Package chromium-gnome: Information
Binary package: chromium-gnome
Version: 77.0.3865.90-alt1
Architecture: x86_64
Build time: Sep 26, 2019, 09:05 PM in the task #238193
Source package: chromium
Category: Networking/WWW
Report package bugHome page: http://www.chromium.org
License: BSD-3-Clause and LGPL-2.1+
Summary: Update to chromium to use Gnome keyring to store passwords
Description:
By using the update-alternatives the password store for Chromium is changed to utilize Gnome's Keyring. Please be aware that by this change the old password are no longer accessible and are also not converted to Gnome's Keyring.
Maintainer: Alexey Gladkov
Last changed
Sept. 25, 2019 Alexey Gladkov 77.0.3865.90-alt1
- New version (77.0.3865.90). - Security fixes: - CVE-2019-13685: Use-after-free in UI. - CVE-2019-13686: Use-after-free in offline pages. - CVE-2019-13687: Use-after-free in media. - CVE-2019-13688: Use-after-free in media.
Sept. 23, 2019 Alexey Gladkov 77.0.3865.75-alt1
- New version (77.0.3865.75). - Security fixes: - CVE-2019-13659: URL spoof. - CVE-2019-13660: Full screen notification overlap. - CVE-2019-13661: Full screen notification spoof. - CVE-2019-13662: CSP bypass. - CVE-2019-13663: IDN spoof. - CVE-2019-13664: CSRF bypass. - CVE-2019-13665: Multiple file download protection bypass. - CVE-2019-13666: Side channel using storage size estimate. - CVE-2019-13667: URI bar spoof when using external app URIs. - CVE-2019-13668: Global window leak via console. - CVE-2019-13669: HTTP authentication spoof. - CVE-2019-13670: V8 memory corruption in regex. - CVE-2019-13671: Dialog box fails to show origin. - CVE-2019-13673: Cross-origin information leak using devtools. - CVE-2019-13674: IDN spoofing. - CVE-2019-13675: Extensions can be disabled by trailing slash. - CVE-2019-13676: Google URI shown for certificate warning. - CVE-2019-13677: Chrome web store origin needs to be isolated. - CVE-2019-13678: Download dialog spoofing. - CVE-2019-13679: User gesture needed for printing. - CVE-2019-13680: IP address spoofing to servers. - CVE-2019-13681: Bypass on download restrictions. - CVE-2019-13682: Site isolation bypass. - CVE-2019-13683: Exceptions leaked by devtools. - CVE-2019-5870: Use-after-free in media. - CVE-2019-5871: Heap overflow in Skia. - CVE-2019-5872: Use-after-free in Mojo. - CVE-2019-5873: URL bar spoofing on iOS. - CVE-2019-5874: External URIs may trigger other browsers. - CVE-2019-5875: URL bar spoof via download redirect. - CVE-2019-5876: Use-after-free in media. - CVE-2019-5877: Out-of-bounds access in V8. - CVE-2019-5878: Use-after-free in V8. - CVE-2019-5879: Extensions can read some local files. - CVE-2019-5880: SameSite cookie bypass. - CVE-2019-5881: Arbitrary read in SwiftShader.
Aug. 2, 2019 Alexey Gladkov 76.0.3809.87-alt1
- New version (76.0.3809.87). - Security fixes: - CVE-2019-5850: Use-after-free in offline page fetcher. - CVE-2019-5851: Use-after-poison in offline audio context. - CVE-2019-5852: Object leak of utility functions. - CVE-2019-5853: Memory corruption in regexp length check. - CVE-2019-5854: Integer overflow in PDFium text rendering. - CVE-2019-5855: Integer overflow in PDFium. - CVE-2019-5856: Insufficient checks on filesystem: URI permissions. - CVE-2019-5857: Comparison of -0 and null yields crash. - CVE-2019-5858: Insufficient filtering of Open URL service parameters. - CVE-2019-5859: res: URIs can load alternative browsers. - CVE-2019-5860: Use-after-free in PDFium. - CVE-2019-5861: Click location incorrectly checked. - CVE-2019-5862: AppCache not robust to compromised renderers. - CVE-2019-5863: Use-after-free in WebUSB on Windows. - CVE-2019-5864: Insufficient port filtering in CORS for extensions. - CVE-2019-5865: Site isolation bypass from compromised renderer.