Package chromium: Information
Default inline alert: Version in the repository: 124.0.6367.207-alt1
Source package: chromium
Version: 77.0.3865.90-alt1
Build time: Sep 26, 2019, 09:05 PM in the task #238193
Category: Networking/WWW
Report package bugHome page: http://www.chromium.org
License: BSD-3-Clause and LGPL-2.1+
Summary: An open source web browser developed by Google
Description:
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web.
List of rpms provided by this srpm:
chromium (x86_64, i586, aarch64)
chromium-debuginfo (x86_64, i586, aarch64)
chromium-gnome (x86_64, i586, aarch64)
chromium-kde (x86_64, i586, aarch64)
chromium (x86_64, i586, aarch64)
chromium-debuginfo (x86_64, i586, aarch64)
chromium-gnome (x86_64, i586, aarch64)
chromium-kde (x86_64, i586, aarch64)
Maintainer: Alexey Gladkov
Last changed
Sept. 25, 2019 Alexey Gladkov 77.0.3865.90-alt1
- New version (77.0.3865.90). - Security fixes: - CVE-2019-13685: Use-after-free in UI. - CVE-2019-13686: Use-after-free in offline pages. - CVE-2019-13687: Use-after-free in media. - CVE-2019-13688: Use-after-free in media.
Sept. 23, 2019 Alexey Gladkov 77.0.3865.75-alt1
- New version (77.0.3865.75). - Security fixes: - CVE-2019-13659: URL spoof. - CVE-2019-13660: Full screen notification overlap. - CVE-2019-13661: Full screen notification spoof. - CVE-2019-13662: CSP bypass. - CVE-2019-13663: IDN spoof. - CVE-2019-13664: CSRF bypass. - CVE-2019-13665: Multiple file download protection bypass. - CVE-2019-13666: Side channel using storage size estimate. - CVE-2019-13667: URI bar spoof when using external app URIs. - CVE-2019-13668: Global window leak via console. - CVE-2019-13669: HTTP authentication spoof. - CVE-2019-13670: V8 memory corruption in regex. - CVE-2019-13671: Dialog box fails to show origin. - CVE-2019-13673: Cross-origin information leak using devtools. - CVE-2019-13674: IDN spoofing. - CVE-2019-13675: Extensions can be disabled by trailing slash. - CVE-2019-13676: Google URI shown for certificate warning. - CVE-2019-13677: Chrome web store origin needs to be isolated. - CVE-2019-13678: Download dialog spoofing. - CVE-2019-13679: User gesture needed for printing. - CVE-2019-13680: IP address spoofing to servers. - CVE-2019-13681: Bypass on download restrictions. - CVE-2019-13682: Site isolation bypass. - CVE-2019-13683: Exceptions leaked by devtools. - CVE-2019-5870: Use-after-free in media. - CVE-2019-5871: Heap overflow in Skia. - CVE-2019-5872: Use-after-free in Mojo. - CVE-2019-5873: URL bar spoofing on iOS. - CVE-2019-5874: External URIs may trigger other browsers. - CVE-2019-5875: URL bar spoof via download redirect. - CVE-2019-5876: Use-after-free in media. - CVE-2019-5877: Out-of-bounds access in V8. - CVE-2019-5878: Use-after-free in V8. - CVE-2019-5879: Extensions can read some local files. - CVE-2019-5880: SameSite cookie bypass. - CVE-2019-5881: Arbitrary read in SwiftShader.
Aug. 2, 2019 Alexey Gladkov 76.0.3809.87-alt1
- New version (76.0.3809.87). - Security fixes: - CVE-2019-5850: Use-after-free in offline page fetcher. - CVE-2019-5851: Use-after-poison in offline audio context. - CVE-2019-5852: Object leak of utility functions. - CVE-2019-5853: Memory corruption in regexp length check. - CVE-2019-5854: Integer overflow in PDFium text rendering. - CVE-2019-5855: Integer overflow in PDFium. - CVE-2019-5856: Insufficient checks on filesystem: URI permissions. - CVE-2019-5857: Comparison of -0 and null yields crash. - CVE-2019-5858: Insufficient filtering of Open URL service parameters. - CVE-2019-5859: res: URIs can load alternative browsers. - CVE-2019-5860: Use-after-free in PDFium. - CVE-2019-5861: Click location incorrectly checked. - CVE-2019-5862: AppCache not robust to compromised renderers. - CVE-2019-5863: Use-after-free in WebUSB on Windows. - CVE-2019-5864: Insufficient port filtering in CORS for extensions. - CVE-2019-5865: Site isolation bypass from compromised renderer.