Пакет chromium: Информация

Бинарный пакет: chromium
Версия: 68.0.3440.84-alt1
Архитектура: x86_64
Собран:  5 сентября 2018 г. 7:37 в задании #212058
Исходный пакет: chromium
Категория: Сети/WWW
Сообщить об ошибке в пакете
Gear: https://git.altlinux.org/gears/c/chromium.git?a=tree;hb=1cbf812a…
Лог сборки: https://git.altlinux.org/tasks/212058/build/400/x86_64/log
Домашняя страница: http://www.chromium.org
Лицензия: BSD-3-Clause and LGPL-2.1+
О пакете: An open source web browser developed by Google
Описание: 
Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all Internet users to experience the web.
Сопровождающий: Alexey Gladkov
Список участников:
Alexey Gladkov
Andrey Cherepanov
Konstantin Lepikhov
Dmitriy Kulik

Последнее изменение

8 августа 2018 г. Alexey Gladkov 68.0.3440.84-alt1
- New version (68.0.3440.84).
- Security fixes:
  - CVE-2018-6153: Stack buffer overflow in Skia.
  - CVE-2018-6154: Heap buffer overflow in WebGL.
  - CVE-2018-6155: Use after free in WebRTC.
  - CVE-2018-6156: Heap buffer overflow in WebRTC.
  - CVE-2018-6157: Type confusion in WebRTC.
  - CVE-2018-6158: Use after free in Blink.
  - CVE-2018-6159: Same origin policy bypass in ServiceWorker.
  - CVE-2018-6160: URL spoof in Chrome on iOS.
  - CVE-2018-6161: Same origin policy bypass in WebAudio.
  - CVE-2018-6162: Heap buffer overflow in WebGL.
  - CVE-2018-6163: URL spoof in Omnibox.
  - CVE-2018-6164: Same origin policy bypass in ServiceWorker.
  - CVE-2018-6165: URL spoof in Omnibox.
  - CVE-2018-6166: URL spoof in Omnibox.
  - CVE-2018-6167: URL spoof in Omnibox.
  - CVE-2018-6168: CORS bypass in Blink.
  - CVE-2018-6169: Permissions bypass in extension installation .
  - CVE-2018-6170: Type confusion in PDFium.
  - CVE-2018-6171: Use after free in WebBluetooth.
  - CVE-2018-6172: URL spoof in Omnibox.
  - CVE-2018-6173: URL spoof in Omnibox.
  - CVE-2018-6174: Integer overflow in SwiftShader.
  - CVE-2018-6175: URL spoof in Omnibox.
  - CVE-2018-6176: Local user privilege escalation in Extensions.
  - CVE-2018-6177: Cross origin information leak in Blink.
  - CVE-2018-6178: UI spoof in Extensions.
  - CVE-2018-6179: Local file information leak in Extensions.
  - CVE-2018-6044: Request privilege escalation in Extensions .
  - CVE-2018-4117: Cross origin information leak in Blink.
  - CVE-2018-6150: Cross origin information disclosure in Service Workers.
  - CVE-2018-6151: Bad cast in DevTools.
  - CVE-2018-6152: Local file write in DevTools.
17 июня 2018 г. Alexey Gladkov 67.0.3396.87-alt1
- New version (67.0.3396.87).
- Use ninja-build.
- Security fixes:
  - CVE-2018-6149: Out of bounds write in V8.
  - CVE-2018-6148: Incorrect handling of CSP header.
  - CVE-2018-6123: Use after free in Blink.
  - CVE-2018-6124: Type confusion in Blink.
  - CVE-2018-6125: Overly permissive policy in WebUSB.
  - CVE-2018-6126: Heap buffer overflow in Skia.
  - CVE-2018-6127: Use after free in indexedDB.
  - CVE-2018-6128: uXSS in Chrome on iOS.
  - CVE-2018-6129: Out of bounds memory access in WebRTC.
  - CVE-2018-6130: Out of bounds memory access in WebRTC.
  - CVE-2018-6131: Incorrect mutability protection in WebAssembly.
  - CVE-2018-6132: Use of uninitialized memory in WebRTC.
  - CVE-2018-6133: URL spoof in Omnibox.
  - CVE-2018-6134: Referrer Policy bypass in Blink.
  - CVE-2018-6135: UI spoofing in Blink.
  - CVE-2018-6136: Out of bounds memory access in V8.
  - CVE-2018-6137: Leak of visited status of page in Blink.
  - CVE-2018-6138: Overly permissive policy in Extensions.
  - CVE-2018-6139: Restrictions bypass in the debugger extension API.
  - CVE-2018-6140: Restrictions bypass in the debugger extension API.
  - CVE-2018-6141: Heap buffer overflow in Skia.
  - CVE-2018-6142: Out of bounds memory access in V8.
  - CVE-2018-6143: Out of bounds memory access in V8.
  - CVE-2018-6144: Out of bounds memory access in PDFium.
  - CVE-2018-6145: Incorrect escaping of MathML in Blink.
  - CVE-2018-6147: Password fields not taking advantage of OS protections in Views.
19 апреля 2018 г. Alexey Gladkov 66.0.3359.117-alt1
- New version (66.0.3359.117).
- Security fixes:
  - CVE-2018-6085: Use after free in Disk Cache.
  - CVE-2018-6086: Use after free in Disk Cache.
  - CVE-2018-6087: Use after free in WebAssembly.
  - CVE-2018-6088: Use after free in PDFium.
  - CVE-2018-6089: Same origin policy bypass in Service Worker.
  - CVE-2018-6090: Heap buffer overflow in Skia.
  - CVE-2018-6091: Incorrect handling of plug-ins by Service Worker.
  - CVE-2018-6092: Integer overflow in WebAssembly.
  - CVE-2018-6093: Same origin bypass in Service Worker.
  - CVE-2018-6094: Exploit hardening regression in Oilpan.
  - CVE-2018-6095: Lack of meaningful user interaction requirement before file upload.
  - CVE-2018-6096: Fullscreen UI spoof.
  - CVE-2018-6097: Fullscreen UI spoof.
  - CVE-2018-6098: URL spoof in Omnibox.
  - CVE-2018-6099: CORS bypass in ServiceWorker.
  - CVE-2018-6100: URL spoof in Omnibox.
  - CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools .
  - CVE-2018-6102: URL spoof in Omnibox.
  - CVE-2018-6103: UI spoof in Permissions.
  - CVE-2018-6104: URL spoof in Omnibox.
  - CVE-2018-6105: URL spoof in Omnibox.
  - CVE-2018-6106: Incorrect handling of promises in V8.
  - CVE-2018-6107: URL spoof in Omnibox.
  - CVE-2018-6108: URL spoof in Omnibox.
  - CVE-2018-6109: Incorrect handling of files by FileAPI.
  - CVE-2018-6110: Incorrect handling of plaintext files via file:// .
  - CVE-2018-6111: Heap-use-after-free in DevTools.
  - CVE-2018-6112: Incorrect URL handling in DevTools.
  - CVE-2018-6113: URL spoof in Navigation.
  - CVE-2018-6114: CSP bypass.
  - CVE-2018-6115: SmartScreen bypass in downloads.
  - CVE-2018-6116: Incorrect low memory handling in WebAssembly.
  - CVE-2018-6117: Confusing autofill settings.
  - CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS.
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Версия: v24.5.3
Наверх