-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 15 Aug 2023 17:46:56 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: arm64
Version: 116.0.5845.96-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: arm Build Daemon (arm-arm-04) <buildd_arm64-arm-arm-04@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (116.0.5845.96-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L.
     - CVE-2023-4349: Use after free in Device Trust Connectors.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4350: Inappropriate implementation in Fullscreen.
       Reported by Khiem Tran (@duckhiem).
     - CVE-2023-4351: Use after free in Network.
       Reported by Guang and Weipeng Jiang of VRI.
     - CVE-2023-4352: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4353: Heap buffer overflow in ANGLE.
       Reported by Christoph Diehl / Microsoft Vulnerability Research.
     - CVE-2023-4354: Heap buffer overflow in Skia.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-4355: Out of bounds memory access in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4356: Use after free in Audio.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-4357: Insufficient validation of untrusted input in XML.
       Reported by Igor Sak-Sakovskii.
     - CVE-2023-4358: Use after free in DNS.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4359: Inappropriate implementation in App Launcher.
       Reported by @retsew0x01.
     - CVE-2023-4360: Inappropriate implementation in Color.
       Reported by Axel Chong.
     - CVE-2023-4361: Inappropriate implementation in Autofill.
       Reported by Thomas Orlita.
     - CVE-2023-4362: Heap buffer overflow in Mojom IDL.
       Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab.
     - CVE-2023-4363: Inappropriate implementation in WebShare.
       Reported by Alesandro Ortiz.
     - CVE-2023-4364: Inappropriate implementation in Permission Prompts.
       Reported by Jasper Rebane.
     - CVE-2023-4365: Inappropriate implementation in Fullscreen.
       Reported by Hafiizh.
     - CVE-2023-4366: Use after free in Extensions. Reported by asnine.
     - CVE-2023-4367: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
     - CVE-2023-4368: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
   * d/patches:
    - fixes/cmath.patch: drop, merged upstream.
    - fixes/vector.patch: drop, merged upstream.
    - fixes/cookieresult.patch: drop, merged upstream.
    - upstream/feature-list-static.patch: drop, merged upstream.
    - disable/catapult.patch: refresh.
    - upstream/statelessV4L2.patch: refresh.
    - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
    - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
    - ppc64le/breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh.
    - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
    - fixes/rust-clanglib.patch: add patch to handle new clang deps for rust.
    - debianization/clang-version.patch: move from bullseye/lld-13.patch.
    - bookworm/typename.patch: more typename fixes needed.
    - fixes/variant.patch: add a missing header that libstdc++ needs.
    - fixes/vector.patch: add a missing header that libstdc++ needs.
    - fixes/null.patch: fix missing namespace for nullptr_t + header fix.
    - fixes/size.patch: missing header fix.
    - bookworm/brotli.patch: revert upstream change that requires newer brotli.
    - bookworm/struct-ctor.patch: add a bunch of explicit struct constructors
      to make clang-15 happy.
    - fixes/size.patch
    - bullseye/stringpiece.patch: drop, since we're bundling re2 now.
    - bullseye/downgrade-typescript.patch: newer tsc 5.1 doesn't work with
      bullseye's ancient nodejs, so we have to downgrade back to 5.0.
    - bullseye/constexpr.patch: add another build fix.
    - bullseye/default-equality-op.patch: add another build fix.
   * d/rules: automatically detect rust/clang versions & add needed rust args.
     But also continue disabling rust for now.
   * d/rules: drop use_gnome_keyring=false, upstream has completely removed
     libgnome-keyring support in favor of gnome's libsecret.
   * Use bundled re2 (for now) instead of libre2-dev due to random crashes
     we're seeing. Adjust build-deps, Files-Excluded, d/clean,
     and d/scripts/unbundle accordingly.
 .
   [ Timothy Pearson ]
    * d/patches/ppc64le:
      - database/0001-Properly-detect-little-endian-PPC64-systems.patch: refresh
        for upstream changes
      - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
        refresh for upstream changes
      - third_party/0002-third-party-boringssl-add-generated-files.patch:
        refresh, no changes
      - third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
        changes
      - third_party/skia-vsx-instructions.patch: refresh for upstream changes
Checksums-Sha1:
 15893ddb00384e75e5d2779e05730aad759edf66 1128368 chromium-common-dbgsym_116.0.5845.96-1~deb11u1_arm64.deb
 b95bde77bd34a712f5883ec4c725d0d8427fa97a 4838896 chromium-common_116.0.5845.96-1~deb11u1_arm64.deb
 eec9e050761471f5cbd5763bd73f9bd783fdf209 27681300 chromium-dbgsym_116.0.5845.96-1~deb11u1_arm64.deb
 8f7d727f222c83f19457fe703fb7ea767a330843 4717076 chromium-driver_116.0.5845.96-1~deb11u1_arm64.deb
 2e45d4867b99b62badc6c27be4f088b7c108752a 12356 chromium-sandbox-dbgsym_116.0.5845.96-1~deb11u1_arm64.deb
 32635a6afec2df85cf6f17bc3ded792ecc704fc3 135672 chromium-sandbox_116.0.5845.96-1~deb11u1_arm64.deb
 a31879360b76c03c37d9746defd189f5331e287a 22922532 chromium-shell-dbgsym_116.0.5845.96-1~deb11u1_arm64.deb
 402ba2750396ecadc81c2afe106954437fd7f4f6 42760228 chromium-shell_116.0.5845.96-1~deb11u1_arm64.deb
 d446d1abd889814688294e23aef3cbaa7fe0e523 25691 chromium_116.0.5845.96-1~deb11u1_arm64-buildd.buildinfo
 9df5e644041296d283f42faf46736e3551420208 61379668 chromium_116.0.5845.96-1~deb11u1_arm64.deb
Checksums-Sha256:
 25d7715138cc19acf17e61f5d4751c305b09c8daf530ec1e736da7383e488549 1128368 chromium-common-dbgsym_116.0.5845.96-1~deb11u1_arm64.deb
 f2070e5ea4d1de12f0bb3a356384e444d6049e6a58ecd841c0f982fd8544f9b1 4838896 chromium-common_116.0.5845.96-1~deb11u1_arm64.deb
 ee5a6188bb57c8fc5ca2f970032945c09caa946aeba32f67c6ef0366bb765dda 27681300 chromium-dbgsym_116.0.5845.96-1~deb11u1_arm64.deb
 56bc8e29d1b0b4270bb95f3368881e0b6127e68a5945495025d2c3b5a0414938 4717076 chromium-driver_116.0.5845.96-1~deb11u1_arm64.deb
 50faa3b59d4e14f153c521f9f1182aaeee31b712c22f2433b459e50fb32f081c 12356 chromium-sandbox-dbgsym_116.0.5845.96-1~deb11u1_arm64.deb
 90f439580db953611e1cc24e5da2e135f46bdc878e7e636f20cc7ce21f80cd44 135672 chromium-sandbox_116.0.5845.96-1~deb11u1_arm64.deb
 105969167f34faa9dc145f129a525389c1cb1cbd799e8e40c87dca1b36efdbc4 22922532 chromium-shell-dbgsym_116.0.5845.96-1~deb11u1_arm64.deb
 471f8d3c741c04d64a9d699f75616cf42b59b4ccd7b9f921ae808c449b5c5774 42760228 chromium-shell_116.0.5845.96-1~deb11u1_arm64.deb
 0b7cdc3e1c01b9ea2cf8cadaf6d709da477f7dfdddb1489ad5743bf4491b2e7d 25691 chromium_116.0.5845.96-1~deb11u1_arm64-buildd.buildinfo
 d1231f15799edbad25502ab2b4f0da03f2aa3039ba9ce59db03c99ca3c7245c2 61379668 chromium_116.0.5845.96-1~deb11u1_arm64.deb
Files:
 bc785dd5f3b1a1b1e1fc3f0075269db7 1128368 debug optional chromium-common-dbgsym_116.0.5845.96-1~deb11u1_arm64.deb
 044b01288eba41588eae45edb61abced 4838896 web optional chromium-common_116.0.5845.96-1~deb11u1_arm64.deb
 937e33e3c19ce0db3cb09e978a640fdf 27681300 debug optional chromium-dbgsym_116.0.5845.96-1~deb11u1_arm64.deb
 c2e4a5086b801f3cdda651681d224eb6 4717076 web optional chromium-driver_116.0.5845.96-1~deb11u1_arm64.deb
 98b005a3a43c74f51fcc2a120acf6a97 12356 debug optional chromium-sandbox-dbgsym_116.0.5845.96-1~deb11u1_arm64.deb
 a8216c91fc4fac2fe61128335650d192 135672 web optional chromium-sandbox_116.0.5845.96-1~deb11u1_arm64.deb
 8e8f6dda4967cc0cb04d6349d7a9f28b 22922532 debug optional chromium-shell-dbgsym_116.0.5845.96-1~deb11u1_arm64.deb
 e1b3d7e5b342382654a32958d1c44270 42760228 web optional chromium-shell_116.0.5845.96-1~deb11u1_arm64.deb
 3d0c67f0f1abe9c244fe817831be5151 25691 web optional chromium_116.0.5845.96-1~deb11u1_arm64-buildd.buildinfo
 3cb42e535759668820f60a8351e56e9e 61379668 web optional chromium_116.0.5845.96-1~deb11u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmUDOxnfDwdc47jJKqoc2e3yvTA0FAmTdkugACgkQqoc2e3yv
TA0z8A//YLFhSlZ4Ffsl/IwyC0JvE6uSPGaz4fU3DjWzlHR7qEex3BO5HGE/405f
fqIOy8vvsfXQaBTA7VXLIGyTgUCciuYl7SuIvTLYqDsuoEKqhURTBm26tuSHVLFU
faG5towLW5Aijc8xqY7Bq/Ujj5inJVFs6WEB3bdpoqQ2rl/pqHe6g+SCSVhAsc05
WnPSXQ0AaAt1q3BXP9cDhhXrwUzvYutITJVROVOuElqsfgDgQs7aHE6HlxY1ZXJC
lV1O9806q3SU/zN86pzAiIiJux/GB+50eRpc6Qm1xmq2HVmZz2R5jPbQ3OiPfc4h
TxXobBb48wwD7vWzxgeEMaWKbYcp7fm1AglfVOfQTN3jrp2IC4EXckFroOXIm5IL
pEFNvo2miR8G4hR3cSL0Tgiu+Gp3YfnqpuNJ4DeG1davrJzGt5mtptRUEnasg0dX
0JHXJ2zIpQch/vdm3tcydxIR0aN+T18yZCSu7M7HqMnlVrHirOnhqAiySQjTA92J
a/+iZMICvx/KHpsfuTQxwznlMlhmrwZDGKIl0qdRVVf7PFySqHBb0GTPaYLhN6Ip
MFh2XUxuF5PUapApD/75AAgd0n5aS/R3JKgjzIdtdAvXQd/M/ItR+KfwAjwLWkR/
WnoVUUh9ISmRv39NkzWSHOMACWmATHirOf2OyeX3nTvycVHXPWE=
=ZKS2
-----END PGP SIGNATURE-----