-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 09 Jan 2021 11:24:58 +0100 Source: chromium Architecture: source Version: 87.0.4280.141-0.1 Distribution: unstable Urgency: medium Maintainer: Debian Chromium Team <chromium@packages.debian.org> Changed-By: Michel Le Bihan <michel@lebihan.pl> Closes: 979135 979520 Changes: chromium (87.0.4280.141-0.1) unstable; urgency=medium . * Non-maintainer upload. * New upstream security release (closes: 979520). - CVE-2021-21106: Use after free in autofill. Reported by Weipeng Jiang @Krace from Codesafe Team of Legendsec at Qi'anxin Group - CVE-2021-21107: Use after free in drag and drop. Reported by Leecraso and Guang Gong of 360 Alpha Lab - CVE-2021-21108: Use after free in media. Reported by Leecraso and Guang Gong of 360 Alpha Lab - CVE-2021-21109: Use after free in payments. Reported by Rong Jian and Guang Gong of 360 Alpha Lab - CVE-2021-21110: Use after free in safe browsing. Reported by Anonymous - CVE-2021-21111: Insufficient policy enforcement in WebUI. Reported by Alesandro Ortiz - CVE-2021-21112: Use after free in Blink. Reported by YoungJoo Lee @ashuu_lee of Raon Whitehat - CVE-2021-21113: Heap buffer overflow in Skia. Reported by tsubmunu - CVE-2020-16043: Insufficient data validation in networking. Reported by Samy Kamkar, Ben Seri at Armis, Gregory Vishnepolsky at Armis - CVE-2021-21114: Use after free in audio. Reported by Man Yue Mo of GitHub Security Lab - CVE-2020-15995: Out of bounds write in V8. Reported by Bohan Liu @P4nda20371774 of Tencent Security Xuanwu Lab - CVE-2021-21115: Use after free in safe browsing. Reported by Leecraso and Guang Gong of 360 Alpha Lab - CVE-2021-21116: Heap buffer overflow in audio. Reported by Alison Huffman, Microsoft Browser Vulnerability Research . [ Jan Luca Naumann ] * Use desktop gl implementation as default. (closes: 979135) Checksums-Sha1: 9d83a1d5ad83468c5ba5da045d0235465fe5321b 3576 chromium_87.0.4280.141-0.1.dsc ef2fa29cf9558fc0afbd7791ea6ee8ef73ac37af 393840792 chromium_87.0.4280.141.orig.tar.xz aa7529eee2b61d683a4b7640724485be4c7a0778 189436 chromium_87.0.4280.141-0.1.debian.tar.xz Checksums-Sha256: 0e2c2a41c2186a47eb918e3e046ba084ebf96779b282626798f89ebf8d6ee24a 3576 chromium_87.0.4280.141-0.1.dsc 577a92da6e3caacd22b0b2aedc9dc7e895652f54ec3e0f615457357be099b2ae 393840792 chromium_87.0.4280.141.orig.tar.xz 20c26ad853b88addb65fbb3a26ba92a89f9d47b33297ad6aefdc2c2470550580 189436 chromium_87.0.4280.141-0.1.debian.tar.xz Files: fac52e6fd36d86d23ce4d5e4e1ce4e5a 3576 web optional chromium_87.0.4280.141-0.1.dsc c7f87e38af9193a5889c48e7922ac5a0 393840792 web optional chromium_87.0.4280.141.orig.tar.xz 74969e52ef31b8b93d11dcad704423bd 189436 web optional chromium_87.0.4280.141-0.1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAl/7IfIACgkQCBa54Yx2 K60uuA//d66OMB3PAA7f74bbpaoKCKW1nRuhLrvBdZe9s2I15fNLOBTuJ7X6QgaU 5LK0gdGZVkx2t+gxiZIdEv8fiJ0TmP9rIqt4ueh7s+7fFdhA3H/P9zJHRKCnRCVv U15PHPpFwpPelB2JlkIsJ73DPWUnB0hpEE+6ShvBlE6roQs/xyGZDKLh/u1wzGkW tMb+jzcu5tOZrxmE9EaLOzhtvgkQ8Kp5T8IAmO4RaWst0EwJZOIf+QdCRipTxr7Q iWaBn1ZXWWbqV5M4NSgbGwAgc66jVONPcASxM5UD0nE70kvjGiXck8jZTrpS3NIO X4iombhiYRuKSgi+FiiuYK7vKmgDbHoadrF1uQ/xq7nHsa4Lke0WeS52mt8igPhi YkB2fDemIltHIsmYu1JzmHgsDkegvdm8Ibl2fSc232O6Q5nEP1ft7OyyeP1X8Aw+ E0iO1VOMXhaoaZf8yGDKq0JFrYT/qw5o97Bd/6fdCh8NdmIuiNoXihmi1u/e314c 72zaXYgbQJtIegerEKzGSSEdly7mNTg9VJ4GgfULYhT2zJKKqlmftnREdcIOEKJP jDUuknXgvNRbM+PDHa0YGYUHuW0T5J41xEH0vXFZ6WectJWSIvvQo106NE48NxUv bBjvXsRcBZJgpnG7wbvqqeITMhTmBVoyXQ1kchFNQC77p613/2k= =Wtvn -----END PGP SIGNATURE-----
