lp:~chromium-team/chromium-browser/bionic-stable

Branch merges

Propose for merging

1 branch proposed for merging into this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Bug #1667208: Ubuntu's selenium hardcodes a path that is valid for Debian, but not for Ubuntu	Medium	Fix Released
Bug #1742653: chromium-browser 63+ packages 50+ MB of binaries only needed at build time	High	Fix Released
Bug #1768653: chromium 66 FTBFS on armhf	High	Fix Released
Bug #1771847: chromium-browser.svg icon is outdated	Low	Fix Released
Bug #1828192: Please stop build-depending on libgnome-keyring	Medium	Fix Released
Bug #1853149: 78.0.3904.108-1 released for stable channel; fixes CVEs	High	Fix Released
Bug #1913069: [regression] Start-up page is blank after upgrading to version 88	High	Fix Released
Bug #1919146: Missing runtime dependency on libx11-xcb1	High	Fix Released

Link a bug report

Related blueprints

1612. By Olivier Tilloy 5 hours ago

releasing package chromium-browser version 91.0.4472.114-0ubuntu0.18.04.1

1611. By Olivier Tilloy 5 hours ago

* Upstream release: 91.0.4472.114
  - CVE-2021-30554: Use after free in WebGL.
  - CVE-2021-30555: Use after free in Sharing.
  - CVE-2021-30556: Use after free in WebAudio.
  - CVE-2021-30557: Use after free in TabGroups.

1610. By Olivier Tilloy on 2021-06-15

releasing package chromium-browser version 91.0.4472.106-0ubuntu0.18.04.1

1609. By Olivier Tilloy on 2021-06-15

* Upstream release: 91.0.4472.106

1608. By Olivier Tilloy on 2021-06-10

releasing package chromium-browser version 91.0.4472.101-0ubuntu0.18.04.1

1607. By Olivier Tilloy on 2021-06-10

* Upstream release: 91.0.4472.101
  - CVE-2021-30544: Use after free in BFCache.
  - CVE-2021-30545: Use after free in Extensions.
  - CVE-2021-30546: Use after free in Autofill.
  - CVE-2021-30547: Out of bounds write in ANGLE.
  - CVE-2021-30548: Use after free in Loader.
  - CVE-2021-30549: Use after free in Spell check.
  - CVE-2021-30550: Use after free in Accessibility.
  - CVE-2021-30551: Type Confusion in V8.
  - CVE-2021-30552: Use after free in Extensions.
  - CVE-2021-30553: Use after free in Network service.

1606. By Olivier Tilloy on 2021-05-26

releasing package chromium-browser version 91.0.4472.77-0ubuntu0.18.04.1

1605. By Olivier Tilloy on 2021-05-26

* Upstream release: 91.0.4472.77
  - CVE-2021-30521: Heap buffer overflow in Autofill.
  - CVE-2021-30522: Use after free in WebAudio.
  - CVE-2021-30523: Use after free in WebRTC.
  - CVE-2021-30524: Use after free in TabStrip.
  - CVE-2021-30525: Use after free in TabGroups.
  - CVE-2021-30526: Out of bounds write in TabStrip.
  - CVE-2021-30527: Use after free in WebUI.
  - CVE-2021-30528: Use after free in WebAuthentication.
  - CVE-2021-30529: Use after free in Bookmarks.
  - CVE-2021-30530: Out of bounds memory access in WebAudio.
  - CVE-2021-30531: Insufficient policy enforcement in Content Security Policy.
  - CVE-2021-30532: Insufficient policy enforcement in Content Security Policy.
  - CVE-2021-30533: Insufficient policy enforcement in PopupBlocker.
  - CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox.
  - CVE-2021-30535: Double free in ICU.
  - CVE-2021-21212: Insufficient data validation in networking.
  - CVE-2021-30536: Out of bounds read in V8.
  - CVE-2021-30537: Insufficient policy enforcement in cookies.
  - CVE-2021-30538: Insufficient policy enforcement in content security policy.
  - CVE-2021-30539: Insufficient policy enforcement in content security policy.
  - CVE-2021-30540: Incorrect security UI in payments.
* debian/control: add a build dependency on libcurl4-openssl-dev
* debian/patches/build-with-old-libva-missing-defines.patch: refreshed
* debian/patches/build-with-old-libva-no-av1.patch: updated
* debian/patches/closure-compiler-use-system-wide-java.patch: added
* debian/patches/gn-no-last-commit-position.patch: refreshed
* debian/patches/node-use-system-wide.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
* debian/patches/use-clang-versioned.patch: refreshed
* debian/patches/widevine-enable-version-string.patch: refreshed

1604. By Olivier Tilloy on 2021-05-11

releasing package chromium-browser version 90.0.4430.212-0ubuntu0.18.04.1

1603. By Olivier Tilloy on 2021-05-11

* Upstream release: 90.0.4430.212
  - CVE-2021-30506: Incorrect security UI in Web App Installs.
  - CVE-2021-30507: Inappropriate implementation in Offline.
  - CVE-2021-30508: Heap buffer overflow in Media Feeds.
  - CVE-2021-30509: Out of bounds write in Tab Strip.
  - CVE-2021-30510: Race in Aura.
  - CVE-2021-30511: Out of bounds read in Tab Groups.
  - CVE-2021-30512: Use after free in Notifications.
  - CVE-2021-30513: Type Confusion in V8.
  - CVE-2021-30514: Use after free in Autofill.
  - CVE-2021-30515: Use after free in File API.
  - CVE-2021-30516: Heap buffer overflow in History.
  - CVE-2021-30517: Type Confusion in V8.
  - CVE-2021-30518: Heap buffer overflow in Reader Mode.
  - CVE-2021-30519: Use after free in Payments.
  - CVE-2021-30520: Use after free in Tab Strip.