chromium (134.0.6998.117-1) unstable; urgency=high
* New upstream security release.
- CVE-2025-2476: Use after free in Lens.
Reported by SungKwon Lee of Enki Whitehat.
-- Andres Salomon <dilinger@debian.org> Wed, 19 Mar 2025 20:04:39 -0400
chromium (134.0.6998.88-1) unstable; urgency=high
* New upstream security release.
- CVE-2025-1920: Type Confusion in V8. Reported by Excello s.r.o.
- CVE-2025-2135: Type Confusion in V8.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2025-24201: Out of bounds write in GPU on Mac. Reported by
Apple Security Engineering and Architecture (SEAR).
- CVE-2025-2136: Use after free in Inspector. Reported by Sakana.S.
- CVE-2025-2137: Out of bounds read in V8. Reported by zeroxiaobai@.
-- Andres Salomon <dilinger@debian.org> Tue, 11 Mar 2025 14:28:43 -0400
chromium (134.0.6998.35-3) unstable; urgency=high
* Fix FTBFS with pipewire 1.4.0.
-- Andres Salomon <dilinger@debian.org> Sat, 08 Mar 2025 13:35:36 -0500
chromium (134.0.6998.35-2) unstable; urgency=high
* Revert "Have chromium-driver depend upon chromium-common instead of
chromium" to make autopkgtests of various packages happy.
-- Andres Salomon <dilinger@debian.org> Fri, 07 Mar 2025 00:58:06 -0500
chromium (134.0.6998.35-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2025-1914: Out of bounds read in V8. Reported by
Zhenghang Xiao (@Kipreyyy) and Nan Wang (@eternalsakura13).
- CVE-2025-1915: Improper Limitation of a Pathname to a Restricted
Directory in DevTools. Reported by Topi Lassila.
- CVE-2025-1916: Use after free in Profiles.
Reported by parkminchan, SSD Labs Korea.
- CVE-2025-1917: Inappropriate Implementation in Browser UI.
Reported by Khalil Zhani.
- CVE-2025-1918: Out of bounds read in PDFium. Reported by asnine.
- CVE-2025-1919: Out of bounds read in Media.
Reported by @Bl1nnnk and @Pisanbao.
- CVE-2025-1921: Inappropriate Implementation in Media Stream.
Reported by Kaiido.
- CVE-2025-1922: Inappropriate Implementation in Selection.
Reported by Alesandro Ortiz.
- CVE-2025-1923: Inappropriate Implementation in Permission Prompts.
Reported by Khalil Zhani.
* d/patches:
- fixes/widevine-revision.patch: drop. Upstream says "with CDMs using
manifest-based registration, no need to" hardcode version string.
- disable/catapult.patch: refresh.
- bookworm/clang19.patch: refresh.
- ungoogled/disable-privacy-sandbox.patch: refresh from ungoogled.
- bookworm/gn-allowlist.patch: add workaround for older gn.
- bookworm/adler1.patch: add workaround for older rust.
- fixes/stdatomic.patch: add build fix to ensure <stdatomic.h> isn't
used.
- fixes/variant.patch: add missing header include.
- upstream/qualifications.patch: add fix to silence annoying warnings.
- upstream/optional.patch: add more missing header includes.
* d/rules: update to ensure both qt5 AND qt6 are disabled.
[ Timothy Pearson ]
* d/patches:
- fixes/swiftshader-llvm.patch: Add LLVM patches from upstream LLVM
project to fix integrated SwiftShader LLVM FTBFS
* d/patches/ppc64le:
- third_party/0001-Add-PPC64-support-for-boringssl.patch: Refresh for
upstream changes
-- Andres Salomon <dilinger@debian.org> Wed, 05 Mar 2025 13:26:45 -0500
chromium (133.0.6943.141-2) unstable; urgency=high
* Add a bunch of lintian overrides for embedded libraries.
-- Andres Salomon <dilinger@debian.org> Fri, 28 Feb 2025 22:37:45 -0500
chromium (133.0.6943.141-1) unstable; urgency=high
* New upstream security release (no CVEs).
* Move various .pak files from chromium package to chromium-common.
* Have chromium-driver depend upon chromium-common instead of chromium.
* Double quote args in chromium-shell script (closes: #971906).
* Add new package 'chromium-headless-shell' that is equivalent to the
now-removed --headless=old argument (closes: #1081204).
* d/patches/fixes/headless-gn.patch: add build fix for headless_shell.
-- Andres Salomon <dilinger@debian.org> Fri, 28 Feb 2025 16:16:33 -0500
chromium (133.0.6943.126-1) unstable; urgency=high
* New upstream security release.
- CVE-2025-0999: Heap buffer overflow in V8.
Reported by Seunghyun Lee (@0x10n).
- CVE-2025-1426: Heap buffer overflow in GPU.
Reported by un3xploitable && GF.
- CVE-2025-1006: Use after free in Network. Reported by Tal Keren, Sam
Agranat, Eran Rom, Edouard Bochin, Adam Hatsir of Palo Alto Networks.
* d/patches:
- fixes/bindgen-unsafe-op.patch: drop now that sid's bindgen is fixed.
-- Andres Salomon <dilinger@debian.org> Thu, 20 Feb 2025 00:16:49 -0500
chromium (133.0.6943.98-1) unstable; urgency=high
* New upstream security release.
- CVE-2025-0995: Use after free in V8. Reported by Popax21.
- CVE-2025-0996: Inappropriate implementation in Browser UI.
Reported by yuki yamaoto.
- CVE-2025-0997: Use after free in Navigation. Reported by asnine.
- CVE-2025-0998: Out of bounds memory access in V8.
Reported by Alan Goodman.
* d/patches:
- fixes/bindgen-unsafe-op.patch: add a workaround for a bindgen bug
that causes FTBFS on armhf.
-- Andres Salomon <dilinger@debian.org> Wed, 12 Feb 2025 21:35:00 -0500
chromium (133.0.6943.53-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2025-0444: Use after free in Skia.
Reported by Francisco Alonso (@revskills).
- CVE-2025-0445: Use after free in V8. Reported by 303f06e3.
- CVE-2025-0451: Inappropriate implementation in Extensions API.
Reported by Vitor Torres and Alesandro Ortiz.
* Stop deleting third_party/highway, drop libhwy-dev build-dep, and
build against the bundled libhwy due to new API requirements.
* d/patches:
- fixes/highway-include-path.patch: drop; switching to bundled hwy.
- upstream/array.patch: drop, merged upstream.
- upstream/ink-isfinite.patch: drop, merged upstream.
- upstream/ruy-include.patch: drop, merged upstream.
- upstream/uint.patch: drop, merged upstream.
- upstream/variant.patch: drop, merged upstream.
- upstream/webrtc-optional.patch: drop, merged upstream.
- fixes/perfetto.patch: drop, merged upstream.
- system/event.patch: drop, upstream no longer uses libevent.
- ungoogled/disable-privacy-sandbox.patch: refresh from upstream.
- fixes/highway-include-path.patch: delete a libhwy build test, add
another header build fix.
- bookworm/clang19.patch: add patch to disable unsupported build args
- fixes/optional.patch: add header build fix.
[ Timothy Pearson ]
* d/patches/ppc64le:
- third_party/0001-Add-PPC64-support-for-boringssl.patch: Refresh for
upstream changes
- third_party/0002-Add-PPC64-generated-files-for-boringssl.patch:
Refresh for upstream changes
- third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
Refresh for upstream changes
- third_party/0001-third-party-hwy-wrong-include.patch: Work around
incorrect header include
-- Andres Salomon <dilinger@debian.org> Wed, 05 Feb 2025 00:18:56 -0500
chromium (132.0.6834.159-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream security release.
- CVE-2025-0762: Use after free in DevTools. Reported by Sakana.S.
[ Daniel Richard G. ]
* d/copyright: Sort the list of Files-Excluded: entries, remove a few
that are no longer needed, and consolidate some others with brackets.
* d/rules:
- Use simple assignments for variables defined using $(shell ...)
to avoid recursive-expansion issues with GNU Make 4.4.1.
- Download the upstream lite tarball instead of the regular one now
that the former has everything we need.
- Delete empty directories when making the orig-source tarball.
-- Andres Salomon <dilinger@debian.org> Tue, 28 Jan 2025 20:26:06 -0500
chromium (132.0.6834.110-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream security release.
- CVE-2025-0611: Object corruption in V8. Reported by 303f06e3.
- CVE-2025-0612: Out of bounds memory access in V8.
Reported by Alan Goodman.
* d/patches/upstream/mojo.patch: drop, upstream tarballs are now fixed.
* d/chromium-shell.NEWS: ask users of the chromium-shell package to
email me; otherwise, chromium-shell will be removed in the future.
[ Ahmad Khalifa ]
* d/NEWS uses missing release, set it to nearest to silence lintian.
* d/control: replace obsolete pkg-config with pkgconf.
* d/upstream/metadata: switch fields to expected case.
* d/patches/series: help lintian ignore unused bullseye patches.
[ Daniel Richard G. ]
* d/etc/dev-shm: Add --disable-dev-shm-usage if the system has less than
~4 GB available in /dev/shm to avoid crashes (closes: #1072299).
[ Jianfeng Liu ]
* d/patches:
- fixes/libsync-rk3588-panthor.patch: Fix upstream issue #343592370,
which can cause browser crash when running with ozone wayland on
rk3588 platform.
-- Andres Salomon <dilinger@debian.org> Wed, 22 Jan 2025 16:36:45 -0500
chromium (132.0.6834.83-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2025-0434: Out of bounds memory access in V8. Reported by ddme.
- CVE-2025-0435: Inappropriate implementation in Navigation.
Reported by Alesandro Ortiz.
- CVE-2025-0436: Integer overflow in Skia.
Reported by Han Zheng (HexHive).
- CVE-2025-0437: Out of bounds read in Metrics.
Reported by Xiantong Hou of Wuheng Lab and Pisanbao.
- CVE-2025-0438: Stack buffer overflow in Tracing.
Reported by Han Zheng (HexHive).
- CVE-2025-0439: Race in Frames. Reported by Hafiizh.
- CVE-2025-0440: Inappropriate implementation in Fullscreen.
Reported by Umar Farooq.
- CVE-2025-0441: Inappropriate implementation in Fenced Frames.
Reported by someoneverycurious.
- CVE-2025-0442: Inappropriate implementation in Payments.
Reported by Ahmed ElMasry.
- CVE-2025-0443: Insufficient data validation in Extensions.
Reported by Anonymous.
- CVE-2025-0446: Inappropriate implementation in Extensions.
Reported by Hafiizh.
- CVE-2025-0447: Inappropriate implementation in Navigation.
Reported by Khiem Tran (@duckhiem).
- CVE-2025-0448: Inappropriate implementation in Compositing.
Reported by Dahyeon Park.
* d/patches:
- upstream/blink-fix-size-assertions.patch: drop, merged upstream.
- upstream/dawn-strlen.patch: drop, merged upstream.
- upstream/mrc-copy-op.patch: drop, merged upstream.
- upstream/variant.patch: part of this was merged upstream; keep the
rest.
- fixes/freetype.patch: drop, merged upstream.
- fixes/gpu-crash.patch: drop, merged upstream.
- fixes/bindgen.patch: refresh and make patch even smaller. Also some
upstream churn.
- fixes/fix-assert-in-vnc-sessions.patch: refresh.
- ungoogled/disable-privacy-sandbox.patch: refresh.
- upstream/mojo.patch: fix missing files.
- upstream/uint.patch: add gcc-specific build fix.
- bookworm/constflatset.patch: add (probably) gcc-specific workaround.
- fixes/lens-optional.patch: add gcc-specific build fix.
* Downgrade to rollup3 for devtools-frontend stuff, due to the bundled
rollup4 including wasm blobs. Update d/patches/system/rollup.patch to
point to the right place as well, and build-dep on
node-rollup-plugin-terser.
* Build against newer bundled libtiff for memory limiting protection.
* Switch to bundled libdrm due to DRM_IOCTL_SYNCOBJ_EVENTFD usage.
[ Timothy Pearson ]
* d/patches/ppc64le:
- workarounds/HACK-debian-clang-disable-skia-musttail.patch: Drop due
to upstream fixes
- third_party/skia-vsx-instructions.patch: Refresh for upstream changes
-- Andres Salomon <dilinger@debian.org> Tue, 14 Jan 2025 21:20:43 -0500
chromium (131.0.6778.264-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream security release.
- CVE-2025-0291: Type Confusion in V8. Reported by Popax21.
* d/copyright: Delete some unused upstream binaries that we'd
previously missed (closes: #1091459).
[ Bo YU ]
* Enable 0001-swiftshader-fix-build.patch on ppc64el again to fix
FTBFS issue.
-- Andres Salomon <dilinger@debian.org> Wed, 08 Jan 2025 11:26:36 -0500
chromium (131.0.6778.204-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream security release.
- CVE-2024-12692: Type Confusion in V8.
Reported by Seunghyun Lee (@0x10n).
- CVE-2024-12693: Out of bounds memory access in V8.
Reported by 303f06e3.
- CVE-2024-12694: Use after free in Compositing. Reported by Anonymous.
- CVE-2024-12695: Out of bounds write in V8. Reported by 303f06e3.
* d/patches/fixes/absl-optional.patch: comment out __glibcxx_assert()
that we keep hitting with gcc 12; it was previously commented out, but
we lost the change when we switched from libstdc++ and then back.
[ Bo Yu ]
* Build swiftshader with llvm-16 instead of llvm-10.
-- Andres Salomon <dilinger@debian.org> Wed, 18 Dec 2024 16:52:56 -0500
chromium (131.0.6778.139-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream security release.
- CVE-2024-12381: Type Confusion in V8.
Reported by Seunghyun Lee (@0x10n).
- CVE-2024-12382: Use after free in Translate. Reported by
lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group.
* (Temporarily?) switch from llvm's libc++ to gcc's libstdc++ to
simplify the prior clang-16/19 upgrades.
* d/patches:
- fixes/bindgen.patch: refresh.
- upstream/dawn-strlen.patch: add gcc-specific build fix.
- upstream/ink-isfinite.patch: add gcc-specific build fix.
- upstream/webrtc-optional.patch: add gcc-specific build fix.
- upstream/variant.patch: add gcc-specific build fixes.
- upstream/array.patch: add gcc-specific build fix.
- fixes/absl-optional.patch: re-introduce clang/gcc build workaround.
- upstream/mrc-copy-op.patch: add gcc-specific build fix.
- fixes/font-gc-asan.patch: add a better workaround for bad font-gc
behavior under libstdc++. This is self-contained and small, unlike
the prior reverts of the switch to font garbage collection.
[ Nathan Teodosio ]
* Simplify fixes/bindgen.patch so it doesn't need frequent rebasing.
[ Daniel Richard G. ]
* d/copyright: Expand list of Files-Excluded: entries.
* d/rules: Various updates to get-orig-source rule, including use of
grep-dctrl(1) and the LASTCHANGE.committime timestamp.
* d/scripts/check-upstream: Avoid issues with inaccurate $(pwd) value and
spaces in filenames, and print all errors instead of only the first one.
-- Andres Salomon <dilinger@debian.org> Wed, 11 Dec 2024 15:33:53 -0500
chromium (131.0.6778.108-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-12053: Type Confusion in V8.
Reported by gal1ium and chluo.
-- Andres Salomon <dilinger@debian.org> Wed, 04 Dec 2024 01:55:50 -0500
chromium (131.0.6778.85-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2024-11110: Inappropriate implementation in Blink.
Reported by Vsevolod Kokorin (Slonser) of Solidlab.
- CVE-2024-11111: Inappropriate implementation in Autofill.
Reported by Narendra Bhati, Suma Soft Pvt. Ltd - Pune (India).
- CVE-2024-11112: Use after free in Media. Reported by
Nan Wang(@eternalsakura13) and Zhenghang Xiao(@Kipreyyy) of
360 Vulnerability Research Institute.
- CVE-2024-11113: Use after free in Accessibility.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2024-11114: Inappropriate implementation in Views.
