-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 08 Feb 2023 00:20:01 -0500
Source: chromium
Architecture: source
Version: 110.0.5481.77-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Chromium Team <
chromium@packages.debian.org>
Changed-By: Andres Salomon <
dilinger@debian.org>
Closes: 1030160
Changes:
chromium (110.0.5481.77-1~deb11u1) bullseye-security; urgency=high
.
[ Andres Salomon ]
* New upstream stable release.
- CVE-2023-0696: Type Confusion in V8.
Reported by Haein Lee at KAIST Hacking Lab.
- CVE-2023-0697: Inappropriate implementation in Full screen mode.
Reported by Ahmed ElMasry.
- CVE-2023-0698: Out of bounds read in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-0699: Use after free in GPU.
Reported by 7o8v and Cassidy Kim(@cassidy6564).
- CVE-2023-0700: Inappropriate implementation in Download.
Reported by Axel Chong.
- CVE-2023-0701: Heap buffer overflow in WebUI.
Reported by Sumin Hwang of SSD Labs.
- CVE-2023-0702: Type Confusion in Data Transfer. Reported by Sri.
- CVE-2023-0703: Type Confusion in DevTools.
Reported by raven at KunLun lab.
- CVE-2023-0704: Insufficient policy enforcement in DevTools.
Reported by Rhys Elsmore and Zac Sims of the Canva security team.
- CVE-2023-0705: Integer overflow in Core.
Reported by SorryMybad (@S0rryMybad) of Kunlun Lab.
* d/copyright: libpng16 binaries are gone, no longer need to exclude them.
* d/scripts/unbundle: drop libjxl, which is dropped upstream. Add absl_log*.
* d/patches:
- debianization/optimization.patch: drop. This is unnecessary, as
Debian's optimization flags override Chromium's by default.
- disable/android.patch: upstream removed android_crazy_linker, so we can
remove half of this patch.
- disable/catapult.patch: refresh.
- disable/google-api-warning.patch: refresh.
- upstream/mojo.patch: refresh w/ what's in 110.
- system/openjpeg.patch: completely rework due to upstream changes.
- upstream/clamp.patch: backport a build fix.
- upstream/blink-dbl-float.patch: another build fix.
* Drop unused use_allocator="none" argument. This was used previously
to switch from the default "partition" allocator. Upstream dropped
the build flag in chromium v109. So in v109 we switched to the default
"partition" allocator and I don't think anyone noticed, so let's just
leave it on. Report issues if you notice any.
* Disable v4l2 on bullseye; I forgot that it doesn't have new enough kernel
headers (closes: #1030160).
.
[ Timothy Pearson ]
* d/patches:
- Refresh ppc64le patches for v110
- Add upstream patches to fix build errors when use_custom_libcxx=false
- Drop stack smashing fix patch for ppc64le due to fix included upstream Checksums-Sha1:
7af64cb41bdab8092c39883903c5b02012a8a455 3801 chromium_110.0.5481.77-1~deb11u1.dsc
b82794a9a4ac3a524d8cec99b1a1a049ca368785 642934776 chromium_110.0.5481.77.orig.tar.xz
084b55422b9cc82b60f77ae6acdb9d4658a348a4 300932 chromium_110.0.5481.77-1~deb11u1.debian.tar.xz
c6ba1d67b77b983eaf31961c4d102e0df7b25705 21293 chromium_110.0.5481.77-1~deb11u1_source.buildinfo
Checksums-Sha256:
c11bec445b48655a11b811eec8814c7b5280d505ac6da99e809394f15b4392e7 3801 chromium_110.0.5481.77-1~deb11u1.dsc
0a1933a34b0b30376c917f96e9c3fa97683979ab18c86ea63ccc19597795ac5a 642934776 chromium_110.0.5481.77.orig.tar.xz
e388d6be7b9c7d893712171790b92fc3cdc0655ee18eeb3247c693c2ef70b8b5 300932 chromium_110.0.5481.77-1~deb11u1.debian.tar.xz
b32ccd6a948b39bb06feea91891062c14bea243c48ff4726ab7e388c4e584e3f 21293 chromium_110.0.5481.77-1~deb11u1_source.buildinfo
Files:
349a0357aaa89a20c32d9b453786bc63 3801 web optional chromium_110.0.5481.77-1~deb11u1.dsc
74e5f70aa56fa2f194eede321eb9454c 642934776 web optional chromium_110.0.5481.77.orig.tar.xz
d2c5e225e0c629560d18ee3dc2d9a358 300932 web optional chromium_110.0.5481.77-1~deb11u1.debian.tar.xz
c72d97921afbb37cf83047675c4aa141 21293 web optional chromium_110.0.5481.77-1~deb11u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmPjOcMUHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8NudjcsMRAAsiscVrTqbAi4Vh76zxWtlvM7Dgzc fuKGjANiAMOVpZGPJSR2PQYUha3ZS3aSS6BBuCuPUJwaamGsZiwFLdRzBb/Lo5xx 8895siW9nt2YwPn+6gqnzr4YDM8aG8f4RJkbsMM2Bc4qp/xZyQBsNaOMRKlq6Emt j+ewJgIOF4J7Vefy6sOULUrIvRGXuNFDKdwzzRNuNwshT4ETxSJsn+yLnQPXpsMc Pn7UXbnQfQxWUeEmjS95S43AMqWXIukSZg6VosNlP0efuj+BH0hr4AAgr8M3rmHE 2LLM2CfUq8DYQ+QdJcnxtTu2wbCkb7UNibBkSREBBPck4p4V6PTmubkjF8JimPyJ /DICRonJwUkAbWlbd0q8lijveF1KFu6vbk7SFPoo26kcN5U3vRNgxLpLLOSrIgqg wL6yDodGJwdNDREJsxZtbdh8VRjw3AWRKwvWBzZrS3ureJQ1D0xh0GfqjY+MT+vv noLBxF0TSkPbQTTOY6sAHpuI3WB3nng4Zgh/AbPSzIVytS4LcdbyEqvMN/3/A/A4 wmBt1vbZWp7jso+0voB+MpXkyOn5nXNnQn62YQnXFJUfxtTujXfXtF3okR7tQxLp ABGAB2jQtLFykm91g1XjYE0H+EKPdK43ayxEMeTwHSwuNrVKvFxDai+ZmAzxkYh0 V8zO7Pi7FP/K5QM=
=gIS2
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)