-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 18 Jun 2020 02:05:11 +0000
Source: chromium
Architecture: source
Version: 83.0.4103.83-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Michael Gilbert <mgilbert@debian.org>
Changes:
chromium (83.0.4103.83-1) unstable; urgency=medium
.
* New upstream stable release.
- CVE-2020-6457: Use after free in speech recognizer. Reported by Leecraso
and Guang Gong
- CVE-2020-6458: Out of bounds read and write in PDFium. Reported by
Aleksandar Nikolic
- CVE-2020-6459: Use after free in payments. Reported by Zhe Jin
- CVE-2020-6460: Insufficient data validation in URL formatting. Reported
by Anonymous
- CVE-2020-6461: Use after free in storage. Reported by Zhe Jin
- CVE-2020-6462: Use after free in task scheduling. Reported by Zhe Jin
- CVE-2020-6463: Use after free in ANGLE. Reported by Pawel Wylecial
- CVE-2020-6464: Type Confusion in Blink. Reported by Looben Yang
- CVE-2020-6465: Use after free in reader mode. Reported by Woojin Oh
- CVE-2020-6466: Use after free in media. Reported by Zhe Jin
- CVE-2020-6467: Use after free in WebRTC. Reported by ZhanJia Song
- CVE-2020-6468: Type Confusion in V8. Reported by Chris Salls and Jake
Corina
- CVE-2020-6469: Insufficient policy enforcement in developer tools.
Reported by David Erceg
- CVE-2020-6470: Insufficient validation of untrusted input in clipboard.
Reported by Michał Bentkowski
- CVE-2020-6471: Insufficient policy enforcement in developer tools.
Reported by David Erceg
- CVE-2020-6472: Insufficient policy enforcement in developer tools.
Reported by David Erceg
- CVE-2020-6473: Insufficient policy enforcement in Blink. Reported by
Soroush Karami and Panagiotis Ilia
- CVE-2020-6474: Use after free in Blink. Reported by Zhe Jin
- CVE-2020-6475: Incorrect security UI in full screen. Reported by Khalil
Zhani
- CVE-2020-6476: Insufficient policy enforcement in tab strip. Reported by
Alexandre Le Borgne
- CVE-2020-6478: Inappropriate implementation in full screen. Reported by
Khalil Zhani
- CVE-2020-6479: Inappropriate implementation in sharing. Reported by Zhong
Zhaochen
- CVE-2020-6480: Insufficient policy enforcement in enterprise. Reported by
Marvin Witt
- CVE-2020-6481: Insufficient policy enforcement in URL formatting.
Reported by Rayyan Bijoora
- CVE-2020-6482: Insufficient policy enforcement in developer tools.
Reported by Abdulrahman Alqabandi
- CVE-2020-6483: Insufficient policy enforcement in payments. Reported by
Jun Kokatsu
- CVE-2020-6484: Insufficient data validation in ChromeDriver. Reported by
Artem Zinenko
- CVE-2020-6485: Insufficient data validation in media router. Reported by
Sergei Glazunov
- CVE-2020-6486: Insufficient policy enforcement in navigations. Reported
by David Erceg
- CVE-2020-6487: Insufficient policy enforcement in downloads. Reported by
Jun Kokatsu
- CVE-2020-6488: Insufficient policy enforcement in downloads. Reported by
David Erceg
- CVE-2020-6489: Inappropriate implementation in developer tools. Reported
