-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 03 May 2023 00:42:00 -0500 Source: chromium Architecture: source Version: 113.0.5672.63-1 Distribution: unstable Urgency: high Maintainer: Debian Chromium Team <chromium@packages.debian.org> Changed-By: Timothy Pearson <tpearson@raptorengineering.com> Closes: 992178 1031352 Changes: chromium (113.0.5672.63-1) unstable; urgency=high . * New upstream stable release. - CVE-2023-2459: Inappropriate implementation in Prompts. Reported by Rong Jian of VRI. - CVE-2023-2460: Insufficient validation of untrusted input in Extensions. Reported by Martin Bajanik, Fingerprint[.]com. - CVE-2023-2461: Use after free in OS Inputs. Reported by @ginggilBesel. - CVE-2023-2462: Inappropriate implementation in Prompts. Reported by Alesandro Ortiz. - CVE-2023-2463: Inappropriate implementation in Full Screen Mode. Reported by Irvan Kurniawan (sourc7). - CVE-2023-2464: Inappropriate implementation in PictureInPicture. Reported by Thomas Orlita. - CVE-2023-2465: Inappropriate implementation in CORS. Reported by @kunte_ctf. - CVE-2023-2466: Inappropriate implementation in Prompts. Reported by Jasper Rebane (popstonia). - CVE-2023-2467: Inappropriate implementation in Prompts. Reported by Thomas Orlita. - CVE-2023-2468: Inappropriate implementation in PictureInPicture. Reported by Alesandro Ortiz. . [ Andres Salomon] * Remove Michel from Uploaders. * Build against libopenh264-dev (closes: #1031352). * d/copyright: - drop fuchsia*: entirely different OS. - drop chrome/build: 200MB of PGO optimizations for official chrome builds. - drop third_party/updater: upstream included update binary. - re-add part of chrome/browser/resources/chromeos/ and chrome/android/ to fix build errors. * d/patches: - debianization/master-preferences.patch: check for initial_preferences or master_preferences, rather than just for the latter (closes: #992178). - disable/unrar.patch: complete rewrite for upstream's nested archive changes. - disable/catapult.patch: refresh. - upstream/webview-cstr.patch: add simple build fix from upstream. - upstream/monostate.patch: add simple build fix from upstream. - bookworm/clang-attribs.patch: build fix for clang-14 to keep from generating hundreds of warnings per compilation unit. - bookworm/typename.patch: add another build fix for missing typename. - bookworm/lamba-bug.patch: add to work around compiler bug (clang < 16). - bullseye/constexpr.patch: work around build failure w/ bullseye's clang/libstdc++. - disable/openh264.patch -> bullseye/openh264.patch, and stop using it for sid & bookworm. . [ Timothy Pearson ] * d/patches: - Set baseline ppc64 CPU to POWER ISA 3.0 (OpenPOWER, POWER9) - Enable VSX acceleration in Skia - Refresh ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch - Add fixes for new Highway library on ppc64 - Suppress harmless warning messages from compiler during ppc64 builds Checksums-Sha1: b7c9537fcc1a87cc0f9c97b4923317a087b27ed0 3644 chromium_113.0.5672.63-1.dsc cca0f24f7efb542e274cc8e1be88a2c581cd0232 641791112 chromium_113.0.5672.63.orig.tar.xz 4e8f83ea90ea2577cca9b5df89c50b7f99c70203 350040 chromium_113.0.5672.63-1.debian.tar.xz 397c018e8eab3db791ceb1b5a57fa48162ec766f 20714 chromium_113.0.5672.63-1_source.buildinfo Checksums-Sha256: bdfd3f73c4313e3e64a6d0eca1a2837886e5f9e83e6a6c0d45c75307b0887399 3644 chromium_113.0.5672.63-1.dsc fb20dfd94e91fd1bc4463e9f47421e597f6fd8c9bbdf1b249990dd58ae5c1d8b 641791112 chromium_113.0.5672.63.orig.tar.xz 0bbc29342ffbe5f16a8532c7de76d6805b0734a7bf884908faa03230f38bb443 350040 chromium_113.0.5672.63-1.debian.tar.xz 7471f3ca96aeb6ad5eb10706e5a79c060916a7585db712e4ff3f4dc39f4ca293 20714 chromium_113.0.5672.63-1_source.buildinfo Files: 046c6e0a6b300d40628cd03f4008af0e 3644 web optional chromium_113.0.5672.63-1.dsc aee5d6b1ed9af64cf0d2414e233f9362 641791112 web optional chromium_113.0.5672.63.orig.tar.xz cddf0ba9b03f95aa1db6884708a60d63 350040 web optional chromium_113.0.5672.63-1.debian.tar.xz 4dd530d442f63ee4a3b79c7ea739520e 20714 web optional chromium_113.0.5672.63-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbljKSL6u8RwDRSBe7DyAvFcxm34FAmRR+XoACgkQ7DyAvFcx m356iQ/9F0BPxnBhiD5RQA1ckJgaM2hLoNLztM+zsUBR0zSOQqzbU9ggxYzH0mPz s06638OS2Cte9qOqNcqXVQruFwhGzFJkpWfaUYmlUzr3fFyRW6jDt2Oyi/AnFqdr O95NXeq33xNqbAHEkC62tloyNA+FJW5nJhWiBbZnvda210HyONcCpHm3mPgM2YFH CFxE+O2iNo5EANpPQMGg4yI6VfrY6bYgrZ0tmBC86BFvxiRZ+vy524xoRnjB2L+F hKtPe0atVgz+DFIyLfZK+MEsr1STTajzJAQpAMYSiuP/xUHTxxKqXwwI0e2I51Pd aFEQKiG13zvmuov4HZlGTyJR239jZ5LF2OLxy0iJYB27uObJCdOGdvBgrPynFEyV lZ2KNnOc7SuMHmJmrAdz0oVpCKHPc3N6Tk0hB3h0QMPvAnvNL8kjsD5YFWEtKVaf 1MRHlFvyVy+G3iIaYvbkV9TrDukT+A/+yf3vyC9tDPWpCP+VmjalOULX6p4pq2zE 7ek8u4YqASxaW7mJENYxKA5Tr5yt8h+WGgainHz6/TCEgsGvnOU6tr8yJSoO8zH/ SrOY6yFhE5zE7TD11BuUzeIN4RLPXyyHqesSMxQ4PdfkmV3wEpvhPXtg82+ScdOs Zuq25kyGIJ3eGM72oW4x2ihIAb0L9hDTT0z9w9JZUfzNiLXJnx8= =r00a -----END PGP SIGNATURE-----