Change log for chromium package in Debian
| 1 → 75 of 194 results | First • Previous • Next • Last |
| Published in sid-release |
chromium (124.0.6367.78-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-4058: Type Confusion in ANGLE.
Reported by Toan (suto) Pham and Bao (zx) Pham of Qrious Secure.
- CVE-2024-4059: Out of bounds read in V8 API. Reported by Eirik.
- CVE-2024-4060: Use after free in Dawn. Reported by wgslfuzz.
-- Andres Salomon <email address hidden> Thu, 25 Apr 2024 19:07:35 -0400
| Published in sid-release |
chromium (124.0.6367.60-2) unstable; urgency=high
* d/patches/ppc64le:
- third_party/0001-Add-PPC64-support-for-boringssl.patch: update for
upstream boringssl changes and reenable
- third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
regenerate from new ffmpeg source tree
- third_party/skia-vsx-instructions.patch: update for upstream changes
[ Andres Salomon ]
* d/patches:
- fixes/arm64-ftbfs.patch: add arm64-specific ftbfs fix for libdav1d.
- upstream/ozone1.patch, upstream/ozone2.patch: backport fixes for
broken wayland support (closes: #1069586).
-- Timothy Pearson <email address hidden> Thu, 25 Apr 2024 15:21:00 -0500
| Published in sid-release |
chromium (124.0.6367.60-1) unstable; urgency=high
* New upstream stable release.
- CVE-2024-3832: Object corruption in V8.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2024-3833: Object corruption in WebAssembly.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2024-3834: Use after free in Downloads. Reported by ChaobinZhang
- CVE-2024-3837: Use after free in QUIC.
Reported by {rotiple, dch3ck} of CW Research Inc.
- CVE-2024-3838: Inappropriate implementation in Autofill.
Reported by Ardyan Vicky Ramadhan.
- CVE-2024-3839: Out of bounds read in Fonts.
Reported by Ronald Crane (Zippenhop LLC).
- CVE-2024-3840: Insufficient policy enforcement in Site Isolation.
Reported by Ahmed ElMasry.
- CVE-2024-3841: Insufficient data validation in Browser Switcher.
Reported by Oleg.
- CVE-2024-3843: Insufficient data validation in Downloads.
Reported by Azur.
- CVE-2024-3844: Inappropriate implementation in Extensions.
Reported by Alesandro Ortiz.
- CVE-2024-3845: Inappropriate implementation in Network.
Reported by Daniel Baulig.
- CVE-2024-3846: Inappropriate implementation in Prompts.
Reported by Ahmed ElMasry.
- CVE-2024-3847: Insufficient policy enforcement in WebUI.
Reported by Yan Zhu.
* d/copyright:
- delete __pycache__ directories to shut up dpkg warnings.
- stop deleting bundled libwebp directory.
* Drop build-dep on libwebp-dev and start building against the bundled
libwebp. We need to do this because chromium uses features of libavif
that require libsharpyuv-dev; but that's only available in sid/trixie.
* d/patches:
- upstream/std-to-address.patch: drop, merged upstream.
- fixes/optional2.patch: drop, merged upstream.
- fixes/blink-fonts-shape-result.patch: drop, merged upstream.
- bookworm/constexpr-equality.patch: drop, merged upstream.
- disable/catapult.patch: refresh.
- disable/google-api-warning.patch: rework to be a smaller patch.
- bookworm/clang16.patch: refresh.
- ungoogled/disable-privacy-sandbox.patch: drop hunk related to deprecated
preference.
- upstream/mojo-null.patch: pull a (typescript) build fix from upstream.
- upstream/uint-includes.patch: simple header build fix from upstream.
- upstream/fps-optional.patch: add header build fix.
- upstream/span-optional.patch: add header build fix.
- upstream/extractor-bitset.patch: add header build fix.
- upstream/atomic.patch: add header build fix.
- upstream/webgpu-optional.patch: add header build fix.
- fixes/absl-optional.patch: comment out assert() that caused crash.
This could be another clang16/libstdc++ miscompilation issue, but
needs further investigation.
- fixes/bad-font-gc2.patch: drop a bunch of test-related pieces.
- fixes/bad-font-gc0000.patch, fixes/bad-font-gc000.patch,
fixes/bad-font-gc00.patch, fixes/bad-font-gc0.patch,
fixes/bad-font-gc11.patch, fixes/bad-font-gc3.patch: revert a bunch
more (new) upstream commits related to bad-font-gc2.patch. When the
use-after-free bug gets fixed, all this can be dropped.
* d/patches/ppc64le:
- third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch,
third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch,
workarounds/HACK-third_party-libvpx-use-generic-gnu.patch,
breakpad/0001-Implement-support-for-ppc64-on-Linux.patch,
ffmpeg/0001-Add-support-for-ppc64.patch,
third_party/dawn-fix-typos.patch,
third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
- third_party/skia-vsx-instructions.patch: refresh & update for header
renaming.
- third_party/0001-Add-PPC64-support-for-boringssl.patch,
third_party/0002-third-party-boringssl-add-generated-files.patch:
disable these two until Tim has a chance to look at them.
-- Andres Salomon <email address hidden> Fri, 19 Apr 2024 12:33:38 -0400
| Superseded in sid-release |
chromium (123.0.6312.122-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-3157: Out of bounds write in Compositing.
Reported by DarkNavy.
- CVE-2024-3516: Heap buffer overflow in ANGLE.
Reported by Bao (zx) Pham and Toan (suto) Pham of Qrious Secure.
- CVE-2024-3515: Use after free in Dawn. Reported by wgslfuzz.
-- Andres Salomon <email address hidden> Wed, 10 Apr 2024 21:21:05 -0400
| Superseded in sid-release |
chromium (123.0.6312.105-2) unstable; urgency=high
* Depend on libgtk-3-0t64 instead of libgtk-3-0 for time_t transition
(closes: #1068540).
-- Andres Salomon <email address hidden> Sun, 07 Apr 2024 12:43:26 -0400
| Superseded in sid-release |
chromium (123.0.6312.105-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-3156: Inappropriate implementation in V8.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2024-3158: Use after free in Bookmarks. Reported by undoingfish.
- CVE-2024-3159: Out of bounds memory access in V8. Reported by
Edouard Bochin (@le_douds) and Tao Yan (@Ga1ois) of Palo Alto
Networks, via Pwn2Own 2024.
-- Andres Salomon <email address hidden> Tue, 02 Apr 2024 18:28:18 -0400
| Superseded in sid-release |
chromium (123.0.6312.86-1) unstable; urgency=high
* New upstream stable release.
- CVE-2024-2883: Use after free in ANGLE.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-2885: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-2886: Use after free in WebCodecs. Reported by
Seunghyun Lee (@0x10n) of KAIST Hacking Lab, via Pwn2Own 2024.
- CVE-2024-2887: Type Confusion in WebAssembly.
Reported by Manfred Paul, via Pwn2Own 2024.
* d/patches/ppc64le:
- fixes/fix-clang-selection.patch: select clang on ppc64 platforms
- ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: fix
ARM builds.
[ Andres Salomon ]
* d/patches:
- fixes/bad-font-gc1.patch, fixes/bad-font-gc2.patch: revert a pair of
upstream commits that result in blink's garbage collector frequently
deadlocking and crashing (closes: #1067886).
-- Timothy Pearson <email address hidden> Wed, 28 Mar 2024 16:58:00 -0500
| Superseded in sid-release |
chromium (123.0.6312.58-1) unstable; urgency=high
* New upstream stable release.
- CVE-2024-2625: Object lifecycle issue in V8.
Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
- CVE-2024-2626: Out of bounds read in Swiftshader.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-2627: Use after free in Canvas. Reported by Anonymous.
- CVE-2024-2628: Inappropriate implementation in Downloads.
Reported by Ath3r1s.
- CVE-2024-2629: Incorrect security UI in iOS.
Reported by Muneaki Nishimura (nishimunea).
- CVE-2024-2630: Inappropriate implementation in iOS.
Reported by James Lee (@Windowsrcer).
- CVE-2024-2631: Inappropriate implementation in iOS.
Reported by Ramit Gangwar.
* d/patches:
- upstream/bitset.patch: drop, merged upstream.
- upstream/bookmarknode.patch: drop, merged upstream.
- upstream/optional.patch: drop, merged upstream.
- upstream/uniqptr.patch: drop, merged upstream.
- fixes/gcc13-headers.patch: drop, merged upstream.
- fixes/optional.patch: drop, merged upstream.
- fixes/material-utils.patch: drop part that was merged upstream.
- disable/catapult.patch: refresh.
- bookworm/constexpr-equality.patch: include another similar fix.
- bookworm/nvt.patch: refresh.
- bookworm/undo-internal-alloc.patch: drop, as this was fixed upstream.
- ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
- disable/angle-perftests.patch: drop, replace with a gn build argument.
- bookworm/rust-downgrade-osstr-users.patch: add new patch to downgrade
clap-lex crate, as it's using 1.74 features and we only have 1.70.
- fixes/strlcpy.patch: add strlcpy declaration (closes: #1066235).
- fixes/optional2.patch: add another missing <optional> inclusion.
- fixes/stats-collector.patch: add build fix for wrong header.
- disable/screen-ai-blob.patch: add patch to not register the
ScreenAI component. Previously, if you opened a PDF and clicked
"open in reader mode", it would download a binary blob to
~/.config/chromium/screen_ai/, and do OCR stuff (and who knows
what else) in that opaque blob without warning you. We, uh, don't
want that. (closes: #1066910).
* d/rules: add angle_build_tests=false build argument, which allows us to
drop angle-perftests.patch.
[ Timothy Pearson ]
* d/patches:
- fixes/blink-fonts-shape-result.patch: pull in upstream patch for
compilation failure in Blink SameSizeAsShapeResult class
* d/patches/ppc64le:
- ffmpeg/0001-Add-support-for-ppc64.patch: refresh for upstream changes
- third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
refresh for upstream changes
- libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: refresh
for upstream changes
- third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh for
upstream changes
- third_party/skia-vsx-instructions.patch: refresh & harden Skia against
timing attacks.
-- Andres Salomon <email address hidden> Fri, 22 Mar 2024 12:45:06 -0400
| Superseded in sid-release |
chromium (122.0.6261.128-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-2400: Use after free in Performance Manager.
Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab.
-- Andres Salomon <email address hidden> Tue, 12 Mar 2024 18:43:05 -0400
| Superseded in sid-release |
chromium (122.0.6261.111-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-2173: Out of bounds memory access in V8.
Reported by 5fceb6172bbf7e2c5a948183b53565b9.
- CVE-2024-2174: Inappropriate implementation in V8.
Reported by 5f46f4ee2e17957ba7b39897fb376be8.
- CVE-2024-2176: Use after free in FedCM. Reported by Anonymous.
-- Andres Salomon <email address hidden> Tue, 05 Mar 2024 16:40:05 -0500
| Superseded in sid-release |
chromium (122.0.6261.94-1) unstable; urgency=high
* New upstream security release.
- Type Confusion in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be8.
- Type Confusion in V8. Reported by
Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab.
-- Andres Salomon <email address hidden> Tue, 27 Feb 2024 15:15:03 -0500
| Superseded in sid-release |
chromium (122.0.6261.57-1) unstable; urgency=high
* New upstream stable release.
- CVE-2024-1669: Out of bounds memory access in Blink.
Reported by Anonymous.
- CVE-2024-1670: Use after free in Mojo.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-1671: Inappropriate implementation in Site Isolation.
Reported by Harry Chen.
- CVE-2024-1672: Inappropriate implementation in Content Security Policy.
Reported by Georg Felber (TU Wien) & Marco Squarcina (TU Wien).
- CVE-2024-1673: Use after free in Accessibility.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2024-1674: Inappropriate implementation in Navigation.
Reported by David Erceg.
- CVE-2024-1675: Insufficient policy enforcement in Download.
Reported by Bartłomiej Wacko.
- CVE-2024-1676: Inappropriate implementation in Navigation.
Reported by Khalil Zhani.
* d/patches:
- fixes/v8-compressed-ptrs.patch: drop, merged upstream.
- fixes/stdint.patch: drop, merged upstream.
- upstream/vector.patch: drop, merged upstream.
- upstream/display-header.patch: drop, merged upstream.
- upstream/bitset.patch: drop, merged upstream.
- upstream/once_flag.patch: drop, merged upstream.
- fixes/std-to-address.patch: refresh.
- disable/signin.patch: refresh.
- disable/catapult.patch: refresh.
- bookworm/clang16.patch: refresh, and change
-Wno-c++11-narrowing-const-reference to -Wno-c++11-narrowing.
- bookworm/nvt.patch: refresh.
- ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
- bookworm/undo-internal-alloc.patch: revert a commit that confuses
clang16 w/ libstdc++. We need a better workaround than this.
- upstream/mojo.patch: update from git.
- bookworm/constexpr-equality.patch: add a few more build fixes
(constexpr removals).
- upstream/uniqptr.patch: add missing include.
- upstream/optional.patch: add missing include.
- upstream/bookmarknode.patch: add comparison equality fix pulled from
upstream.
- fixes/optional.patch: add missing includes.
- bookworm/nvt2.patch: revert another upstream c++-20 change for clang-16.
- upstream/bitset.patch: add missing include.
- ppc64le/v8/0002-Add-ppc64-trap-instructions.patch: refresh.
[ Timothy Pearson ]
* d/patches/ppc64le:
- 0001-Properly-detect-little-endian-PPC64-systems.patch: drop, upstream
fix in GIT hash 25a6e6
- 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
- 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
upstream changes
- skia-vsx-instructions.patch: refresh for upstream changes
-- Andres Salomon <email address hidden> Wed, 21 Feb 2024 19:56:32 -0500
| Published in bullseye-release |
chromium (120.0.6099.224-1~deb11u1) bullseye-security; urgency=high
* New upstream security release.
- CVE-2024-0517: Out of bounds write in V8.
Reported by Toan (suto) Pham of Qrious Secure.
- CVE-2024-0518: Type Confusion in V8.
Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
- CVE-2024-0519: Out of bounds memory access in V8. Reported by Anonymous.
* d/rules: fix search path for clang libs.
-- Andres Salomon <email address hidden> Tue, 16 Jan 2024 15:35:05 -0500
| Published in bookworm-release |
chromium (121.0.6167.139-1~deb12u1) bookworm-security; urgency=high
* New upstream security release.
- CVE-2024-1060: Use after free in Canvas. Reported by Anonymous.
- CVE-2024-1059: Use after free in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-1077: Use after free in Network.
Reported by Microsoft Security Research Center.
-- Andres Salomon <email address hidden> Wed, 31 Jan 2024 11:49:10 -0500
| Superseded in sid-release |
chromium (121.0.6167.160-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-1284: Use after free in Mojo. Reported by Anonymous.
- CVE-2024-1283: Heap buffer overflow in Skia.
Reported by Jorge Buzeti (@r3tr074).
-- Andres Salomon <email address hidden> Tue, 06 Feb 2024 22:41:53 -0500
| Superseded in sid-release |
chromium (121.0.6167.139-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-1060: Use after free in Canvas. Reported by Anonymous.
- CVE-2024-1059: Use after free in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-1077: Use after free in Network.
Reported by Microsoft Security Research Center.
-- Andres Salomon <email address hidden> Wed, 31 Jan 2024 11:49:10 -0500
| Superseded in sid-release |
chromium (121.0.6167.85-1) unstable; urgency=high
* New upstream stable release.
- CVE-2024-0807: Use after free in WebAudio.
Reported by Huang Xilin of Ant Group Light-Year Security Lab.
- CVE-2024-0812: Inappropriate implementation in Accessibility.
Reported by Anonymous.
- CVE-2024-0808: Integer underflow in WebUI.
Reported by Lyra Rebane (rebane2001).
- CVE-2024-0810: Insufficient policy enforcement in DevTools.
Reported by Shaheen Fazim.
- CVE-2024-0814: Incorrect security UI in Payments.
Reported by Muneaki Nishimura (nishimunea).
- CVE-2024-0813: Use after free in Reading Mode. Reported by @retsew0x01.
- CVE-2024-0806: Use after free in Passwords.
Reported by 18楼梦想改造家.
- CVE-2024-0805: Inappropriate implementation in Downloads.
Reported by Om Apip.
- CVE-2024-0804: Insufficient policy enforcement in iOS Security UI.
Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
- CVE-2024-0811: Inappropriate implementation in Extensions API.
Reported by Jann Horn of Google Project Zero.
- CVE-2024-0809: Inappropriate implementation in Autofill.
Reported by Ahmed ElMasry.
* d/copyright: drop another eu-strip binary.
* d/patches:
- fixes/atspi.patch: drop, merged upstream.
- fixes/gcc13-headers.patch: drop portions that were merged upstream.
- upstream/nullptr_t.patch: drop, merged upstream.
- upstream/string-include.patch: drop, merged upstream.
- ungoogled/disable-web-environment-integrity.patch: remove, upstream
wisely backed off and removed WEI.
- disable/signin.patch: refresh for minor upstream changes.
- disable/catapult.patch: refresh for minor upstream changes.
- system/openjpeg.patch: refresh for minor upstream changes.
- bookworm/clang16.patch: drop portion that was merged upstream.
- upstream/vector.patch: missing header fix, pulled from upstream.
- upstream/display-header.patch: missing header fix, pulled from upstream.
- upstream/bitset.patch: missing header fix, pulled from upstream.
- upstream/once_flag.patch: missing header fix, pulled from upstream.
- bookworm/constexpr-equality.patch: add clang-16 workaround.
- bookworm/nvt.patch: revert an upstream c++-20 change that confuses
clang-16.
- fixes/libxml-parseerr.patch: revert change from a newer libxml than
debian's.
[ Timothy Pearson ]
* d/patches:
- fixes/std-to-address.patch: work around incorrect template selection
in Mojo ConvertTo()
- fixes/stdint.patch: add missing stdint include to performance manager
* d/patches/ppc64le:
- fixes/fix-rust-linking.patch: allow linking C and Rust libraries in full
archive mode
- libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: refresh
for upstream changes
- third_party/skia-vsx-instructions.patch: refresh for upstream changes
- third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
refresh for upstream changes
- third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
refresh for upstream changes
-- Andres Salomon <email address hidden> Tue, 23 Jan 2024 17:59:49 -0500
| Superseded in sid-release |
chromium (120.0.6099.224-2) unstable; urgency=high * d/patches/ppc64le/fixes/fix-rustc.patch: add patch to fix ppc64le build. -- Andres Salomon <email address hidden> Thu, 18 Jan 2024 03:05:12 -0500
| Superseded in sid-release |
chromium (120.0.6099.224-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-0517: Out of bounds write in V8.
Reported by Toan (suto) Pham of Qrious Secure.
- CVE-2024-0518: Type Confusion in V8.
Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
- CVE-2024-0519: Out of bounds memory access in V8. Reported by Anonymous.
* d/rules: enable rust and (relatedly) fix search path for clang libs.
* Add versioned build-dep on rustc >= 1.70.0+dfsg1-5 for profiler support.
-- Andres Salomon <email address hidden> Tue, 16 Jan 2024 15:35:05 -0500
| Superseded in sid-release |
chromium (120.0.6099.216-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-0333: Insufficient data validation in Extensions.
Reported by Malcolm Stagg (@malcolmst) of SODIUM-24, LLC.
-- Andres Salomon <email address hidden> Tue, 09 Jan 2024 20:54:53 -0500
| Superseded in sid-release |
chromium (120.0.6099.199-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-0222: Use after free in ANGLE.
Reported by Toan (suto) Pham of Qrious Secure.
- CVE-2024-0223: Heap buffer overflow in ANGLE.
Reported by Toan (suto) Pham and Tri Dang of Qrious Secure.
- CVE-2024-0224: Use after free in WebAudio.
Reported by Huang Xilin of Ant Group Light-Year Security Lab.
- CVE-2024-0225: Use after free in WebGPU. Reported by Anonymous.
-- Andres Salomon <email address hidden> Wed, 03 Jan 2024 22:53:21 -0500
| Superseded in sid-release |
chromium (120.0.6099.129-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-7024: Heap buffer overflow in WebRTC. Reported by
Clément Lecigne and Vlad Stolyarov of Google's Threat Analysis Group.
-- Andres Salomon <email address hidden> Wed, 20 Dec 2023 21:05:12 -0500
| Superseded in sid-release |
chromium (120.0.6099.109-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-6702: Type Confusion in V8. Reported by
Zhiyi Zhang and Zhunki from Codesafe Team of Legendsec at Qi'anxin Group.
- CVE-2023-6703: Use after free in Blink.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-6704: Use after free in libavif. Reported by Fudan University.
- CVE-2023-6705: Use after free in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-6706: Use after free in FedCM. Reported by anonymous.
- CVE-2023-6707: Use after free in CSS. Reported by @ginggilBesel.
-- Andres Salomon <email address hidden> Tue, 12 Dec 2023 19:52:08 -0500
| Superseded in bookworm-release |
chromium (119.0.6045.199-1~deb12u1) bookworm-security; urgency=high
* New upstream security release.
- CVE-2023-6348: Type Confusion in Spellcheck.
Reported by Mark Brand of Google Project Zero.
- CVE-2023-6347: Use after free in Mojo. Reported by
Leecraso and Guang Gong of 360 Vulnerability Research Institute.
- CVE-2023-6346: Use after free in WebAudio.
Reported by Huang Xilin of Ant Group Light-Year Security Lab.
- CVE-2023-6350: Out of bounds memory access in libavif.
Reported by Fudan University.
- CVE-2023-6351: Use after free in libavif. Reported by Fudan University.
- CVE-2023-6345: Integer overflow in Skia. Reported by
Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group.
-- Andres Salomon <email address hidden> Tue, 28 Nov 2023 23:33:06 -0500
| Superseded in sid-release |
chromium (120.0.6099.71-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2023-6508: Use after free in Media Stream.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-6509: Use after free in Side Panel Search.
Reported by Khalil Zhani.
- CVE-2023-6510: Use after free in Media Capture. Reported by [pwn2car].
- CVE-2023-6511: Inappropriate implementation in Autofill.
Reported by Ahmed ElMasry.
- CVE-2023-6512: Inappropriate implementation in Web Browser UI.
Reported by Om Apip.
* d/copyright: adjust path for chai.js & mocha.js deletion.
- delete third_party/libsecret.
* d/control: new build depends on libsecret-1-dev.
* d/scripts/unbundle: keep bundled libhwy; it's not available in bullseye.
- also keep vulkan_memory_allocator and flatbuffers.
* d/patches:
- fixes/gcc13-headers.patch: refresh.
- fixes/blink-frags.patch: drop part of patch & refresh.
- disable/catapult.patch: refresh.
- disable/driver-chrome-path.patch: update for minor upstream changes.
- ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
- ungoogled/disable-web-environment-integrity.patch: update from
from ungoogled-chromium.
- upstream/mojo.patch: update patch from upstream's git.
- bookworm/clang16.patch: new patch working around upstream's clang18 flags.
- upstream/nullptr_t.patch: more libstdc++13 build fixes.
- upstream/string-include.patch: add a simple header include build fix.
- fixes/absl-optional.patch: add a workaround for a clang bug
(https://github.com/llvm/llvm-project/issues/50248) by providing our
own 'optional' header.
[ Timothy Pearson ]
* d/patches/ppc64le:
- third_party/0001-Add-PPC64-support-for-libdav1d.patch: refresh for
upstream changes
- third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
refresh for upstream changes
- third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
regenerate
- third_party/skia-vsx-instructions.patch: refresh for upstream changes
- third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
changes
- Mass refresh all other patches against 120 codebase. No functional
change.
-- Andres Salomon <email address hidden> Thu, 07 Dec 2023 15:00:36 -0500
| Superseded in sid-release |
chromium (119.0.6045.199-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-6348: Type Confusion in Spellcheck.
Reported by Mark Brand of Google Project Zero.
- CVE-2023-6347: Use after free in Mojo. Reported by
Leecraso and Guang Gong of 360 Vulnerability Research Institute.
- CVE-2023-6346: Use after free in WebAudio.
Reported by Huang Xilin of Ant Group Light-Year Security Lab.
- CVE-2023-6350: Out of bounds memory access in libavif.
Reported by Fudan University.
- CVE-2023-6351: Use after free in libavif. Reported by Fudan University.
- CVE-2023-6345: Integer overflow in Skia. Reported by
Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group.
-- Andres Salomon <email address hidden> Tue, 28 Nov 2023 23:33:06 -0500
| Superseded in sid-release |
chromium (119.0.6045.159-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-5997: Use after free in Garbage Collection.
Reported by Anonymous.
- CVE-2023-6112: Use after free in Navigation.
Reported by Sergei Glazunov of Google Project Zero.
* Don't show errors on startup if Crash Reports directory doesn't exist.
* Check for $DISPLAY before trying to run xmessage in chromium's wrapper
script. Fall back to just using echo (closes: #1055765).
-- Andres Salomon <email address hidden> Tue, 14 Nov 2023 20:04:30 -0500
| Superseded in sid-release |
chromium (119.0.6045.123-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-5996: Use after free in WebAudio. Reported by
Huang Xilin of Ant Group Light-Year Security Lab via Tianfu Cup 2023.
* Replace libgl1-mesa-dev build dependency with libgl-dev.
* Drop d/patches/system/convertutf.patch; license issue has been fixed.
* d/copyright: stop deleting convert_UTF.* and document Unicode copyright
(closes: #1033136).
* d/patches/ppc64le/fixes/fix-breakpad-compile.patch: refresh due to convertutf
change.
-- Andres Salomon <email address hidden> Tue, 07 Nov 2023 23:49:10 -0500
| Superseded in sid-release |
chromium (119.0.6045.105-1) unstable; urgency=high
* New upstream stable release.
- CVE-2023-5480: Inappropriate implementation in Payments.
Reported by Vsevolod Kokorin (Slonser) of Solidlab.
- CVE-2023-5482: Insufficient data validation in USB. Reported by DarkNavy.
- CVE-2023-5849: Integer overflow in USB. Reported by DarkNavy.
- CVE-2023-5850: Incorrect security UI in Downloads.
Reported by Mohit Raj (shadow2639) .
- CVE-2023-5851: Inappropriate implementation in Downloads.
Reported by Shaheen Fazim.
- CVE-2023-5852: Use after free in Printing. Reported by [pwn2car].
- CVE-2023-5853: Incorrect security UI in Downloads. Reported by Hafiizh.
- CVE-2023-5854: Use after free in Profiles.
Reported by Dohyun Lee (@l33d0hyun) of SSD-Disclosure Labs & DNSLab, Korea Univ.
- CVE-2023-5855: Use after free in Reading Mode. Reported by ChaobinZhang.
- CVE-2023-5856: Use after free in Side Panel.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2023-5857: Inappropriate implementation in Downloads.
Reported by Will Dormann.
- CVE-2023-5858: Inappropriate implementation in WebApp Provider.
Reported by Axel Chong.
- CVE-2023-5859: Incorrect security UI in Picture In Picture.
Reported by Junsung Lee
* d/patches:
- patches/bullseye/constexpr.patch: Add MiracleParameter workaround
* d/patches/ppc64le:
- Mass refresh all patches against 119 codebase. No functional change.
[ Andres Salomon ]
* d/patches:
- fixes/gcc13-headers.patch: drop parts that have been merged upstream.
- fixes/perfetto.patch: drop part that was merged upstream.
- upstream/sensor-reading.patch: drop, merged upstream.
- upstream/lweight.patch: drop, merged upstream.
- upstream/freetype.patch: drop, merged upstream.
- upstream/sizet.patch: drop, merged upstream.
- disable/catapult.patch: drop an unused hunk.
- disable/widevine-cdm-cu.patch: refresh.
- disable/privacy-sandbox.patch: rename, sync up with ungoogled-chromium,
and use the full ungoogled patch. The privacy sandbox config interface
is now gone, with no way to enable it.
- ungoogled/core/ungoogled-chromium/disable-web-environment-integrity.patch:
sync up with with ungoogled-chromium, and rename.
- fixes/blink-frags.patch: additional build fix for libstdc++13.
- fixes/gcc13-with-clang14.patch: drop, now that we've switched to clang-16.
- fixes/atspi.patch: fix build failure with atspi >= 2.50.
-- Timothy Pearson <email address hidden> Tue, 31 Oct 2023 23:50:00 -0500
| Superseded in sid-release |
chromium (118.0.5993.117-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-5472: Use after free in Profiles.
Reported by @18楼梦想改造家.
* d/patches:
- bookworm/clang-attribs.patch: drop, now that we've switched to clang-16.
- bookworm/typename.patch: drop, now that we've switched to clang-16.
- bookworm/struct-ctor.patch: drop, now that we've switched to clang-16.
- bookworm/structured-binding-scope-bug.patch: drop, now that we've
switched to clang-16.
- bookworm/stringpiece3.patch: drop, now that we've switched to clang-16.
- bookworm/initialize-const-ctor.patch: drop, now that we've switched to
clang-16.
- fixes/brandversion-construct.patch: drop, now that we've switched to
clang-16.
- fixes/SkColor4f-init.patch: drop, now that we've switched to clang-16.
-- Andres Salomon <email address hidden> Tue, 24 Oct 2023 20:00:54 -0400
| Superseded in sid-release |
chromium (118.0.5993.70-1) unstable; urgency=high
* New upstream stable release.
- CVE-2023-5218: Use after free in Site Isolation.
Reported by @18楼梦想改造家.
- CVE-2023-5487: Inappropriate implementation in Fullscreen.
Reported by Anonymous.
- CVE-2023-5484: Inappropriate implementation in Navigation.
Reported by Thomas Orlita.
- CVE-2023-5475: Inappropriate implementation in DevTools.
Reported by Axel Chong.
- CVE-2023-5483: Inappropriate implementation in Intents.
Reported by Axel Chong.
- CVE-2023-5481: Inappropriate implementation in Downloads.
Reported by Om Apip.
- CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun.
- CVE-2023-5474: Heap buffer overflow in PDF. Reported by [pwn2car].
- CVE-2023-5479: Inappropriate implementation in Extensions API.
Reported by Axel Chong.
- CVE-2023-5485: Inappropriate implementation in Autofill.
Reported by Ahmed ElMasry.
- CVE-2023-5478: Inappropriate implementation in Autofill.
Reported by Ahmed ElMasry.
- CVE-2023-5477: Inappropriate implementation in Installer.
Reported by Bahaa Naamneh of Crosspoint Labs.
- CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh.
- CVE-2023-5473: Use after free in Cast. Reported by DarkNavy.
* d/patches/ppc64le:
- 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
upstream changes
- 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
- skia-vsx-instructions.patch: refresh for upstream changes
- third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
regenerate configs from upstream source
- database/0001-Properly-detect-little-endian-PPC64-systems.patch:
refresh
- ffmpeg/0001-Add-support-for-ppc64.patch: refresh
- fixes/fix-breakpad-compile.patch: refresh
- fixes/fix-unknown-warning-option-messages.diff: refresh
- libaom/0001-Add-ppc64-target-to-libaom.patch: refresh
- sandbox/0001-sandbox-linux-Update-IsSyscallAllowed-in-broker_proc.patch:
refresh
- sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch:
refresh
- sandbox/0008-sandbox-fix-ppc64le-glibc234.patch: refresh
- third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
- third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when-.patch:
refresh
- third_party/0001-third_party-libvpx-Properly-generate-gni-on-ppc64.patch:
refresh
- third_party/0002-third-party-boringssl-add-generated-files.patch: refresh
- third_party/dawn-fix-ppc64le-detection.patch: refresh
- third_party/dawn-fix-typos.patch: refresh
- third_party/skia-vsx-instructions.patch: refresh
- third_party/use-sysconf-page-size-on-ppc64.patch: refresh
- workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
[ Andres Salomon]
* d/copyright:
- blanket.js is gone, no need to remove it any more.
- delete some khronos images marked executable.
* d/patches:
- upstream/memory.patch: drop, merged upstream.
- upstream/sensor-reading.patch: add, gcc13 build fix from upstream.
- upstream/lweight.patch: add, gcc13 build fix from upstream.
- upstream/freetype.patch: add, fix freetype header inclusion FTBFS.
- upstream/sizet.patch: add, libstdc++ build fix from upstream.
- disable/unrar.patch: update for minor upstream changes.
- bookworm/struct-ctor.patch: add various new workarounds for clang-14.
- bookworm/structured-binding-scope-bug.patch: drop part of the patch.
- bullseye/clang13.patch: drop bullseye patches from sid.
- bullseye/constexpr.patch: drop bullseye patches from sid.
- ungoogled/.../disable-web-environment-integrity.patch: sync with
ungoogled-chromium for upstream changes.
-- Timothy Pearson <email address hidden> Tue, 10 Oct 2023 22:03:00 -0500
| Superseded in bullseye-release |
chromium (116.0.5845.180-1~deb11u1) bullseye-security; urgency=high
[ Andres Salomon]
* New upstream security release.
- CVE-2023-4761: Out of bounds memory access in FedCM. Reported by DarkNavy.
- CVE-2023-4762: Type Confusion in V8. Reported by Rong Jian of VRI.
- CVE-2023-4763: Use after free in Networks. Reported by anonymous.
- CVE-2023-4764: Incorrect security UI in BFCache.
Reported by Irvan Kurniawan (sourc7).
[ Timothy Pearson ]
* d/patches/ppc64le:
- 0001-Add-PPC64-support-for-boringssl.patch: Fix incorrect function call
parameter types in gmult_func() and ghash_func() implementations
-- Andres Salomon <email address hidden> Tue, 05 Sep 2023 19:10:10 -0400
| Superseded in bookworm-release |
chromium (116.0.5845.180-1~deb12u1) bookworm-security; urgency=high
[ Andres Salomon]
* New upstream security release.
- CVE-2023-4761: Out of bounds memory access in FedCM. Reported by DarkNavy.
- CVE-2023-4762: Type Confusion in V8. Reported by Rong Jian of VRI.
- CVE-2023-4763: Use after free in Networks. Reported by anonymous.
- CVE-2023-4764: Incorrect security UI in BFCache.
Reported by Irvan Kurniawan (sourc7).
[ Timothy Pearson ]
* d/patches/ppc64le:
- 0001-Add-PPC64-support-for-boringssl.patch: Fix incorrect function call
parameter types in gmult_func() and ghash_func() implementations
-- Andres Salomon <email address hidden> Tue, 05 Sep 2023 19:10:10 -0400
| Superseded in sid-release |
chromium (117.0.5938.149-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-5346: Type Confusion in V8. Reported by Amit Kumar.
-- Andres Salomon <email address hidden> Tue, 03 Oct 2023 19:31:26 -0400
| Superseded in sid-release |
chromium (117.0.5938.132-2) unstable; urgency=high * d/patches/fixes/v8-compressed-ptrs.patch: fix another armhf FTBFS. -- Andres Salomon <email address hidden> Sun, 01 Oct 2023 15:46:49 -0400
| Superseded in sid-release |
chromium (117.0.5938.132-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx.
Reported by Clément Lecigne of Google's Threat Analysis Group.
- CVE-2023-5186: Use after free in Passwords. Reported by [pwn2car].
- CVE-2023-5187: Use after free in Extensions. Reported by Thomas Orlita.
-- Andres Salomon <email address hidden> Thu, 28 Sep 2023 00:41:20 -0400
| Superseded in sid-release |
chromium (117.0.5938.92-1) unstable; urgency=high
* New upstream stable release.
* Enable NEON on armhf. See
<https://lists.debian.org/debian-devel/2023/09/msg00175.html>.
* Add check in d/rules & chromium wrapper to ensure we don't build or
run on non-NEON armhf machines.
-- Andres Salomon <email address hidden> Wed, 27 Sep 2023 01:00:07 -0400
| Superseded in sid-release |
chromium (117.0.5938.62-1) unstable; urgency=high
[ Andres Salomon]
* New upstream stable release.
- CVE-2023-4900: Inappropriate implementation in Custom Tabs.
Reported by Levit Nudi from Kenya.
- CVE-2023-4901: Inappropriate implementation in Prompts.
Reported by Kang Ali.
- CVE-2023-4902: Inappropriate implementation in Input.
Reported by Axel Chong.
- CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs.
Reported by Ahmed ElMasry.
- CVE-2023-4904: Insufficient policy enforcement in Downloads.
Reported by Tudor Enache @tudorhacks.
- CVE-2023-4905: Inappropriate implementation in Prompts.
Reported by Hafiizh.
- CVE-2023-4906: Insufficient policy enforcement in Autofill.
Reported by Ahmed ElMasry.
- CVE-2023-4907: Inappropriate implementation in Intents.
Reported by Mohit Raj (shadow2639) .
- CVE-2023-4908: Inappropriate implementation in Picture in Picture.
Reported by Axel Chong.
- CVE-2023-4909: Inappropriate implementation in Interstitials.
Reported by Axel Chong.
* d/copyright: drop rust, llvm, siso, & cargo binaries.
* d/patches:
- fixes/size.patch: drop, merged upstream.
- fixes/variant.patch: drop, merged upstream.
- fixes/vector.patch: drop, merged upstream.
- upstream/contains.patch: drop, merged upstream.
- upstream/hvec.patch: drop, merged upstream.
- upstream/limits.patch: drop, merged upstream.
- upstream/statelessV4L2.patch: drop, merged upstream.
- fixes/widevine-locations.patch: refresh for minor upstream changes.
- disable/android.patch: drop half the patch.
- disable/catapult.patch: refresh for minor upstream changes.
- disable/tests.patch: refresh for minor upstream changes.
- disable/unrar.patch: refresh for minor upstream changes.
- fixes/material-utils.patch: build fix for clang w/ libstdc++.
- rename fixes/null.patch to fixes/perfetto.patch.
- upstream/memory.patch: build fix for missing header.
- bookworm/struct-ctor.patch: add a bunch more build workarounds for
clang-14.
- bookworm/stringpiece3.patch: another clang-14 StringPiece to
std::string explicit conversion.
- bookworm/typename.patch: add more explicit typename declarations for
clang-14.
- bookworm/structured-binding-scope-bug.patch: add more clang-14 binding
scope workarounds.
- bookworm/initialize-const-ctor.patch: clang-14 workaround to init a
const member inside a struct.
- ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
- disable/privacy-sandbox.patch: ensure Privacy Sandbox "features" are
off by default.
* Switch to using bundled brotli, as the version in debian is too old.
And so we can drop d/patches/bookworm/brotli.patch, too.
* Switch from clang-14 to clang-16 (closes: #1051355).
[ Timothy Pearson ]
* d/patches/ppc64le:
- 0001-Implement-support-for-PPC64-on-Linux.patch: refresh for upstream
changes
- 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
- 0002-third-party-boringssl-add-generated-files.patch: refresh for
upstream changes
- 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
upstream changes
- 0004-third_party-crashpad-port-curl-transport-ppc64.patch: refresh for
upstream changes
- skia-vsx-instructions.patch: refresh for upstream changes
- 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch: regenerate
- 0001-third_party-boringssl-Properly-detect-ppc64le-in-BUI.patch: drop
* d/patches/ungoogled:
- core/ungoogled-chromium/disable-web-environment-integrity.patch: disable
"Web Environment Integrity" trial and remove from build (closes: #1042111)
-- Andres Salomon <email address hidden> Wed, 13 Sep 2023 22:26:10 -0400
| Superseded in sid-release |
chromium (116.0.5845.180-1) unstable; urgency=high
[ Andres Salomon]
* New upstream security release.