by @lovasoa
- CVE-2020-6490: Insufficient data validation in loader. Reported by
Twitter
- CVE-2020-6491: Incorrect security UI in site information. Reported by
Sultan Haikal
- CVE-2020-6831: Stack buffer overflow in SCTP. Reported by Natalie
Silvanovich
Checksums-Sha1:
76ac476d738f19b632133ed8665b8e79fbac768c 4252 chromium_83.0.4103.83-1.dsc
f15ff17dde0caad6498a05d504e04c42a1ba6cb6 319639212 chromium_83.0.4103.83.orig.tar.xz
dc595daff6bbc7cecf9f85b85bdea9cd0846d91e 200112 chromium_83.0.4103.83-1.debian.tar.xz
6740f95cd9e6729914868009770b954f23160ac6 21609 chromium_83.0.4103.83-1_source.buildinfo
Checksums-Sha256:
60f22ba254cf1f9bdc7b1bc47a246862b70dfc77233b654bd4bd36feeed5d6c3 4252 chromium_83.0.4103.83-1.dsc
a3c0f30890a647949b881c0757aca440545eb48c6c7aa4bfdc12ae8d85140968 319639212 chromium_83.0.4103.83.orig.tar.xz
a33811cd8cdcf20df136f0a2e8f0d3baa7b732b25a34e6cf012331e1e85e54c0 200112 chromium_83.0.4103.83-1.debian.tar.xz
fe5a3435cc436e4f0977bec05c4745f9d24ea99dff7bdffc3c750fb2dfb0ed01 21609 chromium_83.0.4103.83-1_source.buildinfo
Files:
5b8b33d9d3a528a9fbb69d75bb670aa6 4252 web optional chromium_83.0.4103.83-1.dsc
ec81cc7af90d1207a02e17ea79398b87 319639212 web optional chromium_83.0.4103.83.orig.tar.xz
729de3559ce8f95d2636cbe001f37110 200112 web optional chromium_83.0.4103.83-1.debian.tar.xz
122228b36cecf23d51ca36b49d52f93b 21609 web optional chromium_83.0.4103.83-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQQzBAEBCgAdFiEEIwTlZiOEpzUxIyp4mD40ZYkUaygFAl7q0V0ACgkQmD40ZYkU
ayjx0CAAhq42rf9KKw0LYvHCHCvX97/ARYCR4Jboh5uigF/503ecE/iaWb99vvJX
OvR6UsW65ZNyoFzI9VKEvqvgA0KMgjJKckOs10RahzaTUdE0zJaNzbnjqzS6Yxxc
CCx0CtzjSEgsMn2WuWtoML7cGmo8xx+A6/MpqFNpIo51JeMnwrn/L7V8q1A+5lrm
IBj2abBkrq2w7Awv2Z4mxTpQ6pc5xzdEwKwSv7myYtfOicEgCGHzgCDYxNYfW26l
GfMvZIfndQebUe49xegFO5QtZCNHZG41pdX3Qn957IvlMv4wqRihWi2ArLK2tMol
ZLV9ltguhq9OnjQCF2k2Pqoigyz81kyeE8DpsPJ9Zfl3mtypYDCp46G6pEJSD2hM
/2OREIWIlzMhVxm73yGZKzwye0umzOc9lgS2tEQUHU5spo2NM7CBMXrkNky/pviA
26OIZM8K9cfnPFP5Ftor5MZbeOoA5yo+Lgn7OuGMUW6piZL9yChILkrTQfPjygN/
ZUkJkFusu4MwGMImLisLFtOMHu+Wo7SnujcZmu2n0URBcGe4xY2Qu1aV8DhAZ7HO
7hbTcnVidzZMPlIlkTY2dqgGv2esc7QBusE441U4N6bh6ri0rXsGxg9t9bmxA9Lo
6CA9IUVLbyAtQASsAC5VXICQin6ZWMUr6pHt0r21jXGkL/Z/hSWXLghDdnLV5XKS
H7ET7MAVNtFoj00FGE8K/B/XTsnZNeVV86htMep7QAXUax89uGsqJUTjlGfUC1BS
ZHvzuoW/tfd062rYMjSQX5UgKtxKXTNTzKBzaS237ovk/MeXWdo6Wl9qZIbl52TZ
A/d5WsAya4nrpaRGRed54taQpjM70sZsbv4918y9xzyNxKGEOrqX47jyqirXHyZB
41I2/02QWFJWz6NNmMW5Sq+cra7kD0p3iEK11lW5mbS7jXKh+S5jcwkuBQPzB98P
qBg0qWSbBuTaGrJPa9Do++jxZEoLa6Mipeh/7TflltG+dImsD9fbGOtqy081UtDe
ed5DtRc425EmJjWLFRQ3IYx5ntFz79YE3n1lQYaXIoUmh4KwaqDBrnWw5dXXlIwe
oLhkSLXkeZLNv5cmnP4wYvAn5wY4I18uCIzgGwGkr+dgRvxMtbygwLD9ro0Lf7UY
GNcdAtVyKK+yscLdqEkSfFGIJhGypBjEhmKSTxJq/722k+xuJh17Y0jYb1vU3V7n
Y++MdcpLe885CGRMRpbnxq/cCHj8J0sxrtR1a7fpjAJkCFJP495sQ/HAz8Huc8CX
q5i7AZZO6PSQdfBtQkcyuIzhaOcnf+ArvcrrrY2cet1MybC3CBMuIy65/EW8hYHn
LVTHDmWu1FXZ740aETFrE5V54Z1knA==
=y65a
-----END PGP SIGNATURE-----
