Back to chromium PTS page

Accepted chromium 111.0.5563.64-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted chromium 111.0.5563.64-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 08 Mar 2023 00:21:29 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: chromium_111.0.5563.64-1_source.changes
Debian-source: chromium
Debian-suite: unstable
Debian-version: 111.0.5563.64-1
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=eaCCPESL4oque55swWbwquiaeTTZHCP+d5x4MGLATHk=; b=hto/+JnRk7Eav/yxlOtoHTq2QO 8e5gGjl8A5es6XrhAXh4TX4Vi2cDEXSGn7uwJD+zzpjTnwPez9P1c/fZKH2nZu9/Vkb26hNIjty+U USbvfrFoS7Dh6Q17Jcr9HMHSrbGWqmLdZgLc2GyjPt45XmJg5gI7A+MaE7Nx+D7V2p7fxFr3/Y7WG m/ADbj8d0fJnoSQ3GrdcWMXrSNXyALpGre9dvpWeygnXWM/fTlQZpWjLqVSsaW991VrLEG8KeG7ow y2NDEmbJhnEyHL0O7tfnDJTxhUdovguxcYl1LVqDqYOKjhdm1AJI7McenxwI+3tEZYmAYcZmgQ4Dk FTVIi1kA==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1pZhYf-00GQYv-0V@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 07 Mar 2023 18:12:37 -0500
Source: chromium
Architecture: source
Version: 111.0.5563.64-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (111.0.5563.64-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2023-1213: Use after free in Swiftshader.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2023-1214: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2023-1215: Type Confusion in CSS. Reported by Anonymous.
     - CVE-2023-1216: Use after free in DevTools.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2023-1217: Stack buffer overflow in Crash reporting.
       Reported by sunburst of Ant Group Tianqiong Security Lab.
     - CVE-2023-1218: Use after free in WebRTC. Reported by Anonymous.
     - CVE-2023-1219: Heap buffer overflow in Metrics.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-1220: Heap buffer overflow in UMA.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2023-1221: Insufficient policy enforcement in Extensions API.
       Reported by Ahmed ElMasry.
     - CVE-2023-1222: Heap buffer overflow in Web Audio API.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-1223: Insufficient policy enforcement in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-1224: Insufficient policy enforcement in Web Payments API.
       Reported by Thomas Orlita.
     - CVE-2023-1225: Insufficient policy enforcement in Navigation.
       Reported by Roberto Ffrench-Davis @Lihaft.
     - CVE-2023-1226: Insufficient policy enforcement in Web Payments API.
       Reported by Anonymous.
     - CVE-2023-1227: Use after free in Core. Reported by @ginggilBesel.
     - CVE-2023-1228: Insufficient policy enforcement in Intents.
       Reported by Axel Chong.
     - CVE-2023-1229: Inappropriate implementation in Permission prompts.
       Reported by Thomas Orlita.
     - CVE-2023-1230: Inappropriate implementation in WebApp Installs.
       Reported by Axel Chong.
     - CVE-2023-1231: Inappropriate implementation in Autofill.
       Reported by Yan Zhu, Brave.
     - CVE-2023-1232: Insufficient policy enforcement in Resource Timing.
       Reported by Sohom Datta.
     - CVE-2023-1233: Insufficient policy enforcement in Resource Timing.
       Reported by Soroush Karami.
     - CVE-2023-1234: Inappropriate implementation in Intents.
       Reported by Axel Chong.
     - CVE-2023-1235: Type Confusion in DevTools.
       Reported by raven at KunLun lab.
     - CVE-2023-1236: Inappropriate implementation in Internals.
       Reported by Alesandro Ortiz.
   * Document upcoming security support in README.Debian.security.
   * Document switching the default search engine in README.debian.
   * d/patches:
     - upstream/clamp.patch: drop, merged upstream.
     - upstream/pwman-const.patch: drop, merged upstream.
     - upstream/move-stack-to-isolate.patch: drop, merged upstream.
     - upstream/blink-dbl-float.patch: drop, merged upstream.
