Back to chromium PTS page

Accepted chromium 118.0.5993.70-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted chromium 118.0.5993.70-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 11 Oct 2023 04:43:41 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: chromium_118.0.5993.70-1_source.changes
Debian-source: chromium
Debian-suite: unstable
Debian-version: 118.0.5993.70-1
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=1bZ9DF2wADTJsdvAZlS2nBJoqCYVOgDWY5BggCQVasw=; b=p6vIDxfejBAdVJACJZoCxGPTml GIoKsd/n5PIj3XzFiBLaNOVUKLO9s3zmXOL/7P6NrVrmuS0BbkHKADe462hatGhtNiLxk0GaSwxDq VG1hu0DIsnECrbLieB90wQ7sXNbUwR09VBv/WPKJ16DaD+T/50AMTewezLnaDrcu+R1+UNMCyB2tv Ixis0iMf6YZ75Fcn+43j8vDlS8U0xKnzA9mtbWDDz/FrViXbOgdtjatsa1B5OzT5Ah1VyjTkSJ39h VBoUntQOtr1Xcjm4n+wyBtejl+UEDEFSlKd6VvTo5TajvfPcf8hnpxsmRYF65fpkTuGBOwFaThzB7 MCihnZxg==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1qqR4P-00EDLs-3o@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 10 Oct 2023 22:03:00 -0500
Source: chromium
Architecture: source
Version: 118.0.5993.70-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Timothy Pearson <tpearson@raptorengineering.com>
Changes:
 chromium (118.0.5993.70-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-5218: Use after free in Site Isolation.
       Reported by @18楼梦想改造家.
     - CVE-2023-5487: Inappropriate implementation in Fullscreen.
       Reported by Anonymous.
     - CVE-2023-5484: Inappropriate implementation in Navigation.
       Reported by Thomas Orlita.
     - CVE-2023-5475: Inappropriate implementation in DevTools.
       Reported by Axel Chong.
     - CVE-2023-5483: Inappropriate implementation in Intents.
       Reported by Axel Chong.
     - CVE-2023-5481: Inappropriate implementation in Downloads.
       Reported by Om Apip.
     - CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun.
     - CVE-2023-5474: Heap buffer overflow in PDF. Reported by [pwn2car].
     - CVE-2023-5479: Inappropriate implementation in Extensions API.
       Reported by Axel Chong.
     - CVE-2023-5485: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-5478: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-5477: Inappropriate implementation in Installer.
       Reported by Bahaa Naamneh of Crosspoint Labs.
     - CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh.
     - CVE-2023-5473: Use after free in Cast. Reported by DarkNavy.
   * d/patches/ppc64le:
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
        upstream changes
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
     - third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - database/0001-Properly-detect-little-endian-PPC64-systems.patch:
       refresh
     - ffmpeg/0001-Add-support-for-ppc64.patch: refresh
     - fixes/fix-breakpad-compile.patch: refresh
     - fixes/fix-unknown-warning-option-messages.diff: refresh
     - libaom/0001-Add-ppc64-target-to-libaom.patch: refresh
     - sandbox/0001-sandbox-linux-Update-IsSyscallAllowed-in-broker_proc.patch:
       refresh
     - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch:
       refresh
     - sandbox/0008-sandbox-fix-ppc64le-glibc234.patch: refresh
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
     - third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when-.patch:
       refresh
     - third_party/0001-third_party-libvpx-Properly-generate-gni-on-ppc64.patch:
       refresh
     - third_party/0002-third-party-boringssl-add-generated-files.patch: refresh
     - third_party/dawn-fix-ppc64le-detection.patch: refresh
     - third_party/dawn-fix-typos.patch: refresh
     - third_party/skia-vsx-instructions.patch: refresh
     - third_party/use-sysconf-page-size-on-ppc64.patch: refresh
     - workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
 .
   [ Andres Salomon]
   * d/copyright:
     - blanket.js is gone, no need to remove it any more.
     - delete some khronos images marked executable.
   * d/patches:
     - upstream/memory.patch: drop, merged upstream.
     - upstream/sensor-reading.patch: add, gcc13 build fix from upstream.
     - upstream/lweight.patch: add, gcc13 build fix from upstream.
     - upstream/freetype.patch: add, fix freetype header inclusion FTBFS.
     - upstream/sizet.patch: add, libstdc++ build fix from upstream.
     - disable/unrar.patch: update for minor upstream changes.
     - bookworm/struct-ctor.patch: add various new workarounds for clang-14.
     - bookworm/structured-binding-scope-bug.patch: drop part of the patch.
     - bullseye/clang13.patch: drop bullseye patches from sid.
     - bullseye/constexpr.patch: drop bullseye patches from sid.
     - ungoogled/.../disable-web-environment-integrity.patch: sync with
       ungoogled-chromium for upstream changes.
Checksums-Sha1:
 aa514d656d495f132fdeeb1d53ccd313511efb3b 3659 chromium_118.0.5993.70-1.dsc
 2b52e9be225cc92e7782bb2a7d5887f2f065505b 771394968 chromium_118.0.5993.70.orig.tar.xz
 eb662948f93d41e78012b82498a341dd111c76c7 389388 chromium_118.0.5993.70-1.debian.tar.xz
 b295f5abf3b6e49da81477b0da6c2adfad6369ff 21183 chromium_118.0.5993.70-1_source.buildinfo
Checksums-Sha256:
 881b7a4f9f627fcfa65d75600b6f0ac24b9dc2ec6d1e8b9ad61be828ba23b2fb 3659 chromium_118.0.5993.70-1.dsc
 ab19fddba67cad603f09d4017ae8f7573a1e480c604ff9677923592828c8b74e 771394968 chromium_118.0.5993.70.orig.tar.xz
 a30a68d2164389c76ab94e92cf6349ea51553154e96e6e9855ad83ce3b7fe3d9 389388 chromium_118.0.5993.70-1.debian.tar.xz
 3b6720ddb0ba0aaffdc7bfe0fbcaff2cd789e1545569c43480d425613ecc0680 21183 chromium_118.0.5993.70-1_source.buildinfo
Files:
 a75fd37b81a9d46c7b9a204cecf27622 3659 web optional chromium_118.0.5993.70-1.dsc
 4ae6869c929cac4f8d20df0173ccee30 771394968 web optional chromium_118.0.5993.70.orig.tar.xz
 c2a17c4fc23532d0efc8641e457d7605 389388 web optional chromium_118.0.5993.70-1.debian.tar.xz
 eee556d991cd36acce8189e3c4db17bd 21183 web optional chromium_118.0.5993.70-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbljKSL6u8RwDRSBe7DyAvFcxm34FAmUmGvYACgkQ7DyAvFcx
m35QeQ//WGiGJQFNYoG73zz1inn4GwEBw9N8UzFqpCl6M7DIiDILJS2I3jtFVD6Q
5sgs1/lGJracs8pOLzYgs8/EaU9QiME8v1DxhsdM+N3wWKEwyraOEu2a/Izc9P50
USXjNIz17HNrcaRfUddCZ3fObDAMZhvEAmjv2btl33HU74AjdfJ8xGmJwMFdqGFA
i4XJnsU1LLzJpXxbY7O6nHvPww04Saeg5wvaUMajlgWkR+AvzCQ8g9I6BzhmNxZX
kps2+HieBblvBcjrCgddn4V5EffX8q8Fdholbqz+arpJJa5wUvOUAe1ixQ8V+JSc
7etkCXH4lQZRil2RpE9P4G2F3W9AunoK5uY1OIX6lR0MIb39iOqKFfWVPhcbhTI4
XzFGcnG9ka8J6qwDy3CNbjNtF31VNIzQEN7kBmpAlqb0HwYfbefQZQMtL+mgijUf
YCGyyvKdM4sFpsFHIBAek01NMMF9vwU8hCVOs9QiOuHHO8rTicbYVY5FPZChWIdN
PJ0K9YI/6f8i1EoVePJgUtQGRfRVD1Tty6OYStCV7K1w6eZQ6CWk9eFib4HR278b
9+Ke/7XvDl/RBTnEGcHNAt7zj2Ultjq7pPg6/2kFNuHrmITB87GW2f1/2Q17b9zU
5UlxAAVJD6LmexUunMC+wY0AWZ9HEXEsh6QLwn98yqhrHeXqn00=
=MgCf
-----END PGP SIGNATURE-----