CVE-2017-5029: Integer overflow in libxslt. Credit to Holger Fuhrmannek
    - CVE-2017-5034: Use after free in PDFium. Credit to Ke Liu of Tencent's Xuanwu LAB
    - CVE-2017-5035: Incorrect security UI in Omnibox. Credit to Enzo Aguado
    - CVE-2017-5036: Use after free in PDFium. Credit to Anonymous
    - CVE-2017-5037: Multiple out of bounds writes in ChunkDemuxer. Credit to Yongke Wang of Tencent's Xuanwu Lab (xlab.tencent.com)
    - CVE-2017-5039: Use after free in PDFium. Credit to jinmo123
    - CVE-2017-5040: Information disclosure in V8. Credit to Choongwoo Han
    - CVE-2017-5041: Address spoofing in Omnibox. Credit to Jordi Chancel
    - CVE-2017-5033: Bypass of Content Security Policy in Blink. Credit to Nicolai Grodum
    - CVE-2017-5042: Incorrect handling of cookies in Cast. Credit to Mike Ruddy
    - CVE-2017-5038: Use after free in GuestView. Credit to Anonymous
    - CVE-2017-5043: Use after free in GuestView. Credit to Anonymous
    - CVE-2017-5044: Heap overflow in Skia. Credit to Kushal Arvind Shah of Fortinet's FortiGuard Labs
    - CVE-2017-5045: Information disclosure in XSS Auditor. Credit to Dhaval Kapil (vampire)
    - CVE-2017-5046: Information disclosure in Blink. Credit to Masato Kinugawa

2017-02-08 Alexey Gladkov <legion at altlinux.ru> 56.0.2924.87-alt1

    - New version (56.0.2924.87).
    - Security fixes:
    - CVE-2017-5007: Universal XSS in Blink. Credit to Mariusz Mlynski
    - CVE-2017-5006: Universal XSS in Blink. Credit to Mariusz Mlynski
    - CVE-2017-5008: Universal XSS in Blink. Credit to Mariusz Mlynski
    - CVE-2017-5010: Universal XSS in Blink. Credit to Mariusz Mlynski
    - CVE-2017-5011: Unauthorised file access in Devtools. Credit to Khalil Zhani
    - CVE-2017-5009: Out of bounds memory access in WebRTC. Credit to Sean Stanek and Chip Bradford
    - CVE-2017-5012: Heap overflow in V8. Credit to Gergely Nagy (Tresorit)
    - CVE-2017-5013: Address spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah)
    - CVE-2017-5014: Heap overflow in Skia. Credit to sweetchip
    - CVE-2017-5015: Address spoofing in Omnibox. Credit to Armin Razmdjou
    - CVE-2017-5019: Use after free in Renderer. Credit to Wadih Matar
    - CVE-2017-5016: UI spoofing in Blink. Credit to Haosheng Wang (@gnehsoah)
    - CVE-2017-5017: Uninitialised memory access in webm video. Credit to Dan Berman
    - CVE-2017-5018: Universal XSS in chrome://apps. Credit to Rob Wu
    - CVE-2017-5020: Universal XSS in chrome://downloads. Credit to Rob Wu
    - CVE-2017-5021: Use after free in Extensions. Credit to Rob Wu
    - CVE-2017-5022: Bypass of Content Security Policy in Blink. Credit to evi1m0#ly.com
    - CVE-2017-5023: Type confusion in metrics. Credit to the UK's National Cyber Security Centre (NCSC)
    - CVE-2017-5024: Heap overflow in FFmpeg. Credit to Paul Mehta
    - CVE-2017-5025: Heap overflow in FFmpeg. Credit to Paul Mehta
    - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing
    - CVE-2017-5027: Bypass of Content Security Policy in Blink.

 
© 2009–2016 Igor Zubkov