Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted chromium 114.0.5735.90-1 (source) into unstable
Date: Wed, 31 May 2023 08:06:03 +0000
Signed by: Andres Salomon <dilinger@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 31 May 2023 03:06:35 -0400
Source: chromium
Architecture: source
Version: 114.0.5735.90-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (114.0.5735.90-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-2929: Out of bounds write in Swiftshader.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-2930: Use after free in Extensions. Reported by asnine.
     - CVE-2023-2931: Use after free in PDF.
       Reported by Huyna at Viettel Cyber Security.
     - CVE-2023-2932: Use after free in PDF.
       Reported by Huyna at Viettel Cyber Security.
     - CVE-2023-2933: Use after free in PDF. Reported by
       Quang Nguyễn (@quangnh89) of Viettel Cyber Security and Nguyen Phuong.
     - CVE-2023-2934: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-2935: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2936: Type Confusion in V8.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-2937: Inappropriate implementation in Picture In Picture.
       Reported by NDevTK.
     - CVE-2023-2938: Inappropriate implementation in Picture In Picture.
       Reported by Alesandro Ortiz.
     - CVE-2023-2939: Insufficient data validation in Installer.
       Reported by ycdxsb from VARAS@IIE.
     - CVE-2023-2940: Inappropriate implementation in Downloads.
       Reported by Axel Chong.
     - CVE-2023-2941: Inappropriate implementation in Extensions API.
       Reported by Jasper Rebane.
   * d/copyright: properly delete some android & chromeos stuff.
   * d/patches:
     - fixes/clang-and-gcc11.patch: refresh.
     - upstream/webview-cstr.patch: drop, merged upstream.
     - upstream/monostate.patch: drop, merged upstream.
     - disable/unrar.patch: additional upstream changes required more reworking.
     - disable/android.patch: refresh, & add one more build fix.
     - disable/catapult.patch: refresh.
     - disable/swiftshader.patch: refresh.
     - disable/angle-perftest.patch: refresh.
     - system/jpeg.patch: refresh.
     - upstream/mojo.patch: regenerate from git.
     - upstream/sizet.patch: add an upstream build fix.
     - bookworm/typename.patch: include more build fixes.
     - bookworm/lambda-bug.patch -> bookworm/structured-binding-scope-bug.patch,
       and add another place it's happening (turns out it's not just lambdas).
   * Add build-dep on libevdev-dev - now required by upstream.
 .
   [ Timothy Pearson ]
    * d/patches:
      - Refresh ppc64le patches
Checksums-Sha1:
 459e40528fe5864ff799d1e68fd5271d05efa063 3687 chromium_114.0.5735.90-1.dsc
 b39cca4f9df9d089c1fe6171b57d908e8b3f14a8 636061904 chromium_114.0.5735.90.orig.tar.xz
 e7809f4e8912140b6729ea06c8e8b288b7438ba6 352992 chromium_114.0.5735.90-1.debian.tar.xz
 4c7dc02bc83a47f57385b7981ec325fa8609592e 20842 chromium_114.0.5735.90-1_source.buildinfo
Checksums-Sha256:
 794561ef2b121ad435ccdeed76d7da39a9496324aceaf5f47568fb315e9d2a86 3687 chromium_114.0.5735.90-1.dsc
 0d9f486511e906c4afc51c16260d85bc0a08fba1f9d46cab71dbded463c7ad91 636061904 chromium_114.0.5735.90.orig.tar.xz
 b93b25e07393ce258186ea3f390cd8449dc26a1ce7d76b3a3027d9735fac28d8 352992 chromium_114.0.5735.90-1.debian.tar.xz
 f4db918a1a682db910271efa302fab08bbd4c2f77fa7de5219199f64ad025b31 20842 chromium_114.0.5735.90-1_source.buildinfo
Files:
 d3a7862b294957d728392f09a36dacfc 3687 web optional chromium_114.0.5735.90-1.dsc
 fe828327dbb42984b09df838177adf90 636061904 web optional chromium_114.0.5735.90.orig.tar.xz
 3a754ef3c4cf8325b2b42dac5948bc70 352992 web optional chromium_114.0.5735.90-1.debian.tar.xz
 baab7bd64c4e90e97f564cafbb41b856 20842 web optional chromium_114.0.5735.90-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmR29IMUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudjfv6Q/+OBnbnyK2a7G6PlxU+D46alS79+AG
v4G4Tvm6tQgzniF7CqudwMDfludGApLgeU+PBmuQGtgC9nKE8akh5+sTZLuiNDF+
QyqG9qClpVSH5+IQw2+/xNflu1pavpOfmyRgQB4JlAcERqqkFAmlhoDhpR0+DmMa
9Voe1+KgGM0/Ivxrj4QG0tLcX4nWQljsvEJY0tjyjwCRFiLjryaoUBwTwtBaabfb
UFvVeZJoIxpFJ2coTbLTFGagATdBMAFbe+xMz9PRlwMmzDvpxruYQJG+Qtnmh6M0
VpjX5G8YNpP6HVvsxilq8aaUT/1yPjSgQxhIJUnqwtZ5yN9xfqGbB3+dyjg7U1Yz
yanpdaI5iWNuoKFhGfndyb6P5kl5EW36/t+sj+JDsA48Fz+dafYfW4CWD6uRW58p
FSu/fxM9eE1+kObtjHFrtYQWl2Xm9KxUD9Fn5Q5d/Q8ND2EPrIyGOK8e36FmT0UG
b8k+zrJnRzpdfhqZl+7SoiWGnOD0OJXVLhUwksJ68kUOimgC4bYHuDrX2ZWMrS27
YjK2EJge8IOzrtq6aYvCKw2nEN26wAOpSNHmhH8Di0l3INgi35vPsOb8pgNQCjXB
0DGiDOb7eG6VxeiuJzn+sHmKmT7J2/F5GAd594+CMqRx9p5xd9aU2P4YT8PjlXcV
MwbbT9cxNIBr25o=
=j8Wk
-----END PGP SIGNATURE-----
News for package chromium
