Back to chromium PTS page

Accepted chromium 97.0.4692.99-1~deb11u1 (source) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted chromium 97.0.4692.99-1~deb11u1 (source) into proposed-updates->stable-new, proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 02 Feb 2022 20:34:28 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1nFMKi-000HQp-8B@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 20 Jan 2022 22:30:05 -0500
Source: chromium
Architecture: source
Version: 97.0.4692.99-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Closes: 1001036 1003689
Changes:
 chromium (97.0.4692.99-1~deb11u1) bullseye-security; urgency=high
 .
   * Add myself as an uploader.
   * Build-dep on terser | uglifyjs.terser (closes: #1001036).
   * Revert automatic wayland detection for now (closes: #1003689).
     We'll try again in chromium v98 or v99.
   * New upstream stable release.
     - CVE-2022-0289: Use after free in Safe browsing.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0290: Use after free in Site isolation. Reported by
       Brendon Tiszka and Sergei Glazunov of Google Project Zero.
     - CVE-2022-0291: Inappropriate implementation in Storage.
       Reported by Anonymous.
     - CVE-2022-0292: Inappropriate implementation in Fenced Frames.
       Reported by Brendon Tiszka.
     - CVE-2022-0293: Use after free in Web packaging. Reported by
       Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0294: Inappropriate implementation in Push messaging.
       Reported by Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0295: Use after free in Omnibox. Reported by Weipeng Jiang
       (@Krace) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0296: Use after free in Printing. Reported by koocola(@alo_cook)
       and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0297: Use after free in Vulkan. Reported by Cassidy Kim of
       Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0298: Use after free in Scheduling.
       Reported by Yangkang (@dnpushme) of 360 ATA.
     - CVE-2022-0300: Use after free in Text Input Method Editor. Reported by
       Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0301: Heap buffer overflow in DevTools. Reported by
       Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research.
     - CVE-2022-0302: Use after free in Omnibox. Reported by Weipeng Jiang
       (@Krace) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0303: Race in GPU Watchdog.
       Reported by Yiğit Can YILMAZ (@yilmazcanyigit).
     - CVE-2022-0304: Use after free in Bookmarks. Reported by Rong Jian and
       Guang Gong of 360 Alpha Lab.
     - CVE-2022-0305: Inappropriate implementation in Service Worker API.
       Reported by @uwu7586.
     - CVE-2022-0306: Heap buffer overflow in PDFium.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0307: Use after free in Optimization Guide.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0308: Use after free in Data Transfer.
       Reported by @ginggilBesel.
     - CVE-2022-0309: Inappropriate implementation in Autofill.
       Reported by Alesandro Ortiz.
     - CVE-2022-0310: Heap buffer overflow in Task Manager.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0311: Heap buffer overflow in Task Manager.
       Reported by Samet Bekmezci @sametbekmezci.
Checksums-Sha1:
 d6af667e19f80c13a00572c7d6ddd4274b9e1ab7 3818 chromium_97.0.4692.99-1~deb11u1.dsc
 e2d17c6c2cbc2a653352e10c21f12a47cccea41b 516865588 chromium_97.0.4692.99.orig.tar.xz
 d59f7a202fb157f3724c7e548b57ea524a25cee9 153280 chromium_97.0.4692.99-1~deb11u1.debian.tar.xz
 0e287f80fd0475a5efaf11017227bb84422f3257 25388 chromium_97.0.4692.99-1~deb11u1_source.buildinfo
Checksums-Sha256:
 dad6d027be01586d8b664a3b65d01b9a655f0bf11b94510d15b7346601ef64be 3818 chromium_97.0.4692.99-1~deb11u1.dsc
 42f2f8fd1d0d104ef588efcb019be814e31320034fb44f1674817f567cafeb46 516865588 chromium_97.0.4692.99.orig.tar.xz
 eaf821ad50f1e57044fc0401086aeec37ab64173de581fbec51f6d3d911e40dd 153280 chromium_97.0.4692.99-1~deb11u1.debian.tar.xz
 350a7f2f1c2afaec3a32a9c9a7d08ed416917ed0be0370ea09b6caf525386baa 25388 chromium_97.0.4692.99-1~deb11u1_source.buildinfo
Files:
 0c8dbc9454b6587039342dbe9f3a54de 3818 web optional chromium_97.0.4692.99-1~deb11u1.dsc
 ccab75944084d20b198c6a8d8a6b1be1 516865588 web optional chromium_97.0.4692.99.orig.tar.xz
 eef749d196a18d5b51c2d45310147891 153280 web optional chromium_97.0.4692.99-1~deb11u1.debian.tar.xz
 c50ccf0e128d417fbeadfd22549d419e 25388 web optional chromium_97.0.4692.99-1~deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmHq7ooUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjdKQA//WDbRqvFw4xbmMv0xEJPPD3E1f+4Y
Walz9r1zHMttUu6RZALCzsHORUVwy4KX9y4nj6cr3DntApoGAsc3b8IWSieeT2fG
tJLepoYUYDUQ/9QpDy2jdNzAuZku2IKsbM1OKmX6QlOQV5fzTTX/ToO3Uo9brKLX
fcHTQ5J3l+CNBWIYC4yMkVgjKwwzJEjvbn/roAlyRt8oenLnr2Ql+Kb21yTi54MA
6CEKgN/TCKWMvaQeUG5s59ypVXut8s/ySNtY1vkheBhidmzJvkBbePMKvTN6Mf2A
gy+bRR5OMUNMXqVLg0Yus8zWhq8HYOHIVWD64PHoXrPov1ik+ZztsIzAjgsbpD4u
MQR6hyWHLcs9WgD4D1QdaeBHVIzAXx5QfLaNRq4eCwyZsv4FWJUQr7t6z2a1pwjP
KF4I2HD92TZBvJLQKnrO8bHfaPIJoyc9D+19dkDX/kuvLNPqxdE59BgHTrz4DvaT
lctO8aM9kfKbM39RDFuV6cEubCkKCFtgXVTwzRq3Eyh6l7Y4bG4vk1ykCmPpCQup
/MLQObpB+hS/HhqMnOgNAT6sJIfqSt4X8GEb+mpw4awUGO86kx1fR3ZW8Q2V4aSH
YUb/O2Hv55nfmd1QYUtkL94tgPvgCwgdIWsAPISVKvJkmGVLdyLm/NkeAdkfCpCG
Gow79oYOpyruaKc=
=oQ0K
-----END PGP SIGNATURE-----