Accepted chromium 111.0.5563.110-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted chromium 111.0.5563.110-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 22 Mar 2023 08:05:24 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: chromium_111.0.5563.110-1_source.changes
- Debian-source: chromium
- Debian-suite: unstable
- Debian-version: 111.0.5563.110-1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=Va6NU3dbHH4lvzndfF8guRge6KtOYNp2x07lhnEY7J4=; b=TrvTc6WLsg7MjkXyhYlJwfDjLT 5XojrIXBo62h/XI1Ko4iHREYHiRVUGNlIG7lBTuuq8xdJAXQ5XpioFin2JvCwk0TAzSE2dTCEyjIt 15831kd10WzaQGfothi4CPKgycqOViW65KkJ+WJql94soOOu0pDWA3rJJQbghBqgaf2xaZC6RT26N vI18UVsYzT7ahXzgTMv1HfdBV09qQbZ73bEugk30jR8NLpe8rTI3N7ZAPbC4sPnJjC3S2xJHm8+qb XYbi05wrNY7jQcP9m6zSZjf5c/tAqHRScxB8WDfzTeC35MyrRsEk3dDAyofdQGpCTlm6wmGMW3CXl D439dLKA==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1petTI-002s61-GR@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 22 Mar 2023 03:17:36 -0400
Source: chromium
Architecture: source
Version: 111.0.5563.110-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Closes: 1015367 1033015 1033223
Changes:
chromium (111.0.5563.110-1) unstable; urgency=high
.
* New upstream security release.
- CVE-2023-1528: Use after free in Passwords.
Reported by Wan Choi of Seoul National University.
- CVE-2023-1529: Out of bounds memory access in WebHID.
- CVE-2023-1530: Use after free in PDF.
Reported by The UK's National Cyber Security Centre (NCSC).
- CVE-2023-1531: Use after free in ANGLE.
Reported by Piotr Bania of Cisco Talos.
- CVE-2023-1532: Out of bounds read in GPU Video.
Reported by Mark Brand of Google Project Zero.
- CVE-2023-1533: Use after free in WebProtect.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2023-1534: Out of bounds read in ANGLE.
Reported by Jann Horn and Mark Brand of Google Project Zero.
* Document how to properly enable Wayland support in README.Debian
(closes: #1033223).
* d/rules patch from "Daniel Richard G." <skunk@iSKUNK.ORG>:
- Disable lto flags (closes: #1015367).
- don't clobber LDFLAGS from dpkg-buildflags (closes: #1033015).
Checksums-Sha1:
d40e80bb284b40c355c961d22c57b799c9fb39af 3691 chromium_111.0.5563.110-1.dsc
edab4c6cae713a109c23c549684736c0d50ccb76 653761308 chromium_111.0.5563.110.orig.tar.xz
7c5b829ce3cfea1719f3b9cee1694ad94c8e502c 298208 chromium_111.0.5563.110-1.debian.tar.xz
1c48412f06d1a2927bbb5e3d876414829ec78ae4 20581 chromium_111.0.5563.110-1_source.buildinfo
Checksums-Sha256:
e7da438bde81c773a58a5f5949823a98d08cc39d63f01305074d2c2b4f986d3a 3691 chromium_111.0.5563.110-1.dsc
a9fd234e79d192179124e7efb3a14094c2e54a13c2e261fe5b8cccb53d73d9f2 653761308 chromium_111.0.5563.110.orig.tar.xz
52f26750ab98bdd5bdc1cbd2e61549c8cdc2ea27cd1e362d88639674589c6690 298208 chromium_111.0.5563.110-1.debian.tar.xz
10eabeddd4a90dd751cbb7cca346583c68615c1c658f53fe9c4aaf701ee0bf8e 20581 chromium_111.0.5563.110-1_source.buildinfo
Files:
af0134040b6260773b980a44a37d601c 3691 web optional chromium_111.0.5563.110-1.dsc
3fe41c128b030ac0420ade2ad88b94a4 653761308 web optional chromium_111.0.5563.110.orig.tar.xz
bba404566f9e9127cfa2312fab34c631 298208 web optional chromium_111.0.5563.110-1.debian.tar.xz
04a2039953ce91fb0931935ccbec98e5 20581 web optional chromium_111.0.5563.110-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmQarIAUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjfH9hAAu4fNawkq0cqVpvjFL6FLDBUrBob5
9TeWLVkF888hpmMQj18qrJ4/Nt8OuPUnkXkpKd+wGmzqkvM4g7/jCzpZ7mS6roE/
W9uv5n5IGGnLQJdKTkEelie2ug1kZwM65ZX6iGxKXARmyNlR4jE8GQTFlKgyCAIV
RocEmL56R8PbEgEEm0QupF164bIjiqMMqxBfILkB3AYHXUEYZ798lEIP/BlPWYhJ
fQLkS08eXWmbYyAkjJpfDAzMTulkszYPcXgXJruwCvJlQD09dVfMClv3gpxqwEpm
vggwU0q0Yc8u2J+oMyrIMnAIq0j7iF3yTOK6DNtSrypaOSVK7gGJjGsGt1+Tz0XV
NDNSMwzmbkq6T22r8NzqBORbcVW/wAruYGc51H69kW/GC4otinfXlSq4VJhS/234
7Xrkutu0PwvR0fgcDRXMX4ZN5xG6EhsH4tYOyVcckUyGwMsTZTi5D9l+vVB1uv1O
F6la0M1Jv5beTBjBQSp0VSg2rzMioW1D0p6903rMpe06MvkciiMP9N6oO5nE7hAD
nLxGDTvXe/nLp7U0NGIzYLn6Vh3fSsTWaRyV7wh5Qj6BsdkBDvNL+U9TuwZFnJHj
TSHjZQKmDHR3nlWpBLv9JO2uNdJKOo8zGsJFnXRgqMrN+9WdtCC4zIY3CItaLciN
ZE1Nc443CD961AE=
=pqga
-----END PGP SIGNATURE-----