lp:~chromium-team/chromium-browser/bionic-stable

Branch merges

1 branch proposed for merging into this one.

Propose for merging

Related source package recipes

1 recipe using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Bug #1667208: Ubuntu's selenium hardcodes a path that is valid for Debian, but not for Ubuntu	Medium	Fix Released
Bug #1742653: chromium-browser 63+ packages 50+ MB of binaries only needed at build time	High	Fix Released
Bug #1768653: chromium 66 FTBFS on armhf	High	Fix Released
Bug #1771847: chromium-browser.svg icon is outdated	Low	Fix Released

Link a bug report

Related blueprints

1465. By Olivier Tilloy on 2019-03-12

releasing package chromium-browser version 73.0.3683.75-0ubuntu0.18.04.1

1464. By Olivier Tilloy on 2019-03-12

* Upstream release: 73.0.3683.75
  - CVE-2019-5787: Use after free in Canvas.
  - CVE-2019-5788: Use after free in FileAPI.
  - CVE-2019-5789: Use after free in WebMIDI.
  - CVE-2019-5790: Heap buffer overflow in V8.
  - CVE-2019-5791: Type confusion in V8.
  - CVE-2019-5792: Integer overflow in PDFium.
  - CVE-2019-5793: Excessive permissions for private API in Extensions.
  - CVE-2019-5794: Security UI spoofing.
  - CVE-2019-5795: Integer overflow in PDFium.
  - CVE-2019-5796: Race condition in Extensions.
  - CVE-2019-5797: Race condition in DOMStorage.
  - CVE-2019-5798: Out of bounds read in Skia.
  - CVE-2019-5799: CSP bypass with blob URL.
  - CVE-2019-5800: CSP bypass with blob URL.
  - CVE-2019-5801: Incorrect Omnibox display on iOS.
  - CVE-2019-5802: Security UI spoofing.
  - CVE-2019-5803: CSP bypass with Javascript URLs'.
  - CVE-2019-5804: Command line command injection on Windows.
* debian/control: bump the clang and llvm build dependencies to version 7 which was recently backported to bionic
* debian/rules: build gn with clang 7
* debian/patches/additional-search-engines.patch: removed, no longer needed
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/disable-sse2: refreshed
* debian/patches/fix-extra-arflags.patch: refreshed
* debian/patches/fix-ffmpeg-ia32-build.patch: refreshed
* debian/patches/gn-no-last-commit-position.patch: refreshed
* debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: refreshed
* debian/patches/search-credit.patch: updated
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/suppress-newer-clang-warning-flags.patch: updated
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/use-clang-versioned.patch: added
* debian/patches/widevine-enable-version-string.patch: refreshed

1463. By Olivier Tilloy on 2019-03-07

* debian/chromium-chromedriver.links: added for backwards compatibility with existing selenium scripts that expect the chromedriver executable in /usr/lib/chromium-browser/ (LP: #1667208)

1462. By Olivier Tilloy on 2019-03-05

releasing package chromium-browser version 72.0.3626.121-0ubuntu0.18.04.1

1461. By Olivier Tilloy on 2019-03-05

* Upstream release: 72.0.3626.121
  - CVE-2019-5786: Use-after-free in FileReader
* debian/patches/gn-fix-link-pthread.patch: removed, no longer needed

1460. By Olivier Tilloy on 2019-02-25

releasing package chromium-browser version 72.0.3626.119-0ubuntu0.18.04.1

1459. By Olivier Tilloy on 2019-02-25

* Upstream release: 72.0.3626.119
* debian/patches/gn-fix-link-pthread.patch: added

1458. By Olivier Tilloy on 2019-02-21

releasing package chromium-browser version 72.0.3626.109-0ubuntu0.18.04.1

1457. By Olivier Tilloy on 2019-02-21

* debian/rules: install the chromedriver executable in /usr/bin, where python{,3}-selenium and other packages expect it by default (LP: #1667208)
* debian/control: make chromium-chromedriver provide "chromium-driver"
* debian/chromium-chromedriver.{dirs,install}: removed, no longer needed
* debian/tests/{chromium-version,html5test}: remove custom driver path

1456. By Olivier Tilloy on 2019-02-21

* debian/rules: restore old keepalive snippet to prevent builds from timing out during the link phase (this happens often enough on armhf, Launchpad builders have an inactivity timeout of 150 minutes)