Reported by Micky.
- CVE-2024-11115: Insufficient policy enforcement in Navigation.
Reported by mastersplinter.
- CVE-2024-11116: Inappropriate implementation in Paint.
Reported by Thomas Orlita.
- CVE-2024-11117: Inappropriate implementation in FileSystem.
Reported by Ameen Basha M K.
- CVE-2024-11395: Type Confusion in V8. Reported by Anonymous.
* d/patches:
- upstream/wayland-gbm-pixmap.patch: drop, merged upstream.
- disable/catapult.patch: refresh.
- fixes/bindgen.patch: refresh.
- fixes/freetype.patch: add new patch to fix missing
enable_freetype arg declaration.
- fixes/updater-test.patch: add simple build fix for deleted
third_party/updater/.
[ Timothy Pearson ]
* d/patches/ppc64le:
- workarounds/HACK-debian-clang-disable-pa-musttail.patch: Work around
additional upstream musttail definitions
- workarounds/HACK-debian-clang-disable-base-musttail.patch: Refresh for
upstream changes
- third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
Refresh for upstream changes
-- Andres Salomon <dilinger@debian.org> Thu, 21 Nov 2024 16:12:03 -0500
chromium (130.0.6723.116-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-10826: Use after free in Family Experiences.
Reported by Anonymous.
- CVE-2024-10827: Use after free in Serial. Reported by Anonymous.
-- Andres Salomon <dilinger@debian.org> Wed, 06 Nov 2024 02:30:57 -0500
chromium (130.0.6723.91-2) unstable; urgency=high
* d/patches/fixes/armhf-timespec.patch: add patch to fix armhf FTBFS.
-- Andres Salomon <dilinger@debian.org> Sun, 03 Nov 2024 02:47:53 -0500
chromium (130.0.6723.91-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-10487: Out of bounds write in Dawn.
Reported by Apple Security Engineering and Architecture (SEAR).
- CVE-2024-10488: Use after free in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
-- Andres Salomon <dilinger@debian.org> Tue, 29 Oct 2024 20:36:38 -0400
chromium (130.0.6723.69-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-10229: Inappropriate implementation in Extensions.
Reported by Vsevolod Kokorin (Slonser) of Solidlab.
- CVE-2024-10230: Type Confusion in V8.
Reported by Seunghyun Lee (@0x10n).
- CVE-2024-10231: Type Confusion in V8.
Reported by Seunghyun Lee (@0x10n).
-- Andres Salomon <dilinger@debian.org> Tue, 22 Oct 2024 21:34:57 -0400
chromium (130.0.6723.58-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2024-9954: Use after free in AI. Reported by DarkNavy.
- CVE-2024-9955: Use after free in Web Authentication.
Reported by anonymous.
- CVE-2024-9956: Inappropriate implementation in Web Authentication.
Reported by mastersplinter.
- CVE-2024-9957: Use after free in UI. Reported by lime(@limeSec_) and
fmyy(@binary_fmyy) From TIANGONG Team of Legendsec at QI-ANXIN Group.
- CVE-2024-9958: Inappropriate implementation in PictureInPicture.
Reported by Lyra Rebane (rebane2001).
- CVE-2024-9959: Use after free in DevTools. Reported by Sakana.S.
- CVE-2024-9960: Use after free in Dawn. Reported by Anonymous.
- CVE-2024-9961: Use after free in Parcel Tracking. Reported by
lime(@limeSec_) and fmyy(@binary_fmyy) From TIANGONG Team of
Legendsec at QI-ANXIN Group.
- CVE-2024-9962: Inappropriate implementation in Permissions.
Reported by Shaheen Fazim.
- CVE-2024-9963: Insufficient data validation in Downloads.
Reported by Anonymous.
- CVE-2024-9964: Inappropriate implementation in Payments.
Reported by Hafiizh.
- CVE-2024-9965: Insufficient data validation in DevTools.
Reported by Shaheen Fazim.
- CVE-2024-9966: Inappropriate implementation in Navigations.
Reported by Harry Chen.
* d/copyright: rollup -> @rollup deletion.
* d/patches:
- debianization/sandbox.patch: refresh.
- fixes/bindgen.patch: refresh.
- disable/catapult.patch: refresh.
- system/zlib.patch: drop. Upstream removed courgette, and its
replacement (zucchini) doesn't appear to use zlib.
- system/rollup.patch: update path due to upstream renaming; call
./rollup/.../rollup instead of ./@rollup/wasm-node/.../rollup.
- system/event.patch: drop half of patch due to upstream deletions.
- upstream/mojo-null.patch: merged into mojo.patch.
- upstream/mojo.patch: update based on 130 test files.
[ Daniel Richard G. ]
* d/rules: Drop the clang-16 -I/-Wl,-rpath flags from CXXFLAGS/LDFLAGS as
they are no longer needed.
[ Timothy Pearson ]
* d/patches:
- upstream/blink-fix-size-assertions.patch: Fix build on non-amd64
platforms
- fixes/fix-assert-in-vnc-sessions.patch: Fix assertion and SIGTRAP
when starting Chromium from within a VNC session
* d/patches/ppc64le:
- core/add-ppc64-pthread-stack-size.patch: Define correct pthread
stack size on ppc64 systems
- core/cargo-add-ppc64.diff
- third_party/0001-Add-PPC64-support-for-boringssl.patch: Refresh for
upstream changes
- third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when-
.patch: Refresh for upstream changes
- third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
Refresh for upstream changes
- third_party/skia-vsx-instructions.patch: Refresh for upstream changes
- workarounds/HACK-debian-clang-disable-skia-musttail.patch: Refresh
for upstream changes
-- Andres Salomon <dilinger@debian.org> Sat, 19 Oct 2024 01:12:11 -0400
chromium (129.0.6668.100-2) unstable; urgency=high
* Switch to using clang-19, and drop all d/patches/bookworm/ workarounds
except for libxml-parsererr.patch (closes: #1081241).
-- Andres Salomon <dilinger@debian.org> Wed, 09 Oct 2024 14:13:00 -0400
chromium (129.0.6668.100-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-9602: Type Confusion in V8.
Reported by Seunghyun Lee (@0x10n).
- CVE-2024-9603: Type Confusion in V8.
Reported by @WeShotTheMoon and @Nguyen Hoang Thach of starlabs.
-- Andres Salomon <dilinger@debian.org> Tue, 08 Oct 2024 19:36:09 -0400
chromium (129.0.6668.89-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-7025: Integer overflow in Layout.
Reported by Tashita Software Security.
- CVE-2024-9369: Insufficient data validation in Mojo.
Reported by Xiantong Hou and Pisanbao of Wuheng Lab.
- CVE-2024-9370: Inappropriate implementation in V8. Reported by
Nguyễn Hoàng Thạch, Đỗ Minh Tuấn, and Wu JinLin of STAR Labs SG Pte Ltd.
* d/patches:
- bookworm/libxml-parseerr.patch: readd for downgraded libxml2 in
unstable (closes: #1082907).
- upstream/wayland-gbm-pixmap.patch: backport two patches to fix
noisy wayland video playback (closes: #1077345).
* Build against system libtiff, thanks to
Soren Stoutner <soren@stoutner.com> for getting this fixed upstream
(closes: #1033747).
-- Andres Salomon <dilinger@debian.org> Wed, 02 Oct 2024 01:07:19 -0400
chromium (129.0.6668.70-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream security release.
- CVE-2024-9120: Use after free in Dawn. Reported by Anonymous.
- CVE-2024-9121: Inappropriate implementation in V8.
Reported by Tashita Software Security.
- CVE-2024-9122: Type Confusion in V8.
Reported by Seunghyun Lee (@0x10n).
- CVE-2024-9123: Integer overflow in Skia.
Reported by raven at KunLun lab.
* d/copyright: delete more upstream .clang, .git, and android residue.
[ Timothy Pearson ]
* d/patches:
- fixes/predictor-denial-of-service.patch: Work around upstream
issue #368562245, which can cause denial of service of the entire
browser process on specific types of Web sites.
-- Andres Salomon <dilinger@debian.org> Wed, 25 Sep 2024 15:23:27 -0400
chromium (129.0.6668.58-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2024-8904: Type Confusion in V8. Reported by Popax21.
- CVE-2024-8905: Inappropriate implementation in V8.
Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
- CVE-2024-8906: Incorrect security UI in Downloads.
Reported by @retsew0x01.
- CVE-2024-8907: Insufficient data validation in Omnibox.
Reported by Muhammad Zaid Ghifari.
- CVE-2024-8908: Inappropriate implementation in Autofill.
Reported by Levit Nudi from Kenya.
- CVE-2024-8909: Inappropriate implementation in UI.
Reported by Shaheen Fazim.
* d/patches:
- debianization/sandbox.patch: refresh for upstream changes. Since we
have some downstream users of this package, retain the Ubuntu wording.
- disable/tests.patch: refresh.
- disable/catapult.patch: refresh.
- bookworm/clang16.patch: refresh, delete -Wno-dangling-assignment-gsl
- ppc64le/crashpad/0001-Implement-support-for-PPC64-on-Linux.patch:
refresh.
- ppc64le/sandbox/Sandbox-linux-services-credentials.cc-PPC.patch:
refresh.
- ppc64le/third_party/dawn-fix-ppc64le-detection.patch: refresh.
- bookworm/more-spaceships.patch: yet another clang-17 header
backport for clang-16 inadequecies.
- bookworm/signer-lambda.patch: clang-16 lambda bug workaround.
[ Timothy Pearson ]
* d/patches/ppc64le:
- third_party/dawn-fix-typos.patch: drop, applied upstream
- third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
refresh for upstream changes
- libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: refresh
for upstream changes
- core/cargo-add-ppc64.diff: Add ppc64 to cargo architecture definitions
-- Andres Salomon <dilinger@debian.org> Wed, 18 Sep 2024 20:47:23 -0400
chromium (128.0.6613.137-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream security release.
- CVE-2024-8636: Heap buffer overflow in Skia.
Reported by Renan Rios (@hyhy_100).
- CVE-2024-8637: Use after free in Media Router. Reported by
lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group.
- CVE-2024-8638: Type Confusion in V8.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2024-8639: Use after free in Autofill. Reported by
lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group.
[ Timothy Pearson ]
* d/patches/ppc64le:
- core/add-ppc64-architecture-string.patch
- fixes/fix-study-crash.patch
[ Daniel Richard G. ]
* d/copyright: Add some more Files-Excluded: entries.
* d/rules: Ensure all files in orig source tarball are user-writable.
* d/patches/disable:
- tests.patch: Break out SwiftShader tests deletion to...
- tests-swiftshader.patch: ...a separate file, to simplify resolving
conflicts with the ungoogled-chromium patch series.
-- Andres Salomon <dilinger@debian.org> Tue, 10 Sep 2024 21:56:02 -0400
chromium (128.0.6613.119-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream security release.
- CVE-2024-8362: Use after free in WebAudio.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-7970: Out of bounds write in V8.
Reported by Cassidy Kim(@cassidy6564).
* Enable swiftshader support; thanks to Charles Samuels for helping out
on this (closes: #1064465).
* d/patches:
- disable/swiftshader.patch: drop.
- disable/swiftshader-2.patch: drop.
- disable/tests.patch: some swiftshader tests deletion needed.
[ Timothy Pearson ]
* d/patches:
- fixes/gpu-crash.patch: Fix GPU process crash (upstream issue #364568422)
- ppc64le/third_party/0001-swiftshader-fix-build.patch: Fix SwiftShader
build on ppc64el systems
-- Andres Salomon <dilinger@debian.org> Wed, 04 Sep 2024 15:05:06 -0400
chromium (128.0.6613.113-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream security release.
- CVE-2024-7969: Type Confusion in V8.
Reported by CFF of Topsec Alpha Team.
- CVE-2024-8193: Heap buffer overflow in Skia.
Reported by Renan Rios (@hyhy_100).
- CVE-2024-8194: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n).
- CVE-2024-8198: Heap buffer overflow in Skia.
Reported by Renan Rios (@hyhy_100).
* d/control:
- Bump rustc build-dep up to >= 1.74.
* d/patches:
- bookworm/rust-downgrade-osstr-users.patch: drop, now that we have a
newer rust in bookworm.
-- Andres Salomon <dilinger@debian.org> Thu, 29 Aug 2024 01:10:43 -0400
chromium (128.0.6613.84-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2024-7964: Use after free in Passwords. Reported by Anonymous.
- CVE-2024-7965: Inappropriate implementation in V8. Reported by TheDog.
- CVE-2024-7966: Out of bounds memory access in Skia.
Reported by Renan Rios (@HyHy100).
- CVE-2024-7967: Heap buffer overflow in Fonts.
Reported by Tashita Software Security.
- CVE-2024-7968: Use after free in Autofill.
Reported by Han Zheng (HexHive).
- CVE-2024-7969: Type Confusion in V8.
Reported by CFF of Topsec Alpha Team.
- CVE-2024-7971: Type confusion in V8. Reported by Microsoft Threat
Intelligence Center (MSTIC), Microsoft Security Response Center (MSRC).
- CVE-2024-7972: Inappropriate implementation in V8.
Reported by Simon Gerst (intrigus-lgtm).
- CVE-2024-7973: Heap buffer overflow in PDFium. Reported by soiax.
- CVE-2024-7974: Insufficient data validation in V8 API.
Reported by bowu(@gocrashed).
- CVE-2024-7975: Inappropriate implementation in Permissions.
Reported by Thomas Orlita.
- CVE-2024-7976: Inappropriate implementation in FedCM.
Reported by Alesandro Ortiz.
- CVE-2024-7977: Insufficient data validation in Installer.
Reported by Kim Dong-uk (@justlikebono).
- CVE-2024-7978: Insufficient policy enforcement in Data Transfer.
Reported by NDevTK.
- CVE-2024-7979: Insufficient data validation in Installer.
Reported by VulnNoob.
- CVE-2024-7980: Insufficient data validation in Installer.
Reported by VulnNoob.
- CVE-2024-7981: Inappropriate implementation in Views.
Reported by Thomas Orlita.
- CVE-2024-8033: Inappropriate implementation in WebApp Installs.
Reported by Lijo A.T.
- CVE-2024-8034: Inappropriate implementation in Custom Tabs.
Reported by Bharat (mrnoob).
- CVE-2024-8035: Inappropriate implementation in Extensions.
Reported by Microsoft.
* d/copyright: delete third_party/siso/ which contains binaries.
* d/rules: set safe_browsing_use_unrar=false to disable unrar.
* d/patches:
- fixes/blink-frags.patch: drop, merged upstream.
- fixes/stats-collector.patch: drop, upstream deleted broken code.
- fixes/chromium-browser-ui-missing-deps.patch: drop, fixed upstream.
- upstream/armhf-ftbfs.patch: drop, merged upstream.
- upstream/containers-header.patch: drop, merged upstream.
- upstream/crabbyav1f.patch: drop, merged upstream.
- upstream/lock-impl.patch: drop, merged upstream.
- upstream/paint-layer-header.patch: drop, merged upstream.
- disable/unrar.patch: drop, merged upstream w/ build arg.
- bookworm/nvt.patch: drop, no longer needed.
- fixes/ps-print.patch: refresh.
- system/openjpeg.patch: refresh.
- bookworm/clang16.patch: refresh & remove another unsupported option.
- bookworm/constexpr.patch: refresh & add more fixes.
- bookworm/lex-3way.patch: pull in another STL function from clang-17.
- bookworm/blink-attrib.patch: add build fix to reorder __attribute__.
- fixes/highway-include-path.patch: upstream fixed the original issue
in a broken way, making this worse. Add more to this patch to work
around that.
[ Daniel Richard G. ]
* d/rules: Parameterize Rust sysroot to simplify using a different one.
[ Timothy Pearson ]
* d/patches/ppc64le:
- third_party/dawn-fix-typos.patch: Refresh for upstream changes
- third_party/use-sysconf-page-size-on-ppc64.patch: Refresh for upstream
changes
- third_party/0002-Add-PPC64-generated-files-for-boringssl.patch:
Refresh for upstream changes
- workarounds/HACK-debian-clang-disable-base-musttail.patch: Disable
musttail on ppc64el platforms
-- Andres Salomon <dilinger@debian.org> Thu, 22 Aug 2024 14:06:28 -0400
chromium (127.0.6533.119-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
* d/patches/upstream/armhf-ftbfs.patch: armhf FTBFS fix from upstream.
[ Daniel Richard G. ]
* d/patches:
- ppc64le/crashpad/0002-Include-cstddef-to-fix-build.patch: Drop, as
the original FTBFS that this fixed is no longer reproducible.
- ppc64le/fixes/fix-different-data-layouts.patch: Fix ppc64el FTBFS due
to minor LLVM data-layout clash between older clang and newer rustc.
* d/rules: Add to ppc64el CXXFLAGS to quash copious AltiVec warnings.
-- Andres Salomon <dilinger@debian.org> Wed, 14 Aug 2024 13:11:25 -0400
chromium (127.0.6533.99-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream security release.
- CVE-2024-7532: Out of bounds memory access in ANGLE.
Reported by wgslfuzz.
- CVE-2024-7533: Use after free in Sharing. Reported by
lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group.
- CVE-2024-7550: Type Confusion in V8.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2024-7534: Heap buffer overflow in Layout.
Reported by Tashita Software Security.
- CVE-2024-7535: Inappropriate implementation in V8.
Reported by Tashita Software Security.
- CVE-2024-7536: Use after free in WebAudio.
Reported by Cassidy Kim(@cassidy6564).
[ Timothy Pearson ]
* d/patches/ppc64le:
- core/add-ppc64-architecture-to-extensions.diff: Fix runtime assertion
trap on ppc64el systems
[ Daniel Richard G. ]
* Enable ThinLTO (slower linking, faster runtime) on archs that can
support it (closes: #1033305).
* Avoid some hard-coded Debian references to simplify package builds for
other distributions, e.g. Ubuntu.
* d/patches:
- bookworm/constexpr.patch: Add no_destroy attributes to quash many
"declaration requires an exit-time destructor" warnings.
- fixes/highway-include-path.patch: New patch to fix highway.h path.
[ Grzegorz Szymaszek ]
* Use https instead of http in initial_bookmarks.html.
-- Andres Salomon <dilinger@debian.org> Wed, 07 Aug 2024 00:18:54 -0400
chromium (127.0.6533.88-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2024-6988: Use after free in Downloads. Reported by
lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group.
- CVE-2024-6989: Use after free in Loader. Reported by Anonymous.
- CVE-2024-6991: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-6992: Out of bounds memory access in ANGLE.
Reported by Xiantong Hou of Wuheng Lab and Pisanbao.
- CVE-2024-6993: Inappropriate implementation in Canvas.
Reported by Anonymous.
- CVE-2024-6994: Heap buffer overflow in Layout.
Reported by Huang Xilin of Ant Group Light-Year Security Lab.
- CVE-2024-6995: Inappropriate implementation in Fullscreen.
Reported by Alesandro Ortiz.
- CVE-2024-6996: Race in Frames.
Reported by Louis Jannett (Ruhr University Bochum).
- CVE-2024-6997: Use after free in Tabs.
Reported by Sven Dysthe (@svn-dys).
- CVE-2024-6998: Use after free in User Education.
Reported by Sven Dysthe (@svn-dys).
- CVE-2024-6999: Inappropriate implementation in FedCM.
Reported by Alesandro Ortiz.
- CVE-2024-7000: Use after free in CSS. Reported by Anonymous.
- CVE-2024-7001: Inappropriate implementation in HTML.
Reported by Jake Archibald.
- CVE-2024-7003: Inappropriate implementation in FedCM.
Reported by Alesandro Ortiz.
- CVE-2024-7004: Insufficient validation of untrusted input in Safe
Browsing. Reported by Anonymous.
- CVE-2024-7005: Insufficient validation of untrusted input in Safe
Browsing. Reported by Umar Farooq.
- CVE-2024-6990: Uninitialized Use in Dawn. Reported by gelatin dessert.
- CVE-2024-7255: Out of bounds read in WebTransport.
Reported by Marten Richter.
- CVE-2024-7256: Insufficient data validation in Dawn.
Reported by gelatin dessert.
* Switch from building against (gcc's) libstdc++ to (clang's) libc++.
Upstream is playing fast and loose with memory in ways that results
in crashes with gcc's stricter libstdc++, but not with clang's libc++
(which allows accessing deleting memory apparently). We can't maintain
workarounds any more, and upstream really doesn't care (see, for
example, https://crbug.com/346174906 , where they add workarounds only
for their ASAN memory checker).
* d/copyright:
- delete new rust, cargo, llvm, and node binaries.
- delete third_party/zstd so we can link against system zstd.
- stop deleting the bundled woff, snappy, and jsoncpp; those can't be
dynamically linked against with clang's libc++.
* d/control:
- build-dep against libzstd-dev and bindgen.
- drop build-dep on libwoff-dev, libsnappy-dev, libjsoncpp-dev, and
add build-deps on libc++-16-dev / libc++abi-16-dev.
* d/rules:
- drop use_goma=false (upstream switched to rbe).
- set rust_bindgen_root.
- rework get-orig-source to not use mk-origtargz, which is
incredibly slow (total run 45 mins for the current 6.2G upstream
release). Instead, use d/scripts/get-exludes.pl and tar's
--exclude-from to drastically speed things up (total run now takes
8 mins).
* d/patches:
- upstream/tabstrip-include.patch: drop, merged upstream.
- upstream/quiche-deque.patch: drop, merged upstream.
- upstream/gpu-header.patch: drop, merged upstream.
- upstream/blink-header.patch: drop, merged upstream.
- upstream/blink-header2.patch: drop, merged upstream.
- upstream/blink-header3.patch: drop, merged upstream.
- upstream/realtime-reporting.patch: drop, merged upstream.
- upstream/urlvisit-header.patch: drop, merged upstream.
- upstream/accessibility-format.patch: drop, merged upstream.
- upstream/observer.patch: drop, merged upstream.
- bookworm/clang16.patch: refresh.
- bookworm/rust-downgrade-osstr-users.patch: refresh w/ minor changes.
- ungoogled/disable-privacy-sandbox.patch: refresh.
- disable/signin.patch: upstream dropped prefs::kAutologinEnabled.
- upstream/crabbyav1f.patch: add build fix pulled from upstream.
- upstream/lock-impl.patch: add build fix pulled from upstream.
- upstream/containers-header.patch: add build fix pulled from upstream.
- upstream/paint-layer-header.patch: add build fix pulled from upstream
- fixes/bindgen.patch: work around bindgen-related things (hopefully
correctly?)
- bookworm/lex-3way.patch: add patch to support
std::lexicographical_compare_three_way, which was added in clang-17.
- bookworm/traitors.patch: another clang-16 hack; backport
pointer_traits.h from libc++-18-dev to work around clang
std::to_address() issue.
- bookworm/constexpr.patch: add more of the usual constexpr
workarounds; only needed for clang-16.
- fixes/absl-optional.patch: drop, only needed for libstdc++-dev.
- fixes/bad-font-gc*: drop, only needed for libstdc++-dev.
- fixes/chromium-browser-ui-missing-deps.patch: add a bunch of
mojo-related dependency build fixes.
[ Timothy Pearson ]
* d/patches:
- fixes/fixes/memory-allocator-dcheck-assert-fix.patch: Fix assert on
64k page systems such as aarch64 and ppc64el
* d/patches/ppc64le:
- ffmpeg/0001-Add-support-for-ppc64.patch: Drop, no longer needed
- third_party/use-sysconf-page-size-on-ppc64.patch: Refresh for upstream
changes
-- Andres Salomon <dilinger@debian.org> Tue, 30 Jul 2024 23:50:29 -0400
chromium (126.0.6478.182-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-6772: Inappropriate implementation in V8.
Reported by 5fceb6172bbf7e2c5a948183b53565b9.
- CVE-2024-6773: Type Confusion in V8. Reported by 2ourc3 | Salim Largo.
- CVE-2024-6774: Use after free in Screen Capture. Reported by
lime(@limeSec_) and fmyy(@binary_fmyy) from TIANGONG Team of Legendsec
at QI-ANXIN Group.
- CVE-2024-6775: Use after free in Media Stream. Reported by Anonymous.
- CVE-2024-6776: Use after free in Audio. Reported by
lime(@limeSec_) and fmyy(@binary_fmyy) from TIANGONG Team of Legendsec
at QI-ANXIN Group.
- CVE-2024-6777: Use after free in Navigation.
Reported by Sven Dysthe (@svn-dys).
- CVE-2024-6778: Race in DevTools. Reported by Allen Ding.
- CVE-2024-6779: Out of bounds memory access in V8.
Reported by Seunghyun Lee (@0x10n).
-- Andres Salomon <dilinger@debian.org> Tue, 16 Jul 2024 16:50:59 -0400
chromium (126.0.6478.126-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-6290: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-6291: Use after free in Swiftshader.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-6292: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-6293: Use after free in Dawn. Reported by wgslfuzz.
* d/patches/upstream/observer.patch: add crash-on-exit fix from
upstream (closes: #1073378).
-- Andres Salomon <dilinger@debian.org> Tue, 25 Jun 2024 03:28:40 -0400
chromium (126.0.6478.114-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-6100: Type Confusion in V8. Reported by Seunghyun Lee
(@0x10n) participating in SSD Secure Disclosure's TyphoonPWN 2024.
- CVE-2024-6101: Inappropriate implementation in WebAssembly.
Reported by @ginggilBesel.
- CVE-2024-6102: Out of bounds memory access in Dawn.
Reported by wgslfuzz.
- CVE-2024-6103: Use after free in Dawn. Reported by wgslfuzz.
-- Andres Salomon <dilinger@debian.org> Tue, 18 Jun 2024 15:55:14 -0400
chromium (126.0.6478.56-1) unstable; urgency=high
* New upstream stable release.
- CVE-2024-5830: Type Confusion in V8.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2024-5831: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-5832: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-5833: Type Confusion in V8. Reported by @ginggilBesel.
- CVE-2024-5834: Inappropriate implementation in Dawn.
Reported by gelatin dessert.
- CVE-2024-5835: Heap buffer overflow in Tab Groups.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2024-5836: Inappropriate Implementation in DevTools.
Reported by Allen Ding.
- CVE-2024-5837: Type Confusion in V8. Reported by Anonymous.
- CVE-2024-5838: Type Confusion in V8.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2024-5839: Inappropriate Implementation in Memory Allocator.
Reported by Mickey.
- CVE-2024-5840: Policy Bypass in CORS. Reported by Matt Howard.
- CVE-2024-5841: Use after free in V8.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-5842: Use after free in Browser UI.
Reported by Sven Dysthe (@svn_dy).
- CVE-2024-5843: Inappropriate implementation in Downloads.
Reported by hjy79425575.
- CVE-2024-5844: Heap buffer overflow in Tab Strip. Reported by Sri.
- CVE-2024-5845: Use after free in Audio. Reported by anonymous.
- CVE-2024-5846: Use after free in PDFium.
Reported by Han Zheng (HexHive).
- CVE-2024-5847: Use after free in PDFium.
Reported by Han Zheng (HexHive).
* d/copyright: delete bullseye environment that upstream ships (??).
* d/patches:
- upstream/appservice-include.patch: drop, merged upstream.
- upstream/lens-include.patch: drop, merged upstream.
- upstream/mojo-bindings-include.patch: drop, merged upstream.
- upstream/ninja.patch: drop, merged upstream.
- upstream/no-vector-consts.patch: drop, merged upstream.
- upstream/vulkan-include.patch: drop, merged upstream.
- system/clang-format.patch: drop it; we broke it some time ago, and
didn't notice. Guess we don't need it?
- bookworm/clang16.patch: refresh.
- fixes/bad-font-gc00000.patch: refresh
- fixes/bad-font-gc11.patch: refresh
- fixes/bad-font-gc2.patch: refresh
- disable/signin.patch: refresh
- upstream/quiche-deque.patch: gcc build fix pulled from upstream.
- upstream/gpu-header.patch: add header build fix from upstream.
- upstream/blink-header.patch: add header build fix from upstream.
- upstream/blink-header2.patch: add header build fix from upstream.
- upstream/blink-header3.patch: add header build fix from upstream.
- upstream/realtime-reporting.patch: gcc build fix from upstream.
- upstream/urlvisit-header.patch: add header build fix from upstream.
- upstream/accessibility-format.patch: gcc build fix from upstream.
- bookworm/urlhelper-ctor.patch: work around a clang-16 bug; add an
explicit constructor.
[ Timothy Pearson ]
* d/patches/ppc64le:
- sandbox/0008-sandbox-fix-ppc64le-glibc234.patch: Modify for upstream
changes
- third_party/0002-Add-PPC64-generated-files-for-boringssl.patch: Modify
for upstream changes
- libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: Refresh
for upstream changes
-- Andres Salomon <dilinger@debian.org> Thu, 13 Jun 2024 21:31:56 -0400
chromium (125.0.6422.141-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-5493: Heap buffer overflow in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-5494: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-5495: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-5496: Use after free in Media Session.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-5497: Out of bounds memory access in Keyboard Inputs.
Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab.
- CVE-2024-5498: Use after free in Presentation API.
- CVE-2024-5499: Out of bounds write in Streams API.
* d/patches/fixes/libxml-parseerr.patch: delete, now that we have a
newer libxml2.
* d/control: add versioned build-dep on libxml2-dev >= 2.12.
-- Andres Salomon <dilinger@debian.org> Thu, 30 May 2024 22:11:26 -0400
chromium (125.0.6422.112-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-5274: Type Confusion in V8. Reported by Clément Lecigne of
Google's Threat Analysis Group and Brendon Tiszka of Chrome Security.
* Fix handling of quoted arguments (closes: #1071662).
-- Andres Salomon <dilinger@debian.org> Thu, 23 May 2024 20:51:14 -0400
chromium (125.0.6422.76-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-5157: Use after free in Scheduling. Reported by Looben Yang.
- CVE-2024-5158: Type Confusion in V8.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2024-5159: Heap buffer overflow in ANGLE.
Reported by David Sievers (@loknop).
- CVE-2024-5160: Heap buffer overflow in Dawn. Reported by wgslfuzz.
* Don't silently ignore arguments meant for the wrapper script if chromium
args happen to come first (closes: #1068096).
* d/patches:
- upstream/tabstrip-include.patch: add header build fix.
-- Andres Salomon <dilinger@debian.org> Tue, 21 May 2024 16:12:47 -0400
chromium (125.0.6422.60-1) unstable; urgency=high
* New upstream stable release.
- CVE-2024-4947: Type Confusion in V8. Reported by Vasily
Berdnikov (@vaber_b) and Boris Larin (@oct0xor) of Kaspersky.
- CVE-2024-4948: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-4949: Use after free in V8.
Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
- CVE-2024-4950: Inappropriate implementation in Downloads.
Reported by Shaheen Fazim.
* d/copyright: fix instrumented_libs deletion; upstream renamed it.
* d/scripts/unbundle: bundle new requirement absl_crc (which is
unavailable in bookworm).
* d/patches:
- upstream/uint-includes.patch: drop,merged upstream.
- upstream/fps-optional.patch: drop, merged upstream.
- upstream/span-optional.patch: drop, merged upstream.
- upstream/extractor-bitset.patch: drop, merged upstream.
- upstream/atomic.patch: drop, merged upstream.
- upstream/webgpu-optional.patch: drop, merged upstream.
- disable/catapult.patch: refresh.
- i386/angle-lockfree.patch: drop, I _think_ it's no longer needed.
- upstream/ruy-include.patch: add header build fix.
- upstream/vulkan-include.patch: add header build fix.
- upstream/mojo-bindings-include.patch: add header build fix.
- upstream/appservice-include.patch: add header build fix.
- upstream/no-vector-consts.patch: add build fix; gnu libstdc++
doesn't allow const types inside vectors.
- upstream/lens-include.patch: add header build fix.
- bookworm/nvt2.patch: drop (replace with a better non-revert patch).
- bookworm/v8-wrappable.patch: add nvt2.patch build fix replacement
that just defines a single struct member.
- upstream/ninja.patch: add build fix for failure triggered by
ninja-1.12 (closes: #1071197).
- fixes/bad-font-gc00000.patch: add formatting patch revert to make
other patches easier to apply.
- fixes/bad-font-gc2.patch: add a build failure fix & refresh.
- fixes/bad-font-gc11.patch: add a build failure fix & refresh.
[ Timothy Pearson ]
* d/patches/ppc64le:
- third_party/0001-Add-PPC64-support-for-boringssl.patch: Modify for
upstream changes
- third_party/0002-Add-PPC64-generated-files-for-boringssl.patch: Add
pregenerated configuration for ppc64el support in BoringSSL
- third_party/0002-third-party-boringssl-add-generated-files.patch:
Rename to third_party/0002-Add-PPC64-generated-files-for-boringssl.patch
- workarounds/HACK-debian-clang-disable-skia-musttail.patch: Refresh
for upstream changes
- third_party/skia-vsx-instructions.patch: Refresh for upstream changes
- ffmpeg/0001-Add-support-for-ppc64.patch: Refresh for upstream changes
-- Andres Salomon <dilinger@debian.org> Thu, 16 May 2024 18:55:41 -0400
chromium (124.0.6367.207-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-4761: Out of bounds write in V8. Reported by Anonymous.
-- Andres Salomon <dilinger@debian.org> Tue, 14 May 2024 22:17:42 -0400
chromium (124.0.6367.201-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-4671: Use after free in Visuals. Reported by Anonymous.
-- Andres Salomon <dilinger@debian.org> Thu, 09 May 2024 20:37:07 -0400
chromium (124.0.6367.155-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-4558: Use after free in ANGLE. Reported by gelatin dessert.
- CVE-2024-4559: Heap buffer overflow in WebAudio.
Reported by Cassidy Kim(@cassidy6564).
* d/control: replace libu2f-udev recommends with udev (closes: #1070283).
[ Timothy Pearson ]
* d/patches/ppc64le:
- third_party/skia-vsx-instructions.patch: fix various issues.
-- Andres Salomon <dilinger@debian.org> Tue, 07 May 2024 14:47:32 -0400
chromium (124.0.6367.118-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-4331: Use after free in Picture In Picture.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2024-4368: Use after free in Dawn. Reported by wgslfuzz.
* Build-dep on libhwy-dev and delete the bundled third_party/highway.
* Build-dep on libharfbuzz-dev and delete the bundled harfbuzz-ng.
* Build-dep on libdav1d-dev and delete the bundled third_party/dav1d.
* d/patches:
- ppc64le/third_party/0001-Add-PPC64-support-for-libdav1d.patch,
ppc64le/third_party/0001-Fix-libdav1d-compilation-on-clang-ppc.patch,
ppc64le/third_party/0003-thirdparty-fix-dav1d-gn.patch,
fixes/arm64-ftbfs.patch: drop these 4 patches that are only needed
for bundled libdav1d.
- ppc64le/third_party/0001-Fix-highway-ppc-hwcap.patch,
ppc64le/third_party/0002-Highway-disable-128-bit-vsx.patch: drop
these two patches that were needed for bundled highway.
- upstream/ozone1.patch: drop, merged upstream.
- upstream/ozone2.patch: drop, merged upstream.
- fixes/bad-font-gc2.patch: refresh.
[ Timothy Pearson ]
* d/patches/ppc64le:
- third_party/0001-Add-PPC64-support-for-boringssl.patch: Fix inadvertent
breakage of i386 build
-- Andres Salomon <dilinger@debian.org> Tue, 30 Apr 2024 17:53:52 -0400
chromium (124.0.6367.78-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-4058: Type Confusion in ANGLE.
Reported by Toan (suto) Pham and Bao (zx) Pham of Qrious Secure.
- CVE-2024-4059: Out of bounds read in V8 API. Reported by Eirik.
- CVE-2024-4060: Use after free in Dawn. Reported by wgslfuzz.
-- Andres Salomon <dilinger@debian.org> Thu, 25 Apr 2024 19:07:35 -0400
chromium (124.0.6367.60-2) unstable; urgency=high
* d/patches/ppc64le:
- third_party/0001-Add-PPC64-support-for-boringssl.patch: update for
upstream boringssl changes and reenable
- third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
regenerate from new ffmpeg source tree
- third_party/skia-vsx-instructions.patch: update for upstream changes
[ Andres Salomon ]
* d/patches:
- fixes/arm64-ftbfs.patch: add arm64-specific ftbfs fix for libdav1d.
- upstream/ozone1.patch, upstream/ozone2.patch: backport fixes for
broken wayland support (closes: #1069586).
-- Timothy Pearson <tpearson@debian.org> Thu, 25 Apr 2024 15:21:00 -0500
chromium (124.0.6367.60-1) unstable; urgency=high
* New upstream stable release.
- CVE-2024-3832: Object corruption in V8.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2024-3833: Object corruption in WebAssembly.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2024-3914: Use after free in V8. Reported by Seunghyun Lee
(@0x10n) of KAIST Hacking Lab, via Pwn2Own 2024.
- CVE-2024-3834: Use after free in Downloads. Reported by ChaobinZhang
- CVE-2024-3837: Use after free in QUIC.
Reported by {rotiple, dch3ck} of CW Research Inc.
- CVE-2024-3838: Inappropriate implementation in Autofill.
Reported by Ardyan Vicky Ramadhan.
- CVE-2024-3839: Out of bounds read in Fonts.
Reported by Ronald Crane (Zippenhop LLC).
- CVE-2024-3840: Insufficient policy enforcement in Site Isolation.
Reported by Ahmed ElMasry.
- CVE-2024-3841: Insufficient data validation in Browser Switcher.
Reported by Oleg.
- CVE-2024-3843: Insufficient data validation in Downloads.
Reported by Azur.
- CVE-2024-3844: Inappropriate implementation in Extensions.
Reported by Alesandro Ortiz.
- CVE-2024-3845: Inappropriate implementation in Network.
Reported by Daniel Baulig.
- CVE-2024-3846: Inappropriate implementation in Prompts.
Reported by Ahmed ElMasry.
- CVE-2024-3847: Insufficient policy enforcement in WebUI.
Reported by Yan Zhu.
* d/copyright:
- delete __pycache__ directories to shut up dpkg warnings.
- stop deleting bundled libwebp directory.
* Drop build-dep on libwebp-dev and start building against the bundled
libwebp. We need to do this because chromium uses features of libavif
that require libsharpyuv-dev; but that's only available in sid/trixie.
* d/patches:
- upstream/std-to-address.patch: drop, merged upstream.
- fixes/optional2.patch: drop, merged upstream.
- fixes/blink-fonts-shape-result.patch: drop, merged upstream.
- bookworm/constexpr-equality.patch: drop, merged upstream.
- disable/catapult.patch: refresh.
- disable/google-api-warning.patch: rework to be a smaller patch.
- bookworm/clang16.patch: refresh.
- ungoogled/disable-privacy-sandbox.patch: drop hunk related to deprecated
preference.
- upstream/mojo-null.patch: pull a (typescript) build fix from upstream.
- upstream/uint-includes.patch: simple header build fix from upstream.
- upstream/fps-optional.patch: add header build fix.
- upstream/span-optional.patch: add header build fix.
- upstream/extractor-bitset.patch: add header build fix.
- upstream/atomic.patch: add header build fix.
- upstream/webgpu-optional.patch: add header build fix.
- fixes/absl-optional.patch: comment out assert() that caused crash.
This could be another clang16/libstdc++ miscompilation issue, but
needs further investigation.
- fixes/bad-font-gc2.patch: drop a bunch of test-related pieces.
- fixes/bad-font-gc0000.patch, fixes/bad-font-gc000.patch,
fixes/bad-font-gc00.patch, fixes/bad-font-gc0.patch,
fixes/bad-font-gc11.patch, fixes/bad-font-gc3.patch: revert a bunch
more (new) upstream commits related to bad-font-gc2.patch. When the
use-after-free bug gets fixed, all this can be dropped.
* d/patches/ppc64le:
- third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch,
third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch,
workarounds/HACK-third_party-libvpx-use-generic-gnu.patch,
breakpad/0001-Implement-support-for-ppc64-on-Linux.patch,
ffmpeg/0001-Add-support-for-ppc64.patch,
third_party/dawn-fix-typos.patch,
third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
- third_party/skia-vsx-instructions.patch: refresh & update for header
renaming.
- third_party/0001-Add-PPC64-support-for-boringssl.patch,
third_party/0002-third-party-boringssl-add-generated-files.patch:
disable these two until Tim has a chance to look at them.
-- Andres Salomon <dilinger@debian.org> Fri, 19 Apr 2024 12:33:38 -0400
chromium (123.0.6312.122-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-3157: Out of bounds write in Compositing.
Reported by DarkNavy.
- CVE-2024-3516: Heap buffer overflow in ANGLE.
Reported by Bao (zx) Pham and Toan (suto) Pham of Qrious Secure.
- CVE-2024-3515: Use after free in Dawn. Reported by wgslfuzz.
-- Andres Salomon <dilinger@debian.org> Wed, 10 Apr 2024 21:21:05 -0400
chromium (123.0.6312.105-2) unstable; urgency=high
* Depend on libgtk-3-0t64 instead of libgtk-3-0 for time_t transition
(closes: #1068540).
-- Andres Salomon <dilinger@debian.org> Sun, 07 Apr 2024 12:43:26 -0400
chromium (123.0.6312.105-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-3156: Inappropriate implementation in V8.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2024-3158: Use after free in Bookmarks. Reported by undoingfish.
- CVE-2024-3159: Out of bounds memory access in V8. Reported by
Edouard Bochin (@le_douds) and Tao Yan (@Ga1ois) of Palo Alto
Networks, via Pwn2Own 2024.
-- Andres Salomon <dilinger@debian.org> Tue, 02 Apr 2024 18:28:18 -0400
chromium (123.0.6312.86-1) unstable; urgency=high
* New upstream stable release.
- CVE-2024-2883: Use after free in ANGLE.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-2885: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-2886: Use after free in WebCodecs. Reported by
Seunghyun Lee (@0x10n) of KAIST Hacking Lab, via Pwn2Own 2024.
- CVE-2024-2887: Type Confusion in WebAssembly.
Reported by Manfred Paul, via Pwn2Own 2024.
* d/patches/ppc64le:
- fixes/fix-clang-selection.patch: select clang on ppc64 platforms
- ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: fix
ARM builds.
[ Andres Salomon ]
* d/patches:
- fixes/bad-font-gc1.patch, fixes/bad-font-gc2.patch: revert a pair of
upstream commits that result in blink's garbage collector frequently
deadlocking and crashing (closes: #1067886).
-- Timothy Pearson <tpearson@debian.org> Wed, 28 Mar 2024 16:58:00 -0500
chromium (123.0.6312.58-1) unstable; urgency=high
* New upstream stable release.
- CVE-2024-2625: Object lifecycle issue in V8.
Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
- CVE-2024-2626: Out of bounds read in Swiftshader.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-2627: Use after free in Canvas. Reported by Anonymous.
- CVE-2024-2628: Inappropriate implementation in Downloads.
Reported by Ath3r1s.
- CVE-2024-2629: Incorrect security UI in iOS.
Reported by Muneaki Nishimura (nishimunea).
- CVE-2024-2630: Inappropriate implementation in iOS.
Reported by James Lee (@Windowsrcer).
- CVE-2024-2631: Inappropriate implementation in iOS.
Reported by Ramit Gangwar.
* d/patches:
- upstream/bitset.patch: drop, merged upstream.
- upstream/bookmarknode.patch: drop, merged upstream.
- upstream/optional.patch: drop, merged upstream.
- upstream/uniqptr.patch: drop, merged upstream.
- fixes/gcc13-headers.patch: drop, merged upstream.
- fixes/optional.patch: drop, merged upstream.
- fixes/material-utils.patch: drop part that was merged upstream.
- disable/catapult.patch: refresh.
- bookworm/constexpr-equality.patch: include another similar fix.
- bookworm/nvt.patch: refresh.
- bookworm/undo-internal-alloc.patch: drop, as this was fixed upstream.
- ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
- disable/angle-perftests.patch: drop, replace with a gn build argument.
- bookworm/rust-downgrade-osstr-users.patch: add new patch to downgrade
clap-lex crate, as it's using 1.74 features and we only have 1.70.
- fixes/strlcpy.patch: add strlcpy declaration (closes: #1066235).
- fixes/optional2.patch: add another missing <optional> inclusion.
- fixes/stats-collector.patch: add build fix for wrong header.
- disable/screen-ai-blob.patch: add patch to not register the
ScreenAI component. Previously, if you opened a PDF and clicked
"open in reader mode", it would download a binary blob to
~/.config/chromium/screen_ai/, and do OCR stuff (and who knows
what else) in that opaque blob without warning you. We, uh, don't
want that. (closes: #1066910).
* d/rules: add angle_build_tests=false build argument, which allows us to
drop angle-perftests.patch.
[ Timothy Pearson ]
* d/patches:
- fixes/blink-fonts-shape-result.patch: pull in upstream patch for
compilation failure in Blink SameSizeAsShapeResult class
* d/patches/ppc64le:
- ffmpeg/0001-Add-support-for-ppc64.patch: refresh for upstream changes
- third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
refresh for upstream changes
- libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: refresh
for upstream changes
- third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh for
upstream changes
- third_party/skia-vsx-instructions.patch: refresh & harden Skia against
timing attacks.
-- Andres Salomon <dilinger@debian.org> Fri, 22 Mar 2024 12:45:06 -0400
chromium (122.0.6261.128-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-2400: Use after free in Performance Manager.
Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab.
-- Andres Salomon <dilinger@debian.org> Tue, 12 Mar 2024 18:43:05 -0400
chromium (122.0.6261.111-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-2173: Out of bounds memory access in V8.
Reported by 5fceb6172bbf7e2c5a948183b53565b9.
- CVE-2024-2174: Inappropriate implementation in V8.
Reported by 5f46f4ee2e17957ba7b39897fb376be8.
- CVE-2024-2176: Use after free in FedCM. Reported by Anonymous.
-- Andres Salomon <dilinger@debian.org> Tue, 05 Mar 2024 16:40:05 -0500
chromium (122.0.6261.94-1) unstable; urgency=high
* New upstream security release.
- Type Confusion in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be8.
- Type Confusion in V8. Reported by
Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab.
-- Andres Salomon <dilinger@debian.org> Tue, 27 Feb 2024 15:15:03 -0500
chromium (122.0.6261.57-1) unstable; urgency=high
* New upstream stable release.
- CVE-2024-1669: Out of bounds memory access in Blink.
Reported by Anonymous.
- CVE-2024-1670: Use after free in Mojo.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-1671: Inappropriate implementation in Site Isolation.
Reported by Harry Chen.
- CVE-2024-1672: Inappropriate implementation in Content Security Policy.
Reported by Georg Felber (TU Wien) & Marco Squarcina (TU Wien).
- CVE-2024-1673: Use after free in Accessibility.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2024-1674: Inappropriate implementation in Navigation.
Reported by David Erceg.
- CVE-2024-1675: Insufficient policy enforcement in Download.
Reported by Bartłomiej Wacko.
- CVE-2024-1676: Inappropriate implementation in Navigation.
Reported by Khalil Zhani.
* d/patches:
- fixes/v8-compressed-ptrs.patch: drop, merged upstream.
- fixes/stdint.patch: drop, merged upstream.
- upstream/vector.patch: drop, merged upstream.
- upstream/display-header.patch: drop, merged upstream.
- upstream/bitset.patch: drop, merged upstream.
- upstream/once_flag.patch: drop, merged upstream.
- fixes/std-to-address.patch: refresh.
- disable/signin.patch: refresh.
- disable/catapult.patch: refresh.
