From: QA Team Robot <qa@altlinux.org> To: sisyphus-cybertalk@lists.altlinux.org Subject: [cyber] I: p8/branch packages: +1 (17799) Date: Sun, 13 Aug 2017 04:44:56 +0000 Message-ID: <20170813044456.GA32710@gyle.altlinux.org> (raw) 1 UPDATED package chromium - An open source web browser developed by Google [639M] * Thu Aug 10 2017 Andrey Cherepanov <cas@altlinux> 60.0.3112.78-alt0.M80P.1 - Backport new version to p8 branch * Tue Aug 01 2017 Alexey Gladkov <legion@altlinux> 60.0.3112.78-alt1 - New version (60.0.3112.78). - Security fixes: - CVE-2017-5091: Use after free in IndexedDB. Reported by Ned Williamson on 2017-06-02 - CVE-2017-5092: Use after free in PPAPI. Reported by Yu Zhou, Yuan Deng of Ant-financial Light-Year Security Lab on 2017-06-15 - CVE-2017-5093: UI spoofing in Blink. Reported by Luan Herrera on 2015-10-31 - CVE-2017-5094: Type confusion in extensions. Reported by Anonymous on 2017-03-19 - CVE-2017-5095: Out-of-bounds write in PDFium. Reported by Anonymous on 2017-06-13 - CVE-2017-5096: User information leak via Android intents. Reported by Takeshi Terada on 2017-04-23 - CVE-2017-5097: Out-of-bounds read in Skia. Reported by Anonymous on 2017-07-11 - CVE-2017-5098: Use after free in V8. Reported by Jihoon Kim on 2017-07-11 - CVE-2017-5099: Out-of-bounds write in PPAPI. Reported by Yuan Deng, Yu Zhou of Ant-financial Light-Year Security Lab on 2017-06-15 - CVE-2017-5100: Use after free in Chrome Apps. Reported by Anonymous on 2017-05-04 - CVE-2017-5101: URL spoofing in OmniBox. Reported by Luan Herrera on 2017-01-17 - CVE-2017-5102: Uninitialized use in Skia. Reported by Anonymous on 2017-05-30 - CVE-2017-5103: Uninitialized use in Skia. Reported by Anonymous on 2017-05-25 - CVE-2017-5104: UI spoofing in browser. Reported by Khalil Zhani on 2017-06-02 - CVE-2017-7000: Pointer disclosure in SQLite. Reported by Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro's Zero Day Initiative - CVE-2017-5105: URL spoofing in OmniBox. Reported by Rayyan Bijoora on 2017-06-06 - CVE-2017-5106: URL spoofing in OmniBox. Reported by Jack Zac on 2017-04-24 - CVE-2017-5107: User information leak via SVG. Reported by David Kohlbrenner of UC San Diego on 2017-01-27 - CVE-2017-5108: Type confusion in PDFium. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2017-02-24 - CVE-2017-5109: UI spoofing in browser. Reported by Jose Maria Acuna Morgado on 2017-04-11 - CVE-2017-5110: UI spoofing in payments dialog. Reported by xisigr of Tencent's Xuanwu Lab on 2017-05-02 * Mon Jun 12 2017 Andrey Cherepanov <cas@altlinux> 59.0.3071.86-alt0.M80P.1 Total 17799 source packages.
reply other threads:[~2017-08-13 4:44 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20170813044456.GA32710@gyle.altlinux.org \ --to=qa@altlinux.org \ --cc=devel@lists.altlinux.org \ --cc=sisyphus-cybertalk@lists.altlinux.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
ALT Linux Sisyphus cybertalk This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/sisyphus-cybertalk/0 sisyphus-cybertalk/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 sisyphus-cybertalk sisyphus-cybertalk/ http://lore.altlinux.org/sisyphus-cybertalk \ sisyphus-cybertalk@lists.altlinux.org sisyphus-cybertalk@lists.altlinux.ru sisyphus-cybertalk@lists.altlinux.com public-inbox-index sisyphus-cybertalk Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-cybertalk AGPL code for this site: git clone https://public-inbox.org/public-inbox.git