Back to chromium PTS page

Accepted chromium 107.0.5304.68-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted chromium 107.0.5304.68-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 26 Oct 2022 00:49:47 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: chromium_107.0.5304.68-1_source.changes
Debian-source: chromium
Debian-suite: unstable
Debian-version: 107.0.5304.68-1
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=zowaYrQKmtzVnjTpCKbUEX2QrteW817ZPio1wLCs2nY=; b=BJWXn4xy+7bTrFswd7oDBwV2ff saa7SSDgdyoUKi9iZHxzADDsgDM1RDw4LMqLsfiNcw/zSXBzgfE6JuC/G0ciehlnqAcWUUX1Dn5Qg OFDy1JLdYhaqljbzFbwSZnrx7oAsa3T2Xl+y3aTsGKQxPyxgwDZGciAoCvpv9SmGrYNleucTTogUo WOXaOap8D/lfxUn33GBdZCvhp5ZUuaCp6hTyyNLQ68FhtlG74f23PsHPFEb5adX6I2dVGPEPjrDgj M3j3qHoDz516XumnVTYAl5TRyA9UrG930mkLoU2eSPOV2x8rIwhRkgiibTDbIn54XqD1gui8sS8af 1x+5PD4g==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1onUc7-00BXM4-90@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 25 Oct 2022 17:40:14 -0400
Source: chromium
Architecture: source
Version: 107.0.5304.68-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (107.0.5304.68-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2022-3652: Type Confusion in V8. Reported by srodulv and ZNMchtss at
       S.S.L Team.
     - CVE-2022-3653: Heap buffer overflow in Vulkan. Reported by SeongHwan Park
       (SeHwa).
     - CVE-2022-3654: Use after free in Layout. Reported by Sergei Glazunov of
       Google Project Zero.
     - CVE-2022-3655: Heap buffer overflow in Media Galleries. Reported by
       koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-3656: Insufficient data validation in File System. Reported by
       Ron Masas, Imperva.
     - CVE-2022-3657: Use after free in Extensions. Reported by Omri Bushari,
       Talon Cyber Security.
     - CVE-2022-3658: Use after free in Feedback service on Chrome OS. Reported
       by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research
       Institute.
     - CVE-2022-3659: Use after free in Accessibility. Reported by @ginggilBesel.
     - CVE-2022-3660: Inappropriate implementation in Full screen mode. Reported
       by Irvan Kurniawan (sourc7).
     - CVE-2022-3661: Insufficient data validation in Extensions. Reported by
       Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University.
   * Disable building against QT5 (for now).
     https://groups.google.com/a/chromium.org/g/chromium-packagers/c/-2VGexQAK6w
   * debian/copyright:
     - delete third_party/dawn/tools/golang binaries.
   * debian/patches:
     - upstream/armhf-ftbfs.patch: drop, merged upstream.
     - upstream/fix-nullptr-qual.patch: drop, merged upstream.
     - disable/catapult.patch: delete add'l blink reference to catapult.
     - bullseye/clang13.patch: refresh for minor upstream changes.
     - ppc64le/workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
     - disable/clang-version-check.patch: added to fix build failure. Needs
       to go upstream.
     - ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch:
       drop, upstream skia stopped using clang::musttail.
     - upstream/re-fix-tflite.patch: re-add a build fix that upstream lost.
 .
   [ Timothy Pearson ]
   * regenerate libaom configuration on ppc64el systems.
Checksums-Sha1:
 fdda1d13c5f5ad032bb3fba64d841ab381c3d630 3684 chromium_107.0.5304.68-1.dsc
 dace8293eb488d190ef7f8225ff5d13064f3772f 648953428 chromium_107.0.5304.68.orig.tar.xz
 5e088a1186810d12fe3c5670897f18a336b60bf8 290248 chromium_107.0.5304.68-1.debian.tar.xz
 a18d7386d7ab13fc6dc8ed2ca022b4a580fedc7c 20470 chromium_107.0.5304.68-1_source.buildinfo
Checksums-Sha256:
 55179efcca840ae9b06f709c1fb748771c3c091c7b33cf3af21172a2f8e33a99 3684 chromium_107.0.5304.68-1.dsc
 cb7ef428ac6ff97a34ce127cdd1687946071d0a549d852a8c4fc75a0d8e28782 648953428 chromium_107.0.5304.68.orig.tar.xz
 b8b308a398f208b4978da83f36f31455a80127a6bd6bf3f2acd216de84294426 290248 chromium_107.0.5304.68-1.debian.tar.xz
 877cbecf717974154078433a81afc7d582490f10a4d2f0120d6e3968bb27b8d0 20470 chromium_107.0.5304.68-1_source.buildinfo
Files:
 0c0b3b2f74f496de06e25d83d7b0149d 3684 web optional chromium_107.0.5304.68-1.dsc
 81918c0a34c54105a59164d0b294c1d9 648953428 web optional chromium_107.0.5304.68.orig.tar.xz
 6b0deebbbc68f292e9f56a8b6711860d 290248 web optional chromium_107.0.5304.68-1.debian.tar.xz
 bb97c604a65166364e6d65c2a26f0f54 20470 web optional chromium_107.0.5304.68-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmNYd+0UHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudjd/uw/8D0F1j1KVmm6vCyyiHCFb48flbQgG
MLqrZCMouEiKwFFyBO8bacx98AJcVhWT9cvnpNU0xV4/6ZyouT7UKW3fpXCTRYjv
98QL9wWv5BYBjFB+0VPUJZFTYyBxgAq3FIYhpEIt2vhR4ODyScZdK+JQI87F2dv0
SZMg/PAsQUTO0dyJL8NrvjIvD7WNtZCsoyOrEBny99zPt0aG19tr0nOE1PnicBn7
+ayPtIqd3e38U3ooJtOwo8HkGl8+xNFcQOhCRts9lYn2vrXEzsdFn18YnCrCt+XS
YV2WImvedt8JPE5gLHG3PGDhdQRiM6S9Pt+DiJ4NYb8HG9nIZzfagjNmdRLFAqFs
cDfS080nnmZwrn6qWVcZXt5BVlVXWU8LLsFU9d4830S1dqJA053pIVFl6x0jbefk
IHnlxJ6tC7sVKzQch6j2FMo5B2FkO2ib1HGHlqUVJZOoHsL76yNIX1wIZIW2p+eb
5GmpuYHDFQuv/roy555tuL6vPpr/v+8UVl+DGMIZBUamY2Yk0jnw4zhaxxu7wcNW
BMyESiv6S0FloQGFRuMrmByWNHCiH6Kz9gC5Iy66DmzfAB06+hX+Gcfvak7uhVds
D2zTFwHiVTZHSWP8UrGMGkcqJm5JB28Ew2jAgLYgVLqVh2zaRNr9TDEF9zwAWhjW
TRt3/EL2HUvaCXQ=
=0NB9
-----END PGP SIGNATURE-----