Accepted chromium 107.0.5304.68-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted chromium 107.0.5304.68-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 26 Oct 2022 00:49:47 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: chromium_107.0.5304.68-1_source.changes
- Debian-source: chromium
- Debian-suite: unstable
- Debian-version: 107.0.5304.68-1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=zowaYrQKmtzVnjTpCKbUEX2QrteW817ZPio1wLCs2nY=; b=BJWXn4xy+7bTrFswd7oDBwV2ff saa7SSDgdyoUKi9iZHxzADDsgDM1RDw4LMqLsfiNcw/zSXBzgfE6JuC/G0ciehlnqAcWUUX1Dn5Qg OFDy1JLdYhaqljbzFbwSZnrx7oAsa3T2Xl+y3aTsGKQxPyxgwDZGciAoCvpv9SmGrYNleucTTogUo WOXaOap8D/lfxUn33GBdZCvhp5ZUuaCp6hTyyNLQ68FhtlG74f23PsHPFEb5adX6I2dVGPEPjrDgj M3j3qHoDz516XumnVTYAl5TRyA9UrG930mkLoU2eSPOV2x8rIwhRkgiibTDbIn54XqD1gui8sS8af 1x+5PD4g==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1onUc7-00BXM4-90@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 25 Oct 2022 17:40:14 -0400
Source: chromium
Architecture: source
Version: 107.0.5304.68-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
chromium (107.0.5304.68-1) unstable; urgency=high
.
* New upstream stable release.
- CVE-2022-3652: Type Confusion in V8. Reported by srodulv and ZNMchtss at
S.S.L Team.
- CVE-2022-3653: Heap buffer overflow in Vulkan. Reported by SeongHwan Park
(SeHwa).
- CVE-2022-3654: Use after free in Layout. Reported by Sergei Glazunov of
Google Project Zero.
- CVE-2022-3655: Heap buffer overflow in Media Galleries. Reported by
koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute.
- CVE-2022-3656: Insufficient data validation in File System. Reported by
Ron Masas, Imperva.
- CVE-2022-3657: Use after free in Extensions. Reported by Omri Bushari,
Talon Cyber Security.
- CVE-2022-3658: Use after free in Feedback service on Chrome OS. Reported
by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research
Institute.
- CVE-2022-3659: Use after free in Accessibility. Reported by @ginggilBesel.
- CVE-2022-3660: Inappropriate implementation in Full screen mode. Reported
by Irvan Kurniawan (sourc7).
- CVE-2022-3661: Insufficient data validation in Extensions. Reported by
Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University.
* Disable building against QT5 (for now).
https://groups.google.com/a/chromium.org/g/chromium-packagers/c/-2VGexQAK6w
* debian/copyright:
- delete third_party/dawn/tools/golang binaries.
* debian/patches:
- upstream/armhf-ftbfs.patch: drop, merged upstream.
- upstream/fix-nullptr-qual.patch: drop, merged upstream.
- disable/catapult.patch: delete add'l blink reference to catapult.
- bullseye/clang13.patch: refresh for minor upstream changes.
- ppc64le/workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
- disable/clang-version-check.patch: added to fix build failure. Needs
to go upstream.
- ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch:
drop, upstream skia stopped using clang::musttail.
- upstream/re-fix-tflite.patch: re-add a build fix that upstream lost.
.
[ Timothy Pearson ]
* regenerate libaom configuration on ppc64el systems.
Checksums-Sha1:
fdda1d13c5f5ad032bb3fba64d841ab381c3d630 3684 chromium_107.0.5304.68-1.dsc
dace8293eb488d190ef7f8225ff5d13064f3772f 648953428 chromium_107.0.5304.68.orig.tar.xz
5e088a1186810d12fe3c5670897f18a336b60bf8 290248 chromium_107.0.5304.68-1.debian.tar.xz
a18d7386d7ab13fc6dc8ed2ca022b4a580fedc7c 20470 chromium_107.0.5304.68-1_source.buildinfo
Checksums-Sha256:
55179efcca840ae9b06f709c1fb748771c3c091c7b33cf3af21172a2f8e33a99 3684 chromium_107.0.5304.68-1.dsc
cb7ef428ac6ff97a34ce127cdd1687946071d0a549d852a8c4fc75a0d8e28782 648953428 chromium_107.0.5304.68.orig.tar.xz
b8b308a398f208b4978da83f36f31455a80127a6bd6bf3f2acd216de84294426 290248 chromium_107.0.5304.68-1.debian.tar.xz
877cbecf717974154078433a81afc7d582490f10a4d2f0120d6e3968bb27b8d0 20470 chromium_107.0.5304.68-1_source.buildinfo
Files:
0c0b3b2f74f496de06e25d83d7b0149d 3684 web optional chromium_107.0.5304.68-1.dsc
81918c0a34c54105a59164d0b294c1d9 648953428 web optional chromium_107.0.5304.68.orig.tar.xz
6b0deebbbc68f292e9f56a8b6711860d 290248 web optional chromium_107.0.5304.68-1.debian.tar.xz
bb97c604a65166364e6d65c2a26f0f54 20470 web optional chromium_107.0.5304.68-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmNYd+0UHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudjd/uw/8D0F1j1KVmm6vCyyiHCFb48flbQgG
MLqrZCMouEiKwFFyBO8bacx98AJcVhWT9cvnpNU0xV4/6ZyouT7UKW3fpXCTRYjv
98QL9wWv5BYBjFB+0VPUJZFTYyBxgAq3FIYhpEIt2vhR4ODyScZdK+JQI87F2dv0
SZMg/PAsQUTO0dyJL8NrvjIvD7WNtZCsoyOrEBny99zPt0aG19tr0nOE1PnicBn7
+ayPtIqd3e38U3ooJtOwo8HkGl8+xNFcQOhCRts9lYn2vrXEzsdFn18YnCrCt+XS
YV2WImvedt8JPE5gLHG3PGDhdQRiM6S9Pt+DiJ4NYb8HG9nIZzfagjNmdRLFAqFs
cDfS080nnmZwrn6qWVcZXt5BVlVXWU8LLsFU9d4830S1dqJA053pIVFl6x0jbefk
IHnlxJ6tC7sVKzQch6j2FMo5B2FkO2ib1HGHlqUVJZOoHsL76yNIX1wIZIW2p+eb
5GmpuYHDFQuv/roy555tuL6vPpr/v+8UVl+DGMIZBUamY2Yk0jnw4zhaxxu7wcNW
BMyESiv6S0FloQGFRuMrmByWNHCiH6Kz9gC5Iy66DmzfAB06+hX+Gcfvak7uhVds
D2zTFwHiVTZHSWP8UrGMGkcqJm5JB28Ew2jAgLYgVLqVh2zaRNr9TDEF9zwAWhjW
TRt3/EL2HUvaCXQ=
=0NB9
-----END PGP SIGNATURE-----