[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted chromium 80.0.3987.106-1 (source) into unstable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 16 Feb 2020 23:33:50 +0000
Source: chromium
Architecture: source
Version: 80.0.3987.106-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Michael Gilbert <mgilbert@debian.org>
Closes: 947207
Changes:
 chromium (80.0.3987.106-1) unstable; urgency=medium
 .
   * New upstream stable release.
     - CVE-2019-19923: Out of bounds memory access in SQLite. Reported by
       Richard Lorenz
     - CVE-2019-19925: Vulnerability in SQLite. Reported by Richard Lorenz
     - CVE-2019-19926: Inappropriate implementation in SQLite. Reported by
       Richard Lorenz
     - CVE-2019-19880: Vulnerability in SQLite. Reported by Richard Lorenz
     - CVE-2020-6381: Integer overflow in JavaScript. Reported by The UK's
       National Cyber Security Centre
     - CVE-2020-6382: Type Confusion in JavaScript. Reported by Soyeon Park and
       Wen Xu
     - CVE-2020-6385: Insufficient policy enforcement in storage. Reported by
       Sergei Glazunov
     - CVE-2020-6387: Out of bounds write in WebRTC. Reported by Natalie
       Silvanovich
     - CVE-2020-6388: Out of bounds memory access in WebAudio. Reported by
       Sergei Glazunov
     - CVE-2020-6389: Out of bounds write in WebRTC. Reported by Natalie
       Silvanovich
     - CVE-2020-6390: Out of bounds memory access in streams. Reported by Sergei
       Glazunov
     - CVE-2020-6391: Insufficient validation of untrusted input in Blink.
       Reported by Michał Bentkowski
     - CVE-2020-6392: Insufficient policy enforcement in extensions. Reported by
       Microsoft Edge Team
     - CVE-2020-6393: Insufficient policy enforcement in Blink. Reported by Mark
       Amery
     - CVE-2020-6394: Insufficient policy enforcement in Blink. Reported by Phil
       Freo
     - CVE-2020-6395: Out of bounds read in JavaScript. Reported by Pierre
       Langlois
     - CVE-2020-6396: Inappropriate implementation in Skia. Reported by William
       Luc Ritchie
     - CVE-2020-6397: Incorrect security UI in sharing. Reported by Khalil Zhani
     - CVE-2020-6398: Uninitialized use in PDFium. Reported by pdknsk
     - CVE-2020-6399: Insufficient policy enforcement in AppCache. Reported by
       Luan Herrera
     - CVE-2020-6400: Inappropriate implementation in CORS. Reported by Takashi
       Yoneuchi
     - CVE-2020-6401: Insufficient validation of untrusted input in Omnibox.
       Reported by Tzachy Horesh
     - CVE-2020-6402: Insufficient policy enforcement in downloads. Reported by
       Vladimir Metnew
     - CVE-2020-6403: Incorrect security UI in Omnibox. Reported by Khalil Zhani
     - CVE-2020-6404: Inappropriate implementation in Blink. Reported by kanchi
     - CVE-2020-6405: Out of bounds read in SQLite. Reported by Yongheng Chen
       and Rui Zhong
     - CVE-2020-6406: Use after free in audio. Reported by Sergei Glazunov
     - CVE-2020-6408: Insufficient policy enforcement in CORS. Reported by Zhong
       Zhaochen
     - CVE-2020-6409: Inappropriate implementation in Omnibox. Reported by
       Divagar S and Bharathi V
     - CVE-2020-6410: Insufficient policy enforcement in navigation. Reported by
       evi1m0
     - CVE-2020-6411: Insufficient validation of untrusted input in Omnibox.
       Reported by Khalil Zhani
     - CVE-2020-6412: Insufficient validation of untrusted input in Omnibox.
       Reported by Zihan Zheng
     - CVE-2020-6413: Inappropriate implementation in Blink. Reported by Michał
       Bentkowski
     - CVE-2020-6414: Insufficient policy enforcement in Safe Browsing. Reported
       by Lijo A.T
     - CVE-2020-6415: Inappropriate implementation in JavaScript. Reported by
       Avihay Cohen
     - CVE-2020-6416: Insufficient data validation in streams. Reported by
       Woojin Oh
     - CVE-2020-6417: Inappropriate implementation in installer. Reported by
       Renato Moraes and Altieres Rohr
   * Remove --ignore-gpu-blacklist from the default flags (closes: #947207).
   * Update standards version to 4.5.0.
   * Build with clang instead of gcc.
