-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 15 Aug 2023 17:46:56 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: i386
Version: 116.0.5845.96-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (116.0.5845.96-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L.
     - CVE-2023-4349: Use after free in Device Trust Connectors.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4350: Inappropriate implementation in Fullscreen.
       Reported by Khiem Tran (@duckhiem).
     - CVE-2023-4351: Use after free in Network.
       Reported by Guang and Weipeng Jiang of VRI.
     - CVE-2023-4352: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4353: Heap buffer overflow in ANGLE.
       Reported by Christoph Diehl / Microsoft Vulnerability Research.
     - CVE-2023-4354: Heap buffer overflow in Skia.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-4355: Out of bounds memory access in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-4356: Use after free in Audio.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-4357: Insufficient validation of untrusted input in XML.
       Reported by Igor Sak-Sakovskii.
     - CVE-2023-4358: Use after free in DNS.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2023-4359: Inappropriate implementation in App Launcher.
       Reported by @retsew0x01.
     - CVE-2023-4360: Inappropriate implementation in Color.
       Reported by Axel Chong.
     - CVE-2023-4361: Inappropriate implementation in Autofill.
       Reported by Thomas Orlita.
     - CVE-2023-4362: Heap buffer overflow in Mojom IDL.
       Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab.
     - CVE-2023-4363: Inappropriate implementation in WebShare.
       Reported by Alesandro Ortiz.
     - CVE-2023-4364: Inappropriate implementation in Permission Prompts.
       Reported by Jasper Rebane.
     - CVE-2023-4365: Inappropriate implementation in Fullscreen.
       Reported by Hafiizh.
     - CVE-2023-4366: Use after free in Extensions. Reported by asnine.
     - CVE-2023-4367: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
     - CVE-2023-4368: Insufficient policy enforcement in Extensions API.
       Reported by Axel Chong.
   * d/patches:
    - fixes/cmath.patch: drop, merged upstream.
    - fixes/vector.patch: drop, merged upstream.
    - fixes/cookieresult.patch: drop, merged upstream.
    - upstream/feature-list-static.patch: drop, merged upstream.
    - disable/catapult.patch: refresh.
    - upstream/statelessV4L2.patch: refresh.
    - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
    - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
    - ppc64le/breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh.
    - ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
    - fixes/rust-clanglib.patch: add patch to handle new clang deps for rust.
    - debianization/clang-version.patch: move from bullseye/lld-13.patch.
    - bookworm/typename.patch: more typename fixes needed.
    - fixes/variant.patch: add a missing header that libstdc++ needs.
    - fixes/vector.patch: add a missing header that libstdc++ needs.
    - fixes/null.patch: fix missing namespace for nullptr_t + header fix.
    - fixes/size.patch: missing header fix.
    - bookworm/brotli.patch: revert upstream change that requires newer brotli.
    - bookworm/struct-ctor.patch: add a bunch of explicit struct constructors
      to make clang-15 happy.
    - fixes/size.patch
    - bullseye/stringpiece.patch: drop, since we're bundling re2 now.
    - bullseye/downgrade-typescript.patch: newer tsc 5.1 doesn't work with
      bullseye's ancient nodejs, so we have to downgrade back to 5.0.
    - bullseye/constexpr.patch: add another build fix.
    - bullseye/default-equality-op.patch: add another build fix.
   * d/rules: automatically detect rust/clang versions & add needed rust args.
     But also continue disabling rust for now.
   * d/rules: drop use_gnome_keyring=false, upstream has completely removed
     libgnome-keyring support in favor of gnome's libsecret.
   * Use bundled re2 (for now) instead of libre2-dev due to random crashes
     we're seeing. Adjust build-deps, Files-Excluded, d/clean,
     and d/scripts/unbundle accordingly.
 .
   [ Timothy Pearson ]
    * d/patches/ppc64le:
      - database/0001-Properly-detect-little-endian-PPC64-systems.patch: refresh
        for upstream changes
      - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
        refresh for upstream changes
