-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 10 Oct 2023 22:03:00 -0500 Source: chromium Architecture: source Version: 118.0.5993.70-1 Distribution: unstable Urgency: high Maintainer: Debian Chromium Team <chromium@packages.debian.org> Changed-By: Timothy Pearson <tpearson@raptorengineering.com> Changes: chromium (118.0.5993.70-1) unstable; urgency=high . * New upstream stable release. - CVE-2023-5218: Use after free in Site Isolation. Reported by @18楼梦想改造家. - CVE-2023-5487: Inappropriate implementation in Fullscreen. Reported by Anonymous. - CVE-2023-5484: Inappropriate implementation in Navigation. Reported by Thomas Orlita. - CVE-2023-5475: Inappropriate implementation in DevTools. Reported by Axel Chong. - CVE-2023-5483: Inappropriate implementation in Intents. Reported by Axel Chong. - CVE-2023-5481: Inappropriate implementation in Downloads. Reported by Om Apip. - CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun. - CVE-2023-5474: Heap buffer overflow in PDF. Reported by [pwn2car]. - CVE-2023-5479: Inappropriate implementation in Extensions API. Reported by Axel Chong. - CVE-2023-5485: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry. - CVE-2023-5478: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry. - CVE-2023-5477: Inappropriate implementation in Installer. Reported by Bahaa Naamneh of Crosspoint Labs. - CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh. - CVE-2023-5473: Use after free in Cast. Reported by DarkNavy. * d/patches/ppc64le: - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for upstream changes - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes - skia-vsx-instructions.patch: refresh for upstream changes - third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch: regenerate configs from upstream source - database/0001-Properly-detect-little-endian-PPC64-systems.patch: refresh - ffmpeg/0001-Add-support-for-ppc64.patch: refresh - fixes/fix-breakpad-compile.patch: refresh - fixes/fix-unknown-warning-option-messages.diff: refresh - libaom/0001-Add-ppc64-target-to-libaom.patch: refresh - sandbox/0001-sandbox-linux-Update-IsSyscallAllowed-in-broker_proc.patch: refresh - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch: refresh - sandbox/0008-sandbox-fix-ppc64le-glibc234.patch: refresh - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh - third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when-.patch: refresh - third_party/0001-third_party-libvpx-Properly-generate-gni-on-ppc64.patch: refresh - third_party/0002-third-party-boringssl-add-generated-files.patch: refresh - third_party/dawn-fix-ppc64le-detection.patch: refresh - third_party/dawn-fix-typos.patch: refresh - third_party/skia-vsx-instructions.patch: refresh - third_party/use-sysconf-page-size-on-ppc64.patch: refresh - workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh . [ Andres Salomon] * d/copyright: - blanket.js is gone, no need to remove it any more. - delete some khronos images marked executable. * d/patches: - upstream/memory.patch: drop, merged upstream. - upstream/sensor-reading.patch: add, gcc13 build fix from upstream. - upstream/lweight.patch: add, gcc13 build fix from upstream. - upstream/freetype.patch: add, fix freetype header inclusion FTBFS. - upstream/sizet.patch: add, libstdc++ build fix from upstream. - disable/unrar.patch: update for minor upstream changes. - bookworm/struct-ctor.patch: add various new workarounds for clang-14. - bookworm/structured-binding-scope-bug.patch: drop part of the patch. - bullseye/clang13.patch: drop bullseye patches from sid. - bullseye/constexpr.patch: drop bullseye patches from sid. - ungoogled/.../disable-web-environment-integrity.patch: sync with ungoogled-chromium for upstream changes. Checksums-Sha1: aa514d656d495f132fdeeb1d53ccd313511efb3b 3659 chromium_118.0.5993.70-1.dsc 2b52e9be225cc92e7782bb2a7d5887f2f065505b 771394968 chromium_118.0.5993.70.orig.tar.xz eb662948f93d41e78012b82498a341dd111c76c7 389388 chromium_118.0.5993.70-1.debian.tar.xz b295f5abf3b6e49da81477b0da6c2adfad6369ff 21183 chromium_118.0.5993.70-1_source.buildinfo Checksums-Sha256: 881b7a4f9f627fcfa65d75600b6f0ac24b9dc2ec6d1e8b9ad61be828ba23b2fb 3659 chromium_118.0.5993.70-1.dsc ab19fddba67cad603f09d4017ae8f7573a1e480c604ff9677923592828c8b74e 771394968 chromium_118.0.5993.70.orig.tar.xz a30a68d2164389c76ab94e92cf6349ea51553154e96e6e9855ad83ce3b7fe3d9 389388 chromium_118.0.5993.70-1.debian.tar.xz 3b6720ddb0ba0aaffdc7bfe0fbcaff2cd789e1545569c43480d425613ecc0680 21183 chromium_118.0.5993.70-1_source.buildinfo Files: a75fd37b81a9d46c7b9a204cecf27622 3659 web optional chromium_118.0.5993.70-1.dsc 4ae6869c929cac4f8d20df0173ccee30 771394968 web optional chromium_118.0.5993.70.orig.tar.xz c2a17c4fc23532d0efc8641e457d7605 389388 web optional chromium_118.0.5993.70-1.debian.tar.xz eee556d991cd36acce8189e3c4db17bd 21183 web optional chromium_118.0.5993.70-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbljKSL6u8RwDRSBe7DyAvFcxm34FAmUmGvYACgkQ7DyAvFcx m35QeQ//WGiGJQFNYoG73zz1inn4GwEBw9N8UzFqpCl6M7DIiDILJS2I3jtFVD6Q 5sgs1/lGJracs8pOLzYgs8/EaU9QiME8v1DxhsdM+N3wWKEwyraOEu2a/Izc9P50 USXjNIz17HNrcaRfUddCZ3fObDAMZhvEAmjv2btl33HU74AjdfJ8xGmJwMFdqGFA i4XJnsU1LLzJpXxbY7O6nHvPww04Saeg5wvaUMajlgWkR+AvzCQ8g9I6BzhmNxZX kps2+HieBblvBcjrCgddn4V5EffX8q8Fdholbqz+arpJJa5wUvOUAe1ixQ8V+JSc 7etkCXH4lQZRil2RpE9P4G2F3W9AunoK5uY1OIX6lR0MIb39iOqKFfWVPhcbhTI4 XzFGcnG9ka8J6qwDy3CNbjNtF31VNIzQEN7kBmpAlqb0HwYfbefQZQMtL+mgijUf YCGyyvKdM4sFpsFHIBAek01NMMF9vwU8hCVOs9QiOuHHO8rTicbYVY5FPZChWIdN PJ0K9YI/6f8i1EoVePJgUtQGRfRVD1Tty6OYStCV7K1w6eZQ6CWk9eFib4HR278b 9+Ke/7XvDl/RBTnEGcHNAt7zj2Ultjq7pPg6/2kFNuHrmITB87GW2f1/2Q17b9zU 5UlxAAVJD6LmexUunMC+wY0AWZ9HEXEsh6QLwn98yqhrHeXqn00= =MgCf -----END PGP SIGNATURE-----