-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 18 Jul 2023 17:50:00 -0500
Source: chromium
Binary: chromium-l10n
Architecture: all
Version: 115.0.5790.98-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Timothy Pearson <tpearson@raptorengineering.com>
Description:
 chromium-l10n - web browser - language packs
Changes:
 chromium (115.0.5790.98-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream release
     - CVE-2023-3727: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-3728: Use after free in WebRTC.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel.
     - CVE-2023-3732: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-3733: Inappropriate implementation in WebApp Installs.
       Reported by Ahmed ElMasry.
     - CVE-2023-3734: Inappropriate implementation in Picture In Picture.
       Reported by Thomas Orlita.
     - CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts.
       Reported by Ahmed ElMasry.
     - CVE-2023-3736: Inappropriate implementation in Custom Tabs.
       Reported by Philipp Beer (TU Wien).
     - CVE-2023-3737: Inappropriate implementation in Notifications.
       Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
     - CVE-2023-3738: Inappropriate implementation in Autofill.
       Reported by Hafiizh.
     - CVE-2023-3740: Insufficient validation of untrusted input in Themes.
       Reported by Fardeen Siddiqui.
 .
   * d/patches:
     - debianization/master-preferences.patch: upstream variable renamed
     - disable/catapult.patch: upstream changes required reworking
     - disable/tests.patch: remove new upstream puffin test data file
       dependencies
     - disable/unrar.patch: upstream changes required reworking
     - fixes/cmath.patch: add missing header include for skia
     - fixes/vector.patch: add missing header include for net
     - upstream/sizet.patch: drop, merged upstream
     - ppc64le/fixes/fix-partition-alloc-compile.patch: refresh for upstream
       changes
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
       for upstream changes
     - ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - ppc64le/third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - ppc64le/third_party/skia-vsx-instructions.patch: refresh for upstream
       changes
 .
   [ Andres Salomon ]
     - fixes/clang-and-gcc11.patch: drop, (a different version) merged upstream.
     - bookworm/typename.patch: drop parts that were merged upstream, and add
       new build fixes.
     - bookworm/structured-binding-scope-bug.patch: drop some of it, add new bits
     - bullseye/constexpr.patch: refresh for string -> StringPiece change.
     - bullseye/stringpiece.patch: add to work around older libre2.
     - bullseye/default-equality-op.patch: add more workarounds for older
       compilers
     - fixes/brandversion-construct.patch: add to fix build failure.
     - fixes/SkColor4f-init.patch: another missing struct constructor fix.
     - fixes/cookieresult.patch: another struct ctor build fix.
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - ppc64le/third_party/0002-third-party-boringssl-add-generated-files.patch:
       refresh.
     - bullseye/disable-mojo-ipcz.patch: refresh.
     - bullseye/mulodic.patch: refresh.
Checksums-Sha1:
 494d1aaabde441b3918bf710767feabfc1b9fe26 6215176 chromium-l10n_115.0.5790.98-1~deb11u1_all.deb
 b92c44c8dd7df2b70e05f483b1c48e77baee205f 22991 chromium_115.0.5790.98-1~deb11u1_all-buildd.buildinfo
Checksums-Sha256:
 a03f8daf00fa04f4b0100be88a46e0799e2cb1022222318ba1a647ed484aed8a 6215176 chromium-l10n_115.0.5790.98-1~deb11u1_all.deb
 2adbd5c3388d6d12e38f471fbeb714feaa15a2ab0eba69c5cc673e2385d01b23 22991 chromium_115.0.5790.98-1~deb11u1_all-buildd.buildinfo
Files:
 5872ae0f4b20f085c78251dbe7318b2a 6215176 localization optional chromium-l10n_115.0.5790.98-1~deb11u1_all.deb
 f900fc4916f9b9ff2e7dd5a170e436b9 22991 web optional chromium_115.0.5790.98-1~deb11u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEi/TVpVg0yb7dq8QfDZWW6X29YdoFAmS4S7cACgkQDZWW6X29
YdqH6w/9GNsHjFoWSXPniygsADSCSbopYSurcFFwCet2EHMTmrAizCDXBd2CKPiv
cN3bc/AtJu5svrT1wQWXKY2rtXO77+ASQKMNNXKx1Z2gcJU6oifjLZ9Cf9dM4elf
DGGZmH6RvZjiEJnOpmGOCZdfE+yA0QaKmDAYG7G0mHB1dYsKXUXHIwpUsZ6gx8dL
1HEqRj8K50Q2ET1LyYCM2Gqu5fyBPd6U2lXoXvyJJykNVm+vPznXVEK/ZuQALQod
DUvZtkYbn57CddH1s/JZp+aYMRm/rbggNC4MwzBjXnIf6u42jW2PlzAnFjFUTSRS
yA0QzBHKBHNMzvUYnqvdnOgWhJkw7koLMZyH3YnHkOOYowumAgeuplULX5ZUlPq3
wmpZRatQIB5QRJEi8Ain6m5wh2Ahb+z89EOYJWS6GkIBy5WPFZW2rKLBgPqxCH+6
pitDFbEhuijVgDickGrcZCZ4+Xa8+pjbgjx/eNZMfiz0HagbYln7/aEo1umJRpTY
Fbs12oFhwCG/GlWs1x7TaEa5I7wz76jLJycKof/WwXzdc35ylhm46+13B/mssHT5
Wb563Dd1jMKrtBp+Yy8zQ9We2PSqbWrXkuAouG2Tv/8P6P9qxLDoktSeltvgLV2R
EEKJ8+8CWc4OYZRtQYia0YbxKRCLEhhPeM3rFmEHMgXQ/ny4Dcg=
=27Ub
-----END PGP SIGNATURE-----