Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To:
Subject: Accepted chromium 118.0.5993.70-1~deb11u1 (source) into oldstable-security
Date: Mon, 16 Oct 2023 16:58:31 +0000
Signed by: Andres Salomon <dilinger@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 15 Oct 2023 13:44:10 -0400
Source: chromium
Architecture: source
Version: 118.0.5993.70-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Timothy Pearson <tpearson@raptorengineering.com>
Changes:
 chromium (118.0.5993.70-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-5218: Use after free in Site Isolation.
       Reported by @18楼梦想改造家.
     - CVE-2023-5487: Inappropriate implementation in Fullscreen.
       Reported by Anonymous.
     - CVE-2023-5484: Inappropriate implementation in Navigation.
       Reported by Thomas Orlita.
     - CVE-2023-5475: Inappropriate implementation in DevTools.
       Reported by Axel Chong.
     - CVE-2023-5483: Inappropriate implementation in Intents.
       Reported by Axel Chong.
     - CVE-2023-5481: Inappropriate implementation in Downloads.
       Reported by Om Apip.
     - CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun.
     - CVE-2023-5474: Heap buffer overflow in PDF. Reported by [pwn2car].
     - CVE-2023-5479: Inappropriate implementation in Extensions API.
       Reported by Axel Chong.
     - CVE-2023-5485: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-5478: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-5477: Inappropriate implementation in Installer.
       Reported by Bahaa Naamneh of Crosspoint Labs.
     - CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh.
     - CVE-2023-5473: Use after free in Cast. Reported by DarkNavy.
   * d/patches/ppc64le:
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
        upstream changes
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
     - third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - database/0001-Properly-detect-little-endian-PPC64-systems.patch:
       refresh
     - ffmpeg/0001-Add-support-for-ppc64.patch: refresh
     - fixes/fix-breakpad-compile.patch: refresh
     - fixes/fix-unknown-warning-option-messages.diff: refresh
     - libaom/0001-Add-ppc64-target-to-libaom.patch: refresh
     - sandbox/0001-sandbox-linux-Update-IsSyscallAllowed-in-broker_proc.patch:
       refresh
     - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch:
       refresh
     - sandbox/0008-sandbox-fix-ppc64le-glibc234.patch: refresh
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
     - third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when-.patch:
       refresh
     - third_party/0001-third_party-libvpx-Properly-generate-gni-on-ppc64.patch:
       refresh
     - third_party/0002-third-party-boringssl-add-generated-files.patch: refresh
     - third_party/dawn-fix-ppc64le-detection.patch: refresh
     - third_party/dawn-fix-typos.patch: refresh
     - third_party/skia-vsx-instructions.patch: refresh
     - third_party/use-sysconf-page-size-on-ppc64.patch: refresh
     - workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
 .
   [ Andres Salomon]
   * d/copyright:
     - blanket.js is gone, no need to remove it any more.
     - delete some khronos images marked executable.
   * d/control: switch from clang-13 to clang-16 for building.
   * d/patches:
     - upstream/memory.patch: drop, merged upstream.
     - upstream/sensor-reading.patch: add, gcc13 build fix from upstream.
     - upstream/lweight.patch: add, gcc13 build fix from upstream.
     - upstream/freetype.patch: add, fix freetype header inclusion FTBFS.
     - upstream/sizet.patch: add, libstdc++ build fix from upstream.
     - disable/unrar.patch: update for minor upstream changes.
     - bookworm/struct-ctor.patch: add various new workarounds for clang-14.
     - bookworm/structured-binding-scope-bug.patch: drop part of the patch.
     - bullseye/clang13.patch: drop removal of -gsimple-template-names.
     - ungoogled/.../disable-web-environment-integrity.patch: sync with
       ungoogled-chromium for upstream changes.
     - bookworm/i386-lock-free.patch: refresh.
     - bullseye/openh264.patch: refresh.
     - bullseye/default-equality-op.patch: add more clang13 workarounds.
     - debianization/clang-version.patch: switch to using clang-16.
   * d/rules:
     - set simple_template_names=false (moved from clang13.patch into
       a config option).
     - pull acorn-class-fields node module into build tree to fix rollup.
     - switch to using clang-16, which is now backported to bullseye.
Checksums-Sha1:
 2a9a1abbb17e60110ee46bf6e9eab0db625dc6ce 3762 chromium_118.0.5993.70-1~deb11u1.dsc
 2b52e9be225cc92e7782bb2a7d5887f2f065505b 771394968 chromium_118.0.5993.70.orig.tar.xz
 242b97672a0387dd7ebf2febee1ffbb622e0d693 1518540 chromium_118.0.5993.70-1~deb11u1.debian.tar.xz
 7c6d73e546e36e9833599d40f36d22c1e1e15e29 22899 chromium_118.0.5993.70-1~deb11u1_source.buildinfo
Checksums-Sha256:
 1de4ed7e012f2579da4bde9a0a318159507dccf24155b38ddaeebecaa105c53b 3762 chromium_118.0.5993.70-1~deb11u1.dsc
 ab19fddba67cad603f09d4017ae8f7573a1e480c604ff9677923592828c8b74e 771394968 chromium_118.0.5993.70.orig.tar.xz
 e3c3f3e83bd54821f86dc28a9c73f2fc62c3c1c324d291fcfed977abe8c83891 1518540 chromium_118.0.5993.70-1~deb11u1.debian.tar.xz
 7b6ce8e17e2852605aaa49d3e0e5ec66205d804bc5ee72bdfbe83b3bda7ecb55 22899 chromium_118.0.5993.70-1~deb11u1_source.buildinfo
Files:
 9acf450130e9d34992d04f6cf4821130 3762 web optional chromium_118.0.5993.70-1~deb11u1.dsc
 4ae6869c929cac4f8d20df0173ccee30 771394968 web optional chromium_118.0.5993.70.orig.tar.xz
 ad3f862d310b8325aec105bd0b314c46 1518540 web optional chromium_118.0.5993.70-1~deb11u1.debian.tar.xz
 dc5365afc74d404c7a3866e63a5c9c03 22899 web optional chromium_118.0.5993.70-1~deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmUsLMgUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjetGhAAupLTWXbxFoB7hfJP30G28BUNQf1s
sl9W245h4X4PkA6Y8PMwBdWV4ItrpWB5HHrxzofAljSp+OlcLqj4N7dn9w5KfsmY
Oa9cNJxeL6QQeMx2ZJrC9AIjQcX4ocH9tIoHCUlfNkwP0uJTeOkCB2As8DPjEoLA
kccmfEwE/nqwEhF2F9P5G8j56Bxa1jbvdjI61yZiYUT2a9x2lE2gMPW2f0dCNqZY
Ae9UkPcJyp2x0FBkkthRt4Scx6ivk3gVPyi707tlRsHGNR/9h3krFCVzhEfGSg1Y
1Y+2mgGm17ihsuSzr6oAyjvcnXKjuOEEhahaHJrDxDp3Ju3d4eyx0zhHjBg6LIz5
eeAKlbzYqdzHMuxhg5YCrdm7TDsT3uIB1mELhk02Ry/Ie1ByZFvkyLp8l3SGuuje
UB9jjTaDuLoCwPBfn2v4DQeqoZhaSaIR6TUsT/x6bBju54R1BsQv+bsfrFPLZosw
9iNOA+LXlR9f4DwBz/h4V6oSIrBTs5I0FGGFuvUkFvKN5Gek9R2YJ2Ld35YtHAc4
gxyfSLnulc9/UcYhVeUKEUx5DglKBcb86jsiahmY7YIJxw/uwUdmV0eNZxVwT6db
hS7/v936SkT9wygeaYOR0rZupFEAW8ppkJyRCpXE3ORwfBewVQ4hyF4aniYXo3XF
h2iWw8DlaBHhYtI=
=JtM3
-----END PGP SIGNATURE-----
News for package chromium
