-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 18 Jul 2023 17:50:00 -0500 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: armhf Version: 115.0.5790.98-1~deb11u1 Distribution: bullseye-security Urgency: high Maintainer: arm Build Daemon (arm-arm-04) Changed-By: Timothy Pearson Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (115.0.5790.98-1~deb11u1) bullseye-security; urgency=high . * New upstream release - CVE-2023-3727: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564). - CVE-2023-3728: Use after free in WebRTC. Reported by Zhenghang Xiao (@Kipreyyy). - CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel. - CVE-2023-3732: Out of bounds memory access in Mojo. Reported by Mark Brand of Google Project Zero. - CVE-2023-3733: Inappropriate implementation in WebApp Installs. Reported by Ahmed ElMasry. - CVE-2023-3734: Inappropriate implementation in Picture In Picture. Reported by Thomas Orlita. - CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts. Reported by Ahmed ElMasry. - CVE-2023-3736: Inappropriate implementation in Custom Tabs. Reported by Philipp Beer (TU Wien). - CVE-2023-3737: Inappropriate implementation in Notifications. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) . - CVE-2023-3738: Inappropriate implementation in Autofill. Reported by Hafiizh. - CVE-2023-3740: Insufficient validation of untrusted input in Themes. Reported by Fardeen Siddiqui. . * d/patches: - debianization/master-preferences.patch: upstream variable renamed - disable/catapult.patch: upstream changes required reworking - disable/tests.patch: remove new upstream puffin test data file dependencies - disable/unrar.patch: upstream changes required reworking - fixes/cmath.patch: add missing header include for skia - fixes/vector.patch: add missing header include for net - upstream/sizet.patch: drop, merged upstream - ppc64le/fixes/fix-partition-alloc-compile.patch: refresh for upstream changes - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes - ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for upstream changes - ppc64le/third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch: regenerate configs from upstream source - ppc64le/third_party/skia-vsx-instructions.patch: refresh for upstream changes . [ Andres Salomon ] - fixes/clang-and-gcc11.patch: drop, (a different version) merged upstream. - bookworm/typename.patch: drop parts that were merged upstream, and add new build fixes. - bookworm/structured-binding-scope-bug.patch: drop some of it, add new bits - bullseye/constexpr.patch: refresh for string -> StringPiece change. - bullseye/stringpiece.patch: add to work around older libre2. - bullseye/default-equality-op.patch: add more workarounds for older compilers - fixes/brandversion-construct.patch: add to fix build failure. - fixes/SkColor4f-init.patch: another missing struct constructor fix. - fixes/cookieresult.patch: another struct ctor build fix. - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh. - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh. - ppc64le/third_party/0002-third-party-boringssl-add-generated-files.patch: refresh. - bullseye/disable-mojo-ipcz.patch: refresh. - bullseye/mulodic.patch: refresh. Checksums-Sha1: 6d7ecbadf3db1c58c761dbfdca1c1bba909c7f44 1146256 chromium-common-dbgsym_115.0.5790.98-1~deb11u1_armhf.deb 1760dc117e7471a138b6ad61824d920148266762 4913036 chromium-common_115.0.5790.98-1~deb11u1_armhf.deb 0a2d0c63d3d49d6f5dee7ad799b486a4b94a65e9 27141860 chromium-dbgsym_115.0.5790.98-1~deb11u1_armhf.deb 09958b8def730d308acf67d985d040faba92daa4 5274820 chromium-driver_115.0.5790.98-1~deb11u1_armhf.deb 1b06be7254f2d551c6f505ce989a16927898ec85 11164 chromium-sandbox-dbgsym_115.0.5790.98-1~deb11u1_armhf.deb 69455df0b3240ff87b1f0961fdf91b21c3716e03 134188 chromium-sandbox_115.0.5790.98-1~deb11u1_armhf.deb f91341138bc2c69ef61408756885d99d980c1a0e 21979424 chromium-shell-dbgsym_115.0.5790.98-1~deb11u1_armhf.deb 49b0c1deed20047ee8c2a0b828747dfcae431051 43264060 chromium-shell_115.0.5790.98-1~deb11u1_armhf.deb e8e94223905ce05889a18dc6d4b8adcf83d2dcae 25636 chromium_115.0.5790.98-1~deb11u1_armhf-buildd.buildinfo f99985a0d6f60765dda55e73ecb794828664c284 62677488 chromium_115.0.5790.98-1~deb11u1_armhf.deb Checksums-Sha256: 6e6fd79cceb1f8bc7ab0fcdad8bef02560028f9ed6f388ee4b1be66beaee2a36 1146256 chromium-common-dbgsym_115.0.5790.98-1~deb11u1_armhf.deb a521ec74fe209489d3a1954f3e5d3d023096a6d1312fbefabe5737c11a4c80f3 4913036 chromium-common_115.0.5790.98-1~deb11u1_armhf.deb 14d366aba0719b8e5072a5f06903162462d5b6010c28cbd785d6bc190ba4db53 27141860 chromium-dbgsym_115.0.5790.98-1~deb11u1_armhf.deb 1929dd7be03105b6d9d6974f2f79edc3d2f58874c090daa04495417ff08f4624 5274820 chromium-driver_115.0.5790.98-1~deb11u1_armhf.deb 9beb641678fd909c9a5e1b3702c60d1ff3b26115ce6eac9479f2298db99509c0 11164 chromium-sandbox-dbgsym_115.0.5790.98-1~deb11u1_armhf.deb 122fd1a6beada65dcf7f96ca6ccf581c162d8759f3c6171eef2620b38c08e7e6 134188 chromium-sandbox_115.0.5790.98-1~deb11u1_armhf.deb b85ee236fd3db83f07c1f036460bab00bf9bd44a12b5c653cfa77d6ed75de36b 21979424 chromium-shell-dbgsym_115.0.5790.98-1~deb11u1_armhf.deb 725d5aa13d1678183b041d15f5c93d742c95c1d8e0d4e8607807e4c49c836c67 43264060 chromium-shell_115.0.5790.98-1~deb11u1_armhf.deb cfbf4a7818d8d0c2e71fbf4193b70d7a5a82c2500c8eb6a123c995daece81964 25636 chromium_115.0.5790.98-1~deb11u1_armhf-buildd.buildinfo 3179ff785a9002e59fb2f37557206694fafe3991a2a587d0d4c21926d8caeb48 62677488 chromium_115.0.5790.98-1~deb11u1_armhf.deb Files: 568b06b894b10b1c0d2a5c239e56b4cc 1146256 debug optional chromium-common-dbgsym_115.0.5790.98-1~deb11u1_armhf.deb 92d3f1c05cad6ec1d0da60aa3f5d6be1 4913036 web optional chromium-common_115.0.5790.98-1~deb11u1_armhf.deb 4178d247efefff0b5a06e9b118906ba8 27141860 debug optional chromium-dbgsym_115.0.5790.98-1~deb11u1_armhf.deb 0be59e04c3c4b6cf8c0768330b4c83e9 5274820 web optional chromium-driver_115.0.5790.98-1~deb11u1_armhf.deb 285edad790eb7b253985e0d5bec79911 11164 debug optional chromium-sandbox-dbgsym_115.0.5790.98-1~deb11u1_armhf.deb 632f55988059523b7bd1b7e5f8c96258 134188 web optional chromium-sandbox_115.0.5790.98-1~deb11u1_armhf.deb 0f0eaf24bb39325d23ad3b1ff595bff3 21979424 debug optional chromium-shell-dbgsym_115.0.5790.98-1~deb11u1_armhf.deb b1468f6ead1e42032a9e4f39566def23 43264060 web optional chromium-shell_115.0.5790.98-1~deb11u1_armhf.deb 091754a797b8f5d57d8d788c0b717fa0 25636 web optional chromium_115.0.5790.98-1~deb11u1_armhf-buildd.buildinfo ee3643621d177ab500cd3376fba5dcba 62677488 web optional chromium_115.0.5790.98-1~deb11u1_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEmUDOxnfDwdc47jJKqoc2e3yvTA0FAmS94ksACgkQqoc2e3yv TA38RhAAumQ+8XJTaKNIgSxx4bBdpCjZclk1GZqwKfQ8mYx94DLipku0/XDkZcj4 XfS1djNOu4pqvH+QAsQo+Tyn8hmNzzbZRhb+Wy9P+yWVApvE/9wYnotShHULSpGe vTqhx9qrmAnn0yfXFu8qNfaV30huUJvgJOL8SlujI/qDSucv+LSOvmYyhsTPWYYK DCYbtB3Jty9iU+nzqUs9ieQUClEgV6WtFHKanjjo7qND0ruYif9WHbFV46bGFJAB j+MB9GJZPu0/0H5rxkNYCh9k4TfQqJ41MNnQCjF+WNBwNLBTheWQIvOY5T2kW0fF i61cUz4avStsOxJj4KWTTR+BFJ0ouSM+NPwBJE1cWdrokvXzr7qxv7ONpjJ/3gDv zLjYkGSlAS8It57z4YfJjpVCFaVU4dFN73egYgFmkdCBT2FK0cxN6NrL+xcSHBpo PBjk0jq6+ffoVJjFjK+lyaT2KzIDsjgpEYh8d9ajjYfnxzs80TRdB+WUHR0VroyC btVXvuo4ExIRV16UQqHmI4lPxEFiar2YLxlVfH69XA61xBcfQg1GsDYqSTaToRyr pCZSaEkX6pK9YZ9I3IgF5L0vRnsA0eGX7E1v1lNlP09RokLV6v4175OA3gsyxogi HPNcNaUPHuvePOvOfS34BiC3LxwSaz2EQZNp7jpvWJZbQEcOveQ= =QVxr -----END PGP SIGNATURE-----