Chromium

<  Previous: Calibre
Next: Clipgrab >

Web browser developed and maintained by Google

Chromium is a Google open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Its codebase provides the vast majority of code for the Google Chrome browser, which is proprietary software and has some additional features. Chromium’s logo is identical in shape to that of Google Chrome, but with blue colors instead of being multicolor.

Homepage | License: BSD

Ubuntu versionsUpdated onVersion
StatisticsDownloads: current | total (XtraDeb releases)
Packages
20.04Focal
2021/05/2090.0.4430.2121253216182 (27)
23.04Lunar
2023/09/18116.0.5845.18030
22.04Jammy
2023/09/24117.0.5938.62121
22.04Jammy
,
23.04Lunar
2023/09/19116.0.5845.18058176 (6)

Learn here: How to install applications from this web site

<  Previous: Calibre
Next: Clipgrab >

 

Comments: 14

  1. Avatar photo Updates says:

    New version available -> chromium 117.0.5938.62-1~xtradeb1

    Changes:
       * New upstream stable release.
         - CVE-2023-4900: Inappropriate implementation in Custom Tabs.
           Reported by Levit Nudi from Kenya.
         - CVE-2023-4901: Inappropriate implementation in Prompts.
           Reported by Kang Ali.
         - CVE-2023-4902: Inappropriate implementation in Input.
           Reported by Axel Chong.
         - CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs.
           Reported by Ahmed ElMasry.
         - CVE-2023-4904: Insufficient policy enforcement in Downloads.
           Reported by Tudor Enache @tudorhacks.
         - CVE-2023-4905: Inappropriate implementation in Prompts.
           Reported by Hafiizh.
         - CVE-2023-4906: Insufficient policy enforcement in Autofill.
           Reported by Ahmed ElMasry.
         - CVE-2023-4907: Inappropriate implementation in Intents.
           Reported by Mohit Raj (shadow2639) .
         - CVE-2023-4908: Inappropriate implementation in Picture in Picture.
           Reported by Axel Chong.
         - CVE-2023-4909: Inappropriate implementation in Interstitials.
           Reported by Axel Chong.
    
  2. Avatar photo Updates says:

    New version available -> chromium 116.0.5845.180-1~xtradeb2

    Changes:
       * New upstream security release.
         - CVE-2023-4761: Out of bounds memory access in FedCM. Reported by DarkNavy.
         - CVE-2023-4762: Type Confusion in V8. Reported by Rong Jian of VRI.
         - CVE-2023-4763: Use after free in Networks. Reported by anonymous.
         - CVE-2023-4764: Incorrect security UI in BFCache.
           Reported by Irvan Kurniawan (sourc7).
    
  3. Avatar photo Updates says:

    New version available -> chromium 116.0.5845.140-1~xtradeb1

    Changes:
      * New upstream security release.
        - CVE-2023-4572: Use after free in MediaStream.
          Reported by fwnfwn(@_fwnfwn).
    
  4. Avatar photo Updates says:

    New version available -> chromium 116.0.5845.110-2~xtradeb1

    Changes:
         * New upstream security release.
         - CVE-2023-4430: Use after free in Vulkan.
           Reported by Cassidy Kim(@cassidy6564).
         - CVE-2023-4429: Use after free in Loader. Reported by Anonymous.
         - CVE-2023-4428: Out of bounds memory access in CSS.
           Reported by Francisco Alonso (@revskills).
         - CVE-2023-4427: Out of bounds memory access in V8.
           Reported by Sergei Glazunov of Google Project Zero.
         - CVE-2023-4431: Out of bounds memory access in Fonts.
           Reported by Microsoft Security Researcher.
    
