[Bug 1652110] Re: Chromium 55+ doesn't support Widevine library

Mon, 11 Dec 2017 11:56:23 -0800 

This bug was fixed in the package chromium-browser -
63.0.3239.84-0ubuntu0.17.04.1

---------------
chromium-browser (63.0.3239.84-0ubuntu0.17.04.1) zesty; urgency=medium

  * Upstream release: 63.0.3239.84
    - CVE-2017-15407: Out of bounds write in QUIC.
    - CVE-2017-15408: Heap buffer overflow in PDFium.
    - CVE-2017-15409: Out of bounds write in Skia.
    - CVE-2017-15410: Use after free in PDFium.
    - CVE-2017-15411: Use after free in PDFium.
    - CVE-2017-15412: Use after free in libXML.
    - CVE-2017-15413: Type confusion in WebAssembly.
    - CVE-2017-15415: Pointer information disclosure in IPC call.
    - CVE-2017-15416: Out of bounds read in Blink.
    - CVE-2017-15417: Cross origin information disclosure in Skia.
    - CVE-2017-15418: Use of uninitialized value in Skia.
    - CVE-2017-15419: Cross origin leak of redirect URL in Blink.
    - CVE-2017-15420: URL spoofing in Omnibox.
    - CVE-2017-15422: Integer overflow in ICU.
    - CVE-2017-15423: Issue with SPAKE implementation in BoringSSL.
    - CVE-2017-15424: URL Spoof in Omnibox.
    - CVE-2017-15425: URL Spoof in Omnibox.
    - CVE-2017-15426: URL Spoof in Omnibox.
    - CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox.
  * debian/rules:
    - replace allow_posix_link_time_opt=false by use_lld=false, is_cfi=false
      and use_thin_lto=false
    - rename use_vulcanize GN flag to optimize_webui
    - generate the man page as it's not being built with chromium any
      longer (since commit 64b961499bebc54fe48478f5e37477252c7887fa)
    - build gn with clang
  * debian/patches/arm-neon.patch: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/fix-gn-bootstrap.patch: removed, no longer needed
  * debian/patches/fix_building_widevinecdm_with_chromium.patch: replaced by
    debian/patches/widevine-revision.patch
  * debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: added
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: updated
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/touch-v35: refreshed
  * debian/patches/widevine-other-locations: updated (LP: #1652110)
  * debian/patches/widevine-revision.patch: added (LP: #1652110)

 -- Olivier Tilloy <olivier.til...@canonical.com>  Thu, 07 Dec 2017
13:35:57 +0100

** Changed in: chromium-browser (Ubuntu)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15407

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15408

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15409

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15410

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15411

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15412

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15413

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15415

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15416

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15417

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15418

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15419

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15420

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15422

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15423

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15424

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15425

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15426

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-15427

** Changed in: chromium-browser (Ubuntu)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1652110

Title:
  Chromium 55+ doesn't support Widevine library

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1652110/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to