Accepted chromium 98.0.4758.102-1~deb11u1 (source) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 15 Feb 2022 20:15:03 -0500
Source: chromium
Architecture: source
Version: 98.0.4758.102-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Closes: 954824 970571 1005230 1005466
Changes:
chromium (98.0.4758.102-1~deb11u1) bullseye-security; urgency=high
.
* Enable pipewire support in webrtc (closes: #954824).
* Enable optimize_webui. This UI speed improvement was originally
disabled due to nodejs deps, but recent upstream changes makes those
deps necessary either way (closes: #970571).
* Switch to using bundled node modules, to deal with (frequent) build
failures (closes: #1005466).
* Manually depend on xdg-desktop-portal-* packages. The file saving
dialog needs a UI toolkit (closes: #1005230).
* New upstream security release.
- CVE-2022-0603: Use after free in File Manager.
Reported by Chaoyuan Peng (@ret2happy).
- CVE-2022-0604: Heap buffer overflow in Tab Groups. Reported by Krace.
- CVE-2022-0605: Use after free in Webstore API.
Reported by Thomas Orlita.
- CVE-2022-0606: Use after free in ANGLE.
- CVE-2022-0606: Use after free in ANGLE. Reported by Cassidy Kim of
Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
- CVE-2022-0607: Use after free in GPU. Reported by 0x74960.
- CVE-2022-0608: Integer overflow in Mojo.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2022-0609: Use after free in Animation. Reported by
Adam Weidemann and Clément Lecigne of Google's Threat Analysis Group.
- CVE-2022-0610: Inappropriate implementation in Gamepad API.
Reported by Anonymous.
Checksums-Sha1:
a10615c243fe10738ccb5ebe48b8ee518e69b159 3714 chromium_98.0.4758.102-1~deb11u1.dsc
7eef940a3971cdeee336cd39a8b80393c2d1cf06 527215312 chromium_98.0.4758.102.orig.tar.xz
2b90b6baba3d4ba0e857b57e0b42f24850b12485 215384 chromium_98.0.4758.102-1~deb11u1.debian.tar.xz
c3aa5db517e83e01c9cf284303d3114f93c5ee65 20365 chromium_98.0.4758.102-1~deb11u1_source.buildinfo
Checksums-Sha256:
d50ac6d07186e38b432ddfdf23ad8692bb8382b1aa1cd252d54145d65c635aae 3714 chromium_98.0.4758.102-1~deb11u1.dsc
ff05a6111b189fa99c60c2887e7129bf6b11cdff1a5d7ac38e473668c70a0654 527215312 chromium_98.0.4758.102.orig.tar.xz
9735b488cfe2feb66a3ced285774a0c14d6158f78b3c1f0dad93dbfd293b60aa 215384 chromium_98.0.4758.102-1~deb11u1.debian.tar.xz
eccaa9edb45dd4206fd2bd6579f16dbb4dbb332351a8b5a023730963737b988a 20365 chromium_98.0.4758.102-1~deb11u1_source.buildinfo
Files:
76042dd832e164bbe56208466bec96c5 3714 web optional chromium_98.0.4758.102-1~deb11u1.dsc
a2e94ce03be789833a6641e842936377 527215312 web optional chromium_98.0.4758.102.orig.tar.xz
7467c040ac054fec66db0794ace6243f 215384 web optional chromium_98.0.4758.102-1~deb11u1.debian.tar.xz
eb11847d581c4a490575c2438d6e0fa6 20365 web optional chromium_98.0.4758.102-1~deb11u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmINkAMUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjdVghAAjM9Mht03JilwERcgs5JjCYNj5ilo
34No3DiMyzPIBw+q+HgxhGikOR8VFYlfz/HVPq0HNkWS+tVtmqyax17YZ3EULITF
CaezYsnK3Ub7rgcTe6Y5gV+YxRa4BNEMwm1BbJGHzA0zIEkXzwAPKo+HI+eqnUFV
9XF3RAwRKE7fYuOzkkZaWDROvsRnwCDKtA4xkSFifKeImNK68ls0cORyp4Sa8sKz
rT/16LBavqb6nr+iePdr2zPYuaCFQNVmAIQZbH4eOwqrVHGSKChQSPnqf4N8bRBt
BO6ys+Un80q0koyVNEuVHL1ebe3ogrfzZkXz74+OkjDIBvncO6uqfYWgMfFzx3pd
yYI+NWvhtIaZ5ms4E2Cfijdx+m2UHE5NjwqkHkyQxCqMk1MiQbYyye3omMWxJ51i
DbSAhhBAKJTa2soYDmznBZgIjUyeGw2o3yCF3h1TgueDExZ4TUk+Xyc0fqBsPTLZ
sI7lRaUMvR5vadBHQ4wpm40gTK7czbtqB5RG9oA/jTR8BtPH5ya3rqOEg2xe+ybe
yCeDXIF27r0z/SoD8XnMvcsSksgmvTVL/3FjmqK4e1wE5Hju74hsdFpOK14CxJFp
EUKkDOr+MAGn+PM38iyEA86WdYgShkmb6kM1ypnki5+wMyZNI5dB3l5dgDqIA50/
HGrqDJvgk93hUZI=
=/24V
-----END PGP SIGNATURE-----