     - upstream/v4l2-fix.patch: drop, merged upstream.
     - disable/catapult.patch: refresh & remove unnecessary android bits.
     - disable/google-api-warning.patch: refresh.
 .
   [ Timothy Pearson ]
    * d/patches:
     - ppc64le/third_party/0005-third_party-dav1d-crash-fix.patch: drop,
           merged upstream
     - ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch:
           skia musttail is back in upstream, disable on ppc64le due to
           contining Clang bugs
     - ppc64le: refresh libaom configuration
Checksums-Sha1:
 7c10e799c64fcaa916e196805b9474b36fa654a1 3684 chromium_111.0.5563.64-1.dsc
 d8c14fdb7853f61e157a4c87427dae124a6c1563 653798792 chromium_111.0.5563.64.orig.tar.xz
 67e142ea3dd7b548815566acd15e260379dfbbb3 297832 chromium_111.0.5563.64-1.debian.tar.xz
 8f809232b8f7758ee0f6c80f986e75eabfa822bc 20577 chromium_111.0.5563.64-1_source.buildinfo
Checksums-Sha256:
 3afa8d54ff575630a81d7cb187be66c0436a730c1097e213bd0358257200b819 3684 chromium_111.0.5563.64-1.dsc
 68dc1f957c93a199571acea663a68ce59f8c028b522d010639f657d6442d154d 653798792 chromium_111.0.5563.64.orig.tar.xz
 397324205f8a4d5bc955976ba32106e6b6fed1a94e18d36e04d20a794b39c90d 297832 chromium_111.0.5563.64-1.debian.tar.xz
 5e210d4a2fca019a275294c0c94c46b32326bc34b68d8e134d87b5414a342d3f 20577 chromium_111.0.5563.64-1_source.buildinfo
Files:
 5ac23566614cd1d2d2a0a0b71cf787ee 3684 web optional chromium_111.0.5563.64-1.dsc
 caa4104f8f64bcdb1a6fa63531cee231 653798792 web optional chromium_111.0.5563.64.orig.tar.xz
 7d5e2d399b6efdd51e3675c6b8440f40 297832 web optional chromium_111.0.5563.64-1.debian.tar.xz
 a208d38aaf8cb8e00cbc4d38e84d663a 20577 web optional chromium_111.0.5563.64-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmQHy20UHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudjc5hBAAk6z36Fm7f+4zFNgNzhS8XAWTT9rH
vhpw3i8Q34bwu+UV2kp1KIioSNVZbFpQn6E9T0+rhhj4pf8mWqwOAjc1RlarS8Fs
DbR7IC3CJmi+NjlzUHg64hNdefdaEhwM6LNEbHl6a56i9b5RZLFHnm1z9IWi5E2p
Fk1MBAqBWsm7WXrema5ZB4nfu7PMNVS/kDAvHWKjc9oSD52t8GGgfZysXbxM6mDv
2TpsgH/aqDzkBWnIjYxWxgMjd07QbJW0nV1dyx0RykB2pUaXqwQm/SjCiTodxRd7
ANdzbwQnat9BWlqcaFES9bLrl5mYSrjafB5vPGgm/c6FbH63HJRm1XYKDpDRmJ2B
mCJwv9hetrqP7zkd2HE5a6CyqQUuyYYo0uwbZCJ6F6qU6p19bUv1U0PLpdX+v2oU
GGbPfmxUVdhWSP5SijgMMP/Wl3PNzxcO0rIxgSufX70DjH3dkUTKS6IQUhKn6Ony
TbEvcU4qc+fuDoB65ROSQMeV8o4Lcr+0Jdva9hGVZZatANjxYyZ5VpJRySrnt0ub
bwavqnnUW2cNpjdv/6zmzkcuBcgshO5Q8Q7uHIaZL2hrTpbuOGY67XWSfj3kjjbn
obegA7wlXYWaQxSxnJRkGhC7xCZYVqLkQMWPN8HVweBbR2hgJ65WPrztn4vvivrx
zww2F/0uQzJnDfc=
=OAZZ
-----END PGP SIGNATURE-----