Checksums-Sha1:
 75ec0de633fbad97666eedcc25036d97219c411d 4198 chromium_80.0.3987.106-1.dsc
 eb411ad178b52d6dac084f8789edbbd4cc83b005 316714372 chromium_80.0.3987.106.orig.tar.xz
 eaf07ac6785571464daa6f82ed7f33b9a5e182e3 194560 chromium_80.0.3987.106-1.debian.tar.xz
 d5ed36be2a84f572973ddc3a3a6d5fa41c2cc83e 21499 chromium_80.0.3987.106-1_source.buildinfo
Checksums-Sha256:
 aeebf534f69fe8f269f9dc7dee41ee60b506e535f5fd7d6bf872d20db94a0590 4198 chromium_80.0.3987.106-1.dsc
 c08871586235d4e3df1f89237dfd8c65534a9dc30bb799e29aaf48a9ac5fb6ca 316714372 chromium_80.0.3987.106.orig.tar.xz
 91f303a08b8e28b3da80ed6549c78593727e8d2fd807c274586ff990b212484b 194560 chromium_80.0.3987.106-1.debian.tar.xz
 99ec997291c6045fc6f3389e194754ffd2f0807049ea65aa819af43392400094 21499 chromium_80.0.3987.106-1_source.buildinfo
Files:
 e4c3dc566f004d4dd640ef5344e0db6c 4198 web optional chromium_80.0.3987.106-1.dsc
 b0c348f5d830533fe3a100ba7a8a4198 316714372 web optional chromium_80.0.3987.106.orig.tar.xz
 01af9ad7625829c6efe46ccbf0cecc4c 194560 web optional chromium_80.0.3987.106-1.debian.tar.xz
 aa544b5039f429df3dcea393633eaf8b 21499 web optional chromium_80.0.3987.106-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEIwTlZiOEpzUxIyp4mD40ZYkUaygFAl5LNKEACgkQmD40ZYkU
ayjaxB//e504nCyYD1fK8GYwmlzNrXbG4MtZ3jSBS1WYU8zPfLTZmb5t4ogL3m9D
nVUrAuImTtVoCZg0x+4Jt8CMJGelMaBDcTzfMAYwMrUPDfTb14cofZ96I5ol7mmT
Bfl+EGNcMK6rZfZnIikCPpJBY9wpddlrlABf1y8J2jp123Aa1xz4/k3cO+snI6y3
ycpqLScJh6xYmpGIeDoq6Nrc9PCLnw8UNmjOsVpg4g4M7Q9Jb6eYD5UBv+ShNvMm
OSsjuYAY0roG/E2sWvsFi8jPrMk1Vc8Kh8fL+bzW7Dt5zUufT/dIckZC3jKfAill
LxNJn4o/XBiogLB8zx+/8Yc2EFQrQB7mPFyc5Tm9E0wrm7tIGT76+zhFWdNRxOzk
EHlQ9Y+mysPfWN0r6wSXyrfOx9g54EWnNuccaM82Y+tedtvknLqGUa8a4lBI09Aa
8jgH/Mt9BMeW3L52+5udaD23fUR0HsDf+1GkCiXD7pZSYmzmWT7Ws/xcRAU67l2r
El4nBAYv34fFCfH1vx439Cv8HSuXbzHPORxcREGEZax9/DT93DRte6RonrAhtyUZ
xzDCbmXaVqTVi0CUhYI+1hp/SvTs645U5t3JYTOgYmTFWW3MNrkPttLpT4F4mi0E
1T4BB8ywaRrjj2hHSA3nq6DknQ2pA2o37bU6FbuAJYFOnD0mCvTS9dwiXNzLXpBE
sMTA5QWq94FgNK76avygaV6iV6Zp4B6q8kT85hN6zhi0peu4pKop7h4y6ScDmwhK
cXJLhe9lmwc/ZvuLEb+aytobg3MQeyG+NQCAyZRjQJMAsTHtZCPsfMEf/y5dAXQN
FMLX2a/LKRbHUk+s8253+lnHo7ojn/EsPxbL/UgwWHiPajiQujwtQjhjPFxj2C04
oX0vk+XVRaj6e+FpDch0jZqhqMZFUROBz61HfX8Jw3d+CRNCFeHHYc+TLTCfBrr5
L9tPtnBs+134aMexwsLEMzVa5nrUh6ndUM4DdjSBSWQP/CV1HlNEm0WlwtgKjq89
v1eJJxwHBFdmLCaW1c2y7Nchuxtfqmm81IlUyqyecyD/0raI5i6L/BbB+DL8Cty2
exZgU5naNx0P5JlsXxipglULXg6tC88sTGqN5ixPf+DlMGnlxFPHP7T40HReo4LO
IKIvf/GW1rhc4wtZjbeztUrVlJng+lw8UHzddJlWiP86tQIuqD8XcdlmHyllo4Bf
kMzIa6Id9PijhbWHGLQHQ6Cyai5N42e7H1BL6V1/Dpq/efTnE2zM2XYp1F4KzePu
z67Wt4BBuWcfaM6JmZPG9AzxCOpK1yeAanAxOOZJxeHxbbUG77udi84W+r7ImwMe
wJaXsL/c8mqlaOoiCUwzL54y8Qrg6Q==
=ly8v
-----END PGP SIGNATURE-----
Reply to: