Accepted chromium 118.0.5993.70-1~deb11u1 (source) into oldstable-proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted chromium 118.0.5993.70-1~deb11u1 (source) into oldstable-proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Tue, 07 Nov 2023 19:02:32 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: chromium_118.0.5993.70-1~deb11u1_source.changes
- Debian-source: chromium
- Debian-suite: oldstable-proposed-updates
- Debian-version: 118.0.5993.70-1~deb11u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=ABcncEmGuXpHLP11YW2I3uIy5mAHa++EYwD26qUKZAw=; b=NDm7U1KOlHGchUhlZ2NzLuSm+N evlPjaTPvTjd/PYjeMBJ2TxulZkjrHUIzwk7PWOWs8sk/+zVIUtR2Ox6M67dTnQQQot7ToIc8Pr+2 v4zJaX9EWsK4wAd9kjUzVIMXNaRx10R4R51ln+4qKXMyNdv/UiWWOdOFVQVIyHoEmfmU9DTbz8oWa A+v3Rk98cqKGqE2a+iyX3BpSgwtKNZ3c36+xoLhMnh16tw9lFKTu8LxRUOU8PqlPAWkabvg5fWQdw mprAgtlwiL+wxu5ylM//nY825fktxB9U84xeqdsICrBL0tWXjH7EHrwcXPO7njR+UCLxjQV+Ih6Sc Ch/p6ZIg==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1r0RLM-00HYtm-IX@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 15 Oct 2023 13:44:10 -0400
Source: chromium
Architecture: source
Version: 118.0.5993.70-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Timothy Pearson <tpearson@raptorengineering.com>
Changes:
chromium (118.0.5993.70-1~deb11u1) bullseye-security; urgency=high
.
* New upstream stable release.
- CVE-2023-5218: Use after free in Site Isolation.
Reported by @18楼梦想改造家.
- CVE-2023-5487: Inappropriate implementation in Fullscreen.
Reported by Anonymous.
- CVE-2023-5484: Inappropriate implementation in Navigation.
Reported by Thomas Orlita.
- CVE-2023-5475: Inappropriate implementation in DevTools.
Reported by Axel Chong.
- CVE-2023-5483: Inappropriate implementation in Intents.
Reported by Axel Chong.
- CVE-2023-5481: Inappropriate implementation in Downloads.
Reported by Om Apip.
- CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun.
- CVE-2023-5474: Heap buffer overflow in PDF. Reported by [pwn2car].
- CVE-2023-5479: Inappropriate implementation in Extensions API.
Reported by Axel Chong.
- CVE-2023-5485: Inappropriate implementation in Autofill.
Reported by Ahmed ElMasry.
- CVE-2023-5478: Inappropriate implementation in Autofill.
Reported by Ahmed ElMasry.
- CVE-2023-5477: Inappropriate implementation in Installer.
Reported by Bahaa Naamneh of Crosspoint Labs.
- CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh.
- CVE-2023-5473: Use after free in Cast. Reported by DarkNavy.
* d/patches/ppc64le:
- 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
upstream changes
- 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
- skia-vsx-instructions.patch: refresh for upstream changes
- third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
regenerate configs from upstream source
- database/0001-Properly-detect-little-endian-PPC64-systems.patch:
refresh
- ffmpeg/0001-Add-support-for-ppc64.patch: refresh
- fixes/fix-breakpad-compile.patch: refresh
- fixes/fix-unknown-warning-option-messages.diff: refresh
- libaom/0001-Add-ppc64-target-to-libaom.patch: refresh
- sandbox/0001-sandbox-linux-Update-IsSyscallAllowed-in-broker_proc.patch:
refresh
- sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch:
refresh
- sandbox/0008-sandbox-fix-ppc64le-glibc234.patch: refresh
- third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
- third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when-.patch:
refresh
- third_party/0001-third_party-libvpx-Properly-generate-gni-on-ppc64.patch:
refresh
- third_party/0002-third-party-boringssl-add-generated-files.patch: refresh
- third_party/dawn-fix-ppc64le-detection.patch: refresh
- third_party/dawn-fix-typos.patch: refresh
- third_party/skia-vsx-instructions.patch: refresh
- third_party/use-sysconf-page-size-on-ppc64.patch: refresh
- workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
.
[ Andres Salomon]
* d/copyright:
- blanket.js is gone, no need to remove it any more.
- delete some khronos images marked executable.
* d/control: switch from clang-13 to clang-16 for building.
* d/patches:
- upstream/memory.patch: drop, merged upstream.
- upstream/sensor-reading.patch: add, gcc13 build fix from upstream.
- upstream/lweight.patch: add, gcc13 build fix from upstream.