- bookworm/clang16.patch: refresh, and change
-Wno-c++11-narrowing-const-reference to -Wno-c++11-narrowing.
- bookworm/nvt.patch: refresh.
- ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
- bookworm/undo-internal-alloc.patch: revert a commit that confuses
clang16 w/ libstdc++. We need a better workaround than this.
- upstream/mojo.patch: update from git.
- bookworm/constexpr-equality.patch: add a few more build fixes
(constexpr removals).
- upstream/uniqptr.patch: add missing include.
- upstream/optional.patch: add missing include.
- upstream/bookmarknode.patch: add comparison equality fix pulled from
upstream.
- fixes/optional.patch: add missing includes.
- bookworm/nvt2.patch: revert another upstream c++-20 change for clang-16.
- upstream/bitset.patch: add missing include.
- ppc64le/v8/0002-Add-ppc64-trap-instructions.patch: refresh.
[ Timothy Pearson ]
* d/patches/ppc64le:
- 0001-Properly-detect-little-endian-PPC64-systems.patch: drop, upstream
fix in GIT hash 25a6e6
- 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
- 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
upstream changes
- skia-vsx-instructions.patch: refresh for upstream changes
-- Andres Salomon <dilinger@debian.org> Wed, 21 Feb 2024 19:56:32 -0500
chromium (121.0.6167.160-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-1284: Use after free in Mojo. Reported by Anonymous.
- CVE-2024-1283: Heap buffer overflow in Skia.
Reported by Jorge Buzeti (@r3tr074).
-- Andres Salomon <dilinger@debian.org> Tue, 06 Feb 2024 22:41:53 -0500
chromium (121.0.6167.139-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-1060: Use after free in Canvas. Reported by Anonymous.
- CVE-2024-1059: Use after free in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-1077: Use after free in Network.
Reported by Microsoft Security Research Center.
-- Andres Salomon <dilinger@debian.org> Wed, 31 Jan 2024 11:49:10 -0500
chromium (121.0.6167.85-1) unstable; urgency=high
* New upstream stable release.
- CVE-2024-0807: Use after free in WebAudio.
Reported by Huang Xilin of Ant Group Light-Year Security Lab.
- CVE-2024-0812: Inappropriate implementation in Accessibility.
Reported by Anonymous.
- CVE-2024-0808: Integer underflow in WebUI.
Reported by Lyra Rebane (rebane2001).
- CVE-2024-0810: Insufficient policy enforcement in DevTools.
Reported by Shaheen Fazim.
- CVE-2024-0814: Incorrect security UI in Payments.
Reported by Muneaki Nishimura (nishimunea).
- CVE-2024-0813: Use after free in Reading Mode. Reported by @retsew0x01.
- CVE-2024-0806: Use after free in Passwords.
Reported by 18楼梦想改造家.
- CVE-2024-0805: Inappropriate implementation in Downloads.
Reported by Om Apip.
- CVE-2024-0804: Insufficient policy enforcement in iOS Security UI.
Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
- CVE-2024-0811: Inappropriate implementation in Extensions API.
Reported by Jann Horn of Google Project Zero.
- CVE-2024-0809: Inappropriate implementation in Autofill.
Reported by Ahmed ElMasry.
* d/copyright: drop another eu-strip binary.
* d/patches:
- fixes/atspi.patch: drop, merged upstream.
- fixes/gcc13-headers.patch: drop portions that were merged upstream.
- upstream/nullptr_t.patch: drop, merged upstream.
- upstream/string-include.patch: drop, merged upstream.
- ungoogled/disable-web-environment-integrity.patch: remove, upstream
wisely backed off and removed WEI.
- disable/signin.patch: refresh for minor upstream changes.
- disable/catapult.patch: refresh for minor upstream changes.
- system/openjpeg.patch: refresh for minor upstream changes.
- bookworm/clang16.patch: drop portion that was merged upstream.
- upstream/vector.patch: missing header fix, pulled from upstream.
- upstream/display-header.patch: missing header fix, pulled from upstream.
- upstream/bitset.patch: missing header fix, pulled from upstream.
- upstream/once_flag.patch: missing header fix, pulled from upstream.
- bookworm/constexpr-equality.patch: add clang-16 workaround.
- bookworm/nvt.patch: revert an upstream c++-20 change that confuses
clang-16.
- fixes/libxml-parseerr.patch: revert change from a newer libxml than
debian's.
[ Timothy Pearson ]
* d/patches:
- fixes/std-to-address.patch: work around incorrect template selection
in Mojo ConvertTo()
- fixes/stdint.patch: add missing stdint include to performance manager
* d/patches/ppc64le:
- fixes/fix-rust-linking.patch: allow linking C and Rust libraries in full
archive mode
- libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: refresh
for upstream changes
- third_party/skia-vsx-instructions.patch: refresh for upstream changes
- third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
refresh for upstream changes
- third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
refresh for upstream changes
-- Andres Salomon <dilinger@debian.org> Tue, 23 Jan 2024 17:59:49 -0500
chromium (120.0.6099.224-2) unstable; urgency=high
* d/patches/ppc64le/fixes/fix-rustc.patch: add patch to fix ppc64le build.
-- Andres Salomon <dilinger@debian.org> Thu, 18 Jan 2024 03:05:12 -0500
chromium (120.0.6099.224-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-0517: Out of bounds write in V8.
Reported by Toan (suto) Pham of Qrious Secure.
- CVE-2024-0518: Type Confusion in V8.
Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
- CVE-2024-0519: Out of bounds memory access in V8. Reported by Anonymous.
* d/rules: enable rust and (relatedly) fix search path for clang libs.
* Add versioned build-dep on rustc >= 1.70.0+dfsg1-5 for profiler support.
-- Andres Salomon <dilinger@debian.org> Tue, 16 Jan 2024 15:35:05 -0500
chromium (120.0.6099.216-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-0333: Insufficient data validation in Extensions.
Reported by Malcolm Stagg (@malcolmst) of SODIUM-24, LLC.
-- Andres Salomon <dilinger@debian.org> Tue, 09 Jan 2024 20:54:53 -0500
chromium (120.0.6099.199-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-0222: Use after free in ANGLE.
Reported by Toan (suto) Pham of Qrious Secure.
- CVE-2024-0223: Heap buffer overflow in ANGLE.
Reported by Toan (suto) Pham and Tri Dang of Qrious Secure.
- CVE-2024-0224: Use after free in WebAudio.
Reported by Huang Xilin of Ant Group Light-Year Security Lab.
- CVE-2024-0225: Use after free in WebGPU. Reported by Anonymous.
-- Andres Salomon <dilinger@debian.org> Wed, 03 Jan 2024 22:53:21 -0500
chromium (120.0.6099.129-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-7024: Heap buffer overflow in WebRTC. Reported by
Clément Lecigne and Vlad Stolyarov of Google's Threat Analysis Group.
-- Andres Salomon <dilinger@debian.org> Wed, 20 Dec 2023 21:05:12 -0500
chromium (120.0.6099.109-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-6702: Type Confusion in V8. Reported by
Zhiyi Zhang and Zhunki from Codesafe Team of Legendsec at Qi'anxin Group.
- CVE-2023-6703: Use after free in Blink.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-6704: Use after free in libavif. Reported by Fudan University.
- CVE-2023-6705: Use after free in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-6706: Use after free in FedCM. Reported by anonymous.
- CVE-2023-6707: Use after free in CSS. Reported by @ginggilBesel.
-- Andres Salomon <dilinger@debian.org> Tue, 12 Dec 2023 19:52:08 -0500
chromium (120.0.6099.71-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2023-6508: Use after free in Media Stream.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-6509: Use after free in Side Panel Search.
Reported by Khalil Zhani.
- CVE-2023-6510: Use after free in Media Capture. Reported by [pwn2car].
- CVE-2023-6511: Inappropriate implementation in Autofill.
Reported by Ahmed ElMasry.
- CVE-2023-6512: Inappropriate implementation in Web Browser UI.
Reported by Om Apip.
* d/copyright: adjust path for chai.js & mocha.js deletion.
- delete third_party/libsecret.
* d/control: new build depends on libsecret-1-dev.
* d/scripts/unbundle: keep bundled libhwy; it's not available in bullseye.
- also keep vulkan_memory_allocator and flatbuffers.
* d/patches:
- fixes/gcc13-headers.patch: refresh.
- fixes/blink-frags.patch: drop part of patch & refresh.
- disable/catapult.patch: refresh.
- disable/driver-chrome-path.patch: update for minor upstream changes.
- ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
- ungoogled/disable-web-environment-integrity.patch: update from
from ungoogled-chromium.
- upstream/mojo.patch: update patch from upstream's git.
- bookworm/clang16.patch: new patch working around upstream's clang18 flags.
- upstream/nullptr_t.patch: more libstdc++13 build fixes.
- upstream/string-include.patch: add a simple header include build fix.
- fixes/absl-optional.patch: add a workaround for a clang bug
(https://github.com/llvm/llvm-project/issues/50248) by providing our
own 'optional' header.
[ Timothy Pearson ]
* d/patches/ppc64le:
- third_party/0001-Add-PPC64-support-for-libdav1d.patch: refresh for
upstream changes
- third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
refresh for upstream changes
- third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
regenerate
- third_party/skia-vsx-instructions.patch: refresh for upstream changes
- third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
changes
- Mass refresh all other patches against 120 codebase. No functional
change.
-- Andres Salomon <dilinger@debian.org> Thu, 07 Dec 2023 15:00:36 -0500
chromium (119.0.6045.199-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-6348: Type Confusion in Spellcheck.
Reported by Mark Brand of Google Project Zero.
- CVE-2023-6347: Use after free in Mojo. Reported by
Leecraso and Guang Gong of 360 Vulnerability Research Institute.
- CVE-2023-6346: Use after free in WebAudio.
Reported by Huang Xilin of Ant Group Light-Year Security Lab.
- CVE-2023-6350: Out of bounds memory access in libavif.
Reported by Fudan University.
- CVE-2023-6351: Use after free in libavif. Reported by Fudan University.
- CVE-2023-6345: Integer overflow in Skia. Reported by
Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group.
-- Andres Salomon <dilinger@debian.org> Tue, 28 Nov 2023 23:33:06 -0500
chromium (119.0.6045.159-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-5997: Use after free in Garbage Collection.
Reported by Anonymous.
- CVE-2023-6112: Use after free in Navigation.
Reported by Sergei Glazunov of Google Project Zero.
* Don't show errors on startup if Crash Reports directory doesn't exist.
* Check for $DISPLAY before trying to run xmessage in chromium's wrapper
script. Fall back to just using echo (closes: #1055765).
-- Andres Salomon <dilinger@debian.org> Tue, 14 Nov 2023 20:04:30 -0500
chromium (119.0.6045.123-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-5996: Use after free in WebAudio. Reported by
Huang Xilin of Ant Group Light-Year Security Lab via Tianfu Cup 2023.
* Replace libgl1-mesa-dev build dependency with libgl-dev.
* Drop d/patches/system/convertutf.patch; license issue has been fixed.
* d/copyright: stop deleting convert_UTF.* and document Unicode copyright
(closes: #1033136).
* d/patches/ppc64le/fixes/fix-breakpad-compile.patch: refresh due to convertutf
change.
-- Andres Salomon <dilinger@debian.org> Tue, 07 Nov 2023 23:49:10 -0500
chromium (119.0.6045.105-1) unstable; urgency=high
* New upstream stable release.
- CVE-2023-5480: Inappropriate implementation in Payments.
Reported by Vsevolod Kokorin (Slonser) of Solidlab.
- CVE-2023-5482: Insufficient data validation in USB. Reported by DarkNavy.
- CVE-2023-5849: Integer overflow in USB. Reported by DarkNavy.
- CVE-2023-5850: Incorrect security UI in Downloads.
Reported by Mohit Raj (shadow2639) .
- CVE-2023-5851: Inappropriate implementation in Downloads.
Reported by Shaheen Fazim.
- CVE-2023-5852: Use after free in Printing. Reported by [pwn2car].
- CVE-2023-5853: Incorrect security UI in Downloads. Reported by Hafiizh.
- CVE-2023-5854: Use after free in Profiles. Reported by
Dohyun Lee (@l33d0hyun) of SSD-Disclosure Labs & DNSLab, Korea Univ.
- CVE-2023-5855: Use after free in Reading Mode. Reported by ChaobinZhang.
- CVE-2023-5856: Use after free in Side Panel.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2023-5857: Inappropriate implementation in Downloads.
Reported by Will Dormann.
- CVE-2023-5858: Inappropriate implementation in WebApp Provider.
Reported by Axel Chong.
- CVE-2023-5859: Incorrect security UI in Picture In Picture.
Reported by Junsung Lee
* d/patches:
- patches/bullseye/constexpr.patch: Add MiracleParameter workaround
* d/patches/ppc64le:
- Mass refresh all patches against 119 codebase. No functional change.
[ Andres Salomon ]
* d/patches:
- fixes/gcc13-headers.patch: drop parts that have been merged upstream.
- fixes/perfetto.patch: drop part that was merged upstream.
- upstream/sensor-reading.patch: drop, merged upstream.
- upstream/lweight.patch: drop, merged upstream.
- upstream/freetype.patch: drop, merged upstream.
- upstream/sizet.patch: drop, merged upstream.
- disable/catapult.patch: drop an unused hunk.
- disable/widevine-cdm-cu.patch: refresh.
- disable/privacy-sandbox.patch: rename, sync up with ungoogled-chromium,
and use the full ungoogled patch. The privacy sandbox config interface
is now gone, with no way to enable it.
- ungoogled/core/ungoogled-chromium/disable-web-environment-integrity.patch:
sync up with ungoogled-chromium, and rename.
- fixes/blink-frags.patch: additional build fix for libstdc++13.
- fixes/gcc13-with-clang14.patch: drop, now that we've switched to clang-16.
- fixes/atspi.patch: fix build failure with atspi >= 2.50.
-- Timothy Pearson <tpearson@raptorengineering.com> Tue, 31 Oct 2023 23:50:00 -0500
chromium (118.0.5993.117-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-5472: Use after free in Profiles.
Reported by @18楼梦想改造家.
* d/patches:
- bookworm/clang-attribs.patch: drop, now that we've switched to clang-16.
- bookworm/typename.patch: drop, now that we've switched to clang-16.
- bookworm/struct-ctor.patch: drop, now that we've switched to clang-16.
- bookworm/structured-binding-scope-bug.patch: drop, now that we've
switched to clang-16.
- bookworm/stringpiece3.patch: drop, now that we've switched to clang-16.
- bookworm/initialize-const-ctor.patch: drop, now that we've switched to
clang-16.
- fixes/brandversion-construct.patch: drop, now that we've switched to
clang-16.
- fixes/SkColor4f-init.patch: drop, now that we've switched to clang-16.
-- Andres Salomon <dilinger@debian.org> Tue, 24 Oct 2023 20:00:54 -0400
chromium (118.0.5993.70-1) unstable; urgency=high
* New upstream stable release.
- CVE-2023-5218: Use after free in Site Isolation.
Reported by @18楼梦想改造家.
- CVE-2023-5487: Inappropriate implementation in Fullscreen.
Reported by Anonymous.
- CVE-2023-5484: Inappropriate implementation in Navigation.
Reported by Thomas Orlita.
- CVE-2023-5475: Inappropriate implementation in DevTools.
Reported by Axel Chong.
- CVE-2023-5483: Inappropriate implementation in Intents.
Reported by Axel Chong.
- CVE-2023-5481: Inappropriate implementation in Downloads.
Reported by Om Apip.
- CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun.
- CVE-2023-5474: Heap buffer overflow in PDF. Reported by [pwn2car].
- CVE-2023-5479: Inappropriate implementation in Extensions API.
Reported by Axel Chong.
- CVE-2023-5485: Inappropriate implementation in Autofill.
Reported by Ahmed ElMasry.
- CVE-2023-5478: Inappropriate implementation in Autofill.
Reported by Ahmed ElMasry.
- CVE-2023-5477: Inappropriate implementation in Installer.
