-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 21 Mar 2020 14:56:46 +0000 Source: chromium Architecture: source Version: 80.0.3987.149-1~deb10u1 Distribution: buster-security Urgency: medium Maintainer: Debian Chromium Team <chromium@packages.debian.org> Changed-By: Michael Gilbert <mgilbert@debian.org> Changes: chromium (80.0.3987.149-1~deb10u1) buster-security; urgency=medium . * New upstream security release. - CVE-2019-20503: Out of bounds read in usersctplib. Reported by Natalie Silvanovich - CVE-2020-6422: Use after free in WebGL. Reported by David Manouchehri - CVE-2020-6424: Use after free in media. Reported by Sergei Glazunov - CVE-2020-6425: Insufficient policy enforcement in extensions. Reported by Sergei Glazunov - CVE-2020-6426: Inappropriate implementation in V8. Reported by Avihay Cohen - CVE-2020-6427: Use after free in audio. Reported by Man Yue Mo - CVE-2020-6428: Use after free in audio. Reported by Man Yue Mo - CVE-2020-6429: Use after free in audio. Reported by Man Yue Mo - CVE-2020-6449: Use after free in audio. Reported by Man Yue Mo Checksums-Sha1: b8b3766308789d15c01bcbe206ffd8174361da6f 4262 chromium_80.0.3987.149-1~deb10u1.dsc b4d3142570ef5cec57d8b3c8fb2007a729c6ff16 313268764 chromium_80.0.3987.149.orig.tar.xz 965d9444b6fd08cfc58ed84937e2302d6a7035c5 193924 chromium_80.0.3987.149-1~deb10u1.debian.tar.xz 45a9472804ebf229de9e91e87d4aa43a08973fd7 22266 chromium_80.0.3987.149-1~deb10u1_source.buildinfo Checksums-Sha256: d3f58a147ca01337f7748f41c32833eed0b6de65eb782d0ae89f6542101c2d59 4262 chromium_80.0.3987.149-1~deb10u1.dsc 3a2140d8a603230471d8a1788de3a477f9218f5df26369b11f640ebe313fa6a4 313268764 chromium_80.0.3987.149.orig.tar.xz 1b8cc18bd344c0daa5e64a2d4ab5ad67f3b1da31d59e3248646b079ba6143f56 193924 chromium_80.0.3987.149-1~deb10u1.debian.tar.xz d1f64e6a987b7de0d9dd8a84c87b6eb339f189201ddc2fc465e4304108895c0d 22266 chromium_80.0.3987.149-1~deb10u1_source.buildinfo Files: f518b7c57575ddbdec24e0271feb4d15 4262 web optional chromium_80.0.3987.149-1~deb10u1.dsc 43affea760960b339b584cdea1f194f4 313268764 web optional chromium_80.0.3987.149.orig.tar.xz fb6f4919e0e1dcbe12a8d8a690168f8a 193924 web optional chromium_80.0.3987.149-1~deb10u1.debian.tar.xz 49815763324f43b21bf63f9a78386d37 22266 web optional chromium_80.0.3987.149-1~deb10u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQQzBAEBCgAdFiEEIwTlZiOEpzUxIyp4mD40ZYkUaygFAl5261kACgkQmD40ZYkU ayjvSSAAo31oiqZeCxy/penIFjzc5dpDwbp3J9OinHKcXu7V3yDTp7R4Mz4UJlsx uMEK9wUosIJUsdgYCGVPnhuHcsjhxv+jHXRtU4rubS1G6tRmUlMGjFdep1Hmkjys 5GS5jvQlo+xrgfnPJIXmmvwxsU5hpZjSCDLKO9SwBOdWNE9QTiRt4Okr+rWlgeTe amd6151m3G+8kdOUlEftLonaYCl8MbGYLWemb+uG3Jf/hI2N8FnN2eFI9QZcBX9H IVLPYkenlFGGTIB5MZRoBBJdQOetNNsZnoCzV6tWtvZ/S6s3rKdr3Cmt8/lZ/pMd 6Zx9aitr26qUcJn8JGb3kENV56vdSVYB+czBVlf6nNhbc75Z0ybQBQDDwR0Kihyb +hPVZ4TfjFLheCKSi8xor6w/0oEEWbRCxDyWQxsPrGDlKA55za8fj2WecuHHoCEi 6fCUEqP5wWGxN+Ctpc3ILXt3RJTpcyVT9NCEz7e9wtRbxh+ZQJPK6yw7MITeTTa2 60nMrdrWhnG5d3O0HbdXgNsJOcAp24O7KRY2Rb2yMGTtEjIIdJ2lb+f52p5N7gBk XDDgkg0/FZDp6sRTTbsLUu8xb5ADOcaUmB6MqCbEq0UaKJit0a5IMKe+wPvchg35 JFrgxk09xFO7dtwaZjlo4nr5iabBZvN1qKfn1AVFvo2BLGM60rEZ/hn1qgWO9qAU zuNv80TPpQpuf9+KOvX/xCNhy3dALj1p+9TD1hfsV+LvGwe0rqRw8VvN1eqo66DI QjT/Z1NzyrPfB44hJpl1ySLlRvG4evGcBbhi0YpThqK/hWLUrqvislcuq1WG1h18 gY3bI/SVxG9Al0VTrURzmGCxVtuWThDIRzTxLmw3G4JM5Ez2r5GNywCa+4WEg2Pn 83dpmJUQIR7uDBt3fKHdWSHdE7Lghnwp9eyIIIEOoNvXdUklxBbW2XCk9G8W7txJ H2tGfflhAel+5N54NcVrgHx8aU8VwxvsocjNlSGR2BkDfRFQA+S7O2zSE0IY+kVf hCCLnYvqrYKIBDI8kX+6vZ2R/3rpRKJtPx2GopUaPRDxSLouVZv5WFpUlV2dn/jx WOwVj7JYN8SyomhFft6lre2thklPftKbnMABXUif6noQ3m27Ngia0dzPqZMm21N2 VGL7N8yFtEJmoUWDdE9B19tGxYDrQo+cGkzbaOGJxZA/RPoIEkTYYueoIVWhhRTk H8c+X6XEGOSR4+arMf8+gRvquIbRwknznBE88DZvFtx8VAhwjW4RYFBW7eBQ9415 C9jY8rxxj4iZfeSeHK70Lc8X5akIvUsB890b4d7V9nRTIeoTj62XL5Is06xm3rav OiCZ1+jfCycguOEc+1WNKCXsGVmlYA== =GeaC -----END PGP SIGNATURE-----