-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 18 Jul 2023 17:50:00 -0500 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: ppc64el Version: 115.0.5790.98-1~deb11u1 Distribution: bullseye-security Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) Changed-By: Timothy Pearson Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (115.0.5790.98-1~deb11u1) bullseye-security; urgency=high . * New upstream release - CVE-2023-3727: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564). - CVE-2023-3728: Use after free in WebRTC. Reported by Zhenghang Xiao (@Kipreyyy). - CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel. - CVE-2023-3732: Out of bounds memory access in Mojo. Reported by Mark Brand of Google Project Zero. - CVE-2023-3733: Inappropriate implementation in WebApp Installs. Reported by Ahmed ElMasry. - CVE-2023-3734: Inappropriate implementation in Picture In Picture. Reported by Thomas Orlita. - CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts. Reported by Ahmed ElMasry. - CVE-2023-3736: Inappropriate implementation in Custom Tabs. Reported by Philipp Beer (TU Wien). - CVE-2023-3737: Inappropriate implementation in Notifications. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) . - CVE-2023-3738: Inappropriate implementation in Autofill. Reported by Hafiizh. - CVE-2023-3740: Insufficient validation of untrusted input in Themes. Reported by Fardeen Siddiqui. . * d/patches: - debianization/master-preferences.patch: upstream variable renamed - disable/catapult.patch: upstream changes required reworking - disable/tests.patch: remove new upstream puffin test data file dependencies - disable/unrar.patch: upstream changes required reworking - fixes/cmath.patch: add missing header include for skia - fixes/vector.patch: add missing header include for net - upstream/sizet.patch: drop, merged upstream - ppc64le/fixes/fix-partition-alloc-compile.patch: refresh for upstream changes - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes - ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for upstream changes - ppc64le/third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch: regenerate configs from upstream source - ppc64le/third_party/skia-vsx-instructions.patch: refresh for upstream changes . [ Andres Salomon ] - fixes/clang-and-gcc11.patch: drop, (a different version) merged upstream. - bookworm/typename.patch: drop parts that were merged upstream, and add new build fixes. - bookworm/structured-binding-scope-bug.patch: drop some of it, add new bits - bullseye/constexpr.patch: refresh for string -> StringPiece change. - bullseye/stringpiece.patch: add to work around older libre2. - bullseye/default-equality-op.patch: add more workarounds for older compilers - fixes/brandversion-construct.patch: add to fix build failure. - fixes/SkColor4f-init.patch: another missing struct constructor fix. - fixes/cookieresult.patch: another struct ctor build fix. - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh. - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh. - ppc64le/third_party/0002-third-party-boringssl-add-generated-files.patch: refresh. - bullseye/disable-mojo-ipcz.patch: refresh. - bullseye/mulodic.patch: refresh. Checksums-Sha1: 42a2fa95b95e330232353b26c565fe53cd8e8ed0 818176 chromium-common-dbgsym_115.0.5790.98-1~deb11u1_ppc64el.deb 61554f5adf8a2213d60be128e663985b86b12806 5189576 chromium-common_115.0.5790.98-1~deb11u1_ppc64el.deb f52b354730c4e2c8a52dcd779939c5df06144f42 30250900 chromium-dbgsym_115.0.5790.98-1~deb11u1_ppc64el.deb c3c85a5288553f3f1f052946547db11ff2cf5bd2 5713604 chromium-driver_115.0.5790.98-1~deb11u1_ppc64el.deb 96911bb93ee9f0e19cd5d6fb3249693c42ee2942 12236 chromium-sandbox-dbgsym_115.0.5790.98-1~deb11u1_ppc64el.deb 