-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 29 May 2016 19:33:27 +0000
Source: chromium-browser
Binary: chromium chromium-dbg chromium-l10n chromium-inspector chromedriver
Architecture: amd64
Version: 51.0.2704.63-1~deb8u1
Distribution: jessie-security
Urgency: medium
Maintainer: amd64 / i386 Build Daemon (x86-csail-01) <buildd_amd64-x86-csail-01@buildd.debian.org>
Changed-By: Michael Gilbert <mgilbert@debian.org>
Description:
 chromedriver - web browser - WebDriver support
 chromium   - web browser
 chromium-dbg - web browser - debugging symbols
 chromium-inspector - web browser - page inspection support
 chromium-l10n - web browser - language packs
Changes:
 chromium-browser (51.0.2704.63-1~deb8u1) jessie-security; urgency=medium
 .
   * New upstream stable release:
     - CVE-2016-1667: Same origin bypass in DOM. Credit to Mariusz Mlynski.
     - CVE-2016-1668: Same origin bypass in Blink V8 bindings. Credit to
       Mariusz Mlynski.
     - CVE-2016-1669: Buffer overflow in V8. Credit to Choongwoo Han.
     - CVE-2016-1670: Race condition in loader. Credit to anonymous.
     - CVE-2016-1672: Cross-origin bypass in extension bindings. Credit to
       Mariusz Mlynski.
     - CVE-2016-1673: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
     - CVE-2016-1674: Cross-origin bypass in extensions. Credit to Mariusz
       Mlynski.
     - CVE-2016-1675: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
     - CVE-2016-1676: Cross-origin bypass in extension bindings. Credit to Rob
       Wu.
     - CVE-2016-1677: Type confusion in V8. Credit to Guang Gong.
     - CVE-2016-1678: Heap overflow in V8. Credit to Christian Holler.
     - CVE-2016-1679: Heap use-after-free in V8 bindings. Credit to Rob Wu.
     - CVE-2016-1680: Heap use-after-free in Skia. Credit to Atte Kettunen.
     - CVE-2016-1681: Heap overflow in PDFium. Credit to Aleksandar Nikolic.
     - CVE-2016-1682: CSP bypass for ServiceWorker. Credit to KingstonTime.
     - CVE-2016-1683: Out-of-bounds access in libxslt. Credit to Nicolas
       Gregoire.
     - CVE-2016-1684: Integer overflow in libxslt. Credit to Nicolas Gregoire.
     - CVE-2016-1685: Out-of-bounds read in PDFium. Credit to Ke Liu.
     - CVE-2016-1686: Out-of-bounds read in PDFium. Credit to Ke Liu.
     - CVE-2016-1687: Information leak in extensions. Credit to Rob Wu.
     - CVE-2016-1688: Out-of-bounds read in V8. Credit to Max Korenko.
     - CVE-2016-1689: Heap buffer overflow in media. Credit to Atte Kettunen.
     - CVE-2016-1690: Heap use-after-free in Autofill. Credit to Rob Wu.
     - CVE-2016-1691: Heap buffer-overflow in Skia. Credit to Atte Kettunen.
     - CVE-2016-1692: Limited cross-origin bypass in ServiceWorker. Credit to
       Til Jasper Ullrich.
     - CVE-2016-1693: HTTP Download of Software Removal Tool. Credit to Khalil
       Zhani.
     - CVE-2016-1694: HPKP pins removed on cache clearance. Credit to Ryan
       Lester and Bryant Zadegan.
     - CVE-2016-1695: Various fixes from internal audits, fuzzing and other
       initiatives.
Checksums-Sha1:
 fa66255c35f97e76030393cc6e5fe9680932d182 40943474 chromium_51.0.2704.63-1~deb8u1_amd64.deb
 c6b017abe848bf95d4c2a81aabf304bfe3a6a187 7711670 chromium-dbg_51.0.2704.63-1~deb8u1_amd64.deb
 992bb8619ecdaf93354edcac5d3206d0120dbe4b 2523828 chromedriver_51.0.2704.63-1~deb8u1_amd64.deb
Checksums-Sha256:
 afe036e1438042e8d25cbcf48df98e7017797bcd08e82b85a025cfec1eec151e 40943474 chromium_51.0.2704.63-1~deb8u1_amd64.deb
 67d53b37ee96e27b3c02b5f853cf32faf5a2bb9f05b8ef9b67243be5b44ff8fe 7711670 chromium-dbg_51.0.2704.63-1~deb8u1_amd64.deb
 735dd2d051fc1f6ce9f37f7937d045365f6c4cc37b014ebec2e7d4dd797ed49d 2523828 chromedriver_51.0.2704.63-1~deb8u1_amd64.deb
Files:
 e63789f052a10ca894552b6758431a55 40943474 web optional chromium_51.0.2704.63-1~deb8u1_amd64.deb
 a677738f6cb97c024bd2053552bf3aec 7711670 debug extra chromium-dbg_51.0.2704.63-1~deb8u1_amd64.deb
 08a9faef856f499521b5c349602e8a1e 2523828 web optional chromedriver_51.0.2704.63-1~deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXS85+AAoJEIk4rQGIRk2L+iEP/jT8qooe4RJExmSv84VlDjHN
lOcxokXuiM7/vm4L7hYyNAF34AQ2vKYp2BImlqWDwzbflmQ00sXG7qCgw53cT2OW
Vyg7joYxYfpMR20xLXxOKPXA/0R4Yi0DBvQHCyz2Mcb4982SExyi9XZf3FSfISNl
zy0QVnl7rtMFiNcw+AKuDLrqKFn9wEfWTGPt0L10N1KenLoDpL4ZaMsNqFdahgjf
VyHkt/0VnTqVYmwaMJPd+4qb1Q/vUqBIAbLp0nE0JLW7Fik2b/Al6HKuiKpKQqeB
hc6wB53kvh6G/6iFytBs2smtk5mniTFRIMhxyze+awxn7pJk1sw+OL4gGs+TLWYe
ABVbsciRi4gTyiKAnM20iNZwMjiMVWDfSp37N2gq4L1+hopHm76AmvP3gzpQE7f/
FQo0ARZGecuv8vdL94P+rX10yRpPIu+UpUOIxGgYUqAG2l00Iie2eyhr+uxKtn2s
W8qig7KXBPbPaZqYZd/nMVoR4L48D0nopdFe2JVi3s4igVIfrSK5JHIJjDtRlQFF
hLLCpKv1i5H4omE0xFrnRppk36aJ+fVWOpo834K7QeKam80mPhMlwLmc/Mtynj2d
dZOOXiVVEaenTL+/G9ILdl3ndPsRM7OHfTNAAEJylBGmiJofMkYZ/M2X0JPznEFi
Lnm64uS6jIPFxpp37LsL
=rjrW
-----END PGP SIGNATURE-----