Ubuntu
chromium-browser package

chromium-browser.svg icon is outdated

Bug #1771847 reported by Olivier Tilloy
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
chromium-browser (Ubuntu)
Fix Released
Low
Olivier Tilloy

Bug Description

The chromium-browser package installs an SVG icon (/usr/share/icons/hicolor/scalable/apps/chromium-browser.svg) - that file comes from the debian/ directory, not from the upstream tarballs, and as such is outdated in comparison with the PNG icons at various sizes that come from the tarballs.

I wasn't able to find a recent version of the chromium icon in SVG form, so that icon should be removed.

Tags: snap
Revision history for this message
Olivier Tilloy (osomon) wrote :

This also affects the snap, because the snap uses the SVG icon.

Changed in chromium-browser (Ubuntu):
assignee: nobody → Olivier Tilloy (osomon)
importance: Undecided → Low
status: New → Triaged
tags: added: snap
Revision history for this message
Olivier Tilloy (osomon) wrote :

Fixed in the snap: https://git.launchpad.net/~chromium-team/chromium-browser/+git/snappy-packaging/commit/?id=a01fabc65e9ecdca3382d114f7b526f04ffd81bc

Changed in chromium-browser (Ubuntu):
status: Triaged → In Progress
Revision history for this message
Olivier Tilloy (osomon) wrote :

And I updated the icon in the snap store, too.

Olivier Tilloy (osomon)
Changed in chromium-browser (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Olivier Tilloy (osomon) wrote :

And for completeness I also updated the branding of:

 - https://launchpad.net/~chromium-team
 - https://launchpad.net/chromium-project
 - https://launchpad.net/chromium-browser
 - https://launchpad.net/chromium-v8

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package chromium-browser - 67.0.3396.62-0ubuntu1

---------------
chromium-browser (67.0.3396.62-0ubuntu1) cosmic; urgency=medium

  * Upstream release: 67.0.3396.62
    - CVE-2018-6123: Use after free in Blink.
    - CVE-2018-6124: Type confusion in Blink.
    - CVE-2018-6125: Overly permissive policy in WebUSB.
    - CVE-2018-6126: Heap buffer overflow in Skia.
    - CVE-2018-6127: Use after free in indexedDB.
    - CVE-2018-6128: uXSS in Chrome on iOS.
    - CVE-2018-6129: Out of bounds memory access in WebRTC.
    - CVE-2018-6130: Out of bounds memory access in WebRTC.
    - CVE-2018-6131: Incorrect mutability protection in WebAssembly.
    - CVE-2018-6132: Use of uninitialized memory in WebRTC.
    - CVE-2018-6133: URL spoof in Omnibox.
    - CVE-2018-6134: Referrer Policy bypass in Blink.
    - CVE-2018-6135: UI spoofing in Blink.
    - CVE-2018-6136: Out of bounds memory access in V8.
    - CVE-2018-6137: Leak of visited status of page in Blink.
    - CVE-2018-6138: Overly permissive policy in Extensions.
    - CVE-2018-6139: Restrictions bypass in the debugger extension API.
    - CVE-2018-6140: Restrictions bypass in the debugger extension API.
    - CVE-2018-6141: Heap buffer overflow in Skia.
    - CVE-2018-6142: Out of bounds memory access in V8.
    - CVE-2018-6143: Out of bounds memory access in V8.
    - CVE-2018-6144: Out of bounds memory access in PDFium.
    - CVE-2018-6145: Incorrect escaping of MathML in Blink.
    - CVE-2018-6147: Password fields not taking advantage of OS protections in
      Views.
  * debian/rules: stop installing an outdated chromium-browser.svg icon
    (LP: #1771847)
  * debian/chromium-browser.svg: removed (outdated)
  * debian/patches/additional-search-engines.patch: refreshed
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/default-allocator: refreshed
  * debian/patches/disable-sse2: updated
  * debian/patches/fix-crashpad-linux-compat.patch: added
  * debian/patches/fix-extra-arflags.patch: added
  * debian/patches/revert-clang-nostdlib++.patch: refreshed
  * debian/patches/revert-Xclang-instcombine-lower-dbg-declare.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/skia-disable-neon.patch: removed, no longer needed
  * debian/patches/skia-undef-HWCAP_CRC32.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/widevine-allow-enable.patch: added
  * debian/patches/widevine-other-locations: updated

 -- Olivier Tilloy <email address hidden> Wed, 30 May 2018 12:22:22 +0200

Changed in chromium-browser (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.