54785b82242c5680f774751acc82a3ab0bf18f1f 134928 chromium-sandbox_115.0.5790.98-1~deb11u1_ppc64el.deb 084a7e1f084af16d1cb2dfb22d6dff0517992ab2 23601800 chromium-shell-dbgsym_115.0.5790.98-1~deb11u1_ppc64el.deb cfd676969429ed109bdbfdf41606048127810b1d 49834280 chromium-shell_115.0.5790.98-1~deb11u1_ppc64el.deb cfd2626930ce5fa1bb330cba771773bec5656d7e 25634 chromium_115.0.5790.98-1~deb11u1_ppc64el-buildd.buildinfo 110c38583365b85730d224abddcaad0f82297536 71323804 chromium_115.0.5790.98-1~deb11u1_ppc64el.deb Checksums-Sha256: fdb15d2af4d6c061d41ff7b7868aaf3581f6c3f8d8e13a59a5516f3a5f7dde5c 818176 chromium-common-dbgsym_115.0.5790.98-1~deb11u1_ppc64el.deb 8062476844d99ccdb61348458e0a6a16d75e4eb1c169e5434427b7b4df207f3b 5189576 chromium-common_115.0.5790.98-1~deb11u1_ppc64el.deb d7103546ac49f415f74421ba215a086e2373c2881f7d7bd3712b08dbb2ba53a9 30250900 chromium-dbgsym_115.0.5790.98-1~deb11u1_ppc64el.deb b90673c4903c4595ddb8242fe5bde0bec34f8def709832493280a9c482cabf61 5713604 chromium-driver_115.0.5790.98-1~deb11u1_ppc64el.deb 649fae243fc1cf45a68651609c263c0ca1df5f932c8d7d84c1ef2d53a3cdee67 12236 chromium-sandbox-dbgsym_115.0.5790.98-1~deb11u1_ppc64el.deb fcc59df9aeadd4aa7db12041f67bdce2fd12e3af3a75d1ecfa8b7b57d62645ba 134928 chromium-sandbox_115.0.5790.98-1~deb11u1_ppc64el.deb 02c6139a9e3cc54344ab17c9e73a088f29dcc436410d67921bb04f3a56fd1d1c 23601800 chromium-shell-dbgsym_115.0.5790.98-1~deb11u1_ppc64el.deb 3f17d173256e3070684227eed1e7223001932bb14a144101e9f827916d05b470 49834280 chromium-shell_115.0.5790.98-1~deb11u1_ppc64el.deb a36e5c7c516b413534463e9daefa450f16e6ea08fded4cf9babebb812daf7350 25634 chromium_115.0.5790.98-1~deb11u1_ppc64el-buildd.buildinfo 169fb152db11f33b9e761868e4fb2cdc1998227ef5861c4a00358a03c6f3e864 71323804 chromium_115.0.5790.98-1~deb11u1_ppc64el.deb Files: 1275c6caecff226770ad87e9070d5354 818176 debug optional chromium-common-dbgsym_115.0.5790.98-1~deb11u1_ppc64el.deb fce3910ff0884ec7e0b49d77efc33d0e 5189576 web optional chromium-common_115.0.5790.98-1~deb11u1_ppc64el.deb f3aeccdab763cf854629f381386e08e1 30250900 debug optional chromium-dbgsym_115.0.5790.98-1~deb11u1_ppc64el.deb e0800d3fe62424dcd8e4a4e414c72766 5713604 web optional chromium-driver_115.0.5790.98-1~deb11u1_ppc64el.deb 255dd487b8807fc116fc8a59ce0c7eaa 12236 debug optional chromium-sandbox-dbgsym_115.0.5790.98-1~deb11u1_ppc64el.deb 7e76cf6c533e7f0b848f318882242f6c 134928 web optional chromium-sandbox_115.0.5790.98-1~deb11u1_ppc64el.deb c92a1d7ba9a448dd8c214b81b17e9c6b 23601800 debug optional chromium-shell-dbgsym_115.0.5790.98-1~deb11u1_ppc64el.deb c39db49f869b2cc23b2be63c9ec195da 49834280 web optional chromium-shell_115.0.5790.98-1~deb11u1_ppc64el.deb 74dc072a9d60695fc121e33dc0de0605 25634 web optional chromium_115.0.5790.98-1~deb11u1_ppc64el-buildd.buildinfo b517a6cf2bc3863811eb66b887c81331 71323804 web optional chromium_115.0.5790.98-1~deb11u1_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEHDNCkvGgp2XShfnByW8ECaj2byoFAmS4L9YACgkQyW8ECaj2 bypuGg//ZvYpRxiyuQ7Ep4Z7Zh4QarZOQqfPaaVD7+FqL7FDuOZNCGBtzwVNJlHV 89yzvf/oVLvhODjYDrLgpglEGChK4Mlvw96vXtibKgEh/5VBGFt/ec/BlAfDKDFZ vXNs2dWNCvKWt+pQfoGReo6pcuRiaGKybZafpj+jPLziUkAXVaQZDQij9S8xYH5I s/H9EChd5lrE93wDnLCo2KCL7mhBhrxbm3k5mJEAwGcGWqhD/2hTWE0f8g+S5x40 eH3KelGQbstGozSyluph0at1jqm6cF/gcz7ssWB3oZ2RreD7LISJkjYXX2PerJEr QxGvuLaEnStwjtYz5sfWjemKBdsJsYWof849NkJPFyDpsR2XpUX0kN15lEoKEcC9 DJe1BrHXpCNm08VgvAGpFetAqVPLnSpDYVNj8uv3nQgYPLwoNVITW0oXbBkdWg87 ghFm1+oJUgdFxUH/DDrC15icQFMMSQQ8jtsOzRNDFbbRcnKB4WHIb5mH+JqJcpm5 LvREVDmWFQ12Y7Faa1RHK7OfBZhglNfW/8s+QD2gTKZDqHNbhRT3pvHBD0Zl4ggu H2Vzs5j+O8mT6XW666FmW5rItWp/+BKLlbjD4d0tMHLUeM3pK5y/EbKXvzEBeuBE hT8728GmAOcDE0gehJ4bMpARmTKttkWt9+jOzV9e4yjkG+3C5Us= =+TF8 -----END PGP SIGNATURE-----