Package chromium-kde: Information
Binary package: chromium-kde
Version: 67.0.3396.87-alt1
Architecture: aarch64
Build time: Jul 1, 2018, 08:38 PM in the task #208558
Source package: chromium
Category: Networking/WWW
Report package bugHome page: http://www.chromium.org
License: BSD-3-Clause and LGPL-2.1+
Summary: Update to chromium to use KDE's kwallet to store passwords
Description:
By using the update-alternatives the password store for Chromium is changed to utilize KDE's kwallet. Please be aware that by this change the old password are no longer accessible and are also not converted to kwallet.
Maintainer: Alexey Gladkov
Last changed
June 17, 2018 Alexey Gladkov 67.0.3396.87-alt1
- New version (67.0.3396.87). - Use ninja-build. - Security fixes: - CVE-2018-6149: Out of bounds write in V8. - CVE-2018-6148: Incorrect handling of CSP header. - CVE-2018-6123: Use after free in Blink. - CVE-2018-6124: Type confusion in Blink. - CVE-2018-6125: Overly permissive policy in WebUSB. - CVE-2018-6126: Heap buffer overflow in Skia. - CVE-2018-6127: Use after free in indexedDB. - CVE-2018-6128: uXSS in Chrome on iOS. - CVE-2018-6129: Out of bounds memory access in WebRTC. - CVE-2018-6130: Out of bounds memory access in WebRTC. - CVE-2018-6131: Incorrect mutability protection in WebAssembly. - CVE-2018-6132: Use of uninitialized memory in WebRTC. - CVE-2018-6133: URL spoof in Omnibox. - CVE-2018-6134: Referrer Policy bypass in Blink. - CVE-2018-6135: UI spoofing in Blink. - CVE-2018-6136: Out of bounds memory access in V8. - CVE-2018-6137: Leak of visited status of page in Blink. - CVE-2018-6138: Overly permissive policy in Extensions. - CVE-2018-6139: Restrictions bypass in the debugger extension API. - CVE-2018-6140: Restrictions bypass in the debugger extension API. - CVE-2018-6141: Heap buffer overflow in Skia. - CVE-2018-6142: Out of bounds memory access in V8. - CVE-2018-6143: Out of bounds memory access in V8. - CVE-2018-6144: Out of bounds memory access in PDFium. - CVE-2018-6145: Incorrect escaping of MathML in Blink. - CVE-2018-6147: Password fields not taking advantage of OS protections in Views.
April 19, 2018 Alexey Gladkov 66.0.3359.117-alt1
- New version (66.0.3359.117). - Security fixes: - CVE-2018-6085: Use after free in Disk Cache. - CVE-2018-6086: Use after free in Disk Cache. - CVE-2018-6087: Use after free in WebAssembly. - CVE-2018-6088: Use after free in PDFium. - CVE-2018-6089: Same origin policy bypass in Service Worker. - CVE-2018-6090: Heap buffer overflow in Skia. - CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. - CVE-2018-6092: Integer overflow in WebAssembly. - CVE-2018-6093: Same origin bypass in Service Worker. - CVE-2018-6094: Exploit hardening regression in Oilpan. - CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. - CVE-2018-6096: Fullscreen UI spoof. - CVE-2018-6097: Fullscreen UI spoof. - CVE-2018-6098: URL spoof in Omnibox. - CVE-2018-6099: CORS bypass in ServiceWorker. - CVE-2018-6100: URL spoof in Omnibox. - CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . - CVE-2018-6102: URL spoof in Omnibox. - CVE-2018-6103: UI spoof in Permissions. - CVE-2018-6104: URL spoof in Omnibox. - CVE-2018-6105: URL spoof in Omnibox. - CVE-2018-6106: Incorrect handling of promises in V8. - CVE-2018-6107: URL spoof in Omnibox. - CVE-2018-6108: URL spoof in Omnibox. - CVE-2018-6109: Incorrect handling of files by FileAPI. - CVE-2018-6110: Incorrect handling of plaintext files via file:// . - CVE-2018-6111: Heap-use-after-free in DevTools. - CVE-2018-6112: Incorrect URL handling in DevTools. - CVE-2018-6113: URL spoof in Navigation. - CVE-2018-6114: CSP bypass. - CVE-2018-6115: SmartScreen bypass in downloads. - CVE-2018-6116: Incorrect low memory handling in WebAssembly. - CVE-2018-6117: Confusing autofill settings. - CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS.
March 30, 2018 Alexey Gladkov 65.0.3325.181-alt1
- New version (65.0.3325.181).