Accepted chromium 87.0.4280.141-0.1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 09 Jan 2021 11:24:58 +0100
Source: chromium
Architecture: source
Version: 87.0.4280.141-0.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Michel Le Bihan <michel@lebihan.pl>
Closes: 979135 979520
Changes:
chromium (87.0.4280.141-0.1) unstable; urgency=medium
.
* Non-maintainer upload.
* New upstream security release (closes: 979520).
- CVE-2021-21106: Use after free in autofill. Reported by Weipeng Jiang
@Krace from Codesafe Team of Legendsec at Qi'anxin Group
- CVE-2021-21107: Use after free in drag and drop. Reported by Leecraso and
Guang Gong of 360 Alpha Lab
- CVE-2021-21108: Use after free in media. Reported by Leecraso and Guang
Gong of 360 Alpha Lab
- CVE-2021-21109: Use after free in payments. Reported by Rong Jian and
Guang Gong of 360 Alpha Lab
- CVE-2021-21110: Use after free in safe browsing. Reported by Anonymous
- CVE-2021-21111: Insufficient policy enforcement in WebUI. Reported by
Alesandro Ortiz
- CVE-2021-21112: Use after free in Blink. Reported by YoungJoo Lee
@ashuu_lee of Raon Whitehat
- CVE-2021-21113: Heap buffer overflow in Skia. Reported by tsubmunu
- CVE-2020-16043: Insufficient data validation in networking. Reported by
Samy Kamkar, Ben Seri at Armis, Gregory Vishnepolsky at Armis
- CVE-2021-21114: Use after free in audio. Reported by Man Yue Mo of GitHub
Security Lab
- CVE-2020-15995: Out of bounds write in V8. Reported by Bohan Liu
@P4nda20371774 of Tencent Security Xuanwu Lab
- CVE-2021-21115: Use after free in safe browsing. Reported by Leecraso and
Guang Gong of 360 Alpha Lab
- CVE-2021-21116: Heap buffer overflow in audio. Reported by Alison
Huffman, Microsoft Browser Vulnerability Research
.
[ Jan Luca Naumann ]
* Use desktop gl implementation as default. (closes: 979135)
Checksums-Sha1:
9d83a1d5ad83468c5ba5da045d0235465fe5321b 3576 chromium_87.0.4280.141-0.1.dsc
ef2fa29cf9558fc0afbd7791ea6ee8ef73ac37af 393840792 chromium_87.0.4280.141.orig.tar.xz
aa7529eee2b61d683a4b7640724485be4c7a0778 189436 chromium_87.0.4280.141-0.1.debian.tar.xz
Checksums-Sha256:
0e2c2a41c2186a47eb918e3e046ba084ebf96779b282626798f89ebf8d6ee24a 3576 chromium_87.0.4280.141-0.1.dsc
577a92da6e3caacd22b0b2aedc9dc7e895652f54ec3e0f615457357be099b2ae 393840792 chromium_87.0.4280.141.orig.tar.xz
20c26ad853b88addb65fbb3a26ba92a89f9d47b33297ad6aefdc2c2470550580 189436 chromium_87.0.4280.141-0.1.debian.tar.xz
Files:
fac52e6fd36d86d23ce4d5e4e1ce4e5a 3576 web optional chromium_87.0.4280.141-0.1.dsc
c7f87e38af9193a5889c48e7922ac5a0 393840792 web optional chromium_87.0.4280.141.orig.tar.xz
74969e52ef31b8b93d11dcad704423bd 189436 web optional chromium_87.0.4280.141-0.1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAl/7IfIACgkQCBa54Yx2
K60uuA//d66OMB3PAA7f74bbpaoKCKW1nRuhLrvBdZe9s2I15fNLOBTuJ7X6QgaU
5LK0gdGZVkx2t+gxiZIdEv8fiJ0TmP9rIqt4ueh7s+7fFdhA3H/P9zJHRKCnRCVv
U15PHPpFwpPelB2JlkIsJ73DPWUnB0hpEE+6ShvBlE6roQs/xyGZDKLh/u1wzGkW
tMb+jzcu5tOZrxmE9EaLOzhtvgkQ8Kp5T8IAmO4RaWst0EwJZOIf+QdCRipTxr7Q
iWaBn1ZXWWbqV5M4NSgbGwAgc66jVONPcASxM5UD0nE70kvjGiXck8jZTrpS3NIO
X4iombhiYRuKSgi+FiiuYK7vKmgDbHoadrF1uQ/xq7nHsa4Lke0WeS52mt8igPhi
YkB2fDemIltHIsmYu1JzmHgsDkegvdm8Ibl2fSc232O6Q5nEP1ft7OyyeP1X8Aw+
E0iO1VOMXhaoaZf8yGDKq0JFrYT/qw5o97Bd/6fdCh8NdmIuiNoXihmi1u/e314c
72zaXYgbQJtIegerEKzGSSEdly7mNTg9VJ4GgfULYhT2zJKKqlmftnREdcIOEKJP
jDUuknXgvNRbM+PDHa0YGYUHuW0T5J41xEH0vXFZ6WectJWSIvvQo106NE48NxUv
bBjvXsRcBZJgpnG7wbvqqeITMhTmBVoyXQ1kchFNQC77p613/2k=
=Wtvn
-----END PGP SIGNATURE-----
Reply to: