Accepted chromium 112.0.5615.138-1~deb11u1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted chromium 112.0.5615.138-1~deb11u1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sun, 23 Apr 2023 13:47:08 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: chromium_112.0.5615.138-1~deb11u1_source.changes
- Debian-source: chromium
- Debian-suite: proposed-updates
- Debian-version: 112.0.5615.138-1~deb11u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=p6sFRJ49AtnxsH20tzwaVT54VSQ6VSID7kgOYFHuBK8=; b=aa6GbSA0AQtHk/g/dlc/biq8Om /ivJf1vISEPeLMXk/jDGZq3700oYl61iQGJrXZ2vZ5wrBWur94P0Tos9eIgMPLJBaKwwx2g8NTU09 g8j+DiGRXyYiL2JPZuxW+8vFRy+5WrKJlioq75Rghtg3FerTGzJUNBRWCE/07H9Qy7jNCmdoSh8zh DJQXEnS3LhDx4DKXAeqsNzIBwWu40WzCh5uLkMom01emXcJXlnTnM/+abP2UQAybhpupJO8mPxzxF oCOLrTEXSdSIeUd2uCfeKhu5Bng3wAFTnIsDOcf7kK9cW8qMPGL/+PbILtMxJW3WBbqSC/pz2NWNN VD7bwFZg==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pqa3Y-005DZV-1N@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 18 Apr 2023 22:00:00 -0500
Source: chromium
Architecture: source
Version: 112.0.5615.138-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Timothy Pearson <tpearson@raptorengineering.com>
Changes:
chromium (112.0.5615.138-1~deb11u1) bullseye-security; urgency=high
.
* New upstream security release.
- CVE-2023-2133: Out of bounds memory access in Service Worker API.
Reported by Rong Jian of VRI.
- CVE-2023-2134: Out of bounds memory access in Service Worker API.
Reported by Rong Jian of VRI.
- CVE-2023-2135: Use after free in DevTools.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-2136: Integer overflow in Skia.
Reported by Clément Lecigne of Google's Threat Analysis Group.
- CVE-2023-2137: Heap buffer overflow in sqlite.
Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute
* d/patches:
- upstream/protobuf.patch: drop, merged upstream.
Checksums-Sha1:
423c55e0801a9c98d2c7a5c336d245bf95a3cf16 3816 chromium_112.0.5615.138-1~deb11u1.dsc
4a82c90f9f1a36ed65f8810501f5ca1e348de10e 662377800 chromium_112.0.5615.138.orig.tar.xz
b98b91787153e6686f999a5d3f51aa6baaf809de 347804 chromium_112.0.5615.138-1~deb11u1.debian.tar.xz
92604702a9dc4a25f60969307045f4baeaad11ee 20575 chromium_112.0.5615.138-1~deb11u1_source.buildinfo
Checksums-Sha256:
2e959926b43e9fd867b346a14d58d2586662b91a109eeb223c8ffa342e38162b 3816 chromium_112.0.5615.138-1~deb11u1.dsc
b77e8c3cc5314cfa42d8f02d197741500bda6ea1620019b48d81b5f05ec0c131 662377800 chromium_112.0.5615.138.orig.tar.xz
2ef3364945a97c9f8317b395c0d3fb0abf3a2dbfc9e3c39da005b72b9b606586 347804 chromium_112.0.5615.138-1~deb11u1.debian.tar.xz
08fb97029ac79089bfc3806a2c0f37e53a14056a7e9608931378c9678737d95c 20575 chromium_112.0.5615.138-1~deb11u1_source.buildinfo
Files:
07c5468120f82aa12733ceb840e78cbb 3816 web optional chromium_112.0.5615.138-1~deb11u1.dsc
adc96efc6b2543892a03fd683cf82573 662377800 web optional chromium_112.0.5615.138.orig.tar.xz
f9e452e299fde9d3171265c157926a4c 347804 web optional chromium_112.0.5615.138-1~deb11u1.debian.tar.xz
7ce5ea3d89b4b32a7dcccbf71e780fcc 20575 web optional chromium_112.0.5615.138-1~deb11u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmRBcH8UHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjeaZw/+IQexX4GF3stykLsGpI6EZxyiNg4x
N4Zi2oOGGqmsdqK5hNRxTk3ZZw0IlhqtpacFsY9KjCL19P6SDNfplU1saiQO9rrN
SPcJGue3yUcXobIH8OexDs6yR7Jsd19Vk9B3v/sod0tC2/x8zVeUTL3/IZPj9QjP
0fj1X126Zzb/P97uMum36F52Amonaf9PmmbOYq4YM1h4shXnIc9938Y8+navaSW3
M5SxDp25JM5gbnwMuWwr0Eyt39MuhqINSBl34I3D2yoKmvnfHg2s76aeq2nJgvNK
lOWz5ilmn+sd4+AdbGkneHPns5hzOZUAeohGykZa+kuCqCR4QvJOQh72xH7s3YAL
A9uLw2UtxT36Ke2Ud859oRFOLEo2hRxPCm17HtZ+Z4bJ6ZiCEQuD2gNeOPnpS5/x
jnqM59yK2xGvRE20S87zXw1MQ5qmzIvmk7vBD0YePRNixbM9UNtqZvx7MrwsBRY/
6WH5I3ptqQRON2yGWyzui5LnGJ1GfJE1Vy8FEzWXlMWDQuJ1Q/vZZkinfQ0AlycV
6YkXGDNC+r/V04RIzZ4zxRQeflu/o6G7CcfnP8fz76oRvAtTdCX2XXv8woETpXO2
3qPUSA4RI3lkg+Ifb5PvjTfgrQNGqiDznypip6KTfttFXfn+22gfQxAADwzUT4GD
T3isKKuyYEFEEuk=
=MlWj
-----END PGP SIGNATURE-----