Accepted chromium 76.0.3809.100-1~deb10u1 (source) into stable->embargoed, stable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 10 Aug 2019 01:11:21 +0000
Source: chromium
Architecture: source
Version: 76.0.3809.100-1~deb10u1
Distribution: buster-security
Urgency: medium
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Michael Gilbert <mgilbert@debian.org>
Changes:
 chromium (76.0.3809.100-1~deb10u1) buster-security; urgency=medium
 .
   * New upstream stable release.
     - CVE-2019-5805: Use after free in PDFium. Reported by Anonymous
     - CVE-2019-5806: Integer overflow in Angle. Reported by Wen Xu
     - CVE-2019-5807: Memory corruption in V8. Reported by TimGMichaud
     - CVE-2019-5808: Use after free in Blink. Reported by cloudfuzzer
     - CVE-2019-5809: Use after free in Blink. Reported by Mark Brand
     - CVE-2019-5810: User information disclosure in Autofill. Reported by Mark
       Amery
     - CVE-2019-5811: CORS bypass in Blink. Reported by Jun Kokatsu
     - CVE-2019-5813: Out of bounds read in V8. Reported by Aleksandar Nikolic
     - CVE-2019-5814: CORS bypass in Blink. Reported by @AaylaSecura1138
     - CVE-2019-5815: Heap buffer overflow in Blink. Reported by Nicolas
       Grégoire
     - CVE-2019-5818: Uninitialized value in media reader. Reported by Adrian
       Tolbaru
     - CVE-2019-5819: Incorrect escaping in developer tools. Reported by Svyat
       Mitin
     - CVE-2019-5820: Integer overflow in PDFium. Reported by pdknsk
     - CVE-2019-5821: Integer overflow in PDFium. Reported by pdknsk
     - CVE-2019-5822: CORS bypass in download manager. Reported by Jun Kokatsu
     - CVE-2019-5823: Forced navigation from service worker. Reported by David
       Erceg
     - CVE-2019-5824: Parameter passing error in media player. Reported by
       leecraso and Guang Gong
     - CVE-2019-5825: Out-of-bounds write in V8. Reported by Gengming Liu,
       Jianyu Chen, Zhen Feng, and Jessica Liu
     - CVE-2019-5826: Use-after-free in IndexedDB. Reported by Gengming Liu,
       Jianyu Chen, Zhen Feng, and Jessica Liu
     - CVE-2019-5827: Out-of-bounds access issue in SQLite. Reported by
       mlfbrown
     - CVE-2019-5828: Use after free in ServiceWorker. Reported by leecraso and
       Guang Gong
     - CVE-2019-5829: Use after free in Download Manager. Reported by Lucas
       Pinheiro
     - CVE-2019-5830: Incorrectly credentialed requests in CORS. Reported by
       Andrew Krasichkov
     - CVE-2019-5831: Incorrect map processing in V8. Reported by yngwei
     - CVE-2019-5832: Incorrect CORS handling in XHR. Reported by Sergey Shekyan
     - CVE-2019-5833: Inconsistent security UI placement. Reported by Khalil
       Zhani
     - CVE-2019-5834: URL spoof in Omnibox on iOS. Reported by Khalil Zhani
     - CVE-2019-5835: Out of bounds read in Swiftshader. Reported by Wenxiang
       Qian
     - CVE-2019-5836: Heap buffer overflow in Angle. Reported by Omair
     - CVE-2019-5837: Cross-origin resources size disclosure in Appcache.
       Reported by Adam Iwaniuk
     - CVE-2019-5838: Overly permissive tab access in Extensions. Reported by
       David Erceg
     - CVE-2019-5839: Incorrect handling of certain code points in Blink.
       Reported by Masato Kinugawa
     - CVE-2019-5840: Popup blocker bypass. Reported by Eliya Stein and Jerome
       Dangu
     - CVE-2019-5842: Use-after-free in Blink. Reported by BUGFENSE
     - CVE-2019-5847: V8 sealed/frozen elements cause crash. Reported by m3plex
     - CVE-2019-5848: Font sizes may expose sensitive information. Reported by
       Mark Amery
     - CVE-2019-5849: Out-of-bounds read in Skia. Reported by Zhen Zhou
     - CVE-2019-5850: Use-after-free in offline page fetcher. Reported by
       Brendon Tiszka
     - CVE-2019-5851: Use-after-poison in offline audio context. Reported by Zhe
       Jin
     - CVE-2019-5852: Object leak of utility functions. Reported by David Erceg
     - CVE-2019-5853: Memory corruption in regexp length check. Reported by
       yngwei and sakura
     - CVE-2019-5854: Integer overflow in PDFium text rendering. Reported by
       Zhen Zhou
     - CVE-2019-5855: Integer overflow in PDFium. Reported by Zhen Zhou
     - CVE-2019-5856: Insufficient checks on filesystem: URI permissions.
       Reported by Yongke Wang
     - CVE-2019-5857: Comparison of -0 and null yields crash. Reported by
       cloudfuzzer
     - CVE-2019-5858: Insufficient filtering of Open URL service parameters.
       Reported by evi1m0
     - CVE-2019-5859: res: URIs can load alternative browsers. Reported by James
       Lee
     - CVE-2019-5860: Use-after-free in PDFium. Reported by Anonymous
     - CVE-2019-5861: Click location incorrectly checked. Reported by Robin Linus
     - CVE-2019-5862: AppCache not robust to compromised renderers. Reported by
       Jun Kokatsu
     - CVE-2019-5864: Insufficient port filtering in CORS for extensions.
       Reported by Devin Grindle
     - CVE-2019-5865: Site isolation bypass from compromised renderer. Reported
       by Ivan Fratric
     - CVE-2019-5867: Out-of-bounds read in V8. Reported by Lucas Pinheiro
     - CVE-2019-5868: Use-after-free in PDFium ExecuteFieldAction. Reported by
       banananapenguin
Checksums-Sha1:
 5c882e77f09675ad0d9110236ac06f004efdba0a 4242 chromium_76.0.3809.100-1~deb10u1.dsc
 a127726d486d21b32c8badbf600af80eb8c06c9a 248713436 chromium_76.0.3809.100.orig.tar.xz
 e375971f8ac97f981ba8374b467096b801d6ea5a 200708 chromium_76.0.3809.100-1~deb10u1.debian.tar.xz
 3f6f43f42a1eb2a3088a30df447f89198bcc9a12 20893 chromium_76.0.3809.100-1~deb10u1_source.buildinfo
Checksums-Sha256:
 6e5e71fa01decdcdc4194e32c94c801e310e676d1399cd6d43d52e17b96718d2 4242 chromium_76.0.3809.100-1~deb10u1.dsc
 5e69539abee0b4f855ea89cde50e35df940a65d766c1e9020a03d5f013f5f2eb 248713436 chromium_76.0.3809.100.orig.tar.xz
 3b4a3805a8a157ed57ee018b4973146661eb8272f0ef6a2595955440964d3293 200708 chromium_76.0.3809.100-1~deb10u1.debian.tar.xz
 27a3478404dc8707094cde203fb1781fb9dc2bdc8df808430a63d4727c8a7eba 20893 chromium_76.0.3809.100-1~deb10u1_source.buildinfo
Files:
 53e4f90e1fabdd140eff87379e17cc9a 4242 web optional chromium_76.0.3809.100-1~deb10u1.dsc
 e2ceddd818f30fce200bdcdc82057c59 248713436 web optional chromium_76.0.3809.100.orig.tar.xz
 e27e92f1ff5531052b42d3066fcc12e3 200708 web optional chromium_76.0.3809.100-1~deb10u1.debian.tar.xz
 3e985bc6cc6e5928e373760949eea52e 20893 web optional chromium_76.0.3809.100-1~deb10u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAl1O1aIACgkQuNayzQLW
9HOy4CAAm927LdqCbpvKzhkndlc6WuyLLVNW6342dLrWmeLYaqtgdufkXZbZcgY8
G4ZlgSJr5CvWGPqGECbbAOOjK86Cq8ycco6aAS1SerWSWwQzDVUJGjBwSDKARDAb
m2AMIOzPSGBfNUfejt/LZpIZm6tT/7AkoLvWZp2UTB42T+KZ5jfBNKvApEycsjD9
+m5bDe4oFHsmXq74Y7PyshqEa+D/kZN1gY8c6F3M5TkvNWfQS8Hwg5Xi00wiyeFq
3UE4JpWDTvdsmQtuO9gQ+SYdDau6lZSnwPIL9af9SKGY5NUYOIFv2x+KiohjHrfo
HdVAJ3yOBXHfxbd5f7cEOQVTyBzABvHtJSsWMLJ4UOkDnj5yzW/mhsgm9QLBq6/e
9l0oihV2kemrfhdYHmUwU+kfyuvAujnTHndS31giuWhbqWEpD+WroSKoNS8RC9+d
bkMaBKsxiMFHN/X+puUr9lf+NDhUC1kJDb+QR6n03g4UGlrjDSRyd/a9p0rwcAvc
RpMcn5QiUFblfFjq1ClMFnVE6+bAY9wDTwiIsQ07fu1px8wqs48tc5oIH2FE8HlA
3mMYsU0xtgJqmK1eqX+Oa1fb0uUVWW+lhwpIUcH4dEr5LyFcezpYBA3sTMA1l4dY
zRK7vjsgXJpSm4ovxLo0kob5T0S5JcUcXnWSzqTYPbatMmo+vM+jAldlLpL5uCiD
ubayYEQemNt6A3tcL6Jnj3F6QXhpxpbDvmrIpe307yGL+ZEgVNps34Ihnmk5PS+B
bXYb4DnwuBfg7j/TjbcgrvGH8TPi4B1mLN7hEDgqrhb4AQDQNBO2c5PFcgxuIQZk
m+TlNs8WvW9eiwfsg+KHgBoe8TSaE4wo5k3kPSHrJ3MhpCnj7y/ehrws2n8rMSak
SFct4zQQYpwPX/eUagyoiq+tPneZj2O0vfkw78ps34Cw6voYLaa8Vypsdp83a50y
iLa4RdXgYV4sWBRyeRVrQz2vgKzSee4GrtesZ4Xsj23i7EcG5x/c5F335JtGmlRh
lf19KjtMdRYw+hzeLeRjvLo8TyIl9591MTrmVk42I501e4pqJKinLDe7c6aLNkGx
kVoo+a8RNHxYrpww6Ymf5aXfrFWe71HOSShNkJ/xL0dQ9fWgCo11TybfdsCD0yzA
RMpG2ELAOzEIviItofxwAeKeLEVo9UcxckaWJ7aMH81HMGBQDgMKyAw7aztMnWPC
JWK8A3MY0QXFXHqVpEx5GB/AE4zJijqkD642IdRl0wJZ5h6QxQqKPJqbVJdXakff
ocvoQu4Q2zaeN4ubZAhhq7cvV8/gloOOds8g5BhRq6ODAZA+jZh7D9A2MuLJiSNR
HtYcOs6NnITqWW40g7G6MlaV7khZTQ==
=s86G
-----END PGP SIGNATURE-----