Debian
chromium package

chromium 107.0.5304.68-1 source package in Debian

Changelog

chromium (107.0.5304.68-1) unstable; urgency=high

  * New upstream stable release.
    - CVE-2022-3652: Type Confusion in V8. Reported by srodulv and ZNMchtss at
      S.S.L Team.
    - CVE-2022-3653: Heap buffer overflow in Vulkan. Reported by SeongHwan Park
      (SeHwa).
    - CVE-2022-3654: Use after free in Layout. Reported by Sergei Glazunov of
      Google Project Zero.
    - CVE-2022-3655: Heap buffer overflow in Media Galleries. Reported by
      koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute.
    - CVE-2022-3656: Insufficient data validation in File System. Reported by
      Ron Masas, Imperva.
    - CVE-2022-3657: Use after free in Extensions. Reported by Omri Bushari,
      Talon Cyber Security.
    - CVE-2022-3658: Use after free in Feedback service on Chrome OS. Reported
      by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research
      Institute.
    - CVE-2022-3659: Use after free in Accessibility. Reported by @ginggilBesel.
    - CVE-2022-3660: Inappropriate implementation in Full screen mode. Reported
      by Irvan Kurniawan (sourc7).
    - CVE-2022-3661: Insufficient data validation in Extensions. Reported by
      Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University.
  * Disable building against QT5 (for now).
    https://groups.google.com/a/chromium.org/g/chromium-packagers/c/-2VGexQAK6w
  * debian/copyright:
    - delete third_party/dawn/tools/golang binaries.
  * debian/patches:
    - upstream/armhf-ftbfs.patch: drop, merged upstream.
    - upstream/fix-nullptr-qual.patch: drop, merged upstream.
    - disable/catapult.patch: delete add'l blink reference to catapult.
    - bullseye/clang13.patch: refresh for minor upstream changes.
    - ppc64le/workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
    - disable/clang-version-check.patch: added to fix build failure. Needs
      to go upstream.
    - ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch:
      drop, upstream skia stopped using clang::musttail.
    - upstream/re-fix-tflite.patch: re-add a build fix that upstream lost.

  [ Timothy Pearson ]
  * regenerate libaom configuration on ppc64el systems.

 -- Andres Salomon <email address hidden>  Tue, 25 Oct 2022 17:40:14 -0400

Upload details

Uploaded by:
Debian Chromium Team
Uploaded to:
Sid
Original maintainer:
Debian Chromium Team
Architectures:
i386 amd64 arm64 armhf ppc64el all
Section:
misc
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
chromium_107.0.5304.68-1.dsc 3.6 KiB 55179efcca840ae9b06f709c1fb748771c3c091c7b33cf3af21172a2f8e33a99
chromium_107.0.5304.68.orig.tar.xz 618.9 MiB cb7ef428ac6ff97a34ce127cdd1687946071d0a549d852a8c4fc75a0d8e28782
chromium_107.0.5304.68-1.debian.tar.xz 283.4 KiB b8b308a398f208b4978da83f36f31455a80127a6bd6bf3f2acd216de84294426

No changes file available.

Binary packages built by this source