Debian
chromium package

chromium 119.0.6045.105-1 source package in Debian

Changelog

chromium (119.0.6045.105-1) unstable; urgency=high

  * New upstream stable release.
    - CVE-2023-5480: Inappropriate implementation in Payments.
      Reported by Vsevolod Kokorin (Slonser) of Solidlab.
    - CVE-2023-5482: Insufficient data validation in USB. Reported by DarkNavy.
    - CVE-2023-5849: Integer overflow in USB. Reported by DarkNavy.
    - CVE-2023-5850: Incorrect security UI in Downloads.
      Reported by Mohit Raj (shadow2639) .
    - CVE-2023-5851: Inappropriate implementation in Downloads.
      Reported by Shaheen Fazim.
    - CVE-2023-5852: Use after free in Printing. Reported by [pwn2car].
    - CVE-2023-5853: Incorrect security UI in Downloads. Reported by Hafiizh.
    - CVE-2023-5854: Use after free in Profiles.
      Reported by Dohyun Lee (@l33d0hyun) of SSD-Disclosure Labs & DNSLab, Korea Univ.
    - CVE-2023-5855: Use after free in Reading Mode. Reported by ChaobinZhang.
    - CVE-2023-5856: Use after free in Side Panel.
      Reported by Weipeng Jiang (@Krace) of VRI.
    - CVE-2023-5857: Inappropriate implementation in Downloads.
      Reported by Will Dormann.
    - CVE-2023-5858: Inappropriate implementation in WebApp Provider.
      Reported by Axel Chong.
    - CVE-2023-5859: Incorrect security UI in Picture In Picture.
      Reported by Junsung Lee
  * d/patches:
    - patches/bullseye/constexpr.patch: Add MiracleParameter workaround
  * d/patches/ppc64le:
    - Mass refresh all patches against 119 codebase.  No functional change.

  [ Andres Salomon ]
  * d/patches:
    - fixes/gcc13-headers.patch: drop parts that have been merged upstream.
    - fixes/perfetto.patch: drop part that was merged upstream.
    - upstream/sensor-reading.patch: drop, merged upstream.
    - upstream/lweight.patch: drop, merged upstream.
    - upstream/freetype.patch: drop, merged upstream.
    - upstream/sizet.patch: drop, merged upstream.
    - disable/catapult.patch: drop an unused hunk.
    - disable/widevine-cdm-cu.patch: refresh.
    - disable/privacy-sandbox.patch: rename, sync up with ungoogled-chromium,
      and use the full ungoogled patch. The privacy sandbox config interface
      is now gone, with no way to enable it.
    - ungoogled/core/ungoogled-chromium/disable-web-environment-integrity.patch:
      sync up with with ungoogled-chromium, and rename.
    - fixes/blink-frags.patch: additional build fix for libstdc++13.
    - fixes/gcc13-with-clang14.patch: drop, now that we've switched to clang-16.
    - fixes/atspi.patch: fix build failure with atspi >= 2.50.

 -- Timothy Pearson <email address hidden>  Tue, 31 Oct 2023 23:50:00 -0500

Upload details

Uploaded by:
Debian Chromium Team
Uploaded to:
Sid
Original maintainer:
Debian Chromium Team
Architectures:
i386 amd64 arm64 armhf ppc64el all
Section:
misc
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
chromium_119.0.6045.105-1.dsc 3.6 KiB 5a7a01f462941e4f3ad7e46d0e53abfa3d2dd45849c58c64c015bd6e3aa9c161
chromium_119.0.6045.105.orig.tar.xz 748.3 MiB 003634027060057f135a75d71821ba85a796b1528567ca1b8e9caa83b95bf518
chromium_119.0.6045.105-1.debian.tar.xz 350.1 KiB 4630ec5259cffc177d87408713e71e9d019a260dd88e07c084c3b6f439ef280b

No changes file available.

Binary packages built by this source