Reported by Bahaa Naamneh of Crosspoint Labs.
- CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh.
- CVE-2023-5473: Use after free in Cast. Reported by DarkNavy.
* d/patches/ppc64le:
- 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
upstream changes
- 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
- skia-vsx-instructions.patch: refresh for upstream changes
- third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
regenerate configs from upstream source
- database/0001-Properly-detect-little-endian-PPC64-systems.patch:
refresh
- ffmpeg/0001-Add-support-for-ppc64.patch: refresh
- fixes/fix-breakpad-compile.patch: refresh
- fixes/fix-unknown-warning-option-messages.diff: refresh
- libaom/0001-Add-ppc64-target-to-libaom.patch: refresh
- sandbox/0001-sandbox-linux-Update-IsSyscallAllowed-in-broker_proc.patch:
refresh
- sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch:
refresh
- sandbox/0008-sandbox-fix-ppc64le-glibc234.patch: refresh
- third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
- third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when-.patch:
refresh
- third_party/0001-third_party-libvpx-Properly-generate-gni-on-ppc64.patch:
refresh
- third_party/0002-third-party-boringssl-add-generated-files.patch: refresh
- third_party/dawn-fix-ppc64le-detection.patch: refresh
- third_party/dawn-fix-typos.patch: refresh
- third_party/skia-vsx-instructions.patch: refresh
- third_party/use-sysconf-page-size-on-ppc64.patch: refresh
- workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
[ Andres Salomon]
* d/copyright:
- blanket.js is gone, no need to remove it any more.
- delete some khronos images marked executable.
* d/patches:
- upstream/memory.patch: drop, merged upstream.
- upstream/sensor-reading.patch: add, gcc13 build fix from upstream.
- upstream/lweight.patch: add, gcc13 build fix from upstream.
- upstream/freetype.patch: add, fix freetype header inclusion FTBFS.
- upstream/sizet.patch: add, libstdc++ build fix from upstream.
- disable/unrar.patch: update for minor upstream changes.
- bookworm/struct-ctor.patch: add various new workarounds for clang-14.
- bookworm/structured-binding-scope-bug.patch: drop part of the patch.
- bullseye/clang13.patch: drop bullseye patches from sid.
- bullseye/constexpr.patch: drop bullseye patches from sid.
- ungoogled/.../disable-web-environment-integrity.patch: sync with
ungoogled-chromium for upstream changes.
-- Timothy Pearson <tpearson@raptorengineering.com> Tue, 10 Oct 2023 22:03:00 -0500
chromium (117.0.5938.149-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-5346: Type Confusion in V8. Reported by Amit Kumar.
-- Andres Salomon <dilinger@debian.org> Tue, 03 Oct 2023 19:31:26 -0400
chromium (117.0.5938.132-2) unstable; urgency=high
* d/patches/fixes/v8-compressed-ptrs.patch: fix another armhf FTBFS.
-- Andres Salomon <dilinger@debian.org> Sun, 01 Oct 2023 15:46:49 -0400
chromium (117.0.5938.132-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx.
Reported by Clément Lecigne of Google's Threat Analysis Group.
- CVE-2023-5186: Use after free in Passwords. Reported by [pwn2car].
- CVE-2023-5187: Use after free in Extensions. Reported by Thomas Orlita.
-- Andres Salomon <dilinger@debian.org> Thu, 28 Sep 2023 00:41:20 -0400
chromium (117.0.5938.92-1) unstable; urgency=high
* New upstream stable release.
* Enable NEON on armhf. See
<https://lists.debian.org/debian-devel/2023/09/msg00175.html>.
* Add check in d/rules & chromium wrapper to ensure we don't build or
run on non-NEON armhf machines.
-- Andres Salomon <dilinger@debian.org> Wed, 27 Sep 2023 01:00:07 -0400
chromium (117.0.5938.62-1) unstable; urgency=high
[ Andres Salomon]
* New upstream stable release.
- CVE-2023-4900: Inappropriate implementation in Custom Tabs.
Reported by Levit Nudi from Kenya.
- CVE-2023-4901: Inappropriate implementation in Prompts.
Reported by Kang Ali.
- CVE-2023-4902: Inappropriate implementation in Input.
Reported by Axel Chong.
- CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs.
Reported by Ahmed ElMasry.
- CVE-2023-4904: Insufficient policy enforcement in Downloads.
Reported by Tudor Enache @tudorhacks.
- CVE-2023-4905: Inappropriate implementation in Prompts.
Reported by Hafiizh.
- CVE-2023-4906: Insufficient policy enforcement in Autofill.
Reported by Ahmed ElMasry.
- CVE-2023-4907: Inappropriate implementation in Intents.
Reported by Mohit Raj (shadow2639) .
- CVE-2023-4908: Inappropriate implementation in Picture in Picture.
Reported by Axel Chong.
- CVE-2023-4909: Inappropriate implementation in Interstitials.
Reported by Axel Chong.
* d/copyright: drop rust, llvm, siso, & cargo binaries.
* d/patches:
- fixes/size.patch: drop, merged upstream.
- fixes/variant.patch: drop, merged upstream.
- fixes/vector.patch: drop, merged upstream.
- upstream/contains.patch: drop, merged upstream.
- upstream/hvec.patch: drop, merged upstream.
- upstream/limits.patch: drop, merged upstream.
- upstream/statelessV4L2.patch: drop, merged upstream.
- fixes/widevine-locations.patch: refresh for minor upstream changes.
- disable/android.patch: drop half the patch.
- disable/catapult.patch: refresh for minor upstream changes.
- disable/tests.patch: refresh for minor upstream changes.
- disable/unrar.patch: refresh for minor upstream changes.
- fixes/material-utils.patch: build fix for clang w/ libstdc++.
- rename fixes/null.patch to fixes/perfetto.patch.
- upstream/memory.patch: build fix for missing header.
- bookworm/struct-ctor.patch: add a bunch more build workarounds for
clang-14.
- bookworm/stringpiece3.patch: another clang-14 StringPiece to
std::string explicit conversion.
- bookworm/typename.patch: add more explicit typename declarations for
clang-14.
- bookworm/structured-binding-scope-bug.patch: add more clang-14 binding
scope workarounds.
- bookworm/initialize-const-ctor.patch: clang-14 workaround to init a
const member inside a struct.
- ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
- disable/privacy-sandbox.patch: ensure Privacy Sandbox "features" are
off by default.
* Switch to using bundled brotli, as the version in debian is too old.
And so we can drop d/patches/bookworm/brotli.patch, too.
* Switch from clang-14 to clang-16 (closes: #1051355).
[ Timothy Pearson ]
* d/patches/ppc64le:
- 0001-Implement-support-for-PPC64-on-Linux.patch: refresh for upstream
changes
- 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
- 0002-third-party-boringssl-add-generated-files.patch: refresh for
upstream changes
- 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
upstream changes
- 0004-third_party-crashpad-port-curl-transport-ppc64.patch: refresh for
upstream changes
- skia-vsx-instructions.patch: refresh for upstream changes
- 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch: regenerate
- 0001-third_party-boringssl-Properly-detect-ppc64le-in-BUI.patch: drop
* d/patches/ungoogled:
- core/ungoogled-chromium/disable-web-environment-integrity.patch: disable
"Web Environment Integrity" trial and remove from build (closes: #1042111)
-- Andres Salomon <dilinger@debian.org> Wed, 13 Sep 2023 22:26:10 -0400
chromium (116.0.5845.180-1) unstable; urgency=high
[ Andres Salomon]
* New upstream security release.
- CVE-2023-4761: Out of bounds memory access in FedCM. Reported by DarkNavy.
- CVE-2023-4762: Type Confusion in V8. Reported by Rong Jian of VRI.
- CVE-2023-4763: Use after free in Networks. Reported by anonymous.
- CVE-2023-4764: Incorrect security UI in BFCache.
Reported by Irvan Kurniawan (sourc7).
[ Timothy Pearson ]
* d/patches/ppc64le:
- 0001-Add-PPC64-support-for-boringssl.patch: Fix incorrect function call
parameter types in gmult_func() and ghash_func() implementations
-- Andres Salomon <dilinger@debian.org> Tue, 05 Sep 2023 19:10:10 -0400
chromium (116.0.5845.140-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-4572: Use after free in MediaStream.
Reported by fwnfwn(@_fwnfwn).
* Drop d/chromium.conffiles; it's been a year (and major debian release)
since started deleting /etc/chromium/policies/recommended/duckduckgo.json
(closes: #1024981).
-- Andres Salomon <dilinger@debian.org> Wed, 30 Aug 2023 04:14:41 -0400
chromium (116.0.5845.110-2) unstable; urgency=high
* Remove Bullseye-specific workarounds from debian/rules (closes: #1038679).
-- Timothy Pearson <tpearson@raptorengineering.com> Wed, 23 Aug 2023 13:25:00 -0500
chromium (116.0.5845.110-1) unstable; urgency=high
[ Timothy Pearson ]
* New upstream security release.
- CVE-2023-4430: Use after free in Vulkan.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-4429: Use after free in Loader. Reported by Anonymous.
- CVE-2023-4428: Out of bounds memory access in CSS.
Reported by Francisco Alonso (@revskills).
- CVE-2023-4427: Out of bounds memory access in V8.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-4431: Out of bounds memory access in Fonts.
Reported by Microsoft Security Researcher.
[ Andres Salomon ]
* d/patches/upstream hvec.patch: add arm* v4l2 build fix.
* d/rules: FTBFS if we're uploading to -security distribution w/out CVEs.
-- Timothy Pearson <tpearson@raptorengineering.com> Wed, 23 Aug 2023 08:58:00 -0500
chromium (116.0.5845.96-2) unstable; urgency=high
* d/patches/upstream/limits.patch: Add a build fix for arm64.
* The follow CVEs were fixed in the prior release and I forgot them.
- CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L..
- CVE-2023-4349: Use after free in Device Trust Connectors.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2023-4350: Inappropriate implementation in Fullscreen.
Reported by Khiem Tran (@duckhiem).
- CVE-2023-4351: Use after free in Network.
Reported by Guang and Weipeng Jiang of VRI.
- CVE-2023-4352: Type Confusion in V8.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-4353: Heap buffer overflow in ANGLE.
Reported by Christoph Diehl / Microsoft Vulnerability Research.
- CVE-2023-4354: Heap buffer overflow in Skia.
Reported by Mark Brand of Google Project Zero.
- CVE-2023-4355: Out of bounds memory access in V8.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-4356: Use after free in Audio.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2023-4357: Insufficient validation of untrusted input in XML.
Reported by Igor Sak-Sakovskii.
- CVE-2023-4358: Use after free in DNS.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2023-4359: Inappropriate implementation in App Launcher.
Reported by @retsew0x01.
- CVE-2023-4360: Inappropriate implementation in Color.
Reported by Axel Chong.
- CVE-2023-4361: Inappropriate implementation in Autofill.
Reported by Thomas Orlita.
- CVE-2023-4362: Heap buffer overflow in Mojom IDL.
Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab.
- CVE-2023-4363: Inappropriate implementation in WebShare.
Reported by Alesandro Ortiz.
- CVE-2023-4364: Inappropriate implementation in Permission Prompts.
Reported by Jasper Rebane.
- CVE-2023-4365: Inappropriate implementation in Fullscreen.
Reported by Hafiizh.
- CVE-2023-4366: Use after free in Extensions. Reported by asnine.
- CVE-2023-4367: Insufficient policy enforcement in Extensions API.
Reported by Axel Chong.
- CVE-2023-4368: Insufficient policy enforcement in Extensions API.
Reported by Axel Chong.
-- Andres Salomon <dilinger@debian.org> Wed, 16 Aug 2023 04:48:02 -0400
chromium (116.0.5845.96-1) unstable; urgency=high
* New upstream stable release.
* d/patches:
- fixes/cmath.patch: drop, merged upstream.
- fixes/vector.patch: drop, merged upstream.
- fixes/cookieresult.patch: drop, merged upstream.
- fixes/gcc13-headers.patch: drop portions which have been merged upstream.
- upstream/feature-list-static.patch: drop, merged upstream.
- disable/catapult.patch: refresh.
- upstream/statelessV4L2.patch: refresh.
- ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
- ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
- ppc64le/breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh.
- ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
- fixes/rust-clanglib.patch: add patch to handle new clang deps for rust.
- debianization/clang-15.patch: add patch to use lld-15.
- bookworm/typename.patch: more typename fixes needed.
- fixes/variant.patch: add a missing header that libstdc++ needs.
- fixes/vector.patch: add a missing header that libstdc++ needs.
- fixes/null.patch: fix missing namespace for nullptr_t + header fix.
- fixes/size.patch: missing header fix.
- bookworm/brotli.patch: revert upstream change that requires newer brotli.
- bookworm/struct-ctor.patch: add a bunch of explicit struct constructors
to make clang-15 happy.
- fixes/size.patch
- bullseye/stringpiece.patch: drop, since we're bundling re2 now.
* d/rules: automatically detect rust/clang versions & add needed rust args.
But also disable rust for now.
* d/rules: drop use_gnome_keyring=false, upstream has completely removed
libgnome-keyring support in favor of gnome's libsecret.
* d/control: add build-dep on libclang-rt-dev for rust.
* Use bundled re2 (for now) instead of libre2-dev due to random crashes
we're seeing. Adjust build-deps, Files-Excluded, d/clean,
and d/scripts/unbundle accordingly.
[ Timothy Pearson ]
* d/patches/ppc64le:
- database/0001-Properly-detect-little-endian-PPC64-systems.patch: refresh
for upstream changes
- third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
refresh for upstream changes
- third_party/0002-third-party-boringssl-add-generated-files.patch:
refresh, no changes
- third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream
changes
- third_party/skia-vsx-instructions.patch: refresh for upstream changes
-- Andres Salomon <dilinger@debian.org> Tue, 15 Aug 2023 17:46:56 -0400
chromium (115.0.5790.170-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-4068: Type Confusion in V8. Reported by Jerry.
- CVE-2023-4069: Type Confusion in V8.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2023-4070: Type Confusion in V8. Reported by Jerry.
- CVE-2023-4071: Heap buffer overflow in Visuals.
Reported by Guang and Weipeng Jiang of VRI.
- CVE-2023-4072: Out of bounds read and write in WebGL.
Reported by Apple Security Engineering and Architecture (SEAR).
- CVE-2023-4073: Out of bounds memory access in ANGLE.
Reported by Jaehun Jeong(@n3sk) of Theori.
- CVE-2023-4074: Use after free in Blink Task Scheduling.
Reported by Anonymous.
- CVE-2023-4075: Use after free in Cast.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-4076: Use after free in WebRTC.
Reported by Natalie Silvanovich of Google Project Zero.
- CVE-2023-4077: Insufficient data validation in Extensions.
Reported by Anonymous.
- CVE-2023-4078: Inappropriate implementation in Extensions.
Reported by Anonymous.
* debian/patches/disable/driver-chrome-path.patch: refresh for minor changes.
-- Andres Salomon <dilinger@debian.org> Wed, 02 Aug 2023 19:26:52 -0400
chromium (115.0.5790.102-2) unstable; urgency=high
* debian/patches/upstream/contains.patch:Yet Another v4l2 ARM build fix.
-- Andres Salomon <dilinger@debian.org> Tue, 25 Jul 2023 18:25:50 -0400
chromium (115.0.5790.102-1) unstable; urgency=high
* New upstream stable release.
* debian/patches/upstream/statelessV4L2.patch: add v4l2 build fix.
-- Andres Salomon <dilinger@debian.org> Fri, 21 Jul 2023 02:36:46 -0400
chromium (115.0.5790.98-2) unstable; urgency=high
* Add build fix for gcc13 on arm64.
-- Andres Salomon <dilinger@debian.org> Wed, 19 Jul 2023 22:23:08 -0400
chromium (115.0.5790.98-1) unstable; urgency=high
* New upstream release
- CVE-2023-3727: Use after free in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-3728: Use after free in WebRTC.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel.
- CVE-2023-3732: Out of bounds memory access in Mojo.
Reported by Mark Brand of Google Project Zero.
- CVE-2023-3733: Inappropriate implementation in WebApp Installs.
Reported by Ahmed ElMasry.
- CVE-2023-3734: Inappropriate implementation in Picture In Picture.
Reported by Thomas Orlita.
- CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts.
Reported by Ahmed ElMasry.
- CVE-2023-3736: Inappropriate implementation in Custom Tabs.
Reported by Philipp Beer (TU Wien).
- CVE-2023-3737: Inappropriate implementation in Notifications.
Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
- CVE-2023-3738: Inappropriate implementation in Autofill.
Reported by Hafiizh.
- CVE-2023-3740: Insufficient validation of untrusted input in Themes.
Reported by Fardeen Siddiqui.
* d/rules:
- use system rustc installation
* Add build-dep on rustc.
* d/patches:
- debianization/master-preferences.patch: upstream variable renamed
- disable/catapult.patch: upstream changes required reworking
- disable/tests.patch: remove new upstream puffin test data file
dependencies
- disable/unrar.patch: upstream changes required reworking
- fixes/cmath.patch: add missing header include for skia
- fixes/vector.patch: add missing header include for net
- upstream/sizet.patch: drop, merged upstream
- ppc64le/fixes/fix-partition-alloc-compile.patch: refresh for upstream
changes
- ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
for upstream changes
- ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
refresh for upstream changes
- ppc64le/third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
regenerate configs from upstream source
- ppc64le/third_party/skia-vsx-instructions.patch: refresh for upstream
changes
[ Andres Salomon ]
- fixes/clang-and-gcc11.patch: drop, (a different version) merged upstream.
- bookworm/typename.patch: drop parts that were merged upstream, and add
new build fixes.
- bookworm/structured-binding-scope-bug.patch: drop some of it, add new bits
- bullseye/constexpr.patch: refresh for string -> StringPiece change.
- bullseye/stringpiece.patch: add to work around older libre2.
- bullseye/default-equality-op.patch: add more workarounds for older
compilers
- fixes/brandversion-construct.patch: add to fix build failure.
- fixes/SkColor4f-init.patch: another missing struct constructor fix.
- fixes/cookieresult.patch: another struct ctor build fix.
- fixes/gcc13-with-clang14.patch: fix FTBFS with gcc-13 (closes: #1037604).
- fixes/gcc13-headers.patch: fix a bunch of missing includes which
gcc-13 wants
- ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
- ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
- ppc64le/third_party/0002-third-party-boringssl-add-generated-files.patch:
refresh.
-- Timothy Pearson <tpearson@raptorengineering.com> Tue, 18 Jul 2023 17:50:00 -0500
chromium (114.0.5735.198-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-3420: Type Confusion in V8.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2023-3421: Use after free in Media.
Reported by Piotr Bania of Cisco Talos.
- CVE-2023-3422: Use after free in Guest View. Reported by asnine.
-- Andres Salomon <dilinger@debian.org> Tue, 27 Jun 2023 02:21:12 -0400
chromium (114.0.5735.133-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-3214: Use after free in Autofill payments.
Reported by Rong Jian of VRI.
- CVE-2023-3215: Use after free in WebRTC. Reported by asnine.
- CVE-2023-3216: Type Confusion in V8.
Reported by 5n1p3r0010 from Topsec ChiXiao Lab.
- CVE-2023-3217: Use after free in WebXR.
Reported by Sergei Glazunov of Google Project Zero.
-- Andres Salomon <dilinger@debian.org> Tue, 13 Jun 2023 13:31:55 -0400
chromium (114.0.5735.106-1) unstable; urgency=high
* New upstream stable release.
- CVE-2023-3079: Type Confusion in V8.
Reported by Clément Lecigne of Google's Threat Analysis Group.
* d/patches:
- ppc64le/third_party/skia-vsx-instructions.patch: rewrite for POWER8
compatibility, fix graphics corruption, and enable in builds
-- Timothy Pearson <tpearson@raptorengineering.com> Mon, 05 Jun 2023 21:38:00 -0500
chromium (114.0.5735.90-2) unstable; urgency=high
* d/patches:
- Add upstream/feature-list-static.patch
This patch fixes an out of scope array access that can lead to crashes at startup
-- Timothy Pearson <tpearson@raptorengineering.com> Wed, 31 May 2023 12:36:00 -0500
chromium (114.0.5735.90-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2023-2929: Out of bounds write in Swiftshader.
Reported by Jaehun Jeong(@n3sk) of Theori.
- CVE-2023-2930: Use after free in Extensions. Reported by asnine.
- CVE-2023-2931: Use after free in PDF.
Reported by Huyna at Viettel Cyber Security.
- CVE-2023-2932: Use after free in PDF.
Reported by Huyna at Viettel Cyber Security.
- CVE-2023-2933: Use after free in PDF. Reported by
Quang Nguyễn (@quangnh89) of Viettel Cyber Security and Nguyen Phuong.
- CVE-2023-2934: Out of bounds memory access in Mojo.
Reported by Mark Brand of Google Project Zero.
- CVE-2023-2935: Type Confusion in V8.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-2936: Type Confusion in V8.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-2937: Inappropriate implementation in Picture In Picture.
Reported by NDevTK.
- CVE-2023-2938: Inappropriate implementation in Picture In Picture.
Reported by Alesandro Ortiz.
- CVE-2023-2939: Insufficient data validation in Installer.
Reported by ycdxsb from VARAS@IIE.
- CVE-2023-2940: Inappropriate implementation in Downloads.
Reported by Axel Chong.
- CVE-2023-2941: Inappropriate implementation in Extensions API.
Reported by Jasper Rebane.
* d/copyright: properly delete some android & chromeos stuff.
* d/patches:
- fixes/clang-and-gcc11.patch: refresh.
- upstream/webview-cstr.patch: drop, merged upstream.
- upstream/monostate.patch: drop, merged upstream.
- disable/unrar.patch: additional upstream changes required more reworking.
- disable/android.patch: refresh, & add one more build fix.
- disable/catapult.patch: refresh.
- disable/swiftshader.patch: refresh.
- disable/angle-perftest.patch: refresh.
- system/jpeg.patch: refresh.
- upstream/mojo.patch: regenerate from git.
- upstream/sizet.patch: add an upstream build fix.
- bookworm/typename.patch: include more build fixes.
- bookworm/lambda-bug.patch -> bookworm/structured-binding-scope-bug.patch,
and add another place it's happening (turns out it's not just lambdas).
* Add build-dep on libevdev-dev - now required by upstream.
[ Timothy Pearson ]
* d/patches:
- Refresh ppc64le patches
-- Andres Salomon <dilinger@debian.org> Wed, 31 May 2023 03:06:35 -0400
chromium (113.0.5672.126-1) unstable; urgency=low
* New upstream security release.
- CVE-2023-2721: Use after free in Navigation.
Reported by Guang Gong of Alpha Lab, Qihoo 360.
- CVE-2023-2722: Use after free in Autofill UI.
Reported by Rong Jian of VRI.
- CVE-2023-2723: Use after free in DevTools. Reported by asnine.
- CVE-2023-2724: Type Confusion in V8.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-2725: Use after free in Guest View. Reported by asnine.
- CVE-2023-2726: Inappropriate implementation in WebApp Installs.
Reported by Ahmed ElMasry.
-- Andres Salomon <dilinger@debian.org> Tue, 16 May 2023 16:25:03 -0400
chromium (113.0.5672.63-2) unstable; urgency=low
* d/patches:
- Set baseline ppc64 CPU back to POWER ISA 2.07 (POWER8)
-- Timothy Pearson <tpearson@raptorengineering.com> Wed, 03 May 2023 10:47:00 -0500
chromium (113.0.5672.63-1) unstable; urgency=high
* New upstream stable release.
- CVE-2023-2459: Inappropriate implementation in Prompts.
Reported by Rong Jian of VRI.
- CVE-2023-2460: Insufficient validation of untrusted input in Extensions.
Reported by Martin Bajanik, Fingerprint[.]com.
- CVE-2023-2461: Use after free in OS Inputs. Reported by @ginggilBesel.
- CVE-2023-2462: Inappropriate implementation in Prompts.
Reported by Alesandro Ortiz.
- CVE-2023-2463: Inappropriate implementation in Full Screen Mode.
Reported by Irvan Kurniawan (sourc7).
- CVE-2023-2464: Inappropriate implementation in PictureInPicture.
Reported by Thomas Orlita.
- CVE-2023-2465: Inappropriate implementation in CORS.
Reported by @kunte_ctf.
- CVE-2023-2466: Inappropriate implementation in Prompts.
Reported by Jasper Rebane (popstonia).
- CVE-2023-2467: Inappropriate implementation in Prompts.
Reported by Thomas Orlita.
- CVE-2023-2468: Inappropriate implementation in PictureInPicture.
Reported by Alesandro Ortiz.
[ Andres Salomon]
* Remove Michel from Uploaders.
* Build against libopenh264-dev (closes: #1031352).
* d/copyright:
- drop fuchsia*: entirely different OS.
- drop chrome/build: 200MB of PGO optimizations for official chrome builds.
- drop third_party/updater: upstream included update binary.
- re-add part of chrome/browser/resources/chromeos/ and chrome/android/ to
fix build errors.
* d/patches:
- debianization/master-preferences.patch: check for initial_preferences or
master_preferences, rather than just for the latter (closes: #992178).
- disable/unrar.patch: complete rewrite for upstream's nested archive changes.
- disable/catapult.patch: refresh.
- upstream/webview-cstr.patch: add simple build fix from upstream.
- upstream/monostate.patch: add simple build fix from upstream.
- bookworm/clang-attribs.patch: build fix for clang-14 to keep from
generating hundreds of warnings per compilation unit.
- bookworm/typename.patch: add another build fix for missing typename.
- bookworm/lamba-bug.patch: add to work around compiler bug (clang < 16).
- bullseye/constexpr.patch: work around build failure w/ bullseye's
clang/libstdc++.
- disable/openh264.patch -> bullseye/openh264.patch, and stop using it
for sid & bookworm.
[ Timothy Pearson ]
* d/patches:
- Set baseline ppc64 CPU to POWER ISA 3.0 (OpenPOWER, POWER9)
- Enable VSX acceleration in Skia
- Refresh ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch
- Add fixes for new Highway library on ppc64
- Suppress harmless warning messages from compiler during ppc64 builds
-- Timothy Pearson <tpearson@raptorengineering.com> Wed, 03 May 2023 00:42:00 -0500
chromium (112.0.5615.138-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-2133: Out of bounds memory access in Service Worker API.
Reported by Rong Jian of VRI.
- CVE-2023-2134: Out of bounds memory access in Service Worker API.
Reported by Rong Jian of VRI.
- CVE-2023-2135: Use after free in DevTools.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-2136: Integer overflow in Skia.
Reported by Clément Lecigne of Google's Threat Analysis Group.
- CVE-2023-2137: Heap buffer overflow in sqlite.
Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute
* d/patches:
- upstream/protobuf.patch: drop, merged upstream.
-- Timothy Pearson <tpearson@raptorengineering.com> Tue, 18 Apr 2023 22:00:00 -0500
chromium (112.0.5615.121-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-2033: Type Confusion in V8.
Reported by Clément Lecigne of Google's Threat Analysis Group.
* Build-dep on rollup.
* Delete the bundled acorn & rollup node modules, and build using the
debian packaged version of those and other modules.
* (Re-)enable optimize_webui.
* Add d/patches/upstream/protobuf.patch to fix FTBFS due to race.
-- Andres Salomon <dilinger@debian.org> Sat, 15 Apr 2023 00:24:54 -0400
chromium (112.0.5615.49-2) unstable; urgency=high
[ Andres Salomon ]
* Add d/patches/i386/angle-lockfree.patch to fix FTBFS on i386. Also create
& populate that d/patches/i386/ directory, since we now have multiple
i386 patches.
* Remove enable_js_type_check=false build arg; upstream dropped it.
[ Timothy Pearson ]
* d/patches:
- Re-add boringssl support for ppc64le (dropped by Google upstream)
- Add ppc64le detection to partition allocator build
- Regenerate 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch
-- Andres Salomon <dilinger@debian.org> Fri, 07 Apr 2023 03:40:50 -0400
chromium (112.0.5615.49-1) unstable; urgency=high
* New upstream stable release.
- CVE-2023-1810: Heap buffer overflow in Visuals.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2023-1811: Use after free in Frames. Reported by Thomas Orlita.
- CVE-2023-1812: Out of bounds memory access in DOM Bindings.
Reported by Shijiang Yu.
- CVE-2023-1813: Inappropriate implementation in Extensions.
Reported by Axel Chong.
- CVE-2023-1814: Insufficient validation of untrusted input in
Safe Browsing. Reported by Young Min Kim (@ylemkimon),
CompSec Lab at Seoul National University.
- CVE-2023-1815: Use after free in Networking APIs. Reported by DDV_UA.
- CVE-2023-1816: Incorrect security UI in Picture In Picture.
Reported by NDevTK.
- CVE-2023-1817: Insufficient policy enforcement in Intents.
Reported by Axel Chong.
- CVE-2023-1818: Use after free in Vulkan. Reported by Abdulrahman
Alqabandi, Microsoft Browser Vulnerability Research, Eric Lawrence,
Microsoft, Patrick Walker (@HomeSen), & Kirtikumar Anandrao Ramchandani.
- CVE-2023-1819: Out of bounds read in Accessibility.
Reported by Microsoft Edge Team.
- CVE-2023-1820: Heap buffer overflow in Browser History.
Reported by raven at KunLun lab.
- CVE-2023-1821: Inappropriate implementation in WebShare.
Reported by Axel Chong.
- CVE-2023-1822: Incorrect security UI in Navigation. Reported by 강우진.
- CVE-2023-1823: Inappropriate implementation in FedCM.
Reported by Jasper Rebane (popstonia).
* d/copyright: change location for deleted image_diff directory.
* d/patches:
- disable/unrar.patch: update for stuff dropped upstream.
- disable/swiftshader.patch: straight refresh.
- bullseye/clang13.patch: straight refresh.
- ppc64le/third_party/0001-third_party-angle-Include-missing-header-cstddef-in-.patch:
straight refresh.
- ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: straight
refresh.
- debian/patches/ppc64le/third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
change is_mac to is_apple.
-- Andres Salomon <dilinger@debian.org> Tue, 04 Apr 2023 18:44:47 -0400
chromium (111.0.5563.110-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-1528: Use after free in Passwords.
Reported by Wan Choi of Seoul National University.
- CVE-2023-1529: Out of bounds memory access in WebHID.
- CVE-2023-1530: Use after free in PDF.
Reported by The UK's National Cyber Security Centre (NCSC).
- CVE-2023-1531: Use after free in ANGLE.
Reported by Piotr Bania of Cisco Talos.
- CVE-2023-1532: Out of bounds read in GPU Video.
Reported by Mark Brand of Google Project Zero.
- CVE-2023-1533: Use after free in WebProtect.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2023-1534: Out of bounds read in ANGLE.
Reported by Jann Horn and Mark Brand of Google Project Zero.
* Document how to properly enable Wayland support in README.Debian
(closes: #1033223).
* d/rules patch from "Daniel Richard G." <skunk@iSKUNK.ORG>:
- Disable lto flags (closes: #1015367).
- don't clobber LDFLAGS from dpkg-buildflags (closes: #1033015).
-- Andres Salomon <dilinger@debian.org> Wed, 22 Mar 2023 03:17:36 -0400
chromium (111.0.5563.64-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2023-1213: Use after free in Swiftshader.
Reported by Jaehun Jeong(@n3sk) of Theori.
- CVE-2023-1214: Type Confusion in V8.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2023-1215: Type Confusion in CSS. Reported by Anonymous.
- CVE-2023-1216: Use after free in DevTools.
Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
- CVE-2023-1217: Stack buffer overflow in Crash reporting.
Reported by sunburst of Ant Group Tianqiong Security Lab.
- CVE-2023-1218: Use after free in WebRTC. Reported by Anonymous.
