From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <qa@altlinux.org>
Date: Sun, 12 Feb 2017 04:44:51 +0000
From: QA Team Robot <qa@altlinux.org>
To: sisyphus-cybertalk@lists.altlinux.org
Message-ID: <20170212044451.GA7630@gyle.altlinux.org>
Mail-Followup-To: sisyphus-cybertalk@lists.altlinux.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Subject: [cyber] I: p8/branch packages: +1 (17587)
X-BeenThere: sisyphus-cybertalk@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: devel@lists.altlinux.org
List-Id: ALT Linux Sisyphus cybertalk <sisyphus-cybertalk.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/sisyphus-cybertalk>, 
 <mailto:sisyphus-cybertalk-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sisyphus-cybertalk>
List-Post: <mailto:sisyphus-cybertalk@lists.altlinux.org>
List-Help: <mailto:sisyphus-cybertalk-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sisyphus-cybertalk>, 
 <mailto:sisyphus-cybertalk-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Feb 2017 04:44:51 -0000
Archived-At: <http://lore.altlinux.org/sisyphus-cybertalk/20170212044451.GA7630@gyle.altlinux.org/>
List-Archive: <http://lore.altlinux.org/sisyphus-cybertalk/>

	1 UPDATED package

chromium - An open source web browser developed by Google       	[697M]
* Fri Feb 10 2017 Andrey Cherepanov <cas@altlinux> 56.0.2924.87-alt0.M80P.1
- Backport new version to p8 branch
* Wed Feb 08 2017 Alexey Gladkov <legion@altlinux> 56.0.2924.87-alt1
- New version (56.0.2924.87).
- Security fixes:
  - CVE-2017-5007: Universal XSS in Blink. Credit to Mariusz Mlynski
  - CVE-2017-5006: Universal XSS in Blink. Credit to Mariusz Mlynski
  - CVE-2017-5008: Universal XSS in Blink. Credit to Mariusz Mlynski
  - CVE-2017-5010: Universal XSS in Blink. Credit to Mariusz Mlynski
  - CVE-2017-5011: Unauthorised file access in Devtools. Credit to Khalil Zhani
  - CVE-2017-5009: Out of bounds memory access in WebRTC. Credit to Sean Stanek and Chip Bradford
  - CVE-2017-5012: Heap overflow in V8. Credit to Gergely Nagy (Tresorit)
  - CVE-2017-5013: Address spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah)
  - CVE-2017-5014: Heap overflow in Skia. Credit to sweetchip
  - CVE-2017-5015: Address spoofing in Omnibox. Credit to Armin Razmdjou
  - CVE-2017-5019: Use after free in Renderer. Credit to Wadih Matar
  - CVE-2017-5016: UI spoofing in Blink. Credit to Haosheng Wang (@gnehsoah)
  - CVE-2017-5017: Uninitialised memory access in webm video. Credit to Dan Berman
  - CVE-2017-5018: Universal XSS in chrome://apps. Credit to Rob Wu
  - CVE-2017-5020: Universal XSS in chrome://downloads. Credit to Rob Wu
  - CVE-2017-5021: Use after free in Extensions. Credit to Rob Wu
  - CVE-2017-5022: Bypass of Content Security Policy in Blink. Credit to  evi1m0#ly.com
  - CVE-2017-5023: Type confusion in metrics. Credit to the UK's National Cyber Security Centre (NCSC)
  - CVE-2017-5024: Heap overflow in FFmpeg. Credit to Paul Mehta
  - CVE-2017-5025: Heap overflow in FFmpeg. Credit to Paul Mehta
  - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing
  - CVE-2017-5027: Bypass of Content Security Policy in Blink.
* Fri Dec 09 2016 Andrey Cherepanov <cas@altlinux> 55.0.2883.75-alt0.M80P.1

Total 17587 source packages.