Accepted chromium 113.0.5672.63-1~deb11u1 (source) into proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 03 May 2023 00:42:00 -0500
Source: chromium
Architecture: source
Version: 113.0.5672.63-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Timothy Pearson <tpearson@raptorengineering.com>
Closes: 992178 1031352
Changes:
chromium (113.0.5672.63-1~deb11u1) bullseye-security; urgency=high
.
* New upstream stable release.
- CVE-2023-2459: Inappropriate implementation in Prompts.
Reported by Rong Jian of VRI.
- CVE-2023-2460: Insufficient validation of untrusted input in Extensions.
Reported by Martin Bajanik, Fingerprint[.]com.
- CVE-2023-2461: Use after free in OS Inputs. Reported by @ginggilBesel.
- CVE-2023-2462: Inappropriate implementation in Prompts.
Reported by Alesandro Ortiz.
- CVE-2023-2463: Inappropriate implementation in Full Screen Mode.
Reported by Irvan Kurniawan (sourc7).
- CVE-2023-2464: Inappropriate implementation in PictureInPicture.
Reported by Thomas Orlita.
- CVE-2023-2465: Inappropriate implementation in CORS.
Reported by @kunte_ctf.
- CVE-2023-2466: Inappropriate implementation in Prompts.
Reported by Jasper Rebane (popstonia).
- CVE-2023-2467: Inappropriate implementation in Prompts.
Reported by Thomas Orlita.
- CVE-2023-2468: Inappropriate implementation in PictureInPicture.
Reported by Alesandro Ortiz.
.
[ Andres Salomon]
* Remove Michel from Uploaders.
* Build against libopenh264-dev (closes: #1031352).
* d/copyright:
- drop fuchsia*: entirely different OS.
- drop chrome/build: 200MB of PGO optimizations for official chrome builds.
- drop third_party/updater: upstream included update binary.
- re-add part of chrome/browser/resources/chromeos/ and chrome/android/ to
fix build errors.
* d/patches:
- debianization/master-preferences.patch: check for initial_preferences or
master_preferences, rather than just for the latter (closes: #992178).
- disable/unrar.patch: complete rewrite for upstream's nested archive changes.
- disable/catapult.patch: refresh.
- upstream/webview-cstr.patch: add simple build fix from upstream.
- upstream/monostate.patch: add simple build fix from upstream.
- bookworm/clang-attribs.patch: build fix for clang-14 to keep from
generating hundreds of warnings per compilation unit.
- bookworm/typename.patch: add another build fix for missing typename.
- bookworm/lamba-bug.patch: add to work around compiler bug (clang < 16).
- bullseye/constexpr.patch: work around build failure w/ bullseye's
clang/libstdc++.
- disable/openh264.patch -> bullseye/openh264.patch, and stop using it
for sid & bookworm.
- bullseye/disable-mojo-ipcz.patch: refresh.
- bullseye/mulodic.patch: refresh.
.
[ Timothy Pearson ]
* d/patches:
- Set baseline ppc64 CPU to POWER ISA 3.0 (OpenPOWER, POWER9)
- Enable VSX acceleration in Skia
- Refresh ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch
- Add fixes for new Highway library on ppc64
- Suppress harmless warning messages from compiler during ppc64 builds
Checksums-Sha1:
8179c0e2fed12398037539ea40fbb9eb4475b212 3773 chromium_113.0.5672.63-1~deb11u1.dsc
cca0f24f7efb542e274cc8e1be88a2c581cd0232 641791112 chromium_113.0.5672.63.orig.tar.xz
99d8d4ec05c3eaa7fcf4377a59a44df28873a8a8 353804 chromium_113.0.5672.63-1~deb11u1.debian.tar.xz
27660ba749e2ac4fff6d86c0f27a388cb1b9f09f 22800 chromium_113.0.5672.63-1~deb11u1_source.buildinfo
Checksums-Sha256:
f5391b154574864b38b6abe29c66f8b29ce0b62807c800cb5e514ed282518e15 3773 chromium_113.0.5672.63-1~deb11u1.dsc
fb20dfd94e91fd1bc4463e9f47421e597f6fd8c9bbdf1b249990dd58ae5c1d8b 641791112 chromium_113.0.5672.63.orig.tar.xz
3e13f14e3c243d4e90d330cb7dce8432862328262aff9cc1f3430989910fb873 353804 chromium_113.0.5672.63-1~deb11u1.debian.tar.xz
1f610a0cae80b21edae38a274f0b0c10a1c7412df4591fe2a09f9b212bbec277 22800 chromium_113.0.5672.63-1~deb11u1_source.buildinfo
Files:
1d8456b37e3c84ae0b6e39f1ae1876ac 3773 web optional chromium_113.0.5672.63-1~deb11u1.dsc
aee5d6b1ed9af64cf0d2414e233f9362 641791112 web optional chromium_113.0.5672.63.orig.tar.xz
41b8996c16e72a0ab2d3582d22820190 353804 web optional chromium_113.0.5672.63-1~deb11u1.debian.tar.xz
4ce39c1ed62fbf4daa28b030ecab80fd 22800 web optional chromium_113.0.5672.63-1~deb11u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmRSBzcUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjcRFQ/+PBWRHHpuktXoUrrPN5LuF5wAFP9u
GHZ2/1FlLD/PZgbdInclYAXNwGRA5tx2b5iBLdquwg3qqkXWq5EVssM8P/noqQku
Vl8+puFv3RqvSDk/Ao80crQGnMHWNeGGNg4aqNvk4XT7GS0mZ1nyqIG++0+kIoYq
D2zr5d7609e6zsGg7/hEXC+y6ynaf/Jv/644R50K7UZL0ychcqLIYEE3HWjZ2Sf5
OHW01ZWEclSFGBcsQRa0Uf6Ea+ckUgiKq8cyC2m+Weu2p0j6pwF1IJZVHa9l2+gM
CItSKkQEWga58YwXI2trPfIPs26jEUMyosAQ92h8VK7dhdCN8lEyJ2GnWrJ+Z5u2
wTsWqxHpvIGuaLSTsyAcdsgaAKwOdFCFdhrFGtxdeeLnEX+FFfp6tP4KUEJ7jq4P
+FTb2eGx40GSfUIk/dMI3YIraqFeeD8XRMXYIEtT5EQVkY6UCSN1WFj7xvmlgxfU
XAAAzDx00Hc8ssu+KKDhcdMwMMai0ZINufvQsuyU4qtkCY8yxodvQoPbHVutTGWv
nrVeNuuT5qKuN8xAQPM6q0rKwShlJF1hyXvAIg5TmI/CO8u7g2qnyLYclusWWQc9
1pIbX8GUwWYKbsk7lyRJCbrzaOR5EghIj4H1aDOxv68ZfKSUvJLD/oTtbR1d/NQe
J9ksXjsGtlRPfJc=
=xudv
-----END PGP SIGNATURE-----
Reply to: