Created by Olivier Tilloy on 2017-10-25 and last modified on 2019-10-11
Get this branch:
bzr branch lp:~chromium-team/chromium-browser/bionic-stable
Members of Chromium team can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Chromium team
Chromium Browser

Recent revisions

1497. By Olivier Tilloy on 2019-10-11

releasing package chromium-browser version 77.0.3865.120-0ubuntu0.18.04.1

1496. By Olivier Tilloy on 2019-10-11

* Upstream release: 77.0.3865.120
  - CVE-2019-13693: Use-after-free in IndexedDB.
  - CVE-2019-13694: Use-after-free in WebRTC.
  - CVE-2019-13695: Use-after-free in audio.
  - CVE-2019-13696: Use-after-free in V8.
  - CVE-2019-13697: Cross-origin size leak.

1495. By Olivier Tilloy on 2019-09-20

releasing package chromium-browser version 77.0.3865.90-0ubuntu0.18.04.1

1494. By Olivier Tilloy on 2019-09-20

* Upstream release: 77.0.3865.90
  - CVE-2019-13685: Use-after-free in UI.
  - CVE-2019-13688: Use-after-free in media.
  - CVE-2019-13687: Use-after-free in media.
  - CVE-2019-13686: Use-after-free in offline pages.

1493. By Olivier Tilloy on 2019-09-10

releasing package chromium-browser version 77.0.3865.75-0ubuntu0.18.04.1

1492. By Olivier Tilloy on 2019-09-10

* Upstream release: 77.0.3865.75
  - CVE-2019-5870: Use-after-free in media.
  - CVE-2019-5871: Heap overflow in Skia.
  - CVE-2019-5872: Use-after-free in Mojo.
  - CVE-2019-5873: URL bar spoofing on iOS.
  - CVE-2019-5874: External URIs may trigger other browsers.
  - CVE-2019-5875: URL bar spoof via download redirect.
  - CVE-2019-5876: Use-after-free in media.
  - CVE-2019-5877: Out-of-bounds access in V8.
  - CVE-2019-5878: Use-after-free in V8.
  - CVE-2019-5879: Extension can bypass same origin policy.
  - CVE-2019-5880: SameSite cookie bypass.
  - CVE-2019-5881: Arbitrary read in SwiftShader.
  - CVE-2019-13659: URL spoof.
  - CVE-2019-13660: Full screen notification overlap.
  - CVE-2019-13661: Full screen notification spoof.
  - CVE-2019-13662: CSP bypass.
  - CVE-2019-13663: IDN spoof.
  - CVE-2019-13664: CSRF bypass.
  - CVE-2019-13665: Multiple file download protection bypass.
  - CVE-2019-13666: Side channel using storage size estimate.
  - CVE-2019-13667: URI bar spoof when using external app URIs.
  - CVE-2019-13668: Global window leak via console.
  - CVE-2019-13669: HTTP authentication spoof.
  - CVE-2019-13670: V8 memory corruption in regex.
  - CVE-2019-13671: Dialog box fails to show origin.
  - CVE-2019-13673: Cross-origin information leak using devtools.
  - CVE-2019-13674: IDN spoofing.
  - CVE-2019-13675: Extensions can be disabled by trailing slash.
  - CVE-2019-13676: Google URI shown for certificate warning.
  - CVE-2019-13677: Chrome web store origin needs to be isolated.
  - CVE-2019-13678: Download dialog spoofing.
  - CVE-2019-13679: User gesture needed for printing.
  - CVE-2019-13680: IP address spoofing to servers.
  - CVE-2019-13681: Bypass on download restrictions.
  - CVE-2019-13682: Site isolation bypass.
  - CVE-2019-13683: Exceptions leaked by devtools.
* debian/patches/add-missing-cstddef-include.patch: refreshed
* debian/patches/chromium_useragent.patch: refreshed
* debian/patches/configuration-directory.patch: refreshed
* debian/patches/enable-chromecast-by-default.patch: refreshed
* debian/patches/fix-extra-arflags.patch: refreshed
* debian/patches/search-credit.patch: refreshed
* debian/patches/set-rpath-on-chromium-executables.patch: refreshed
* debian/patches/title-bar-default-system.patch-v35: refreshed
* debian/patches/upstream-fix-blink-build-iterators.patch: removed, no longer needed
* debian/patches/use-clang-versioned.patch: refreshed
* debian/patches/widevine-enable-version-string.patch: refreshed

1491. By Olivier Tilloy on 2019-08-26

releasing package chromium-browser version 76.0.3809.132-0ubuntu0.18.04.1

1490. By Olivier Tilloy on 2019-08-26

* Upstream release: 76.0.3809.132
  - CVE-2019-5869: Use-after-free in Blink.

1489. By Olivier Tilloy on 2019-08-10

releasing package chromium-browser version 76.0.3809.100-0ubuntu0.18.04.1

1488. By Olivier Tilloy on 2019-08-10

* Upstream release: 76.0.3809.100
  - CVE-2019-5868: Use-after-free in PDFium ExecuteFieldAction.
  - CVE-2019-5867: Out-of-bounds read in V8.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.