      - third_party/0002-third-party-boringssl-add-generated-files.patch:
        refresh, no changes
      - third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
        changes
      - third_party/skia-vsx-instructions.patch: refresh for upstream changes
Checksums-Sha1:
 e4c2dc9c802fc0cf5f346cb87fa11f029caee65b 1035544 chromium-common-dbgsym_116.0.5845.96-1~deb11u1_i386.deb
 00347b3cc960ec08258d8d5d7b3e3595db5818f1 4930996 chromium-common_116.0.5845.96-1~deb11u1_i386.deb
 40d9a1604433123e5c2b31bb41f5b72611ff3663 28953104 chromium-dbgsym_116.0.5845.96-1~deb11u1_i386.deb
 abd534903f4d4a168d92ebe40ea637c19748b661 5863676 chromium-driver_116.0.5845.96-1~deb11u1_i386.deb
 a798d63af0cedb1879723a3e5ea9456ac03d8c6f 11684 chromium-sandbox-dbgsym_116.0.5845.96-1~deb11u1_i386.deb
 677d55dff26a49de5f2d5e14b11d04f6a904b425 135764 chromium-sandbox_116.0.5845.96-1~deb11u1_i386.deb
 8731da0335109ed7e34dcf3843b0e200da201fef 24952436 chromium-shell-dbgsym_116.0.5845.96-1~deb11u1_i386.deb
 68512cf1b4c7367fd691bfab8485c4546b6d74b3 49488244 chromium-shell_116.0.5845.96-1~deb11u1_i386.deb
 65d03d3a9798a35053fff1d84d2caf49325b513b 25738 chromium_116.0.5845.96-1~deb11u1_i386-buildd.buildinfo
 538af8463bef2252170e3f8d839abf753c9c0cc1 71046432 chromium_116.0.5845.96-1~deb11u1_i386.deb
Checksums-Sha256:
 2595610950c7b67beeea367d66d3321c4d61c62093613d89ce331e7d491cf42f 1035544 chromium-common-dbgsym_116.0.5845.96-1~deb11u1_i386.deb
 022f33635a63eb87f24e9030453ed24516ece8434a8cc7c168d53df11e17ee61 4930996 chromium-common_116.0.5845.96-1~deb11u1_i386.deb
 1d5823a2db720b2c753e7bbda40950b1432a07d23aba1c6f78880d66b1ed9835 28953104 chromium-dbgsym_116.0.5845.96-1~deb11u1_i386.deb
 702f696868ea6fa120caaeb8ada9fa717aa3dfa7f0c6dac085339c157c6df6dd 5863676 chromium-driver_116.0.5845.96-1~deb11u1_i386.deb
 0f58df0e663750b3529748dde8319c6787b3b453533626bcebb2aa91cf28750b 11684 chromium-sandbox-dbgsym_116.0.5845.96-1~deb11u1_i386.deb
 d9d76ad253807ea81d055e9317087cc3968dd53e66f9fe8f9e0314a64777052d 135764 chromium-sandbox_116.0.5845.96-1~deb11u1_i386.deb
 068120ff8546bfdd35a5f2cd2119f15b351c0015b98fa1a2e3f7043e9d75625e 24952436 chromium-shell-dbgsym_116.0.5845.96-1~deb11u1_i386.deb
 ca5e057ea2a80c779b2454cd5ef52693dbe1a6e60a3d10f459219900cc594039 49488244 chromium-shell_116.0.5845.96-1~deb11u1_i386.deb
 ab22b0494fdb6b6cd09383fbe63dd7123c780f5eb3602588eb0fd0c76ab70331 25738 chromium_116.0.5845.96-1~deb11u1_i386-buildd.buildinfo
 d4a5db5de35025f057993c81eba93f0f17107b512a56e8ffe58ebefda3d5ea87 71046432 chromium_116.0.5845.96-1~deb11u1_i386.deb
Files:
 b69725a74f286ab79cbe94a748b98dca 1035544 debug optional chromium-common-dbgsym_116.0.5845.96-1~deb11u1_i386.deb
 3bfec579653800540fb0d7572425f9a2 4930996 web optional chromium-common_116.0.5845.96-1~deb11u1_i386.deb
 5e28ea3fcca7af318dc5966e4695df0b 28953104 debug optional chromium-dbgsym_116.0.5845.96-1~deb11u1_i386.deb
 c31ff8985e62d8608855cfb3fcba1515 5863676 web optional chromium-driver_116.0.5845.96-1~deb11u1_i386.deb
 60f51b19f44850e3b971ec1278536cec 11684 debug optional chromium-sandbox-dbgsym_116.0.5845.96-1~deb11u1_i386.deb
 e0e0f5423b0eb96931865a58454f89dd 135764 web optional chromium-sandbox_116.0.5845.96-1~deb11u1_i386.deb
 6207bd75ec571c92885c14c043acda05 24952436 debug optional chromium-shell-dbgsym_116.0.5845.96-1~deb11u1_i386.deb
 a5fef9a68b989da9b6ba72701844b0e4 49488244 web optional chromium-shell_116.0.5845.96-1~deb11u1_i386.deb
 d70cc77979fb93eadc9b6a1b5be189a6 25738 web optional chromium_116.0.5845.96-1~deb11u1_i386-buildd.buildinfo
 e1e110c39779d3bf3bed529918c4a91c 71046432 web optional chromium_116.0.5845.96-1~deb11u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEi/TVpVg0yb7dq8QfDZWW6X29YdoFAmTd3yMACgkQDZWW6X29
YdrElw/+K5pwEDR/QHnpwv2QagJlXAUnyHl0BDJFiH+q7ZfmSW5PVOgoFfvvvFvP
Z2xxGkhL6cnW1ux9pZSz9TV3DO46yiX1/qZ1OzRbm4ubNFgWlKTlei6hT1voTbLO
9Q3yNzcFj44CKlvb6ErXPCVevzlvnwiRBvykNKAw4PBNgmGKHNOT/8Wat4Fxdu3P
laJxj83EDw1zV2tkMeJn40cZsbINhizRsS/+tbPH5FFfZ7GSGt93sEj6VA2fy5Ax
PGFY4wl+b2LxCZfUn1rxNHZIxQlKjA8zLGngvRZz5yUZHfPzofOaAV2YPigihSPo
nbbXQdLqStivzTJq38UznZPo/7saGmYdkRg+quwMEzZvVjtmH6an3u26IfcixU+/
43GMAt1jY9yhLRCAoQPc4LDGthouYqCKTInmowUL1QccXND0cVTrVXK4fulR/DM2
d0OdwpCAdm9jM+/fG2gRz6Gms5rz52PikGon2oTBTHqpJdhXIKBJK9MsEaqtUiwB
9w2P69/UU4AJs5wiJzI4EGma1enT94dIjEUPjRwkMltfzYCkYtLBC6rvo/o0xd5F
tDGEKkIptQpDuMsW5eYJfPiQ6A1C/SrCGkaXtfG564w7P5odp8oLjwsAHUVRjbGM
cloLqp/nUfMpPhQUQFCZGeNhvu5w8HD5zZsL+6g/ep5AhjQqyqU=
=miJ/
-----END PGP SIGNATURE-----