Back to chromium PTS page

Accepted chromium 87.0.4280.141-0.1~deb10u1 (source) into proposed-updates->stable-new, proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 11 Jan 2021 17:04:13 +0100
Source: chromium
Architecture: source
Version: 87.0.4280.141-0.1~deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Jan Luca Naumann <j.naumann@fu-berlin.de>
Closes: 979135 979520
Changes:
 chromium (87.0.4280.141-0.1~deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload.
   * New upstream security release (closes: 979520).
     - CVE-2021-21106: Use after free in autofill. Reported by Weipeng Jiang
       @Krace from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-21107: Use after free in drag and drop. Reported by Leecraso and
       Guang Gong of 360 Alpha Lab
     - CVE-2021-21108: Use after free in media. Reported by Leecraso and Guang
       Gong of 360 Alpha Lab
     - CVE-2021-21109: Use after free in payments. Reported by Rong Jian and
       Guang Gong of 360 Alpha Lab
     - CVE-2021-21110: Use after free in safe browsing. Reported by Anonymous
     - CVE-2021-21111: Insufficient policy enforcement in WebUI. Reported by
       Alesandro Ortiz
     - CVE-2021-21112: Use after free in Blink. Reported by YoungJoo Lee
       @ashuu_lee of Raon Whitehat
     - CVE-2021-21113: Heap buffer overflow in Skia. Reported by tsubmunu
     - CVE-2020-16043: Insufficient data validation in networking. Reported by
       Samy Kamkar, Ben Seri at Armis, Gregory Vishnepolsky at Armis
     - CVE-2021-21114: Use after free in audio. Reported by Man Yue Mo of GitHub
       Security Lab
     - CVE-2020-15995: Out of bounds write in V8. Reported by Bohan Liu
       @P4nda20371774 of Tencent Security Xuanwu Lab
     - CVE-2021-21115: Use after free in safe browsing. Reported by Leecraso and
       Guang Gong of 360 Alpha Lab
     - CVE-2021-21116: Heap buffer overflow in audio. Reported by Alison
       Huffman, Microsoft Browser Vulnerability Research
   * Use desktop gl implementation as default. (closes: 979135)
Checksums-Sha1:
 20283425af744575e71c221b5868c8ceb55fa6cc 3608 chromium_87.0.4280.141-0.1~deb10u1.dsc
 ef2fa29cf9558fc0afbd7791ea6ee8ef73ac37af 393840792 chromium_87.0.4280.141.orig.tar.xz
 ea3f1e325cd767960b111a4b7991913cb1e34956 190032 chromium_87.0.4280.141-0.1~deb10u1.debian.tar.xz
 692f96e5a8b5ed229a3e4db06a9f0bf6fd6c3ed2 14897 chromium_87.0.4280.141-0.1~deb10u1_source.buildinfo
Checksums-Sha256:
 66e5c7de3b32da717e59f92ff98b4c5f4c2f89ad88c289b29229d9030dbe1579 3608 chromium_87.0.4280.141-0.1~deb10u1.dsc
 577a92da6e3caacd22b0b2aedc9dc7e895652f54ec3e0f615457357be099b2ae 393840792 chromium_87.0.4280.141.orig.tar.xz
 b3c314153aa1e99b6d56fe642cd849182adc29c911256d122b9154147ae86e84 190032 chromium_87.0.4280.141-0.1~deb10u1.debian.tar.xz
 19389ede5dfb4e869f7f75e29c32db52b9695a03e22a6a0a2b97268d6e094192 14897 chromium_87.0.4280.141-0.1~deb10u1_source.buildinfo
Files:
 b4081d34b6e8314279a02c4e691308a2 3608 web optional chromium_87.0.4280.141-0.1~deb10u1.dsc
 c7f87e38af9193a5889c48e7922ac5a0 393840792 web optional chromium_87.0.4280.141.orig.tar.xz
 1945a0f23f04c8ebeb64be8cfed8f4cd 190032 web optional chromium_87.0.4280.141-0.1~deb10u1.debian.tar.xz
 0578b84ec013fcc2fb86662f3995b647 14897 web optional chromium_87.0.4280.141-0.1~deb10u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAl/9sTIACgkQCBa54Yx2
K63dmQ/+IOCzeFfUyJ6yJmnCPHE4wlHH1dB93/+4pN6L4fo/smmkudXyujRmDKH5
p5KcXIxGwosynAmDYz7NsLfh1K6ESVnUhwXHpCZH8fREjqPDe6X6P4qC3HYFZ2t+
+6yyDuz2owzwOmNpwn0dGK7MsCOsB2OneYSVCYjy4qKA4DZigB6S8//G4H+iq/uA
s9pJRKjCmmho9PrsN10r1QrsOizU3GBnT8myK+vtjKB9vFMkjCne58SKV2kXG/lf
pXOPmUze1r+2SlYm0eA9vs2lpzb70oJQas2WnvIwuW6OpHogSGybuT3hoOTR8pDF
LivsZz7UZOP4eWbhxhjLuJbyXZ+XM6/6lxP1NW1PlY+scoWcpr19vSOJecGPP0/b
21wjCGaFGA04M/ab4/Ubx8BhIWtqprc7ineKkz7QO5prd3TN/qkzVnaP/yLzs4vv
H9CO/20ebYqoTAgJT9nP/vCDKZ22mBN1NeCUPt/84qdO/AoXmibJGMGIsexYUGKR
t4+xg3vstUagEvRYoz1mIhYy8V+ID76jWsek/m5I1d0NZBNRCSmwq9w0W/hA1fYB
iWQa/kny3QLEEco0ul5reKkN5ZK9zNzaix20qoHJttJFp0lRi2ywJtZcpOqMh+TQ
mH5dZHaOuKYbjNG7ghqjn9HCKb1DeeCZFSe75Rs7PaSxyLYK840=
=IEn2
-----END PGP SIGNATURE-----