Accepted chromium 80.0.3987.106-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 16 Feb 2020 23:33:50 +0000
Source: chromium
Architecture: source
Version: 80.0.3987.106-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Michael Gilbert <mgilbert@debian.org>
Closes: 947207
Changes:
chromium (80.0.3987.106-1) unstable; urgency=medium
.
* New upstream stable release.
- CVE-2019-19923: Out of bounds memory access in SQLite. Reported by
Richard Lorenz
- CVE-2019-19925: Vulnerability in SQLite. Reported by Richard Lorenz
- CVE-2019-19926: Inappropriate implementation in SQLite. Reported by
Richard Lorenz
- CVE-2019-19880: Vulnerability in SQLite. Reported by Richard Lorenz
- CVE-2020-6381: Integer overflow in JavaScript. Reported by The UK's
National Cyber Security Centre
- CVE-2020-6382: Type Confusion in JavaScript. Reported by Soyeon Park and
Wen Xu
- CVE-2020-6385: Insufficient policy enforcement in storage. Reported by
Sergei Glazunov
- CVE-2020-6387: Out of bounds write in WebRTC. Reported by Natalie
Silvanovich
- CVE-2020-6388: Out of bounds memory access in WebAudio. Reported by
Sergei Glazunov
- CVE-2020-6389: Out of bounds write in WebRTC. Reported by Natalie
Silvanovich
- CVE-2020-6390: Out of bounds memory access in streams. Reported by Sergei
Glazunov
- CVE-2020-6391: Insufficient validation of untrusted input in Blink.
Reported by Michał Bentkowski
- CVE-2020-6392: Insufficient policy enforcement in extensions. Reported by
Microsoft Edge Team
- CVE-2020-6393: Insufficient policy enforcement in Blink. Reported by Mark
Amery
- CVE-2020-6394: Insufficient policy enforcement in Blink. Reported by Phil
Freo
- CVE-2020-6395: Out of bounds read in JavaScript. Reported by Pierre
Langlois
- CVE-2020-6396: Inappropriate implementation in Skia. Reported by William
Luc Ritchie
- CVE-2020-6397: Incorrect security UI in sharing. Reported by Khalil Zhani
- CVE-2020-6398: Uninitialized use in PDFium. Reported by pdknsk
- CVE-2020-6399: Insufficient policy enforcement in AppCache. Reported by
Luan Herrera
- CVE-2020-6400: Inappropriate implementation in CORS. Reported by Takashi
Yoneuchi
- CVE-2020-6401: Insufficient validation of untrusted input in Omnibox.
Reported by Tzachy Horesh
- CVE-2020-6402: Insufficient policy enforcement in downloads. Reported by
Vladimir Metnew
- CVE-2020-6403: Incorrect security UI in Omnibox. Reported by Khalil Zhani
- CVE-2020-6404: Inappropriate implementation in Blink. Reported by kanchi
- CVE-2020-6405: Out of bounds read in SQLite. Reported by Yongheng Chen
and Rui Zhong
- CVE-2020-6406: Use after free in audio. Reported by Sergei Glazunov
- CVE-2020-6408: Insufficient policy enforcement in CORS. Reported by Zhong
Zhaochen
- CVE-2020-6409: Inappropriate implementation in Omnibox. Reported by
Divagar S and Bharathi V
- CVE-2020-6410: Insufficient policy enforcement in navigation. Reported by
evi1m0
- CVE-2020-6411: Insufficient validation of untrusted input in Omnibox.
Reported by Khalil Zhani
- CVE-2020-6412: Insufficient validation of untrusted input in Omnibox.
Reported by Zihan Zheng
- CVE-2020-6413: Inappropriate implementation in Blink. Reported by Michał
Bentkowski
- CVE-2020-6414: Insufficient policy enforcement in Safe Browsing. Reported
by Lijo A.T
- CVE-2020-6415: Inappropriate implementation in JavaScript. Reported by
Avihay Cohen
- CVE-2020-6416: Insufficient data validation in streams. Reported by
Woojin Oh
- CVE-2020-6417: Inappropriate implementation in installer. Reported by
Renato Moraes and Altieres Rohr
* Remove --ignore-gpu-blacklist from the default flags (closes: #947207).
* Update standards version to 4.5.0.
* Build with clang instead of gcc.
