-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 15 Aug 2023 17:46:56 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: amd64
Version: 116.0.5845.96-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-csail-01) <buildd_amd64-x86-csail-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (116.0.5845.96-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L.
     - CVE-2023-4349: Use after free in Device Trust Connectors.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4350: Inappropriate implementation in Fullscreen.
       Reported by Khiem Tran (@duckhiem).
     - CVE-2023-4351: Use after free in Network.
       Reported by Guang and Weipeng Jiang of VRI.
     - CVE-2023-4352: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4353: Heap buffer overflow in ANGLE.
       Reported by Christoph Diehl / Microsoft Vulnerability Research.
     - CVE-2023-4354: Heap buffer overflow in Skia.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-4355: Out of bounds memory access in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4356: Use after free in Audio.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-4357: Insufficient validation of untrusted input in XML.
       Reported by Igor Sak-Sakovskii.
     - CVE-2023-4358: Use after free in DNS.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4359: Inappropriate implementation in App Launcher.
       Reported by @retsew0x01.
     - CVE-2023-4360: Inappropriate implementation in Color.
       Reported by Axel Chong.
     - CVE-2023-4361: Inappropriate implementation in Autofill.
       Reported by Thomas Orlita.
     - CVE-2023-4362: Heap buffer overflow in Mojom IDL.
       Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab.
     - CVE-2023-4363: Inappropriate implementation in WebShare.
       Reported by Alesandro Ortiz.
     - CVE-2023-4364: Inappropriate implementation in Permission Prompts.
       Reported by Jasper Rebane.
     - CVE-2023-4365: Inappropriate implementation in Fullscreen.
       Reported by Hafiizh.
     - CVE-2023-4366: Use after free in Extensions. Reported by asnine.
     - CVE-2023-4367: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
     - CVE-2023-4368: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
   * d/patches:
    - fixes/cmath.patch: drop, merged upstream.
    - fixes/vector.patch: drop, merged upstream.
    - fixes/cookieresult.patch: drop, merged upstream.
    - upstream/feature-list-static.patch: drop, merged upstream.
    - disable/catapult.patch: refresh.
    - upstream/statelessV4L2.patch: refresh.
    - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
    - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
    - ppc64le/breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh.
    - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
    - fixes/rust-clanglib.patch: add patch to handle new clang deps for rust.
    - debianization/clang-version.patch: move from bullseye/lld-13.patch.
    - bookworm/typename.patch: more typename fixes needed.
    - fixes/variant.patch: add a missing header that libstdc++ needs.
    - fixes/vector.patch: add a missing header that libstdc++ needs.
    - fixes/null.patch: fix missing namespace for nullptr_t + header fix.
    - fixes/size.patch: missing header fix.
    - bookworm/brotli.patch: revert upstream change that requires newer brotli.
    - bookworm/struct-ctor.patch: add a bunch of explicit struct constructors
      to make clang-15 happy.
    - fixes/size.patch
    - bullseye/stringpiece.patch: drop, since we're bundling re2 now.
    - bullseye/downgrade-typescript.patch: newer tsc 5.1 doesn't work with
      bullseye's ancient nodejs, so we have to downgrade back to 5.0.
    - bullseye/constexpr.patch: add another build fix.
    - bullseye/default-equality-op.patch: add another build fix.
   * d/rules: automatically detect rust/clang versions & add needed rust args.
     But also continue disabling rust for now.
   * d/rules: drop use_gnome_keyring=false, upstream has completely removed
     libgnome-keyring support in favor of gnome's libsecret.
   * Use bundled re2 (for now) instead of libre2-dev due to random crashes
     we're seeing. Adjust build-deps, Files-Excluded, d/clean,
     and d/scripts/unbundle accordingly.
 .
   [ Timothy Pearson ]
    * d/patches/ppc64le:
      - database/0001-Properly-detect-little-endian-PPC64-systems.patch: refresh
        for upstream changes
      - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
