-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 28 Apr 2021 12:15:32 +0200 Source: chromium Architecture: source Version: 90.0.4430.93-1 Distribution: unstable Urgency: medium Maintainer: Debian Chromium Team <chromium@packages.debian.org> Changed-By: Michel Le Bihan <michel@lebihan.pl> Closes: 987715 Changes: chromium (90.0.4430.93-1) unstable; urgency=medium . * New upstream security release (closes: #987715). - CVE-2021-21227: Insufficient data validation in V8. Reported by Gengming Liu of Singular Security Lab - CVE-2021-21232: Use after free in Dev Tools. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research - CVE-2021-21233: Heap buffer overflow in ANGLE. Reported by Omair - CVE-2021-21228: Insufficient policy enforcement in extensions. Reported by Rob Wu - CVE-2021-21229: Incorrect security UI in downloads. Reported by Mohit Raj (shadow2639) - CVE-2021-21230: Type Confusion in V8. Reported by Manfred Paul - CVE-2021-21231: Insufficient data validation in V8. Reported by Sergei Glazunov of Google Project Zero * Disable libaom on arm to potentially fix FTBFS on armhf Checksums-Sha1: 8964ed2ecb32723041db462bce809b2f913e02c7 3639 chromium_90.0.4430.93-1.dsc 77daf78bdda780b4f9476fc25f4b9aab1ecbb9eb 450760672 chromium_90.0.4430.93.orig.tar.xz c0e01d27fcecc71814558668009ef70b1b176c90 217568 chromium_90.0.4430.93-1.debian.tar.xz 441137a1e45f786132905000228e6db0fd43c072 14741 chromium_90.0.4430.93-1_source.buildinfo Checksums-Sha256: c9a30558c1c9c8eb288a65b22f5a8461fc37114de101e21daf9d8fa85768a142 3639 chromium_90.0.4430.93-1.dsc e9a6c196eba102d217f4f58b5074f902aef320055a28e23820221e07abc093ea 450760672 chromium_90.0.4430.93.orig.tar.xz e833de184a36625faf4b87ed0085781d15daa0712163f64019e07e12c232c432 217568 chromium_90.0.4430.93-1.debian.tar.xz b50fe2578ecc7fa52e8d856eac1213462bc2e16ad5708b532f32d5e034306ced 14741 chromium_90.0.4430.93-1_source.buildinfo Files: 90acdbb65cdc1ba365c9f453521b45fe 3639 web optional chromium_90.0.4430.93-1.dsc 2294523d442e9c3aea03e74c439a1a18 450760672 web optional chromium_90.0.4430.93.orig.tar.xz ae7aa5195106fe85477a96fe62491284 217568 web optional chromium_90.0.4430.93-1.debian.tar.xz ef7c42a0959983c49a95578d2f90c158 14741 web optional chromium_90.0.4430.93-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAmCLIvcACgkQCBa54Yx2 K62D9w/+K7TTs/Xpy7JxcLrgJ2p9AHv1sgljkDW+uIPgP8MqBEXWlemWLL/boQui jswH1Z/s/H9zBWTOTIa1kCLOddv+8V4rURRbqtw3znRAHSlDIRTXE21GMbyiMCSN /b4lKQVkJKlzHR0p4C+0Lb9eGoEQDMPIf9PPipHuDDXlFYaBT9y8/4dXM8SxHP6w F8Ngv+XS0npjdHDHP74Ki9O//+y27iz8xqWs0iOoghX24JeJXbVAud+VZlQJrgBC 7cy3cvBCfye1KFRXlTWs09fx/Budsa2ikon8xD+bjHG6ZprXN63qMJpVpUsmQH1+ b2jLxpzE853yMWajE2z+nI91MfN+VAwZA2khhhXupAt7IXcGWcVbvxHdMfP4ecJq nZXe3zxJbst5m7MMi70xi4dlxfcBRQ2n8mPo0nLOf275bleaOSXmFn8k0KNxZpr4 1OwootwP4EgMM/0XU3KAwNXVK+/ir8YlimXAz76GbJwNpFC0WFmp32beqrYHrd2D JnmjcUbEZTfv+EdqVwFsDpUVqB+rdNo6/2whVVsLcNyBwAl9rhHw44Z3OMGg1uzR WhIBfhvZBE8JXo4gneVShsERB5K4IgPuxt2UDn5JiiIgx3S7sqVgM/9Bswga6OwS 5NQYtU48n4DhlGEGFW0qY20z6Vnmq4mZqmVyQVrivzEOogH9niw= =xjnO -----END PGP SIGNATURE-----