- upstream/freetype.patch: add, fix freetype header inclusion FTBFS.
- upstream/sizet.patch: add, libstdc++ build fix from upstream.
- disable/unrar.patch: update for minor upstream changes.
- bookworm/struct-ctor.patch: add various new workarounds for clang-14.
- bookworm/structured-binding-scope-bug.patch: drop part of the patch.
- bullseye/clang13.patch: drop removal of -gsimple-template-names.
- ungoogled/.../disable-web-environment-integrity.patch: sync with
ungoogled-chromium for upstream changes.
- bookworm/i386-lock-free.patch: refresh.
- bullseye/openh264.patch: refresh.
- bullseye/default-equality-op.patch: add more clang13 workarounds.
- debianization/clang-version.patch: switch to using clang-16.
* d/rules:
- set simple_template_names=false (moved from clang13.patch into
a config option).
- pull acorn-class-fields node module into build tree to fix rollup.
- switch to using clang-16, which is now backported to bullseye.
Checksums-Sha1:
2a9a1abbb17e60110ee46bf6e9eab0db625dc6ce 3762 chromium_118.0.5993.70-1~deb11u1.dsc
2b52e9be225cc92e7782bb2a7d5887f2f065505b 771394968 chromium_118.0.5993.70.orig.tar.xz
242b97672a0387dd7ebf2febee1ffbb622e0d693 1518540 chromium_118.0.5993.70-1~deb11u1.debian.tar.xz
7c6d73e546e36e9833599d40f36d22c1e1e15e29 22899 chromium_118.0.5993.70-1~deb11u1_source.buildinfo
Checksums-Sha256:
1de4ed7e012f2579da4bde9a0a318159507dccf24155b38ddaeebecaa105c53b 3762 chromium_118.0.5993.70-1~deb11u1.dsc
ab19fddba67cad603f09d4017ae8f7573a1e480c604ff9677923592828c8b74e 771394968 chromium_118.0.5993.70.orig.tar.xz
e3c3f3e83bd54821f86dc28a9c73f2fc62c3c1c324d291fcfed977abe8c83891 1518540 chromium_118.0.5993.70-1~deb11u1.debian.tar.xz
7b6ce8e17e2852605aaa49d3e0e5ec66205d804bc5ee72bdfbe83b3bda7ecb55 22899 chromium_118.0.5993.70-1~deb11u1_source.buildinfo
Files:
9acf450130e9d34992d04f6cf4821130 3762 web optional chromium_118.0.5993.70-1~deb11u1.dsc
4ae6869c929cac4f8d20df0173ccee30 771394968 web optional chromium_118.0.5993.70.orig.tar.xz
ad3f862d310b8325aec105bd0b314c46 1518540 web optional chromium_118.0.5993.70-1~deb11u1.debian.tar.xz
dc5365afc74d404c7a3866e63a5c9c03 22899 web optional chromium_118.0.5993.70-1~deb11u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmUsLMgUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjetGhAAupLTWXbxFoB7hfJP30G28BUNQf1s
sl9W245h4X4PkA6Y8PMwBdWV4ItrpWB5HHrxzofAljSp+OlcLqj4N7dn9w5KfsmY
Oa9cNJxeL6QQeMx2ZJrC9AIjQcX4ocH9tIoHCUlfNkwP0uJTeOkCB2As8DPjEoLA
kccmfEwE/nqwEhF2F9P5G8j56Bxa1jbvdjI61yZiYUT2a9x2lE2gMPW2f0dCNqZY
Ae9UkPcJyp2x0FBkkthRt4Scx6ivk3gVPyi707tlRsHGNR/9h3krFCVzhEfGSg1Y
1Y+2mgGm17ihsuSzr6oAyjvcnXKjuOEEhahaHJrDxDp3Ju3d4eyx0zhHjBg6LIz5
eeAKlbzYqdzHMuxhg5YCrdm7TDsT3uIB1mELhk02Ry/Ie1ByZFvkyLp8l3SGuuje
UB9jjTaDuLoCwPBfn2v4DQeqoZhaSaIR6TUsT/x6bBju54R1BsQv+bsfrFPLZosw
9iNOA+LXlR9f4DwBz/h4V6oSIrBTs5I0FGGFuvUkFvKN5Gek9R2YJ2Ld35YtHAc4
gxyfSLnulc9/UcYhVeUKEUx5DglKBcb86jsiahmY7YIJxw/uwUdmV0eNZxVwT6db
hS7/v936SkT9wygeaYOR0rZupFEAW8ppkJyRCpXE3ORwfBewVQ4hyF4aniYXo3XF
h2iWw8DlaBHhYtI=
=JtM3
-----END PGP SIGNATURE-----