-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 15 Aug 2023 17:46:56 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: armhf
Version: 116.0.5845.96-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-02) <buildd_arm64-arm-conova-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (116.0.5845.96-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L.
     - CVE-2023-4349: Use after free in Device Trust Connectors.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4350: Inappropriate implementation in Fullscreen.
       Reported by Khiem Tran (@duckhiem).
     - CVE-2023-4351: Use after free in Network.
       Reported by Guang and Weipeng Jiang of VRI.
     - CVE-2023-4352: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4353: Heap buffer overflow in ANGLE.
       Reported by Christoph Diehl / Microsoft Vulnerability Research.
     - CVE-2023-4354: Heap buffer overflow in Skia.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-4355: Out of bounds memory access in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4356: Use after free in Audio.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-4357: Insufficient validation of untrusted input in XML.
       Reported by Igor Sak-Sakovskii.
     - CVE-2023-4358: Use after free in DNS.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4359: Inappropriate implementation in App Launcher.
       Reported by @retsew0x01.
     - CVE-2023-4360: Inappropriate implementation in Color.
       Reported by Axel Chong.
     - CVE-2023-4361: Inappropriate implementation in Autofill.
       Reported by Thomas Orlita.
     - CVE-2023-4362: Heap buffer overflow in Mojom IDL.
       Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab.
     - CVE-2023-4363: Inappropriate implementation in WebShare.
       Reported by Alesandro Ortiz.
     - CVE-2023-4364: Inappropriate implementation in Permission Prompts.
       Reported by Jasper Rebane.
     - CVE-2023-4365: Inappropriate implementation in Fullscreen.
       Reported by Hafiizh.
     - CVE-2023-4366: Use after free in Extensions. Reported by asnine.
     - CVE-2023-4367: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
     - CVE-2023-4368: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
   * d/patches:
    - fixes/cmath.patch: drop, merged upstream.
    - fixes/vector.patch: drop, merged upstream.
    - fixes/cookieresult.patch: drop, merged upstream.
    - upstream/feature-list-static.patch: drop, merged upstream.
    - disable/catapult.patch: refresh.
    - upstream/statelessV4L2.patch: refresh.
    - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
    - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
    - ppc64le/breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh.
    - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
    - fixes/rust-clanglib.patch: add patch to handle new clang deps for rust.
    - debianization/clang-version.patch: move from bullseye/lld-13.patch.
    - bookworm/typename.patch: more typename fixes needed.
    - fixes/variant.patch: add a missing header that libstdc++ needs.
    - fixes/vector.patch: add a missing header that libstdc++ needs.
    - fixes/null.patch: fix missing namespace for nullptr_t + header fix.
    - fixes/size.patch: missing header fix.
    - bookworm/brotli.patch: revert upstream change that requires newer brotli.
    - bookworm/struct-ctor.patch: add a bunch of explicit struct constructors
      to make clang-15 happy.
    - fixes/size.patch
    - bullseye/stringpiece.patch: drop, since we're bundling re2 now.
    - bullseye/downgrade-typescript.patch: newer tsc 5.1 doesn't work with
      bullseye's ancient nodejs, so we have to downgrade back to 5.0.
    - bullseye/constexpr.patch: add another build fix.
    - bullseye/default-equality-op.patch: add another build fix.
   * d/rules: automatically detect rust/clang versions & add needed rust args.
     But also continue disabling rust for now.
   * d/rules: drop use_gnome_keyring=false, upstream has completely removed
     libgnome-keyring support in favor of gnome's libsecret.
   * Use bundled re2 (for now) instead of libre2-dev due to random crashes
     we're seeing. Adjust build-deps, Files-Excluded, d/clean,
     and d/scripts/unbundle accordingly.
 .
   [ Timothy Pearson ]
    * d/patches/ppc64le:
      - database/0001-Properly-detect-little-endian-PPC64-systems.patch: refresh
        for upstream changes
      - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
