Your message dated Thu, 18 May 2023 19:59:54 +0000
with message-id <[email protected]>
and subject line Bug#992178: fixed in chromium 113.0.5672.63-1~deb11u1
has caused the Debian Bug report #992178,
regarding chromium: master_preferences has been renamed to initial_preferences
(which gets ignored by Debian's chromium build)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
992178: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992178
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: chromium
Severity: minor
Version: 90.0.4430.212-1
Tags: patch
For some customer project I did some research on the Chromium
preferences and policy system recently. (Note, that this bug report
does not have a patch attached, but points to a usable patch in
openSUSE's packaging Git, see below).
While looking at parts of the chromium source code, I found that
chromium renamed "master_preferences" to "initial_preferences" [1].
The "master_preferences" file is still legacy supported by chromium's
code base, but might be removed later.
Chromium on Windows and openSUSE (and likely other distros) honours
both files (initial_preferences, master_preferences) and
initial_preferences takes precendence (I assume, haven't tested it).
Chromium upstream expects the initial_preferences (and
master_preferences) file(s) next to the chromium executable [2]. In
Linux distros, this does not work, distro maintainers patch in some
/etc/chromium path here.
In Debian, Chromium simply honours /etc/chromium/master_preferences as
the only possible file location, the path is hard-coded [3].
In openSUSE, for example, they ship a slightly more elegant patch [4]
that I'd like to recommend for Debian's chromium, too:
```
Index:
chromium-91.0.4472.57/chrome/browser/first_run/first_run_internal_linux.cc
===================================================================
---
chromium-91.0.4472.57.orig/chrome/browser/first_run/first_run_internal_linux.cc
+++ chromium-91.0.4472.57/chrome/browser/first_run/first_run_internal_linux.cc
@@ -21,9 +21,7 @@ bool IsOrganicFirstRun() {
base::FilePath InitialPrefsPath() {
// The standard location of the initial prefs is next to the chrome binary.
base::FilePath initial_prefs;
- if (!base::PathService::Get(base::DIR_EXE, &initial_prefs))
- return base::FilePath();
-
+ initial_prefs = base::FilePath("/etc/chromium");
base::FilePath new_path =
initial_prefs.AppendASCII(installer::kInitialPrefs);
if (base::PathIsReadable(new_path))
return new_path;
```
Greets,
Mike
[1]
https://github.com/chromium/chromium/commit/119506a6d70f0932c3808aea7327a4439c931667
[2]
https://github.com/chromium/chromium/blob/d7da0240cae77824d1eda25745c4022757499131/chrome/browser/first_run/first_run_internal_linux.cc#L24
[3]
https://salsa.debian.org/chromium-team/chromium/-/blob/master/debian/patches/debianization/master-preferences.patch
[4]
https://build.opensuse.org/package/view_file/network:chromium/chromium/chromium-master-prefs-path.patch?expand=1
--
DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: [email protected], http://das-netzwerkteam.de
pgp97QRnffhna.pgp
Description: Digitale PGP-Signatur
--- End Message ---
--- Begin Message ---
Source: chromium
Source-Version: 113.0.5672.63-1~deb11u1
Done: Timothy Pearson <[email protected]>
We believe that the bug you reported is fixed in the latest version of
chromium, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Timothy Pearson <[email protected]> (supplier of updated chromium
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 03 May 2023 00:42:00 -0500
Source: chromium
Architecture: source
Version: 113.0.5672.63-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Chromium Team <[email protected]>
Changed-By: Timothy Pearson <[email protected]>
Closes: 992178 1031352
Changes:
chromium (113.0.5672.63-1~deb11u1) bullseye-security; urgency=high
.
* New upstream stable release.
- CVE-2023-2459: Inappropriate implementation in Prompts.
Reported by Rong Jian of VRI.
- CVE-2023-2460: Insufficient validation of untrusted input in Extensions.
Reported by Martin Bajanik, Fingerprint[.]com.
- CVE-2023-2461: Use after free in OS Inputs. Reported by @ginggilBesel.
- CVE-2023-2462: Inappropriate implementation in Prompts.
Reported by Alesandro Ortiz.
- CVE-2023-2463: Inappropriate implementation in Full Screen Mode.
Reported by Irvan Kurniawan (sourc7).
- CVE-2023-2464: Inappropriate implementation in PictureInPicture.
Reported by Thomas Orlita.
- CVE-2023-2465: Inappropriate implementation in CORS.
Reported by @kunte_ctf.
- CVE-2023-2466: Inappropriate implementation in Prompts.
Reported by Jasper Rebane (popstonia).
- CVE-2023-2467: Inappropriate implementation in Prompts.
Reported by Thomas Orlita.
- CVE-2023-2468: Inappropriate implementation in PictureInPicture.
Reported by Alesandro Ortiz.
.
[ Andres Salomon]
* Remove Michel from Uploaders.
* Build against libopenh264-dev (closes: #1031352).
* d/copyright:
- drop fuchsia*: entirely different OS.
- drop chrome/build: 200MB of PGO optimizations for official chrome
builds.
- drop third_party/updater: upstream included update binary.
- re-add part of chrome/browser/resources/chromeos/ and chrome/android/ to
fix build errors.
* d/patches:
- debianization/master-preferences.patch: check for initial_preferences or
master_preferences, rather than just for the latter (closes: #992178).
- disable/unrar.patch: complete rewrite for upstream's nested archive
changes.
- disable/catapult.patch: refresh.
- upstream/webview-cstr.patch: add simple build fix from upstream.
- upstream/monostate.patch: add simple build fix from upstream.
- bookworm/clang-attribs.patch: build fix for clang-14 to keep from
generating hundreds of warnings per compilation unit.
- bookworm/typename.patch: add another build fix for missing typename.
- bookworm/lamba-bug.patch: add to work around compiler bug (clang < 16).
- bullseye/constexpr.patch: work around build failure w/ bullseye's
clang/libstdc++.
- disable/openh264.patch -> bullseye/openh264.patch, and stop using it
for sid & bookworm.
- bullseye/disable-mojo-ipcz.patch: refresh.
- bullseye/mulodic.patch: refresh.
.
[ Timothy Pearson ]
* d/patches:
- Set baseline ppc64 CPU to POWER ISA 3.0 (OpenPOWER, POWER9)
- Enable VSX acceleration in Skia
- Refresh
ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch
- Add fixes for new Highway library on ppc64
- Suppress harmless warning messages from compiler during ppc64 builds
Checksums-Sha1:
8179c0e2fed12398037539ea40fbb9eb4475b212 3773
chromium_113.0.5672.63-1~deb11u1.dsc
cca0f24f7efb542e274cc8e1be88a2c581cd0232 641791112
chromium_113.0.5672.63.orig.tar.xz
99d8d4ec05c3eaa7fcf4377a59a44df28873a8a8 353804
chromium_113.0.5672.63-1~deb11u1.debian.tar.xz
27660ba749e2ac4fff6d86c0f27a388cb1b9f09f 22800
chromium_113.0.5672.63-1~deb11u1_source.buildinfo
Checksums-Sha256:
f5391b154574864b38b6abe29c66f8b29ce0b62807c800cb5e514ed282518e15 3773
chromium_113.0.5672.63-1~deb11u1.dsc
fb20dfd94e91fd1bc4463e9f47421e597f6fd8c9bbdf1b249990dd58ae5c1d8b 641791112
chromium_113.0.5672.63.orig.tar.xz
3e13f14e3c243d4e90d330cb7dce8432862328262aff9cc1f3430989910fb873 353804
chromium_113.0.5672.63-1~deb11u1.debian.tar.xz
1f610a0cae80b21edae38a274f0b0c10a1c7412df4591fe2a09f9b212bbec277 22800
chromium_113.0.5672.63-1~deb11u1_source.buildinfo
Files:
1d8456b37e3c84ae0b6e39f1ae1876ac 3773 web optional
chromium_113.0.5672.63-1~deb11u1.dsc
aee5d6b1ed9af64cf0d2414e233f9362 641791112 web optional
chromium_113.0.5672.63.orig.tar.xz
41b8996c16e72a0ab2d3582d22820190 353804 web optional
chromium_113.0.5672.63-1~deb11u1.debian.tar.xz
4ce39c1ed62fbf4daa28b030ecab80fd 22800 web optional
chromium_113.0.5672.63-1~deb11u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmRSBzcUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjcRFQ/+PBWRHHpuktXoUrrPN5LuF5wAFP9u
GHZ2/1FlLD/PZgbdInclYAXNwGRA5tx2b5iBLdquwg3qqkXWq5EVssM8P/noqQku
Vl8+puFv3RqvSDk/Ao80crQGnMHWNeGGNg4aqNvk4XT7GS0mZ1nyqIG++0+kIoYq
D2zr5d7609e6zsGg7/hEXC+y6ynaf/Jv/644R50K7UZL0ychcqLIYEE3HWjZ2Sf5
OHW01ZWEclSFGBcsQRa0Uf6Ea+ckUgiKq8cyC2m+Weu2p0j6pwF1IJZVHa9l2+gM
CItSKkQEWga58YwXI2trPfIPs26jEUMyosAQ92h8VK7dhdCN8lEyJ2GnWrJ+Z5u2
wTsWqxHpvIGuaLSTsyAcdsgaAKwOdFCFdhrFGtxdeeLnEX+FFfp6tP4KUEJ7jq4P
+FTb2eGx40GSfUIk/dMI3YIraqFeeD8XRMXYIEtT5EQVkY6UCSN1WFj7xvmlgxfU
XAAAzDx00Hc8ssu+KKDhcdMwMMai0ZINufvQsuyU4qtkCY8yxodvQoPbHVutTGWv
nrVeNuuT5qKuN8xAQPM6q0rKwShlJF1hyXvAIg5TmI/CO8u7g2qnyLYclusWWQc9
1pIbX8GUwWYKbsk7lyRJCbrzaOR5EghIj4H1aDOxv68ZfKSUvJLD/oTtbR1d/NQe
J9ksXjsGtlRPfJc=
=xudv
-----END PGP SIGNATURE-----
--- End Message ---
