CVE-2018-11396 epiphany crash fix

This bug was fixed in the package epiphany-browser - 3.28.2.1-1ubuntu1

---------------
epiphany-browser (3.28.2.1-1ubuntu1) cosmic; urgency=medium

  * Sync with Debian (LP: #1773028). Remaining change:
    - Modify 07_bookmarks.patch:
      + Add Ubuntu-specific default bookmarks, borrowed from Firefox

epiphany-browser (3.28.2.1-1) unstable; urgency=medium

  * New upstream release (LP: #1773026)
  * Drop disable-tests.patch: Applied in new release
  * Add session-Fix-crash-when-JS-opens-an-invalid-URI.patch:
    Cherry-pick patch to fix CVE-2018-11396 (Closes: #899409)

 -- Jeremy Bicha <email address hidden> Wed, 23 May 2018 18:25:13 -0400

This bug was fixed in the package epiphany-browser - 3.29.91-1ubuntu1

---------------
epiphany-browser (3.29.91-1ubuntu1) cosmic; urgency=medium

  * Sync with Debian (LP: #1773028). Remaining change:
    - Modify 07_bookmarks.patch:
      + Add Ubuntu-specific default bookmarks, borrowed from Firefox

epiphany-browser (3.29.91-1) experimental; urgency=medium

  * New upstream development release
    - This release drops support for NPAPI plugins
  * Drop recommends for libwebkit2gtk-4.0-37-gtk2 & browser-plugin-evince
    because NPAPI plugins aren't supported
  * Bump minimum libwebkit2gtk-4.0-dev to 2.21.5
  * Build-depend on libdazzle-1.0-dev
  * debian/epiphany-browser.docs: README renamed to README.md
  * Add Disable-webapps-test to avoid new failing test

epiphany-browser (3.28.3.1-1) unstable; urgency=medium

  * New upstream release (Closes: #901018)
    - Includes fixes for CVE-2018-11396 and CVE-2018-12016
  * Drop session-Fix-crash-when-JS-opens-an-invalid-URI.patch: Applied

 -- Jeremy Bicha <email address hidden> Thu, 23 Aug 2018 15:36:40 -0400

Hello Jeremy, or anyone else affected,

Accepted epiphany-browser into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/epiphany-browser/3.28.5-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Using 3.28.5-0ubuntu1 the URL from the testcase stops segfaulting the browser, SRU fix verified

The verification of the Stable Release Update for epiphany-browser has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package epiphany-browser - 3.28.5-0ubuntu1

---------------
epiphany-browser (3.28.5-0ubuntu1) bionic; urgency=medium

  * New bugfix version (lp: #1815602)
    - Fix CVE-2018-11396/CVE-2018-12016 (lp: #1773028)
  * debian/patches/disable-tests.patch: removed change in the new version

 -- Sebastien Bacher <email address hidden> Tue, 28 May 2019 20:10:09 +0200