  5. Avatar photo Updates says:

    New version available -> chromium 116.0.5845.96-1~xtradeb1

    Changes:
       * New upstream stable release.
         - CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L.
         - CVE-2023-4349: Use after free in Device Trust Connectors.
           Reported by Weipeng Jiang (@Krace) of VRI.
         - CVE-2023-4350: Inappropriate implementation in Fullscreen.
           Reported by Khiem Tran (@duckhiem).
         - CVE-2023-4351: Use after free in Network.
           Reported by Guang and Weipeng Jiang of VRI.
         - CVE-2023-4352: Type Confusion in V8.
           Reported by Sergei Glazunov of Google Project Zero.
         - CVE-2023-4353: Heap buffer overflow in ANGLE.
           Reported by Christoph Diehl / Microsoft Vulnerability Research.
         - CVE-2023-4354: Heap buffer overflow in Skia.
           Reported by Mark Brand of Google Project Zero.
         - CVE-2023-4355: Out of bounds memory access in V8.
           Reported by Sergei Glazunov of Google Project Zero.
         - CVE-2023-4356: Use after free in Audio.
           Reported by Zhenghang Xiao (@Kipreyyy).
         - CVE-2023-4357: Insufficient validation of untrusted input in XML.
           Reported by Igor Sak-Sakovskii.
         - CVE-2023-4358: Use after free in DNS.
           Reported by Weipeng Jiang (@Krace) of VRI.
         - CVE-2023-4359: Inappropriate implementation in App Launcher.
           Reported by @retsew0x01.
         - CVE-2023-4360: Inappropriate implementation in Color.
           Reported by Axel Chong.
         - CVE-2023-4361: Inappropriate implementation in Autofill.
           Reported by Thomas Orlita.
         - CVE-2023-4362: Heap buffer overflow in Mojom IDL.
           Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab.
         - CVE-2023-4363: Inappropriate implementation in WebShare.
           Reported by Alesandro Ortiz.
         - CVE-2023-4364: Inappropriate implementation in Permission Prompts.
           Reported by Jasper Rebane.
         - CVE-2023-4365: Inappropriate implementation in Fullscreen.
           Reported by Hafiizh.
         - CVE-2023-4366: Use after free in Extensions. Reported by asnine.
         - CVE-2023-4367: Insufficient policy enforcement in Extensions API.
           Reported by Axel Chong.
         - CVE-2023-4368: Insufficient policy enforcement in Extensions API.
           Reported by Axel Chong.
    
  6. Avatar photo Updates says:

    New version available -> chromium 115.0.5790.98-1~xtradeb1

    Changes:
       * New upstream release.
        - CVE-2023-3727: Use after free in WebRTC.
          Reported by Cassidy Kim(@cassidy6564).
        - CVE-2023-3728: Use after free in WebRTC.
          Reported by Zhenghang Xiao (@Kipreyyy).
        - CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel.
        - CVE-2023-3732: Out of bounds memory access in Mojo.
          Reported by Mark Brand of Google Project Zero.
        - CVE-2023-3733: Inappropriate implementation in WebApp Installs.
          Reported by Ahmed ElMasry.
        - CVE-2023-3734: Inappropriate implementation in Picture In Picture.
          Reported by Thomas Orlita.
        - CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts.
          Reported by Ahmed ElMasry.
        - CVE-2023-3736: Inappropriate implementation in Custom Tabs.
          Reported by Philipp Beer (TU Wien).
        - CVE-2023-3737: Inappropriate implementation in Notifications.
          Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
        - CVE-2023-3738: Inappropriate implementation in Autofill.
          Reported by Hafiizh.
        - CVE-2023-3740: Insufficient validation of untrusted input in Themes.
          Reported by Fardeen Siddiqui.
    
  7. Avatar photo Updates says:

    New version available -> chromium 114.0.5735.133-1~xtradeb1

    Changes:
       * New upstream security release.
         - CVE-2023-3214: Use after free in Autofill payments.
           Reported by Rong Jian of VRI.
         - CVE-2023-3215: Use after free in WebRTC. Reported by asnine.
         - CVE-2023-3216: Type Confusion in V8.
           Reported by 5n1p3r0010 from Topsec ChiXiao Lab.
         - CVE-2023-3217: Use after free in WebXR.
           Reported by Sergei Glazunov of Google Project Zero.
    
  8. Avatar photo Updates says:

    New version available -> chromium 113.0.5672.126-1~xtradeb1

    Changes:
       * New upstream security release.
         - CVE-2023-2721: Use after free in Navigation.
           Reported by Guang Gong of Alpha Lab, Qihoo 360.
         - CVE-2023-2722: Use after free in Autofill UI.
           Reported by Rong Jian of VRI.
         - CVE-2023-2723: Use after free in DevTools. Reported by asnine.
         - CVE-2023-2724: Type Confusion in V8.
           Reported by Sergei Glazunov of Google Project Zero.
         - CVE-2023-2725: Use after free in Guest View. Reported by asnine.
         - CVE-2023-2726: Inappropriate implementation in WebApp Installs.
           Reported by Ahmed ElMasry.
    
  9. Avatar photo Updates says:

    New version available -> chromium 113.0.5672.63-1~xtradeb1

    Changes:
       * New upstream stable release.
         - CVE-2023-2459: Inappropriate implementation in Prompts.
           Reported by Rong Jian of VRI.
         - CVE-2023-2460: Insufficient validation of untrusted input in Extensions.
           Reported by Martin Bajanik, Fingerprint[.]com.
         - CVE-2023-2461: Use after free in OS Inputs. Reported by @ginggilBesel.
         - CVE-2023-2462: Inappropriate implementation in Prompts.
           Reported by Alesandro Ortiz.
         - CVE-2023-2463: Inappropriate implementation in Full Screen Mode.
           Reported by Irvan Kurniawan (sourc7).
         - CVE-2023-2464: Inappropriate implementation in PictureInPicture.
           Reported by Thomas Orlita.
         - CVE-2023-2465: Inappropriate implementation in CORS.
           Reported by @kunte_ctf.
         - CVE-2023-2466: Inappropriate implementation in Prompts.
           Reported by Jasper Rebane (popstonia).
         - CVE-2023-2467: Inappropriate implementation in Prompts.
           Reported by Thomas Orlita.
         - CVE-2023-2468: Inappropriate implementation in PictureInPicture.
           Reported by Alesandro Ortiz.
    
  10. Avatar photo Updates says:

    New version available -> chromium 112.0.5615.138-1~xtradeb1

    Changes:
       * New upstream security release
         - CVE-2023-2133: Out of bounds memory access in Service Worker API.
           Reported by Rong Jian of VRI.
         - CVE-2023-2134: Out of bounds memory access in Service Worker API.
           Reported by Rong Jian of VRI.
         - CVE-2023-2135: Use after free in DevTools.
           Reported by Cassidy Kim(@cassidy6564).
         - CVE-2023-2136: Integer overflow in Skia.
           Reported by Clément Lecigne of Google's Threat Analysis Group.
         - CVE-2023-2137: Heap buffer overflow in sqlite.
           Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability
           Research Institute
    
  11. Avatar photo Updates says:

    New version available -> chromium 112.0.5615.121-1~xtradeb1

    Changes:
       * New upstream security release
        - CVE-2023-2033: Type Confusion in V8.
          Reported by Clément Lecigne of Google's Threat Analysis Group.
    
  12. Avatar photo Updates says:

    New version available -> chromium 112.0.5615.49-1~xtradeb3

    Changes:
       * New upstream stable release.
         - CVE-2023-1810: Heap buffer overflow in Visuals.
           Reported by Weipeng Jiang (@Krace) of VRI.
         - CVE-2023-1811: Use after free in Frames. Reported by Thomas Orlita.
         - CVE-2023-1812: Out of bounds memory access in DOM Bindings.
           Reported by Shijiang Yu.
         - CVE-2023-1813: Inappropriate implementation in Extensions.
           Reported by Axel Chong.
         - CVE-2023-1814: Insufficient validation of untrusted input in
           Safe Browsing. Reported by Young Min Kim (@ylemkimon),
           CompSec Lab at Seoul National University.
         - CVE-2023-1815: Use after free in Networking APIs. Reported by DDV_UA.
         - CVE-2023-1816: Incorrect security UI in Picture In Picture.
           Reported by NDevTK.
         - CVE-2023-1817: Insufficient policy enforcement in Intents.
           Reported by Axel Chong.
         - CVE-2023-1818: Use after free in Vulkan. Reported by Abdulrahman
           Alqabandi, Microsoft Browser Vulnerability Research, Eric Lawrence,
           Microsoft, Patrick Walker (@HomeSen), & Kirtikumar Anandrao Ramchandani.
         - CVE-2023-1819: Out of bounds read in Accessibility.
           Reported by Microsoft Edge Team.
         - CVE-2023-1820: Heap buffer overflow in Browser History.
           Reported by raven at KunLun lab.
         - CVE-2023-1821: Inappropriate implementation in WebShare.
           Reported by Axel Chong.
         - CVE-2023-1822: Incorrect security UI in Navigation. Reported by 강우진.
         - CVE-2023-1823: Inappropriate implementation in FedCM.
           Reported by Jasper Rebane (popstonia).
       * New upstream security release (111.0.5563.110).
         - CVE-2023-1528: Use after free in Passwords.
           Reported by Wan Choi of Seoul National University.
         - CVE-2023-1529: Out of bounds memory access in WebHID.
         - CVE-2023-1530: Use after free in PDF.
           Reported by The UK's National Cyber Security Centre (NCSC).
         - CVE-2023-1531: Use after free in ANGLE.
           Reported by Piotr Bania of Cisco Talos.
         - CVE-2023-1532: Out of bounds read in GPU Video.
           Reported by Mark Brand of Google Project Zero.
         - CVE-2023-1533: Use after free in WebProtect.
           Reported by Weipeng Jiang (@Krace) of VRI.
         - CVE-2023-1534: Out of bounds read in ANGLE.
           Reported by Jann Horn and Mark Brand of Google Project Zero.
    
