Package: chromium Version: 116.0.5845.180-1 Severity: grave Tags: security Justification: user security hole X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Dear Maintainer, 116.0.5845.187 fixes a critical remote vulnerability in chrome [$NA][1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP. Reported by Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at The University of Torontoʼs Munk School on 2023-09-06 https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html Might want to look into this at least (attempt 3, my reportbug broke sorry) Jeff Cliff -- System Information: Debian Release: trixie/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'stable-debug'), (500, 'oldstable-debug') Architecture: amd64 (x86_64) Kernel: Linux 6.5.0-gnulibre (SMP w/2 CPU threads; PREEMPT) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE=en_CA:en Shell: /bin/sh linked to /usr/bin/dash Init: sysvinit (via /sbin/init) LSM: AppArmor: enabled Versions of packages chromium depends on: pn chromium-common <none> ii libasound2 1.2.9-2 ii libatk-bridge2.0-0 2.49.91-2 ii libatk1.0-0 2.49.91-2 ii libatomic1 13.2.0-3 ii libatspi2.0-0 2.49.91-2 ii libbrotli1 1.0.9-2+b6 ii libc6 2.37-7 ii libcairo2 1.17.8-3 ii libcups2 2.4.2-5 ii libdbus-1-3 1.14.10-1devuan1 ii libdouble-conversion3 3.3.0-1 ii libdrm2 2.4.115-1 ii libevent-2.1-7 2.1.12-stable-8 ii libexpat1 2.5.0-2 ii libflac12 1.4.3+ds-2 ii libfontconfig1 2.14.2-5 ii libfreetype6 2.13.2+dfsg-1 ii libgbm1 23.1.7-1 ii libgcc-s1 13.2.0-3 ii libglib2.0-0 2.77.3-1 ii libgtk-3-0 3.24.38-4 ii libjpeg62-turbo 1:2.1.5-2 ii libjsoncpp25 1.9.5-6 ii liblcms2-2 2.14-2 ii libminizip1 1:1.2.13.dfsg-3 ii libnspr4 2:4.35-1.1 ii libnss3 2:3.92-1 pn libopenh264-7 <none> ii libopenjp2-7 2.5.0-2 ii libopus0 1.4-1 ii libpango-1.0-0 1.51.0+ds-2 ii libpng16-16 1.6.40-1 ii libpulse0 16.1+dfsg1-2+b1 ii libsnappy1v5 1.1.10-1 ii libstdc++6 13.2.0-3 ii libwebp7 1.2.4-0.2 ii libwebpdemux2 1.2.4-0.2 ii libwebpmux3 1.2.4-0.2 ii libwoff1 1.0.2-2 ii libx11-6 2:1.8.6-1 ii libxcb1 1.15-1 ii libxcomposite1 1:0.4.5-1 ii libxdamage1 1:1.1.6-1 ii libxext6 2:1.3.4-1+b1 ii libxfixes3 1:6.0.0-2 ii libxkbcommon0 1.5.0-1 ii libxml2 2.9.14+dfsg-1.3 ii libxnvctrl0 525.125.06-1 ii libxrandr2 2:1.5.2-2+b1 ii libxslt1.1 1.1.35-1 ii zlib1g 1:1.2.13.dfsg-3 Versions of packages chromium recommends: pn chromium-sandbox <none> Versions of packages chromium suggests: pn chromium-driver <none> pn chromium-l10n <none> pn chromium-shell <none>