        refresh for upstream changes
      - third_party/0002-third-party-boringssl-add-generated-files.patch:
        refresh, no changes
      - third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
        changes
      - third_party/skia-vsx-instructions.patch: refresh for upstream changes
Checksums-Sha1:
 8d45cec71dc7b2afd55aeac83b4af7dcc7ab06d7 1148020 chromium-common-dbgsym_116.0.5845.96-1~deb11u1_armhf.deb
 fab686dece3d6f6be3fc0ee8b34948897737f2a2 4935040 chromium-common_116.0.5845.96-1~deb11u1_armhf.deb
 4c3b22ea9ba4e1856fc6589388b7719d57d31d53 27337364 chromium-dbgsym_116.0.5845.96-1~deb11u1_armhf.deb
 ad8f356f0664aed645f1787ac16a04dacd56b221 5381660 chromium-driver_116.0.5845.96-1~deb11u1_armhf.deb
 0649ca6673e48097e322e5dbe0d188614be997ee 11148 chromium-sandbox-dbgsym_116.0.5845.96-1~deb11u1_armhf.deb
 b422074ae52fbaa3fed64c428f4619b86adaa064 135384 chromium-sandbox_116.0.5845.96-1~deb11u1_armhf.deb
 6502202ae9f8cfac2e95d4167d8b3ba77e7a31d6 22105476 chromium-shell-dbgsym_116.0.5845.96-1~deb11u1_armhf.deb
 64a6d1f44fc78f75ea382bcd6200d5769aa99281 44012512 chromium-shell_116.0.5845.96-1~deb11u1_armhf.deb
 b09f70dbdb3bb42cc362fe573884ea9a6394dcb0 25682 chromium_116.0.5845.96-1~deb11u1_armhf-buildd.buildinfo
 54a2f8307204070e0e3ca68050342777fe2ec423 63466556 chromium_116.0.5845.96-1~deb11u1_armhf.deb
Checksums-Sha256:
 f74e255505845f8922727aee7c24875c68f4801134cf346a8471deb9f004a58d 1148020 chromium-common-dbgsym_116.0.5845.96-1~deb11u1_armhf.deb
 fd67f3c6fc253a0d58e75525d83a9099f5524d09cda391ff7cb1006fbdf89b03 4935040 chromium-common_116.0.5845.96-1~deb11u1_armhf.deb
 f4962a891040a538b85f6004307a51c0728e9a3b13a08fc5905cbff1c12bda60 27337364 chromium-dbgsym_116.0.5845.96-1~deb11u1_armhf.deb
 bd5e2360efcb1b1e65e3b4e045f6d68670a517ab2c9c13431af3b748d3cb945a 5381660 chromium-driver_116.0.5845.96-1~deb11u1_armhf.deb
 36203e9af64579858e674b2d9f873f8be6d798c133f49cf04d0bf8a12dc12b88 11148 chromium-sandbox-dbgsym_116.0.5845.96-1~deb11u1_armhf.deb
 09d681536dfd5b7e99f85053bff296175c007e8c134729abf5cb0421d46a0d0b 135384 chromium-sandbox_116.0.5845.96-1~deb11u1_armhf.deb
 5bd03900d6fd98374904d5d3ff8a5f41d9bfae0624faee15f81a5a58f7707636 22105476 chromium-shell-dbgsym_116.0.5845.96-1~deb11u1_armhf.deb
 f4710c084f34ced99b39bb33ab9de7abf74669f89464952eae0a32bffa892c04 44012512 chromium-shell_116.0.5845.96-1~deb11u1_armhf.deb
 2554ebe5422289041448a497eb0d4242b319636826446485876adc4a3756e8c9 25682 chromium_116.0.5845.96-1~deb11u1_armhf-buildd.buildinfo
 8d8f4175d28c23e5731a0df0aff002e7b79117639b95f81cc78b15a8c61728e2 63466556 chromium_116.0.5845.96-1~deb11u1_armhf.deb
Files:
 3b6cae665a61b69c47a5b2fdd5aa69b0 1148020 debug optional chromium-common-dbgsym_116.0.5845.96-1~deb11u1_armhf.deb
 f05940e827d20d66f0e77dd55d095d02 4935040 web optional chromium-common_116.0.5845.96-1~deb11u1_armhf.deb
 7397239827bd128ef4d344f4f0c19fb1 27337364 debug optional chromium-dbgsym_116.0.5845.96-1~deb11u1_armhf.deb
 d100f0276387ebb4899eeb3ea0471fe9 5381660 web optional chromium-driver_116.0.5845.96-1~deb11u1_armhf.deb
 677cbe5fabeef0a6140ed18a2fb1b0ee 11148 debug optional chromium-sandbox-dbgsym_116.0.5845.96-1~deb11u1_armhf.deb
 ae6e859495f1cc9d59960898cfba04ba 135384 web optional chromium-sandbox_116.0.5845.96-1~deb11u1_armhf.deb
 6f27188db4600a2365ab71d4dc8a264c 22105476 debug optional chromium-shell-dbgsym_116.0.5845.96-1~deb11u1_armhf.deb
 5544ea3bde6e0533e335cf1df85942bb 44012512 web optional chromium-shell_116.0.5845.96-1~deb11u1_armhf.deb
 8e5d08ecc3e0c66cf79d5214405fa730 25682 web optional chromium_116.0.5845.96-1~deb11u1_armhf-buildd.buildinfo
 5615b85269657b6892c76dfada2b632d 63466556 web optional chromium_116.0.5845.96-1~deb11u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBv+o19JDIRm4yIQ5CeROIpkCGwcFAmTf4bUACgkQCeROIpkC
GwcPKA//ZVWY+6dC63K3dZM48NuqjSlP9YDgCp4g5Sik9hDcSR4aTeH4YF2SVyoE
6MDmaynHyCc1jn11AQuh9xpY92E/6U4kgWDp38p5wKWxHRx3Xmyok2ZiIUXS5+mP
/Sgkj5s6HqxYn7ws1HiKX3Jgtdv2pptU26UmuuAe/Pu99VABzR2FEBJOjum5NwEj
8eYTF9qlywaxvG8o0z2LOCjJzRoQjPtDszK/qdRt6Ngy5Rast5ZmiI34cfXjAVG2
3flKW78c4sHXqCGAvuMaagyD6PZliraxhBUOP3AwpuRGJhaY6Tnyc0zhgkgKjhwr
QZ+7155xuCHIKZ0V8gKkJ8/Td7AOsK1aV0h+vKfIow8DSQKEqHQhrATrqbHspcg5
KFKxR22n3pUVqCKfZg5bAmYBTbmNlyO17xUBmWsUr266/kMCcOdr2olHMpwgVIKP
WQC1Poe1a5wCC2OtGiLTmIttAeDwqmSz4/Ejnq5iudkyADM0WnJWenQww7Ncw1uk
HhzxX+Zh1E3KbaYR58uYBp0rnGshvUoJGr23tjNGH65d+Oo+69B1yTckZuQAuwsd
a9C+Sy+FH5iYjhfoQUCpqf1/3/aht88MncW6yhudsU0DTF0hOKyBGtmHakWrqVDH
3UAHz1zH+JKQY6NGJEoxQkxh+GXJs1C6Cdq83qB8u2YVeB0W0Qk=
=R5k1
-----END PGP SIGNATURE-----