chromium-browser.svg icon is outdated

Bug #1771847 reported by Olivier Tilloy on 2018-05-17
This bug affects 1 person
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Olivier Tilloy

Bug Description

The chromium-browser package installs an SVG icon (/usr/share/icons/hicolor/scalable/apps/chromium-browser.svg) - that file comes from the debian/ directory, not from the upstream tarballs, and as such is outdated in comparison with the PNG icons at various sizes that come from the tarballs.

I wasn't able to find a recent version of the chromium icon in SVG form, so that icon should be removed.

Olivier Tilloy (osomon) wrote :

This also affects the snap, because the snap uses the SVG icon.

Changed in chromium-browser (Ubuntu):
assignee: nobody → Olivier Tilloy (osomon)
importance: Undecided → Low
status: New → Triaged
tags: added: snap
Olivier Tilloy (osomon) wrote :
Changed in chromium-browser (Ubuntu):
status: Triaged → In Progress
Olivier Tilloy (osomon) wrote :

And I updated the icon in the snap store, too.

Olivier Tilloy (osomon) on 2018-05-17
Changed in chromium-browser (Ubuntu):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 67.0.3396.62-0ubuntu1

chromium-browser (67.0.3396.62-0ubuntu1) cosmic; urgency=medium

  * Upstream release: 67.0.3396.62
    - CVE-2018-6123: Use after free in Blink.
    - CVE-2018-6124: Type confusion in Blink.
    - CVE-2018-6125: Overly permissive policy in WebUSB.
    - CVE-2018-6126: Heap buffer overflow in Skia.
    - CVE-2018-6127: Use after free in indexedDB.
    - CVE-2018-6128: uXSS in Chrome on iOS.
    - CVE-2018-6129: Out of bounds memory access in WebRTC.
    - CVE-2018-6130: Out of bounds memory access in WebRTC.
    - CVE-2018-6131: Incorrect mutability protection in WebAssembly.
    - CVE-2018-6132: Use of uninitialized memory in WebRTC.
    - CVE-2018-6133: URL spoof in Omnibox.
    - CVE-2018-6134: Referrer Policy bypass in Blink.
    - CVE-2018-6135: UI spoofing in Blink.
    - CVE-2018-6136: Out of bounds memory access in V8.
    - CVE-2018-6137: Leak of visited status of page in Blink.
    - CVE-2018-6138: Overly permissive policy in Extensions.
    - CVE-2018-6139: Restrictions bypass in the debugger extension API.
    - CVE-2018-6140: Restrictions bypass in the debugger extension API.
    - CVE-2018-6141: Heap buffer overflow in Skia.
    - CVE-2018-6142: Out of bounds memory access in V8.
    - CVE-2018-6143: Out of bounds memory access in V8.
    - CVE-2018-6144: Out of bounds memory access in PDFium.
    - CVE-2018-6145: Incorrect escaping of MathML in Blink.
    - CVE-2018-6147: Password fields not taking advantage of OS protections in
  * debian/rules: stop installing an outdated chromium-browser.svg icon
    (LP: #1771847)
  * debian/chromium-browser.svg: removed (outdated)
  * debian/patches/additional-search-engines.patch: refreshed
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/default-allocator: refreshed
  * debian/patches/disable-sse2: updated
  * debian/patches/fix-crashpad-linux-compat.patch: added
  * debian/patches/fix-extra-arflags.patch: added
  * debian/patches/revert-clang-nostdlib++.patch: refreshed
  * debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/skia-disable-neon.patch: removed, no longer needed
  * debian/patches/skia-undef-HWCAP_CRC32.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/widevine-allow-enable.patch: added
  * debian/patches/widevine-other-locations: updated

 -- Olivier Tilloy <email address hidden> Wed, 30 May 2018 12:22:22 +0200

Changed in chromium-browser (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers