Accepted chromium 115.0.5790.98-1 (source) into unstable

Tue, 18 Jul 2023 22:37:31 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 18 Jul 2023 17:50:00 -0500
Source: chromium
Architecture: source
Version: 115.0.5790.98-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chrom...@packages.debian.org>
Changed-By: Timothy Pearson <tpear...@raptorengineering.com>
Closes: 1037604
Changes:
 chromium (115.0.5790.98-1) unstable; urgency=high
 .
   * New upstream release
     - CVE-2023-3727: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-3728: Use after free in WebRTC.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel.
     - CVE-2023-3732: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-3733: Inappropriate implementation in WebApp Installs.
       Reported by Ahmed ElMasry.
     - CVE-2023-3734: Inappropriate implementation in Picture In Picture.
       Reported by Thomas Orlita.
     - CVE-2023-3735: Inappropriate implementation in Web API Permission 
Prompts.
       Reported by Ahmed ElMasry.
     - CVE-2023-3736: Inappropriate implementation in Custom Tabs.
       Reported by Philipp Beer (TU Wien).
     - CVE-2023-3737: Inappropriate implementation in Notifications.
       Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
     - CVE-2023-3738: Inappropriate implementation in Autofill.
       Reported by Hafiizh.
     - CVE-2023-3740: Insufficient validation of untrusted input in Themes.
       Reported by Fardeen Siddiqui.
 .
   * d/rules:
     - use system rustc installation
   * Add build-dep on rustc.
   * d/patches:
     - debianization/master-preferences.patch: upstream variable renamed
     - disable/catapult.patch: upstream changes required reworking
     - disable/tests.patch: remove new upstream puffin test data file
       dependencies
     - disable/unrar.patch: upstream changes required reworking
     - fixes/cmath.patch: add missing header include for skia
     - fixes/vector.patch: add missing header include for net
     - upstream/sizet.patch: drop, merged upstream
     - ppc64le/fixes/fix-partition-alloc-compile.patch: refresh for upstream
       changes
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
       for upstream changes
     - 
ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - 
ppc64le/third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - ppc64le/third_party/skia-vsx-instructions.patch: refresh for upstream
       changes
 .
   [ Andres Salomon ]
     - fixes/clang-and-gcc11.patch: drop, (a different version) merged upstream.
     - bookworm/typename.patch: drop parts that were merged upstream, and add
       new build fixes.
     - bookworm/structured-binding-scope-bug.patch: drop some of it, add new 
bits
     - bullseye/constexpr.patch: refresh for string -> StringPiece change.
     - bullseye/stringpiece.patch: add to work around older libre2.
     - bullseye/default-equality-op.patch: add more workarounds for older
       compilers
     - fixes/brandversion-construct.patch: add to fix build failure.
     - fixes/SkColor4f-init.patch: another missing struct constructor fix.
     - fixes/cookieresult.patch: another struct ctor build fix.
     - fixes/gcc13-with-clang14.patch: fix FTBFS with gcc-13 (closes: #1037604).
     - fixes/gcc13-headers.patch: fix a bunch of missing includes which
       gcc-13 wants
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - ppc64le/third_party/0002-third-party-boringssl-add-generated-files.patch:
       refresh.
Checksums-Sha1:
 5626dfc3d9d7a061067ac2b8c84499dff0106ff8 3665 chromium_115.0.5790.98-1.dsc
 1c5e0b541f568d54d7ec6ac0bd529eace0a8d69a 648265044 
chromium_115.0.5790.98.orig.tar.xz
 8a6694e2261ceb5477332fc54471cf8ecaa74a5c 371636 
chromium_115.0.5790.98-1.debian.tar.xz
 df8df19709e11901211d9e858908376022e91cea 20932 
chromium_115.0.5790.98-1_source.buildinfo
Checksums-Sha256:
 a17dae558958255b42a71de81d1e05ff511c5d662ba308c0dcff822b68165f6a 3665 
chromium_115.0.5790.98-1.dsc
 93076310b324d04f719881b179797a68fd630542ba39aab834af4162d1b75027 648265044 
chromium_115.0.5790.98.orig.tar.xz
 83fbb4a53b50a7834d42cb96e363544116af5d72d3617ee7f28b4b475f421611 371636 
chromium_115.0.5790.98-1.debian.tar.xz
 59fc3217dd592fbe29249a1b79f8300a7f9ca881ea8bfdbac26f31415254b15e 20932 
chromium_115.0.5790.98-1_source.buildinfo
Files:
 a6da7b503266b41c5b357b3ecb4d5c67 3665 web optional chromium_115.0.5790.98-1.dsc
 d19735a7fcce4705548051c142b22719 648265044 web optional 
chromium_115.0.5790.98.orig.tar.xz
 cc9cae00f0dcfbe1db86c79fd67f0954 371636 web optional 
chromium_115.0.5790.98-1.debian.tar.xz
 76c397ef3daa78e052b2693f7427e100 20932 web optional 
chromium_115.0.5790.98-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbljKSL6u8RwDRSBe7DyAvFcxm34FAmS3aU8ACgkQ7DyAvFcx
m36Qnw//R6mesPcZFPxKfX0rfGGjPO2U4YTpXokYn4WT5y6PIjffDhaD6NpWUS25
F1EdbqsSW8+/EQATJfjYFtZg7jhJOFhEkgJnhNFM7jdWALON8Qk/n7v/7o7w/Gi8
KmRzHNtYJVy+jh8t/77ON2nF2U+1N64UySO6KAqU9PlMd2GWSwamznBt1IIhxFJi
kRo2U55Xy6CH6VusolksMWhvUMl42p7KccwOyWuxDxJxq69hsPGO4PBh/CT1PQ+c
BJNVNgvjkoYsMVdoqI6yE7mZxBq4HNO1Oj8dRWRJoxOIQi5UdtMWRrR15YPCH77C
wClQbB3UonFyEJJlz+CaCt30vtWCgxqvxTUqliaNTijRbcAsl+V6Amt4FDhFAXz/
T4AzaFI0mc4WvaQQgNluZyYivEcTl7FPLHLrGNcrzwwk0uL6oFaDP4NADitJQQOj
h5ZvaX3VsybnFugT2hza2U89DZVeVQaoqAnVI2nSWA9CgJTSQu0pCQRwmh70YCtR
sqyFaJFlwzkMPpDSNeYM9vc2MSygynAdfsPJSLXb0jA7nxgk6QeS8d9t9T3EXnJK
Q4vKcWSKEbXuIlHeo9566D+5CyX7Hu4hRgaZOj+ImMXqo43n+8YtHqVFhEnomM78
ekDbpkiE4N/s+yZaS9pgBqyc79lRC1qNgHipjj5uFKHbARQrdmw=
=NAOA
-----END PGP SIGNATURE-----

Reply via email to