- CVE-2023-4761: Out of bounds memory access in FedCM. Reported by DarkNavy.
- CVE-2023-4762: Type Confusion in V8. Reported by Rong Jian of VRI.
- CVE-2023-4763: Use after free in Networks. Reported by anonymous.
- CVE-2023-4764: Incorrect security UI in BFCache.
Reported by Irvan Kurniawan (sourc7).
[ Timothy Pearson ]
* d/patches/ppc64le:
- 0001-Add-PPC64-support-for-boringssl.patch: Fix incorrect function call
parameter types in gmult_func() and ghash_func() implementations
-- Andres Salomon <email address hidden> Tue, 05 Sep 2023 19:10:10 -0400
Available diffs
| Superseded in sid-release |
chromium (116.0.5845.140-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-4572: Use after free in MediaStream.
Reported by fwnfwn(@_fwnfwn).
* Drop d/chromium.conffiles; it's been a year (and major debian release)
since started deleting /etc/chromium/policies/recommended/duckduckgo.json
(closes: #1024981).
-- Andres Salomon <email address hidden> Wed, 30 Aug 2023 04:14:41 -0400
| Superseded in sid-release |
chromium (116.0.5845.110-2) unstable; urgency=high * Remove Bullseye-specific workarounds from debian/rules (closes: #1038679). -- Timothy Pearson <email address hidden> Wed, 23 Aug 2023 13:25:00 -0500
| Superseded in sid-release |
chromium (116.0.5845.96-2) unstable; urgency=high
* d/patches/upstream/limits.patch: Add a build fix for arm64.
* The follow CVEs were fixed in the prior release and I forgot them.
- CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L..
- CVE-2023-4349: Use after free in Device Trust Connectors.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2023-4350: Inappropriate implementation in Fullscreen.
Reported by Khiem Tran (@duckhiem).
- CVE-2023-4351: Use after free in Network.
Reported by Guang and Weipeng Jiang of VRI.
- CVE-2023-4352: Type Confusion in V8.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-4353: Heap buffer overflow in ANGLE.
Reported by Christoph Diehl / Microsoft Vulnerability Research.
- CVE-2023-4354: Heap buffer overflow in Skia.
Reported by Mark Brand of Google Project Zero.
- CVE-2023-4355: Out of bounds memory access in V8.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-4356: Use after free in Audio.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2023-4357: Insufficient validation of untrusted input in XML.
Reported by Igor Sak-Sakovskii.
- CVE-2023-4358: Use after free in DNS.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2023-4359: Inappropriate implementation in App Launcher.
Reported by @retsew0x01.
- CVE-2023-4360: Inappropriate implementation in Color.
Reported by Axel Chong.
- CVE-2023-4361: Inappropriate implementation in Autofill.
Reported by Thomas Orlita.
- CVE-2023-4362: Heap buffer overflow in Mojom IDL.
Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab.
- CVE-2023-4363: Inappropriate implementation in WebShare.
Reported by Alesandro Ortiz.
- CVE-2023-4364: Inappropriate implementation in Permission Prompts.
Reported by Jasper Rebane.
- CVE-2023-4365: Inappropriate implementation in Fullscreen.
Reported by Hafiizh.
- CVE-2023-4366: Use after free in Extensions. Reported by asnine.
- CVE-2023-4367: Insufficient policy enforcement in Extensions API.
Reported by Axel Chong.
- CVE-2023-4368: Insufficient policy enforcement in Extensions API.
Reported by Axel Chong.
-- Andres Salomon <email address hidden> Wed, 16 Aug 2023 04:48:02 -0400
| Superseded in sid-release |
chromium (116.0.5845.96-1) unstable; urgency=high
* New upstream stable release.
* d/patches:
- fixes/cmath.patch: drop, merged upstream.
- fixes/vector.patch: drop, merged upstream.
- fixes/cookieresult.patch: drop, merged upstream.
- fixes/gcc13-headers.patch: drop portions which have been merged upstream.
- upstream/feature-list-static.patch: drop, merged upstream.
- disable/catapult.patch: refresh.
- upstream/statelessV4L2.patch: refresh.
- ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
- ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
- ppc64le/breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh.
- ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
- fixes/rust-clanglib.patch: add patch to handle new clang deps for rust.
- debianization/clang-15.patch: add patch to use lld-15.
- bookworm/typename.patch: more typename fixes needed.
- fixes/variant.patch: add a missing header that libstdc++ needs.
- fixes/vector.patch: add a missing header that libstdc++ needs.
- fixes/null.patch: fix missing namespace for nullptr_t + header fix.
- fixes/size.patch: missing header fix.
- bookworm/brotli.patch: revert upstream change that requires newer brotli.
- bookworm/struct-ctor.patch: add a bunch of explicit struct constructors
to make clang-15 happy.
- fixes/size.patch
- bullseye/stringpiece.patch: drop, since we're bundling re2 now.
* d/rules: automatically detect rust/clang versions & add needed rust args.
But also disable rust for now.
* d/rules: drop use_gnome_keyring=false, upstream has completely removed
libgnome-keyring support in favor of gnome's libsecret.
* d/control: add build-dep on libclang-rt-dev for rust.
* Use bundled re2 (for now) instead of libre2-dev due to random crashes
we're seeing. Adjust build-deps, Files-Excluded, d/clean,
and d/scripts/unbundle accordingly.
[ Timothy Pearson ]
* d/patches/ppc64le:
- database/0001-Properly-detect-little-endian-PPC64-systems.patch: refresh
for upstream changes
- third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
refresh for upstream changes
- third_party/0002-third-party-boringssl-add-generated-files.patch:
refresh, no changes
- third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
changes
- third_party/skia-vsx-instructions.patch: refresh for upstream changes
-- Andres Salomon <email address hidden> Tue, 15 Aug 2023 17:46:56 -0400
| Superseded in sid-release |
chromium (115.0.5790.170-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-4068: Type Confusion in V8. Reported by Jerry.
- CVE-2023-4069: Type Confusion in V8.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2023-4070: Type Confusion in V8. Reported by Jerry.
- CVE-2023-4071: Heap buffer overflow in Visuals.
Reported by Guang and Weipeng Jiang of VRI.
- CVE-2023-4072: Out of bounds read and write in WebGL.
Reported by Apple Security Engineering and Architecture (SEAR).
- CVE-2023-4073: Out of bounds memory access in ANGLE.
Reported by Jaehun Jeong(@n3sk) of Theori.
- CVE-2023-4074: Use after free in Blink Task Scheduling.
Reported by Anonymous.
- CVE-2023-4075: Use after free in Cast.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-4076: Use after free in WebRTC.
Reported by Natalie Silvanovich of Google Project Zero.
- CVE-2023-4077: Insufficient data validation in Extensions.
Reported by Anonymous.
- CVE-2023-4078: Inappropriate implementation in Extensions.
Reported by Anonymous.
* debian/patches/disable/driver-chrome-path.patch: refresh for minor changes.
-- Andres Salomon <email address hidden> Wed, 02 Aug 2023 19:26:52 -0400
| Superseded in sid-release |
chromium (115.0.5790.102-2) unstable; urgency=high * debian/patches/upstream/contains.patch:Yet Another v4l2 ARM build fix. -- Andres Salomon <email address hidden> Tue, 25 Jul 2023 18:25:50 -0400
| Superseded in bookworm-release |
chromium (114.0.5735.198-1~deb12u1) bookworm-security; urgency=high
* New upstream security release.
- CVE-2023-3420: Type Confusion in V8.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2023-3421: Use after free in Media.
Reported by Piotr Bania of Cisco Talos.
- CVE-2023-3422: Use after free in Guest View. Reported by asnine.
-- Andres Salomon <email address hidden> Tue, 27 Jun 2023 02:21:12 -0400
| Superseded in sid-release |
chromium (115.0.5790.102-1) unstable; urgency=high * New upstream stable release. * debian/patches/upstream/statelessV4L2.patch: add v4l2 build fix. -- Andres Salomon <email address hidden> Fri, 21 Jul 2023 02:36:46 -0400
| Superseded in sid-release |
chromium (115.0.5790.98-2) unstable; urgency=high * Add build fix for gcc13 on arm64. -- Andres Salomon <email address hidden> Wed, 19 Jul 2023 22:23:08 -0400
| Superseded in sid-release |
chromium (115.0.5790.98-1) unstable; urgency=high
* New upstream release
- CVE-2023-3727: Use after free in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-3728: Use after free in WebRTC.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel.
- CVE-2023-3732: Out of bounds memory access in Mojo.
Reported by Mark Brand of Google Project Zero.
- CVE-2023-3733: Inappropriate implementation in WebApp Installs.
Reported by Ahmed ElMasry.
- CVE-2023-3734: Inappropriate implementation in Picture In Picture.
Reported by Thomas Orlita.
- CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts.
Reported by Ahmed ElMasry.
- CVE-2023-3736: Inappropriate implementation in Custom Tabs.
Reported by Philipp Beer (TU Wien).
- CVE-2023-3737: Inappropriate implementation in Notifications.
Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
- CVE-2023-3738: Inappropriate implementation in Autofill.
Reported by Hafiizh.
- CVE-2023-3740: Insufficient validation of untrusted input in Themes.
Reported by Fardeen Siddiqui.
* d/rules:
- use system rustc installation
* Add build-dep on rustc.
* d/patches:
- debianization/master-preferences.patch: upstream variable renamed
- disable/catapult.patch: upstream changes required reworking
- disable/tests.patch: remove new upstream puffin test data file
dependencies
- disable/unrar.patch: upstream changes required reworking
- fixes/cmath.patch: add missing header include for skia
- fixes/vector.patch: add missing header include for net
- upstream/sizet.patch: drop, merged upstream
- ppc64le/fixes/fix-partition-alloc-compile.patch: refresh for upstream
changes
- ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
for upstream changes
- ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
refresh for upstream changes
- ppc64le/third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
regenerate configs from upstream source
- ppc64le/third_party/skia-vsx-instructions.patch: refresh for upstream
changes
[ Andres Salomon ]
- fixes/clang-and-gcc11.patch: drop, (a different version) merged upstream.
- bookworm/typename.patch: drop parts that were merged upstream, and add
new build fixes.
- bookworm/structured-binding-scope-bug.patch: drop some of it, add new bits
- bullseye/constexpr.patch: refresh for string -> StringPiece change.
- bullseye/stringpiece.patch: add to work around older libre2.
- bullseye/default-equality-op.patch: add more workarounds for older
compilers
- fixes/brandversion-construct.patch: add to fix build failure.
- fixes/SkColor4f-init.patch: another missing struct constructor fix.
- fixes/cookieresult.patch: another struct ctor build fix.
- fixes/gcc13-with-clang14.patch: fix FTBFS with gcc-13 (closes: #1037604).
- fixes/gcc13-headers.patch: fix a bunch of missing includes which
gcc-13 wants
- ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
- ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
- ppc64le/third_party/0002-third-party-boringssl-add-generated-files.patch:
refresh.
-- Timothy Pearson <email address hidden> Tue, 18 Jul 2023 17:50:00 -0500
| Superseded in sid-release |
chromium (114.0.5735.198-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-3420: Type Confusion in V8.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2023-3421: Use after free in Media.
Reported by Piotr Bania of Cisco Talos.
- CVE-2023-3422: Use after free in Guest View. Reported by asnine.
-- Andres Salomon <email address hidden> Tue, 27 Jun 2023 02:21:12 -0400
| Superseded in sid-release |
chromium (114.0.5735.133-1) unstable; urgency=high
- CVE-2023-3214: Use after free in Autofill payments.
Reported by Rong Jian of VRI.
- CVE-2023-3215: Use after free in WebRTC. Reported by asnine.
- CVE-2023-3216: Type Confusion in V8.
Reported by 5n1p3r0010 from Topsec ChiXiao Lab.
- CVE-2023-3217: Use after free in WebXR.
Reported by Sergei Glazunov of Google Project Zero.
-- Andres Salomon <email address hidden> Tue, 13 Jun 2023 13:31:55 -0400
| Superseded in sid-release |
chromium (114.0.5735.106-1) unstable; urgency=high
* New upstream stable release.
- CVE-2023-3079: Type Confusion in V8.
Reported by Clément Lecigne of Google's Threat Analysis Group.
* d/patches:
- ppc64le/third_party/skia-vsx-instructions.patch: rewrite for POWER8
compatibility, fix graphics corruption, and enable in builds
-- Timothy Pearson <email address hidden> Mon, 05 Jun 2023 21:38:00 -0500
| Superseded in sid-release |
chromium (114.0.5735.90-2) unstable; urgency=high
* d/patches:
- Add upstream/feature-list-static.patch
This patch fixes an out of scope array access that can lead to crashes at startup
-- Timothy Pearson <email address hidden> Wed, 31 May 2023 12:36:00 -0500
| Superseded in sid-release |
chromium (114.0.5735.90-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2023-2929: Out of bounds write in Swiftshader.
Reported by Jaehun Jeong(@n3sk) of Theori.
- CVE-2023-2930: Use after free in Extensions. Reported by asnine.
- CVE-2023-2931: Use after free in PDF.
Reported by Huyna at Viettel Cyber Security.
- CVE-2023-2932: Use after free in PDF.
Reported by Huyna at Viettel Cyber Security.
- CVE-2023-2933: Use after free in PDF. Reported by
Quang Nguyễn (@quangnh89) of Viettel Cyber Security and Nguyen Phuong.
- CVE-2023-2934: Out of bounds memory access in Mojo.
Reported by Mark Brand of Google Project Zero.
- CVE-2023-2935: Type Confusion in V8.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-2936: Type Confusion in V8.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-2937: Inappropriate implementation in Picture In Picture.
Reported by NDevTK.
- CVE-2023-2938: Inappropriate implementation in Picture In Picture.
Reported by Alesandro Ortiz.
- CVE-2023-2939: Insufficient data validation in Installer.
Reported by ycdxsb from VARAS@IIE.
- CVE-2023-2940: Inappropriate implementation in Downloads.
Reported by Axel Chong.
- CVE-2023-2941: Inappropriate implementation in Extensions API.
Reported by Jasper Rebane.
* d/copyright: properly delete some android & chromeos stuff.
* d/patches:
- fixes/clang-and-gcc11.patch: refresh.
- upstream/webview-cstr.patch: drop, merged upstream.
- upstream/monostate.patch: drop, merged upstream.
- disable/unrar.patch: additional upstream changes required more reworking.
- disable/android.patch: refresh, & add one more build fix.
- disable/catapult.patch: refresh.
- disable/swiftshader.patch: refresh.
- disable/angle-perftest.patch: refresh.
- system/jpeg.patch: refresh.
- upstream/mojo.patch: regenerate from git.
- upstream/sizet.patch: add an upstream build fix.
- bookworm/typename.patch: include more build fixes.
- bookworm/lambda-bug.patch -> bookworm/structured-binding-scope-bug.patch,
and add another place it's happening (turns out it's not just lambdas).
* Add build-dep on libevdev-dev - now required by upstream.
[ Timothy Pearson ]
* d/patches:
- Refresh ppc64le patches
-- Andres Salomon <email address hidden> Wed, 31 May 2023 03:06:35 -0400
chromium (113.0.5672.126-1) unstable; urgency=low
* New upstream security release.
- CVE-2023-2721: Use after free in Navigation.
Reported by Guang Gong of Alpha Lab, Qihoo 360.
- CVE-2023-2722: Use after free in Autofill UI.
Reported by Rong Jian of VRI.
- CVE-2023-2723: Use after free in DevTools. Reported by asnine.
- CVE-2023-2724: Type Confusion in V8.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-2725: Use after free in Guest View. Reported by asnine.
- CVE-2023-2726: Inappropriate implementation in WebApp Installs.
Reported by Ahmed ElMasry.
-- Andres Salomon <email address hidden> Tue, 16 May 2023 16:25:03 -0400
| Superseded in sid-release |
chromium (113.0.5672.63-2) unstable; urgency=low
* d/patches:
- Set baseline ppc64 CPU back to POWER ISA 2.07 (POWER8)
-- Timothy Pearson <email address hidden> Wed, 03 May 2023 10:47:00 -0500
| Superseded in sid-release |
chromium (113.0.5672.63-1) unstable; urgency=high
* New upstream stable release.
- CVE-2023-2459: Inappropriate implementation in Prompts.
Reported by Rong Jian of VRI.
- CVE-2023-2460: Insufficient validation of untrusted input in Extensions.
Reported by Martin Bajanik, Fingerprint[.]com.
- CVE-2023-2461: Use after free in OS Inputs. Reported by @ginggilBesel.
- CVE-2023-2462: Inappropriate implementation in Prompts.
Reported by Alesandro Ortiz.
- CVE-2023-2463: Inappropriate implementation in Full Screen Mode.
Reported by Irvan Kurniawan (sourc7).
- CVE-2023-2464: Inappropriate implementation in PictureInPicture.
Reported by Thomas Orlita.
- CVE-2023-2465: Inappropriate implementation in CORS.
Reported by @kunte_ctf.
- CVE-2023-2466: Inappropriate implementation in Prompts.
Reported by Jasper Rebane (popstonia).
- CVE-2023-2467: Inappropriate implementation in Prompts.
Reported by Thomas Orlita.
- CVE-2023-2468: Inappropriate implementation in PictureInPicture.
Reported by Alesandro Ortiz.
[ Andres Salomon]
* Remove Michel from Uploaders.
* Build against libopenh264-dev (closes: #1031352).
* d/copyright:
- drop fuchsia*: entirely different OS.
- drop chrome/build: 200MB of PGO optimizations for official chrome builds.
- drop third_party/updater: upstream included update binary.
- re-add part of chrome/browser/resources/chromeos/ and chrome/android/ to
fix build errors.
* d/patches:
- debianization/master-preferences.patch: check for initial_preferences or
master_preferences, rather than just for the latter (closes: #992178).
- disable/unrar.patch: complete rewrite for upstream's nested archive changes.
- disable/catapult.patch: refresh.
- upstream/webview-cstr.patch: add simple build fix from upstream.
- upstream/monostate.patch: add simple build fix from upstream.
- bookworm/clang-attribs.patch: build fix for clang-14 to keep from
generating hundreds of warnings per compilation unit.
- bookworm/typename.patch: add another build fix for missing typename.
- bookworm/lamba-bug.patch: add to work around compiler bug (clang < 16).
- bullseye/constexpr.patch: work around build failure w/ bullseye's
clang/libstdc++.
- disable/openh264.patch -> bullseye/openh264.patch, and stop using it
for sid & bookworm.
[ Timothy Pearson ]
* d/patches:
- Set baseline ppc64 CPU to POWER ISA 3.0 (OpenPOWER, POWER9)
- Enable VSX acceleration in Skia
- Refresh ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch
- Add fixes for new Highway library on ppc64
- Suppress harmless warning messages from compiler during ppc64 builds
-- Timothy Pearson <email address hidden> Wed, 03 May 2023 00:42:00 -0500
| Superseded in bullseye-release |
chromium (112.0.5615.138-1~deb11u1) bullseye-security; urgency=high
* New upstream security release.
- CVE-2023-2133: Out of bounds memory access in Service Worker API.
Reported by Rong Jian of VRI.
- CVE-2023-2134: Out of bounds memory access in Service Worker API.
Reported by Rong Jian of VRI.
- CVE-2023-2135: Use after free in DevTools.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-2136: Integer overflow in Skia.
Reported by Clément Lecigne of Google's Threat Analysis Group.
- CVE-2023-2137: Heap buffer overflow in sqlite.
Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute
* d/patches:
- upstream/protobuf.patch: drop, merged upstream.
-- Timothy Pearson <email address hidden> Tue, 18 Apr 2023 22:00:00 -0500
| Superseded in sid-release |
chromium (112.0.5615.138-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-2133: Out of bounds memory access in Service Worker API.
Reported by Rong Jian of VRI.
- CVE-2023-2134: Out of bounds memory access in Service Worker API.
Reported by Rong Jian of VRI.
- CVE-2023-2135: Use after free in DevTools.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-2136: Integer overflow in Skia.
Reported by Clément Lecigne of Google's Threat Analysis Group.
- CVE-2023-2137: Heap buffer overflow in sqlite.
Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute
* d/patches:
- upstream/protobuf.patch: drop, merged upstream.
-- Timothy Pearson <email address hidden> Tue, 18 Apr 2023 22:00:00 -0500
| Superseded in sid-release |
chromium (112.0.5615.121-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-2033: Type Confusion in V8.
Reported by Clément Lecigne of Google's Threat Analysis Group.
* Build-dep on rollup.
* Delete the bundled acorn & rollup node modules, and build using the
debian packaged version of those and other modules.
* (Re-)enable optimize_webui.
* Add d/patches/upstream/protobuf.patch to fix FTBFS due to race.
-- Andres Salomon <email address hidden> Sat, 15 Apr 2023 00:24:54 -0400
| Superseded in sid-release |
chromium (112.0.5615.49-2) unstable; urgency=high
[ Andres Salomon ]
* Add d/patches/i386/angle-lockfree.patch to fix FTBFS on i386. Also create
& populate that d/patches/i386/ directory, since we now have multiple
i386 patches.
* Remove enable_js_type_check=false build arg; upstream dropped it.
[ Timothy Pearson ]
* d/patches:
- Re-add boringssl support for ppc64le (dropped by Google upstream)
- Add ppc64le detection to partition allocator build
- Regenerate 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch
-- Andres Salomon <email address hidden> Fri, 07 Apr 2023 03:40:50 -0400
| Superseded in sid-release |
chromium (112.0.5615.49-1) unstable; urgency=high
* New upstream stable release.
- CVE-2023-1810: Heap buffer overflow in Visuals.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2023-1811: Use after free in Frames. Reported by Thomas Orlita.
- CVE-2023-1812: Out of bounds memory access in DOM Bindings.
Reported by Shijiang Yu.
- CVE-2023-1813: Inappropriate implementation in Extensions.
Reported by Axel Chong.
- CVE-2023-1814: Insufficient validation of untrusted input in
Safe Browsing. Reported by Young Min Kim (@ylemkimon),
CompSec Lab at Seoul National University.
- CVE-2023-1815: Use after free in Networking APIs. Reported by DDV_UA.
- CVE-2023-1816: Incorrect security UI in Picture In Picture.
Reported by NDevTK.
- CVE-2023-1817: Insufficient policy enforcement in Intents.
Reported by Axel Chong.
- CVE-2023-1818: Use after free in Vulkan. Reported by Abdulrahman
Alqabandi, Microsoft Browser Vulnerability Research, Eric Lawrence,
Microsoft, Patrick Walker (@HomeSen), & Kirtikumar Anandrao Ramchandani.
- CVE-2023-1819: Out of bounds read in Accessibility.
Reported by Microsoft Edge Team.
- CVE-2023-1820: Heap buffer overflow in Browser History.
Reported by raven at KunLun lab.
- CVE-2023-1821: Inappropriate implementation in WebShare.
Reported by Axel Chong.
- CVE-2023-1822: Incorrect security UI in Navigation. Reported by 강우진.
- CVE-2023-1823: Inappropriate implementation in FedCM.
Reported by Jasper Rebane (popstonia).
* d/copyright: change location for deleted image_diff directory.
* d/patches:
- disable/unrar.patch: update for stuff dropped upstream.
- disable/swiftshader.patch: straight refresh.
- bullseye/clang13.patch: straight refresh.
- ppc64le/third_party/0001-third_party-angle-Include-missing-header-cstddef-in-.patch:
straight refresh.
- ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: straight
refresh.
- debian/patches/ppc64le/third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
change is_mac to is_apple.
-- Andres Salomon <email address hidden> Tue, 04 Apr 2023 18:44:47 -0400
| Superseded in sid-release |
chromium (111.0.5563.110-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-1528: Use after free in Passwords.
Reported by Wan Choi of Seoul National University.
- CVE-2023-1529: Out of bounds memory access in WebHID.
- CVE-2023-1530: Use after free in PDF.
Reported by The UK's National Cyber Security Centre (NCSC).
- CVE-2023-1531: Use after free in ANGLE.
Reported by Piotr Bania of Cisco Talos.
- CVE-2023-1532: Out of bounds read in GPU Video.
Reported by Mark Brand of Google Project Zero.
- CVE-2023-1533: Use after free in WebProtect.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2023-1534: Out of bounds read in ANGLE.
Reported by Jann Horn and Mark Brand of Google Project Zero.
* Document how to properly enable Wayland support in README.Debian
(closes: #1033223).
* d/rules patch from "Daniel Richard G." <email address hidden>:
- Disable lto flags (closes: #1015367).
- don't clobber LDFLAGS from dpkg-buildflags (closes: #1033015).
-- Andres Salomon <email address hidden> Wed, 22 Mar 2023 03:17:36 -0400
| Superseded in sid-release |
chromium (111.0.5563.64-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2023-1213: Use after free in Swiftshader.
Reported by Jaehun Jeong(@n3sk) of Theori.
- CVE-2023-1214: Type Confusion in V8.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2023-1215: Type Confusion in CSS. Reported by Anonymous.
- CVE-2023-1216: Use after free in DevTools.
Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
- CVE-2023-1217: Stack buffer overflow in Crash reporting.
Reported by sunburst of Ant Group Tianqiong Security Lab.
- CVE-2023-1218: Use after free in WebRTC. Reported by Anonymous.
- CVE-2023-1219: Heap buffer overflow in Metrics.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-1220: Heap buffer overflow in UMA.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-1221: Insufficient policy enforcement in Extensions API.
Reported by Ahmed ElMasry.
- CVE-2023-1222: Heap buffer overflow in Web Audio API.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-1223: Insufficient policy enforcement in Autofill.
Reported by Ahmed ElMasry.
- CVE-2023-1224: Insufficient policy enforcement in Web Payments API.
Reported by Thomas Orlita.
- CVE-2023-1225: Insufficient policy enforcement in Navigation.
Reported by Roberto Ffrench-Davis @Lihaft.
- CVE-2023-1226: Insufficient policy enforcement in Web Payments API.
Reported by Anonymous.
- CVE-2023-1227: Use after free in Core. Reported by @ginggilBesel.
- CVE-2023-1228: Insufficient policy enforcement in Intents.
Reported by Axel Chong.
- CVE-2023-1229: Inappropriate implementation in Permission prompts.
Reported by Thomas Orlita.
- CVE-2023-1230: Inappropriate implementation in WebApp Installs.
Reported by Axel Chong.
- CVE-2023-1231: Inappropriate implementation in Autofill.
Reported by Yan Zhu, Brave.
- CVE-2023-1232: Insufficient policy enforcement in Resource Timing.
Reported by Sohom Datta.
- CVE-2023-1233: Insufficient policy enforcement in Resource Timing.
Reported by Soroush Karami.
- CVE-2023-1234: Inappropriate implementation in Intents.
Reported by Axel Chong.
- CVE-2023-1235: Type Confusion in DevTools.
Reported by raven at KunLun lab.
- CVE-2023-1236: Inappropriate implementation in Internals.
Reported by Alesandro Ortiz.
* Document upcoming security support in README.Debian.security.
* Document switching the default search engine in README.debian.
* d/patches:
- upstream/clamp.patch: drop, merged upstream.
- upstream/pwman-const.patch: drop, merged upstream.
- upstream/move-stack-to-isolate.patch: drop, merged upstream.
- upstream/blink-dbl-float.patch: drop, merged upstream.
- upstream/v4l2-fix.patch: drop, merged upstream.
- disable/catapult.patch: refresh & remove unnecessary android bits.
- disable/google-api-warning.patch: refresh.
[ Timothy Pearson ]
* d/patches:
- ppc64le/third_party/0005-third_party-dav1d-crash-fix.patch: drop,
merged upstream
- ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch:
skia musttail is back in upstream, disable on ppc64le due to
contining Clang bugs
- ppc64le: refresh libaom configuration
-- Andres Salomon <email address hidden> Tue, 07 Mar 2023 18:12:37 -0500
| Superseded in sid-release |
chromium (110.0.5481.177-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-0941: Use after free in Prompts. Reported by Anonymous.
- CVE-2023-0927: Use after free in Web Payments API.
Reported by Rong Jian of VRI.
- CVE-2023-0928: Use after free in SwiftShader. Reported by Anonymous.
- CVE-2023-0929: Use after free in Vulkan.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-0930: Heap buffer overflow in Video.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-0931: Use after free in Video.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-0932: Use after free in WebRTC.
Reported by Omri Bushari (Talon Cyber Security).
- CVE-2023-0933: Integer overflow in PDF. Reported by
Zhiyi Zhang from Codesafe Team of Legendsec at QI-ANXIN Group.
-- Andres Salomon <email address hidden> Wed, 22 Feb 2023 16:11:07 -0500
| Superseded in sid-release |
chromium (110.0.5481.77-2) unstable; urgency=high * Fix build failure on arm* platforms with upstream/v4l2-fix.patch. -- Andres Salomon <email address hidden> Wed, 08 Feb 2023 15:20:57 -0500
| Superseded in sid-release |
chromium (110.0.5481.77-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2023-0696: Type Confusion in V8.
Reported by Haein Lee at KAIST Hacking Lab.
- CVE-2023-0697: Inappropriate implementation in Full screen mode.
Reported by Ahmed ElMasry.
- CVE-2023-0698: Out of bounds read in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-0699: Use after free in GPU.
Reported by 7o8v and Cassidy Kim(@cassidy6564).
- CVE-2023-0700: Inappropriate implementation in Download.
Reported by Axel Chong.
- CVE-2023-0701: Heap buffer overflow in WebUI.
Reported by Sumin Hwang of SSD Labs.
- CVE-2023-0702: Type Confusion in Data Transfer. Reported by Sri.
- CVE-2023-0703: Type Confusion in DevTools.
Reported by raven at KunLun lab.
- CVE-2023-0704: Insufficient policy enforcement in DevTools.
Reported by Rhys Elsmore and Zac Sims of the Canva security team.
- CVE-2023-0705: Integer overflow in Core.
Reported by SorryMybad (@S0rryMybad) of Kunlun Lab.
* d/copyright: libpng16 binaries are gone, no longer need to exclude them.
* d/scripts/unbundle: drop libjxl, which is dropped upstream. Add absl_log*.
* d/patches:
- debianization/optimization.patch: drop. This is unnecessary, as
Debian's optimization flags override Chromium's by default.
- disable/android.patch: upstream removed android_crazy_linker, so we can
remove half of this patch.
- disable/catapult.patch: refresh.
- disable/google-api-warning.patch: refresh.
- upstream/mojo.patch: refresh w/ what's in 110.
- system/openjpeg.patch: completely rework due to upstream changes.
- upstream/clamp.patch: backport a build fix.
- upstream/blink-dbl-float.patch: another build fix.
* Drop unused use_allocator="none" argument. This was used previously
to switch from the default "partition" allocator. Upstream dropped
the build flag in chromium v109. So in v109 we switched to the default
"partition" allocator and I don't think anyone noticed, so let's just
leave it on. Report issues if you notice any.
[ Timothy Pearson ]
* d/patches:
- Refresh ppc64le patches for v110
- Add upstream patches to fix build errors when use_custom_libcxx=false
- Drop stack smashing fix patch for ppc64le due to fix included upstream
-- Andres Salomon <email address hidden> Wed, 08 Feb 2023 00:20:01 -0500
| Superseded in sid-release |
chromium (109.0.5414.119-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-0471: Use after free in WebTransport.
Reported by chichoo Kim(chichoo) and Cassidy Kim(@cassidy6564).
- CVE-2023-0472: Use after free in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-0473: Type Confusion in ServiceWorker API.
Reported by raven at KunLun lab.
- CVE-2023-0474: Use after free in GuestView. Reported by avaue at S.S.L.
* Re-enable v4l2 for arm platforms (closes: #1011346).
-- Andres Salomon <email address hidden> Wed, 25 Jan 2023 01:19:49 -0500
| Superseded in sid-release |
chromium (109.0.5414.74-2) unstable; urgency=high
[ Andres Salomon ]
* d/patches/bullseye/clang13.patch: don't use -gsimple-template-names in
clang arguments, as it doesn't work with clang-13.
[ Timothy Pearson ]
* Fix crashes in dav1d during video playback on ppc64le
* d/patches:
- Apply upstream dav1d ppc64le fix from videolan merge request #1464
-- Andres Salomon <email address hidden> Thu, 12 Jan 2023 18:23:51 -0500
| Superseded in sid-release |
chromium (109.0.5414.74-1) unstable; urgency=high
* New upstream stable release.
- CVE-2023-0128: Use after free in Overview Mode. Reported by Khalil Zhani.
- CVE-2023-0129: Heap buffer overflow in Network Service.
Reported by asnine.
- CVE-2023-0130: Inappropriate implementation in Fullscreen API.
Reported by Hafiizh.
- CVE-2023-0131: Inappropriate implementation in iframe Sandbox.
Reported by NDevTK.
- CVE-2023-0132: Inappropriate implementation in Permission prompts.
Reported by Jasper Rebane (popstonia).
- CVE-2023-0133: Inappropriate implementation in Permission prompts.
Reported by Alesandro Ortiz.
- CVE-2023-0134: Use after free in Cart.
Reported by Chaoyuan Peng (@ret2happy).
- CVE-2023-0135: Use after free in Cart.
Reported by Chaoyuan Peng (@ret2happy).
- CVE-2023-0136: Inappropriate implementation in Fullscreen API.
Reported by Axel Chong.
- CVE-2023-0137: Heap buffer overflow in Platform Apps.
Reported by avaue and Buff3tts at S.S.L..
- CVE-2023-0138: Heap buffer overflow in libphonenumber.
Reported by Michael Dau.
- CVE-2023-0139: Insufficient validation of untrusted input in Downloads.
Reported by Axel Chong.
- CVE-2023-0140: Inappropriate implementation in File System API.
Reported by harrison.mitchell, cybercx.com.au.
- CVE-2023-0141: Insufficient policy enforcement in CORS.
Reported by scarlet.
* d/patches:
- upstream/re-fix-tflite.patch: drop, merged upstream.
- disable/catapult.patch: refresh
- disable/angle-perftests.patch: refresh
[ Timothy Pearson ]
* d/patches:
- Regenerate ppc64le configuration files from source
- Fix register corruption in v8 on ppc64 systems
-- Andres Salomon <email address hidden> Thu, 12 Jan 2023 13:01:02 -0500
| Superseded in bullseye-release |
chromium (108.0.5359.94-1~deb11u1) bullseye-security; urgency=high
* New upstream security release.
- CVE-2022-4262: Type Confusion in V8.
Reported by Clement Lecigne of Google's Threat Analysis Group.
-- Andres Salomon <email address hidden> Sat, 03 Dec 2022 13:29:49 -0500
| Superseded in sid-release |
chromium (108.0.5359.124-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-4436: Use after free in Blink Media.
Reported by Anonymous on 2022-11-15
- CVE-2022-4437: Use after free in Mojo IPC.
Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability
Research Institute on 2022-11-30
- CVE-2022-4438: Use after free in Blink Frames.
Reported by Anonymous on 2022-11-07
- CVE-2022-4439: Use after free in Aura.
Reported by Anonymous on 2022-11-22
- CVE-2022-4440: Use after free in Profiles.
Reported by Anonymous on 2022-11-09
[ Andres Salomon ]
* Drop fixes/disable-cxx20.patch; turned out to be a clang-14 bug
(https://bugs.debian.org/1025394) causing the issue that is now fixed.
-- Timothy Pearson <email address hidden> Tue, 13 Dec 2022 19:10:00 -0600
| Superseded in sid-release |
chromium (108.0.5359.94-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-4262: Type Confusion in V8.
Reported by Clement Lecigne of Google's Threat Analysis Group.
* Drop bullseye/mulodic.patch from unstable, it's too difficult to get this
right between the two distributions. It'll live in the bullseye branch only.
-- Andres Salomon <email address hidden> Sat, 03 Dec 2022 13:29:49 -0500
| Superseded in sid-release |
chromium (108.0.5359.71-2) unstable; urgency=high
* Fix bullseye/mulodic.patch to actually work right on 32-bit platforms.
Again.
[ Timothy Pearson ]
* Regenerate libaom configuration for ppc64el
-- Andres Salomon <email address hidden> Fri, 02 Dec 2022 15:03:21 -0500
| Superseded in sid-release |
chromium (108.0.5359.71-1) unstable; urgency=high
* New upstream stable release.
- CVE-2022-4174: Type Confusion in V8.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2022-4175: Use after free in Camera Capture.
Reported by Leecraso and Guang Gong of 360 Alpha Lab.
- CVE-2022-4176: Out of bounds write in Lacros Graphics.
Reported by @ginggilBesel.
- CVE-2022-4177: Use after free in Extensions.
Reported by Chaoyuan Peng (@ret2happy).
- CVE-2022-4178: Use after free in Mojo.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2022-4179: Use after free in Audio.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2022-4180: Use after free in Mojo. Reported by Anonymous.
- CVE-2022-4181: Use after free in Forms. Reported by Aviv A.
- CVE-2022-4182: Inappropriate implementation in Fenced Frames.
Reported by Peter Nemeth.
- CVE-2022-4183: Insufficient policy enforcement in Popup Blocker.
Reported by David Sievers.
- CVE-2022-4184: Insufficient policy enforcement in Autofill.
Reported by Ahmed ElMasry.
- CVE-2022-4185: Inappropriate implementation in Navigation.
Reported by James Lee (@Windowsrcer).
- CVE-2022-4186: Insufficient validation of untrusted input in Downloads.
Reported by Luan Herrera (@lbherrera_).
- CVE-2022-4187: Insufficient policy enforcement in DevTools.
Reported by Axel Chong.
- CVE-2022-4188: Insufficient validation of untrusted input in CORS.
Reported by Philipp Beer (TU Wien).
- CVE-2022-4189: Insufficient policy enforcement in DevTools.
Reported by NDevTK.
- CVE-2022-4190: Insufficient data validation in Directory.
Reported by Axel Chong.
- CVE-2022-4191: Use after free in Sign-In.
Reported by Jaehun Jeong(@n3sk) of Theori.
- CVE-2022-4192: Use after free in Live Caption.
Reported by Samet Bekmezci @sametbekmezci.
- CVE-2022-4193: Insufficient policy enforcement in File System API.
Reported by Axel Chong.
- CVE-2022-4194: Use after free in Accessibility. Reported by Anonymous.
- CVE-2022-4195: Insufficient policy enforcement in Safe Browsing.
Reported by Eric Lawrence of Microsoft.
* d/copyright:
- drop multiple ninja executables from upstream tarball.
- Stop deleting chrome/test/data/*, since it's all just empty directories
except for one BUILD.gn that is required to build.
* d/scripts/unbundle: build against the bundled absl_utility.
* d/patches:
- upstream/fix-missing-cmath.patch: drop, merged upstream.
- fixes/angle-wayland.patch: drop, merged upstream.
- fixes/fix-arm-vfpv3-d16-libaom.patch: drop, merged upstream.
- disable/unrar.patch: refresh due to 7z support added.
- ppc64le/workarounds/HACK-third_party-libvpx-use-generic-gnu.patch:
refresh for loongarch update.
- ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: drop half of
patch as upstream removed duplicate code.
- fixes/disable-cxx20.patch: switch clang complication back to the c++17
standard, as c++20 breaks linking.
-- Andres Salomon <email address hidden> Thu, 01 Dec 2022 22:23:10 -0500
| 1 → 75 of 194 results | First • Previous • Next • Last |