        refresh for upstream changes
      - third_party/0002-third-party-boringssl-add-generated-files.patch:
        refresh, no changes
      - third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
        changes
      - third_party/skia-vsx-instructions.patch: refresh for upstream changes
Checksums-Sha1:
 c58284113a94d270d38f1641764bf28a0d66d988 1099060 chromium-common-dbgsym_116.0.5845.96-1~deb11u1_amd64.deb
 9013b60350c13bb3f2bd4d73c7fed14b70b31e88 5015412 chromium-common_116.0.5845.96-1~deb11u1_amd64.deb
 05e79f9ea5e73aacbfa941a4ef89539cc6187eaf 29584484 chromium-dbgsym_116.0.5845.96-1~deb11u1_amd64.deb
 b3afb14610b8a10b838ff6a0f2e01d4c39f4da20 5242848 chromium-driver_116.0.5845.96-1~deb11u1_amd64.deb
 b25bc864fa155ff5cb5145af08581eddb493bb27 12268 chromium-sandbox-dbgsym_116.0.5845.96-1~deb11u1_amd64.deb
 fab187f3cd318fabaf1be9adefd9cd04cb0a4691 135892 chromium-sandbox_116.0.5845.96-1~deb11u1_amd64.deb
 3470144be256cf984119ad7dfd94730bc1b8b81e 25608984 chromium-shell-dbgsym_116.0.5845.96-1~deb11u1_amd64.deb
 dee6c87497794bb98fe9091253647f8ae8b93111 48966388 chromium-shell_116.0.5845.96-1~deb11u1_amd64.deb
 5786ada0d76b120f006446f4c160c97b8fda25f0 25770 chromium_116.0.5845.96-1~deb11u1_amd64-buildd.buildinfo
 64aa37afb89e12a46a31bd2badaf2b103ab9f9a2 69828872 chromium_116.0.5845.96-1~deb11u1_amd64.deb
Checksums-Sha256:
 da9ba19e19df7a7f82200c0372ce4506eb191162b01272426267773adac3d9ed 1099060 chromium-common-dbgsym_116.0.5845.96-1~deb11u1_amd64.deb
 185a3298f55e4253a8271402d23f5b20612747b899df43b36042179860f56eba 5015412 chromium-common_116.0.5845.96-1~deb11u1_amd64.deb
 e4fb6d61991f5a52564670a8b400061b901918b778a76a2601c77be4de40e5e9 29584484 chromium-dbgsym_116.0.5845.96-1~deb11u1_amd64.deb
 671f06aad4e8fa26088ccaafa08d178c7c1d90055af111c2e4dd3fe28d844b36 5242848 chromium-driver_116.0.5845.96-1~deb11u1_amd64.deb
 61afca3f360a8285f9a30ad87deb658f394a0254f0921d7da5e8f0c5d3378b5c 12268 chromium-sandbox-dbgsym_116.0.5845.96-1~deb11u1_amd64.deb
 c650065175221b274ff7a9628698882edea6c2f2c99b87da3050e0e02051a9b6 135892 chromium-sandbox_116.0.5845.96-1~deb11u1_amd64.deb
 7b1d9f93e1f50f829a4d050b91ea2b7c7d018fa937f867a210593921812a7528 25608984 chromium-shell-dbgsym_116.0.5845.96-1~deb11u1_amd64.deb
 7470eb140f8cc4548e97f088a6b680136623f272f8bf7e2c48a0e8fb0a91da7a 48966388 chromium-shell_116.0.5845.96-1~deb11u1_amd64.deb
 ab2c8f5714c110666ec6fcad8f8ebbe77df8d1601e20a5d839fb08446b5b6c4a 25770 chromium_116.0.5845.96-1~deb11u1_amd64-buildd.buildinfo
 c86b5c07fdb8c2873804e844bd0efb81851662bc4d0a686934fc4e79c535dd68 69828872 chromium_116.0.5845.96-1~deb11u1_amd64.deb
Files:
 1b3ff45269aa917a5edd3a68ae3b2706 1099060 debug optional chromium-common-dbgsym_116.0.5845.96-1~deb11u1_amd64.deb
 aff69031bf7256700e877e32ef51701f 5015412 web optional chromium-common_116.0.5845.96-1~deb11u1_amd64.deb
 4f814552c96d9a8f33885e6955d00763 29584484 debug optional chromium-dbgsym_116.0.5845.96-1~deb11u1_amd64.deb
 5aaf3ec9ee9e595b84511c04ec6a3e57 5242848 web optional chromium-driver_116.0.5845.96-1~deb11u1_amd64.deb
 74ee5ac5dce338adeaa75091ec947622 12268 debug optional chromium-sandbox-dbgsym_116.0.5845.96-1~deb11u1_amd64.deb
 918fa614c76cfa88d078c5ae5b6f5ce4 135892 web optional chromium-sandbox_116.0.5845.96-1~deb11u1_amd64.deb
 39814051e757da8ea7b42031b2a5384b 25608984 debug optional chromium-shell-dbgsym_116.0.5845.96-1~deb11u1_amd64.deb
 033ceb13546126bcbdfaf2f3f2ee906f 48966388 web optional chromium-shell_116.0.5845.96-1~deb11u1_amd64.deb
 e346300fb43064fa04776c6533856307 25770 web optional chromium_116.0.5845.96-1~deb11u1_amd64-buildd.buildinfo
 f7ac9fa5df655c01d0349fb6731dc5af 69828872 web optional chromium_116.0.5845.96-1~deb11u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE85oDfSLnwLkvY4Ibj5YjFeDZ0JMFAmTdRJIACgkQj5YjFeDZ
0JNK8BAAoASSfgJCx2I+fR6Ij9Q8/8M2rEz3W+efXYh+z4E0dbuTCy/KSplQveCT
13XR+L0mLYAfNyr5JvVkqGJSEXF05cc/QUsdkAoq0AvRFZ8+GdZmY0TsVCG286bQ
rbh2E5FJU/PChVEnh81syXwNw/4x/efq57yKlR7AIcJAzqJRpcw1Lx0QmzTc1m9Z
G8YG68+xXjp1EgAbchFNmSsveReCIB+KvMGBUpUNhyB7Y9Js6tALxfCA/xAg9FnZ
eDduZiC83VszPW6TGv3JRiIYVU1xuMr89Z/1lNoHlvFjPUBkMy+lmJyO+H30PSBu
xtNS+Cm0ZYaT0oJVSqcvk4IKOBMYAjk/DHd0De2fdzcsG9GEf8gun//avBBGhOh0
Gk1HTKEN+9NSwa+f+pM+3dEtokFX0Hj0OAAIFWlNEhu+Simzkik9Ya3HxeFBkVIS
uk1R+hKMs2vVXm2wlVuDgRNpLFoFOuKKNq06F6ro5ms1Z77TpnxzlOtn5hmfKfE1
4xxJH+aIew9IHVIWVjxz0caszJICn3J9VaXS1bIbYupMK18OKa4nylCY/B/WSXaG
NUkFo376XDqMPnsAxrKwnZcHLcF3ImEp9+36QeJVRYywZ5V+FzPkf+2j7bwuSVS6
AcraoolYG0GRV15wPhb0rjyWyPBv6tup3bi3z1ObS/9v59UeKZU=
=EAnO
-----END PGP SIGNATURE-----