Debian
chromium package

chromium 90.0.4430.72-1 source package in Debian

Changelog

chromium (90.0.4430.72-1) unstable; urgency=medium

  * New upstream security release (closes: #987053).
    - CVE-2021-21201: Use after free in permissions. Reported by Gengming Liu
      and Jianyu Chen when working at Tencent KeenLab
    - CVE-2021-21202: Use after free in extensions. Reported by David Erceg
    - CVE-2021-21203: Use after free in Blink. Reported by asnine
    - CVE-2021-21204: Use after free in Blink. Reported by Chelse Tsai-Simek,
      Jeanette Ulloa, and Emily Voigtlander of Seesaw
    - CVE-2021-21205: Insufficient policy enforcement in navigation. Reported
      by Alison Huffman, Microsoft Browser Vulnerability Research
    - CVE-2021-21221: Insufficient validation of untrusted input in Mojo.
      Reported by Guang Gong of Alpha Lab, Qihoo 360
    - CVE-2021-21207: Use after free in IndexedDB. Reported by koocola
      @alo_cook and Nan Wang @eternalsakura13 of 360 Alpha Lab
    - CVE-2021-21208: Insufficient data validation in QR scanner. Reported by
      Ahmed Elsobky @0xsobky
    - CVE-2021-21209: Inappropriate implementation in storage. Reported by Tom
      Van Goethem @tomvangoethem
    - CVE-2021-21210: Inappropriate implementation in Network. Reported by
      @bananabr
    - CVE-2021-21211: Inappropriate implementation in Navigation. Reported by
      Akash Labade m0ns7er
    - CVE-2021-21212: Incorrect security UI in Network Config UI. Reported by
      Hugo Hue and Sze Yiu Chau of the Chinese University of Hong Kong
    - CVE-2021-21213: Use after free in WebMIDI. Reported by raven
      @raid_akame
    - CVE-2021-21214: Use after free in Network API. Reported by Anonymous
    - CVE-2021-21215: Inappropriate implementation in Autofill. Reported by
      Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
    - CVE-2021-21216: Inappropriate implementation in Autofill. Reported by
      Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
    - CVE-2021-21217: Uninitialized Use in PDFium. Reported by Zhou Aiting
      @zhouat1 of Qihoo 360 Vulcan Team
    - CVE-2021-21218: Uninitialized Use in PDFium. Reported by Zhou Aiting
      @zhouat1 of Qihoo 360 Vulcan Team
    - CVE-2021-21219: Uninitialized Use in PDFium. Reported by Zhou Aiting
      @zhouat1 of Qihoo 360 Vulcan Team

 -- Michel Le Bihan <email address hidden>  Mon, 19 Apr 2021 19:13:47 +0200

Upload details

Uploaded by:
Debian Chromium Team
Uploaded to:
Sid
Original maintainer:
Debian Chromium Team
Architectures:
i386 amd64 arm64 armhf all
Section:
misc
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
chromium_90.0.4430.72-1.dsc 3.6 KiB 43a89bf70f68f91ddc1b06d859dc4f2a9927a54fedab62b2fdc9579205324383
chromium_90.0.4430.72.orig.tar.xz 429.9 MiB 6300ae42d40608d253ab8616c2c80ad002ca580e8fe54141b207c024068514bb
chromium_90.0.4430.72-1.debian.tar.xz 212.1 KiB 3aa09c3ba706b18dc5e52329c27e883b0c0f3814d0e5948d9762764b59552e1a

No changes file available.

Binary packages built by this source