Debian
chromium package

chromium 114.0.5735.90-1 source package in Debian

Changelog

chromium (114.0.5735.90-1) unstable; urgency=high

  [ Andres Salomon ]
  * New upstream stable release.
    - CVE-2023-2929: Out of bounds write in Swiftshader.
      Reported by Jaehun Jeong(@n3sk) of Theori.
    - CVE-2023-2930: Use after free in Extensions. Reported by asnine.
    - CVE-2023-2931: Use after free in PDF.
      Reported by Huyna at Viettel Cyber Security.
    - CVE-2023-2932: Use after free in PDF.
      Reported by Huyna at Viettel Cyber Security.
    - CVE-2023-2933: Use after free in PDF. Reported by
      Quang Nguyễn (@quangnh89) of Viettel Cyber Security and Nguyen Phuong.
    - CVE-2023-2934: Out of bounds memory access in Mojo.
      Reported by Mark Brand of Google Project Zero.
    - CVE-2023-2935: Type Confusion in V8.
      Reported by Sergei Glazunov of Google Project Zero.
    - CVE-2023-2936: Type Confusion in V8.
      Reported by Sergei Glazunov of Google Project Zero.
    - CVE-2023-2937: Inappropriate implementation in Picture In Picture.
      Reported by NDevTK.
    - CVE-2023-2938: Inappropriate implementation in Picture In Picture.
      Reported by Alesandro Ortiz.
    - CVE-2023-2939: Insufficient data validation in Installer.
      Reported by ycdxsb from VARAS@IIE.
    - CVE-2023-2940: Inappropriate implementation in Downloads.
      Reported by Axel Chong.
    - CVE-2023-2941: Inappropriate implementation in Extensions API.
      Reported by Jasper Rebane.
  * d/copyright: properly delete some android & chromeos stuff.
  * d/patches:
    - fixes/clang-and-gcc11.patch: refresh.
    - upstream/webview-cstr.patch: drop, merged upstream.
    - upstream/monostate.patch: drop, merged upstream.
    - disable/unrar.patch: additional upstream changes required more reworking.
    - disable/android.patch: refresh, & add one more build fix.
    - disable/catapult.patch: refresh.
    - disable/swiftshader.patch: refresh.
    - disable/angle-perftest.patch: refresh.
    - system/jpeg.patch: refresh.
    - upstream/mojo.patch: regenerate from git.
    - upstream/sizet.patch: add an upstream build fix.
    - bookworm/typename.patch: include more build fixes.
    - bookworm/lambda-bug.patch -> bookworm/structured-binding-scope-bug.patch,
      and add another place it's happening (turns out it's not just lambdas).
  * Add build-dep on libevdev-dev - now required by upstream.

  [ Timothy Pearson ]
   * d/patches:
     - Refresh ppc64le patches

 -- Andres Salomon <email address hidden>  Wed, 31 May 2023 03:06:35 -0400

Upload details

Uploaded by:
Debian Chromium Team
Uploaded to:
Sid
Original maintainer:
Debian Chromium Team
Architectures:
i386 amd64 arm64 armhf ppc64el all
Section:
misc
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
chromium_114.0.5735.90-1.dsc 3.6 KiB 794561ef2b121ad435ccdeed76d7da39a9496324aceaf5f47568fb315e9d2a86
chromium_114.0.5735.90.orig.tar.xz 606.6 MiB 0d9f486511e906c4afc51c16260d85bc0a08fba1f9d46cab71dbded463c7ad91
chromium_114.0.5735.90-1.debian.tar.xz 344.7 KiB b93b25e07393ce258186ea3f390cd8449dc26a1ce7d76b3a3027d9735fac28d8

No changes file available.

Binary packages built by this source