  13. Avatar photo Updates says:

    New version available -> chromium 111.0.5563.64-1~xtradeb1

    Changes:
       * New upstream stable release.
         - CVE-2023-1213: Use after free in Swiftshader.
           Reported by Jaehun Jeong(@n3sk) of Theori.
         - CVE-2023-1214: Type Confusion in V8.
           Reported by Man Yue Mo of GitHub Security Lab.
         - CVE-2023-1215: Type Confusion in CSS. Reported by Anonymous.
         - CVE-2023-1216: Use after free in DevTools.
           Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
         - CVE-2023-1217: Stack buffer overflow in Crash reporting.
           Reported by sunburst of Ant Group Tianqiong Security Lab.
         - CVE-2023-1218: Use after free in WebRTC. Reported by Anonymous.
         - CVE-2023-1219: Heap buffer overflow in Metrics.
           Reported by Sergei Glazunov of Google Project Zero.
         - CVE-2023-1220: Heap buffer overflow in UMA.
           Reported by Sergei Glazunov of Google Project Zero.
         - CVE-2023-1221: Insufficient policy enforcement in Extensions API.
           Reported by Ahmed ElMasry.
         - CVE-2023-1222: Heap buffer overflow in Web Audio API.
           Reported by Cassidy Kim(@cassidy6564).
         - CVE-2023-1223: Insufficient policy enforcement in Autofill.
           Reported by Ahmed ElMasry.
         - CVE-2023-1224: Insufficient policy enforcement in Web Payments API.
           Reported by Thomas Orlita.
         - CVE-2023-1225: Insufficient policy enforcement in Navigation.
           Reported by Roberto Ffrench-Davis @Lihaft.
         - CVE-2023-1226: Insufficient policy enforcement in Web Payments API.
           Reported by Anonymous.
         - CVE-2023-1227: Use after free in Core. Reported by @ginggilBesel.
         - CVE-2023-1228: Insufficient policy enforcement in Intents.
           Reported by Axel Chong.
         - CVE-2023-1229: Inappropriate implementation in Permission prompts.
           Reported by Thomas Orlita.
         - CVE-2023-1230: Inappropriate implementation in WebApp Installs.
           Reported by Axel Chong.
         - CVE-2023-1231: Inappropriate implementation in Autofill.
           Reported by Yan Zhu, Brave.
         - CVE-2023-1232: Insufficient policy enforcement in Resource Timing.
           Reported by Sohom Datta.
         - CVE-2023-1233: Insufficient policy enforcement in Resource Timing.
           Reported by Soroush Karami.
         - CVE-2023-1234: Inappropriate implementation in Intents.
           Reported by Axel Chong.
         - CVE-2023-1235: Type Confusion in DevTools.
           Reported by raven at KunLun lab.
         - CVE-2023-1236: Inappropriate implementation in Internals.
           Reported by Alesandro Ortiz.
    
  14. Avatar photo Updates says:

    New version available -> chromium 90.0.4430.212-1~xtradeb1

    Changes:
         * New upstream security release.
         - CVE-2021-30506: Incorrect security UI in Web App Installs. Reported by
           @retsew0x01
         - CVE-2021-30507: Inappropriate implementation in Offline. Reported by Alison Huffman
         - CVE-2021-30508: Heap buffer overflow in Media Feeds. Reported by Leecraso and Guang Gong
         - CVE-2021-30509: Out of bounds write in Tab Strip. Reported by David Erceg
         - CVE-2021-30510: Race in Aura. Reported by Weipeng Jiang
         - CVE-2021-30511: Out of bounds read in Tab Groups. Reported by David Erceg
         - CVE-2021-30512: Use after free in Notifications. Reported by ZhanJia Song
         - CVE-2021-30513: Type Confusion in V8. Reported by Man Yue Mo
         - CVE-2021-30514: Use after free in Autofill. Reported by koocola and Wang
         - CVE-2021-30515: Use after free in File API. Reported by Rong Jian and Guang Gong
         - CVE-2021-30516: Heap buffer overflow in History. Reported by ZhanJia Song
         - CVE-2021-30517: Type Confusion in V8. Reported by laural
         - CVE-2021-30518: Heap buffer overflow in Reader Mode. Reported by Jun Kokatsu
         - CVE-2021-30519: Use after free in Payments. Reported by asnine
         - CVE-2021-30520: Use after free in Tab Strip. Reported by Khalil Zhani
    

Comments are closed.