Accepted chromium 104.0.5112.79-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted chromium 104.0.5112.79-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Fri, 05 Aug 2022 03:32:36 +0000
Message-id: <[🔎] E1oJo4i-008c5H-Nu@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 04 Aug 2022 11:31:44 -0400
Source: chromium
Architecture: source
Version: 104.0.5112.79-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (104.0.5112.79-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-2603: Use after free in Omnibox. Reported by Anonymous
     - CVE-2022-2604: Use after free in Safe Browsing. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-2605: Out of bounds read in Dawn. Reported by Looben Yang
     - CVE-2022-2606: Use after free in Managed devices API. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-2607: Use after free in Tab Strip. Reported by @ginggilBesel
     - CVE-2022-2608: Use after free in Overview Mode.
       Reported by Khalil Zhani
     - CVE-2022-2609: Use after free in Nearby Share. Reported by koocola
       (@alo_cook) and Guang Gong of 360 Vulnerability Research Institute
     - CVE-2022-2610: Insufficient policy enforcement in Background Fetch.
       Reported by Maurice Dauer
     - CVE-2022-2611: Inappropriate implementation in Fullscreen API.
       Reported by Irvan Kurniawan (sourc7)
     - CVE-2022-2612: Side-channel information leakage in Keyboard input.
       Reported by Erik Kraft (erik.kraft5@gmx.at),
       Martin Schwarzl (martin.schwarzl@iaik.tugraz.at)
     - CVE-2022-2613: Use after free in Input.
       Reported by Piotr Tworek (Vewd)
     - CVE-2022-2614: Use after free in Sign-In Flow.
       Reported by raven at KunLun lab
     - CVE-2022-2615: Insufficient policy enforcement in Cookies.
       Reported by Maurice Dauer
     - CVE-2022-2616: Inappropriate implementation in Extensions API.
       Reported by Alesandro Ortiz
     - CVE-2022-2617: Use after free in Extensions API.
       Reported by @ginggilBesel
     - CVE-2022-2618: Insufficient validation of untrusted input in
       Internals. Reported by asnine
     - CVE-2022-2619: Insufficient validation of untrusted input in Settings.
       Reported by Oliver Dunk
     - CVE-2022-2620: Use after free in WebUI. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-2621: Use after free in Extensions.
       Reported by Huyna at Viettel Cyber Security
     - CVE-2022-2622: Insufficient validation of untrusted input in
       Safe Browsing. Reported by Imre Rad (@ImreRad) and @j00sean
     - CVE-2022-2623: Use after free in Offline. Reported by
       raven at KunLun lab
     - CVE-2022-2624: Heap buffer overflow in PDF. Reported by YU-CHANG
       CHEN and CHIH-YEN CHANG, working with DEVCORE Internship Program
   * debian/patches:
     - bullseye/nomerge.patch: drop, was only needed for clang-11.
     - bullseye/clang11.patch: drop clang-11 bits, rename to clang13.patch.
     - bullseye/blink-constexpr.patch: drop, only needed for clang-11.
     - bullseye/byteswap-constexpr2.patch: drop, only needed for clang-11.
     - disable/angle-perftests.patch: refresh
     - disable/catapult.patch: refresh & drop some no longer needed bits.
     - fixes/tflite.patch: fix a build error.
   * debian/copyright:
     - upstream dropped perfetto/ui/src/gen/.
Checksums-Sha1:
 00b5a34feb370c4bfb8f6c4a51c2ea2af87b2aa5 3619 chromium_104.0.5112.79-1.dsc
 a11e88ffc0819f992212c95d21314c7bc07fb78c 610675328 chromium_104.0.5112.79.orig.tar.xz
 db4bfb71403bb965cf6e86a11244629049e6fc47 209308 chromium_104.0.5112.79-1.debian.tar.xz
 970edc9525567811b532ccdcb0b7f472f9a5e9b6 20045 chromium_104.0.5112.79-1_source.buildinfo
Checksums-Sha256:
 5991e4c185fa2499deaef30e59a0f55633c2b6e9da7ba03a7e330541abf0ab55 3619 chromium_104.0.5112.79-1.dsc
 304851d516ca0335755032c18d96df40fbbc0b2974169d495339d230782b4a43 610675328 chromium_104.0.5112.79.orig.tar.xz
 cfb88636c29dfac550fc760b32e96df6070d0c7391df6e916e53dcdd2b72dc84 209308 chromium_104.0.5112.79-1.debian.tar.xz
 7fe587fac26f91b9fb14b29fc39602099c562e1b18652132bd2ebf876632d613 20045 chromium_104.0.5112.79-1_source.buildinfo
Files:
 5c4213c2d56d0d88a145b04c4d901ac1 3619 web optional chromium_104.0.5112.79-1.dsc
 13edaefdeea2513a4e3489800eac30bd 610675328 web optional chromium_104.0.5112.79.orig.tar.xz
 f5f70c16002709041d11f0f78711efc6 209308 web optional chromium_104.0.5112.79-1.debian.tar.xz
 76f967bfae15112d0db9372bc9ad912f 20045 web optional chromium_104.0.5112.79-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmLshDIUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjfNCRAAi3Wv0p+xzcHvY2fCjC+f//yPltZD
32CWSyGsYj1kdG78yO8WG8g4iHLZgaaZMN2LRUsGVQGUEgXndh3VDumlrrr34ujA
J/ySw/okfHPb26pSy8b6rc4vU3Er3xLQBTdaMFH1Yx6COpil31QxgDdEPXnaKUOn
Gswln07Pblvu7pncyEWMj35hmvQFveQNse4A5mgfL4GR62hw2ajr0m7nY3U6mOSy
h8KApAYK0+SPRpYkr4unOH4Ht+wqJ9SPehGMTbgBFh6Gx/V35iJpwW9F8qYdvoGn
UksNQrLXK2VHlxgmHyupAgylm4L8LntU0kqO4p0GZzfrjiWJkS2QDPmLeA4bcx2b
YmxcM9tppMpso7b5WeRovq5Hvgrzv0uDCNqKI+O1ecQ8YYCriVhm6n0eH8mrsJrI
+Mv1Nj2RF3UbVzqFAOBcjSvdvgpgZqsTT7Fi2w8wkJfcWCNBvrpQsYX4qRtRXZxP
TzTUK9oFccZ/IRQhWtN6jJkGuOB0kZoUzLFGzN9vDRIn95y4yNcgr5UGJ3qEgcK4
KrW9u5eJuNkpu6X0iROjnyXCkiRfhUe6Q79iDSpNFx0z8wZkZ7DEnEuST3X5/qKO
zR8keAVa943eXk162HTnTCUGJyTCgEg5MnAViTRLVP3CxsdKCvrTDYYDeRUoT+Ku
CidcM5hJnRuInTU=
=Whn7
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted ruby-mercenary 0.4.0-1 (source) into unstable
Next by Date: Accepted python-railroad-diagrams 1.1.1-2 (source) into unstable
Previous by thread: Accepted ruby-mercenary 0.4.0-1 (source) into unstable
Next by thread: Accepted python-railroad-diagrams 1.1.1-2 (source) into unstable
Index(es):
- Date
- Thread