Checksums-Sha1:
75ec0de633fbad97666eedcc25036d97219c411d 4198 chromium_80.0.3987.106-1.dsc
eb411ad178b52d6dac084f8789edbbd4cc83b005 316714372 chromium_80.0.3987.106.orig.tar.xz
eaf07ac6785571464daa6f82ed7f33b9a5e182e3 194560 chromium_80.0.3987.106-1.debian.tar.xz
d5ed36be2a84f572973ddc3a3a6d5fa41c2cc83e 21499 chromium_80.0.3987.106-1_source.buildinfo
Checksums-Sha256:
aeebf534f69fe8f269f9dc7dee41ee60b506e535f5fd7d6bf872d20db94a0590 4198 chromium_80.0.3987.106-1.dsc
c08871586235d4e3df1f89237dfd8c65534a9dc30bb799e29aaf48a9ac5fb6ca 316714372 chromium_80.0.3987.106.orig.tar.xz
91f303a08b8e28b3da80ed6549c78593727e8d2fd807c274586ff990b212484b 194560 chromium_80.0.3987.106-1.debian.tar.xz
99ec997291c6045fc6f3389e194754ffd2f0807049ea65aa819af43392400094 21499 chromium_80.0.3987.106-1_source.buildinfo
Files:
e4c3dc566f004d4dd640ef5344e0db6c 4198 web optional chromium_80.0.3987.106-1.dsc
b0c348f5d830533fe3a100ba7a8a4198 316714372 web optional chromium_80.0.3987.106.orig.tar.xz
01af9ad7625829c6efe46ccbf0cecc4c 194560 web optional chromium_80.0.3987.106-1.debian.tar.xz
aa544b5039f429df3dcea393633eaf8b 21499 web optional chromium_80.0.3987.106-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQQzBAEBCgAdFiEEIwTlZiOEpzUxIyp4mD40ZYkUaygFAl5LNKEACgkQmD40ZYkU
ayjaxB//e504nCyYD1fK8GYwmlzNrXbG4MtZ3jSBS1WYU8zPfLTZmb5t4ogL3m9D
nVUrAuImTtVoCZg0x+4Jt8CMJGelMaBDcTzfMAYwMrUPDfTb14cofZ96I5ol7mmT
Bfl+EGNcMK6rZfZnIikCPpJBY9wpddlrlABf1y8J2jp123Aa1xz4/k3cO+snI6y3
ycpqLScJh6xYmpGIeDoq6Nrc9PCLnw8UNmjOsVpg4g4M7Q9Jb6eYD5UBv+ShNvMm
OSsjuYAY0roG/E2sWvsFi8jPrMk1Vc8Kh8fL+bzW7Dt5zUufT/dIckZC3jKfAill
LxNJn4o/XBiogLB8zx+/8Yc2EFQrQB7mPFyc5Tm9E0wrm7tIGT76+zhFWdNRxOzk
EHlQ9Y+mysPfWN0r6wSXyrfOx9g54EWnNuccaM82Y+tedtvknLqGUa8a4lBI09Aa
8jgH/Mt9BMeW3L52+5udaD23fUR0HsDf+1GkCiXD7pZSYmzmWT7Ws/xcRAU67l2r
El4nBAYv34fFCfH1vx439Cv8HSuXbzHPORxcREGEZax9/DT93DRte6RonrAhtyUZ
xzDCbmXaVqTVi0CUhYI+1hp/SvTs645U5t3JYTOgYmTFWW3MNrkPttLpT4F4mi0E
1T4BB8ywaRrjj2hHSA3nq6DknQ2pA2o37bU6FbuAJYFOnD0mCvTS9dwiXNzLXpBE
sMTA5QWq94FgNK76avygaV6iV6Zp4B6q8kT85hN6zhi0peu4pKop7h4y6ScDmwhK
cXJLhe9lmwc/ZvuLEb+aytobg3MQeyG+NQCAyZRjQJMAsTHtZCPsfMEf/y5dAXQN
FMLX2a/LKRbHUk+s8253+lnHo7ojn/EsPxbL/UgwWHiPajiQujwtQjhjPFxj2C04
oX0vk+XVRaj6e+FpDch0jZqhqMZFUROBz61HfX8Jw3d+CRNCFeHHYc+TLTCfBrr5
L9tPtnBs+134aMexwsLEMzVa5nrUh6ndUM4DdjSBSWQP/CV1HlNEm0WlwtgKjq89
v1eJJxwHBFdmLCaW1c2y7Nchuxtfqmm81IlUyqyecyD/0raI5i6L/BbB+DL8Cty2
exZgU5naNx0P5JlsXxipglULXg6tC88sTGqN5ixPf+DlMGnlxFPHP7T40HReo4LO
IKIvf/GW1rhc4wtZjbeztUrVlJng+lw8UHzddJlWiP86tQIuqD8XcdlmHyllo4Bf
kMzIa6Id9PijhbWHGLQHQ6Cyai5N42e7H1BL6V1/Dpq/efTnE2zM2XYp1F4KzePu
z67Wt4BBuWcfaM6JmZPG9AzxCOpK1yeAanAxOOZJxeHxbbUG77udi84W+r7ImwMe
wJaXsL/c8mqlaOoiCUwzL54y8Qrg6Q==
=ly8v
-----END PGP SIGNATURE-----
Reply to: