This bug was fixed in the package chromium-browser -
58.0.3029.81-0ubuntu0.14.04.1172
---------------
chromium-browser (58.0.3029.81-0ubuntu0.14.04.1172) trusty; urgency=medium
* Upstream release: 58.0.3029.81
- CVE-2017-5057: Type confusion in PDFium.
- CVE-2017-5058: Heap use after free in Print Preview.
- CVE-2017-5059: Type confusion in Blink.
- CVE-2017-5060: URL spoofing in Omnibox.
- CVE-2017-5061: URL spoofing in Omnibox.
- CVE-2017-5062: Use after free in Chrome Apps.
- CVE-2017-5063: Heap overflow in Skia.
- CVE-2017-5064: Use after free in Blink.
- CVE-2017-5065: Incorrect UI in Blink.
- CVE-2017-5066: Incorrect signature handing in Networking.
- CVE-2017-5067: URL spoofing in Omnibox.
- CVE-2017-5069: Cross-origin bypass in Blink.
* debian/patches/arm.patch: removed, no longer needed
* debian/patches/gtk-ui-stdmove: removed, no longer needed (upstreamed)
* debian/patches/screen_capturer: removed, no longer needed (upstreamed)
* debian/patches/default-allocator: refreshed
* debian/patches/disable-sse2: refreshed
* debian/patches/enable-chromecast-by-default: refreshed
* debian/patches/fix_building_widevinecdm_with_chromium.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/snapshot-library-link: refreshed
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/fix-gn-bootstrap.patch: added
* debian/rules: disable the use of Vulcanize, the required node.js modules
are not readily available
-- Olivier Tilloy <olivier.til...@canonical.com> Mon, 24 Apr 2017
11:56:01 +0200
** Changed in: chromium-browser (Ubuntu)
Status: Confirmed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5057
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5058
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5059
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5060
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5061
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5062
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5063
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5064
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5065
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5066
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5067
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5069
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1669100
Title:
Please disable gconf in chromium-browser
Status in chromium-browser package in Ubuntu:
Fix Released
Bug description:
gconf has been deprecated for years and I'd like to remove it from my
computer. (It's not used by Unity or unity-settings-daemon or core
GNOME at all.)
Ubuntu's debian/rules has use_gconf=true but Debian has
use_gconf=false. Please follow Debian here.
I see that the apport script also tries to use gconf so that should be
dropped too.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1669100/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