- CVE-2023-1219: Heap buffer overflow in Metrics.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-1220: Heap buffer overflow in UMA.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2023-1221: Insufficient policy enforcement in Extensions API.
Reported by Ahmed ElMasry.
- CVE-2023-1222: Heap buffer overflow in Web Audio API.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-1223: Insufficient policy enforcement in Autofill.
Reported by Ahmed ElMasry.
- CVE-2023-1224: Insufficient policy enforcement in Web Payments API.
Reported by Thomas Orlita.
- CVE-2023-1225: Insufficient policy enforcement in Navigation.
Reported by Roberto Ffrench-Davis @Lihaft.
- CVE-2023-1226: Insufficient policy enforcement in Web Payments API.
Reported by Anonymous.
- CVE-2023-1227: Use after free in Core. Reported by @ginggilBesel.
- CVE-2023-1228: Insufficient policy enforcement in Intents.
Reported by Axel Chong.
- CVE-2023-1229: Inappropriate implementation in Permission prompts.
Reported by Thomas Orlita.
- CVE-2023-1230: Inappropriate implementation in WebApp Installs.
Reported by Axel Chong.
- CVE-2023-1231: Inappropriate implementation in Autofill.
Reported by Yan Zhu, Brave.
- CVE-2023-1232: Insufficient policy enforcement in Resource Timing.
Reported by Sohom Datta.
- CVE-2023-1233: Insufficient policy enforcement in Resource Timing.
Reported by Soroush Karami.
- CVE-2023-1234: Inappropriate implementation in Intents.
Reported by Axel Chong.
- CVE-2023-1235: Type Confusion in DevTools.
Reported by raven at KunLun lab.
- CVE-2023-1236: Inappropriate implementation in Internals.
Reported by Alesandro Ortiz.
* Document upcoming security support in README.Debian.security.
* Document switching the default search engine in README.debian.
* d/patches:
- upstream/clamp.patch: drop, merged upstream.
- upstream/pwman-const.patch: drop, merged upstream.
- upstream/move-stack-to-isolate.patch: drop, merged upstream.
- upstream/blink-dbl-float.patch: drop, merged upstream.
- upstream/v4l2-fix.patch: drop, merged upstream.
- disable/catapult.patch: refresh & remove unnecessary android bits.
- disable/google-api-warning.patch: refresh.
[ Timothy Pearson ]
* d/patches:
- ppc64le/third_party/0005-third_party-dav1d-crash-fix.patch: drop,
merged upstream
- ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch:
skia musttail is back in upstream, disable on ppc64le due to
contining Clang bugs
- ppc64le: refresh libaom configuration
-- Andres Salomon <dilinger@debian.org> Tue, 07 Mar 2023 18:12:37 -0500
chromium (110.0.5481.177-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-0941: Use after free in Prompts. Reported by Anonymous.
- CVE-2023-0927: Use after free in Web Payments API.
Reported by Rong Jian of VRI.
- CVE-2023-0928: Use after free in SwiftShader. Reported by Anonymous.
- CVE-2023-0929: Use after free in Vulkan.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-0930: Heap buffer overflow in Video.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-0931: Use after free in Video.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-0932: Use after free in WebRTC.
Reported by Omri Bushari (Talon Cyber Security).
- CVE-2023-0933: Integer overflow in PDF. Reported by
Zhiyi Zhang from Codesafe Team of Legendsec at QI-ANXIN Group.
-- Andres Salomon <dilinger@debian.org> Wed, 22 Feb 2023 16:11:07 -0500
chromium (110.0.5481.77-2) unstable; urgency=high
* Fix build failure on arm* platforms with upstream/v4l2-fix.patch.
-- Andres Salomon <dilinger@debian.org> Wed, 08 Feb 2023 15:20:57 -0500
chromium (110.0.5481.77-1) unstable; urgency=high
[ Andres Salomon ]
* New upstream stable release.
- CVE-2023-0696: Type Confusion in V8.
Reported by Haein Lee at KAIST Hacking Lab.
- CVE-2023-0697: Inappropriate implementation in Full screen mode.
Reported by Ahmed ElMasry.
- CVE-2023-0698: Out of bounds read in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-0699: Use after free in GPU.
Reported by 7o8v and Cassidy Kim(@cassidy6564).
- CVE-2023-0700: Inappropriate implementation in Download.
Reported by Axel Chong.
- CVE-2023-0701: Heap buffer overflow in WebUI.
Reported by Sumin Hwang of SSD Labs.
- CVE-2023-0702: Type Confusion in Data Transfer. Reported by Sri.
- CVE-2023-0703: Type Confusion in DevTools.
Reported by raven at KunLun lab.
- CVE-2023-0704: Insufficient policy enforcement in DevTools.
Reported by Rhys Elsmore and Zac Sims of the Canva security team.
- CVE-2023-0705: Integer overflow in Core.
Reported by SorryMybad (@S0rryMybad) of Kunlun Lab.
* d/copyright: libpng16 binaries are gone, no longer need to exclude them.
* d/scripts/unbundle: drop libjxl, which is dropped upstream. Add absl_log*.
* d/patches:
- debianization/optimization.patch: drop. This is unnecessary, as
Debian's optimization flags override Chromium's by default.
- disable/android.patch: upstream removed android_crazy_linker, so we can
remove half of this patch.
- disable/catapult.patch: refresh.
- disable/google-api-warning.patch: refresh.
- upstream/mojo.patch: refresh w/ what's in 110.
- system/openjpeg.patch: completely rework due to upstream changes.
- upstream/clamp.patch: backport a build fix.
- upstream/blink-dbl-float.patch: another build fix.
* Drop unused use_allocator="none" argument. This was used previously
to switch from the default "partition" allocator. Upstream dropped
the build flag in chromium v109. So in v109 we switched to the default
"partition" allocator and I don't think anyone noticed, so let's just
leave it on. Report issues if you notice any.
[ Timothy Pearson ]
* d/patches:
- Refresh ppc64le patches for v110
- Add upstream patches to fix build errors when use_custom_libcxx=false
- Drop stack smashing fix patch for ppc64le due to fix included upstream
-- Andres Salomon <dilinger@debian.org> Wed, 08 Feb 2023 00:20:01 -0500
chromium (109.0.5414.119-1) unstable; urgency=high
* New upstream security release.
- CVE-2023-0471: Use after free in WebTransport.
Reported by chichoo Kim(chichoo) and Cassidy Kim(@cassidy6564).
- CVE-2023-0472: Use after free in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2023-0473: Type Confusion in ServiceWorker API.
Reported by raven at KunLun lab.
- CVE-2023-0474: Use after free in GuestView. Reported by avaue at S.S.L.
* Re-enable v4l2 for arm platforms (closes: #1011346).
-- Andres Salomon <dilinger@debian.org> Wed, 25 Jan 2023 01:19:49 -0500
chromium (109.0.5414.74-2) unstable; urgency=high
[ Andres Salomon ]
* d/patches/bullseye/clang13.patch: don't use -gsimple-template-names in
clang arguments, as it doesn't work with clang-13.
[ Timothy Pearson ]
* Fix crashes in dav1d during video playback on ppc64le
* d/patches:
- Apply upstream dav1d ppc64le fix from videolan merge request #1464
-- Andres Salomon <dilinger@debian.org> Thu, 12 Jan 2023 18:23:51 -0500
chromium (109.0.5414.74-1) unstable; urgency=high
* New upstream stable release.
- CVE-2023-0128: Use after free in Overview Mode. Reported by Khalil Zhani.
- CVE-2023-0129: Heap buffer overflow in Network Service.
Reported by asnine.
- CVE-2023-0130: Inappropriate implementation in Fullscreen API.
Reported by Hafiizh.
- CVE-2023-0131: Inappropriate implementation in iframe Sandbox.
Reported by NDevTK.
- CVE-2023-0132: Inappropriate implementation in Permission prompts.
Reported by Jasper Rebane (popstonia).
- CVE-2023-0133: Inappropriate implementation in Permission prompts.
Reported by Alesandro Ortiz.
- CVE-2023-0134: Use after free in Cart.
Reported by Chaoyuan Peng (@ret2happy).
- CVE-2023-0135: Use after free in Cart.
Reported by Chaoyuan Peng (@ret2happy).
- CVE-2023-0136: Inappropriate implementation in Fullscreen API.
Reported by Axel Chong.
- CVE-2023-0137: Heap buffer overflow in Platform Apps.
Reported by avaue and Buff3tts at S.S.L..
- CVE-2023-0138: Heap buffer overflow in libphonenumber.
Reported by Michael Dau.
- CVE-2023-0139: Insufficient validation of untrusted input in Downloads.
Reported by Axel Chong.
- CVE-2023-0140: Inappropriate implementation in File System API.
Reported by harrison.mitchell, cybercx.com.au.
- CVE-2023-0141: Insufficient policy enforcement in CORS.
Reported by scarlet.
* d/patches:
- upstream/re-fix-tflite.patch: drop, merged upstream.
- disable/catapult.patch: refresh
- disable/angle-perftests.patch: refresh
[ Timothy Pearson ]
* d/patches:
- Regenerate ppc64le configuration files from source
- Fix register corruption in v8 on ppc64 systems
-- Andres Salomon <dilinger@debian.org> Thu, 12 Jan 2023 13:01:02 -0500
chromium (108.0.5359.124-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-4436: Use after free in Blink Media.
Reported by Anonymous on 2022-11-15
- CVE-2022-4437: Use after free in Mojo IPC.
Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability
Research Institute on 2022-11-30
- CVE-2022-4438: Use after free in Blink Frames.
Reported by Anonymous on 2022-11-07
- CVE-2022-4439: Use after free in Aura.
Reported by Anonymous on 2022-11-22
- CVE-2022-4440: Use after free in Profiles.
Reported by Anonymous on 2022-11-09
[ Andres Salomon ]
* Drop fixes/disable-cxx20.patch; turned out to be a clang-14 bug
(https://bugs.debian.org/1025394) causing the issue that is now fixed.
-- Timothy Pearson <tpearson@raptorengineering.com> Tue, 13 Dec 2022 19:10:00 -0600
chromium (108.0.5359.94-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-4262: Type Confusion in V8.
Reported by Clement Lecigne of Google's Threat Analysis Group.
* Drop bullseye/mulodic.patch from unstable, it's too difficult to get this
right between the two distributions. It'll live in the bullseye branch only.
-- Andres Salomon <dilinger@debian.org> Sat, 03 Dec 2022 13:29:49 -0500
chromium (108.0.5359.71-2) unstable; urgency=high
* Fix bullseye/mulodic.patch to actually work right on 32-bit platforms.
Again.
[ Timothy Pearson ]
* Regenerate libaom configuration for ppc64el
-- Andres Salomon <dilinger@debian.org> Fri, 02 Dec 2022 15:03:21 -0500
chromium (108.0.5359.71-1) unstable; urgency=high
* New upstream stable release.
- CVE-2022-4174: Type Confusion in V8.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2022-4175: Use after free in Camera Capture.
Reported by Leecraso and Guang Gong of 360 Alpha Lab.
- CVE-2022-4176: Out of bounds write in Lacros Graphics.
Reported by @ginggilBesel.
- CVE-2022-4177: Use after free in Extensions.
Reported by Chaoyuan Peng (@ret2happy).
- CVE-2022-4178: Use after free in Mojo.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2022-4179: Use after free in Audio.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2022-4180: Use after free in Mojo. Reported by Anonymous.
- CVE-2022-4181: Use after free in Forms. Reported by Aviv A.
- CVE-2022-4182: Inappropriate implementation in Fenced Frames.
Reported by Peter Nemeth.
- CVE-2022-4183: Insufficient policy enforcement in Popup Blocker.
Reported by David Sievers.
- CVE-2022-4184: Insufficient policy enforcement in Autofill.
Reported by Ahmed ElMasry.
- CVE-2022-4185: Inappropriate implementation in Navigation.
Reported by James Lee (@Windowsrcer).
- CVE-2022-4186: Insufficient validation of untrusted input in Downloads.
Reported by Luan Herrera (@lbherrera_).
- CVE-2022-4187: Insufficient policy enforcement in DevTools.
Reported by Axel Chong.
- CVE-2022-4188: Insufficient validation of untrusted input in CORS.
Reported by Philipp Beer (TU Wien).
- CVE-2022-4189: Insufficient policy enforcement in DevTools.
Reported by NDevTK.
- CVE-2022-4190: Insufficient data validation in Directory.
Reported by Axel Chong.
- CVE-2022-4191: Use after free in Sign-In.
Reported by Jaehun Jeong(@n3sk) of Theori.
- CVE-2022-4192: Use after free in Live Caption.
Reported by Samet Bekmezci @sametbekmezci.
- CVE-2022-4193: Insufficient policy enforcement in File System API.
Reported by Axel Chong.
- CVE-2022-4194: Use after free in Accessibility. Reported by Anonymous.
- CVE-2022-4195: Insufficient policy enforcement in Safe Browsing.
Reported by Eric Lawrence of Microsoft.
* d/copyright:
- drop multiple ninja executables from upstream tarball.
- Stop deleting chrome/test/data/*, since it's all just empty directories
except for one BUILD.gn that is required to build.
* d/scripts/unbundle: build against the bundled absl_utility.
* d/patches:
- upstream/fix-missing-cmath.patch: drop, merged upstream.
- fixes/angle-wayland.patch: drop, merged upstream.
- fixes/fix-arm-vfpv3-d16-libaom.patch: drop, merged upstream.
- disable/unrar.patch: refresh due to 7z support added.
- ppc64le/workarounds/HACK-third_party-libvpx-use-generic-gnu.patch:
refresh for loongarch update.
- ppc64le/third_party/use-sysconf-page-size-on-ppc64.patch: drop half of
patch as upstream removed duplicate code.
- fixes/disable-cxx20.patch: switch clang complication back to the c++17
standard, as c++20 breaks linking.
-- Andres Salomon <dilinger@debian.org> Thu, 01 Dec 2022 22:23:10 -0500
chromium (107.0.5304.121-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-4135: Heap buffer overflow in GPU. Reported by Clement Lecigne
of Google's Threat Analysis Group on 2022-11-22
-- Timothy Pearson <tpearson@raptorengineering.com> Sat, 26 Nov 2022 12:34:00 -0600
chromium (107.0.5304.110-2) unstable; urgency=high
* Fix bullseye/mulodic.patch to actually work right. Sigh.
-- Andres Salomon <dilinger@debian.org> Thu, 10 Nov 2022 13:48:01 -0500
chromium (107.0.5304.110-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-3885: Use after free in V8. Reported by gzobqq@.
- CVE-2022-3886: Use after free in Speech Recognition.
- CVE-2022-3887: Use after free in Web Workers. Reported by anonymous.
- CVE-2022-3888: Use after free in WebCodecs. Reported by Peter Nemeth.
- CVE-2022-3889: Type Confusion in V8. Reported by anonymous.
- CVE-2022-3890: Heap buffer overflow in Crashpad. Reported by anonymous.
* Clean up old crash dump files on launch (closes: #1015931).
* debian/patches:
- bullseye/mulodic.patch: (hopefully!) fix FTBFS on bullseye under i386
and armhf.
-- Andres Salomon <dilinger@debian.org> Wed, 09 Nov 2022 19:57:34 -0500
chromium (107.0.5304.87-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-3723: Type Confusion in V8. Reported by Jan Vojtěšek, Milánek,
and Przemek Gmerek of Avast.
* Revert v4l2 enable for arm platforms until a build error is fixed.
-- Andres Salomon <dilinger@debian.org> Fri, 28 Oct 2022 07:02:02 -0400
chromium (107.0.5304.68-1) unstable; urgency=high
* New upstream stable release.
- CVE-2022-3652: Type Confusion in V8. Reported by srodulv and ZNMchtss at
S.S.L Team.
- CVE-2022-3653: Heap buffer overflow in Vulkan. Reported by SeongHwan Park
(SeHwa).
- CVE-2022-3654: Use after free in Layout. Reported by Sergei Glazunov of
Google Project Zero.
- CVE-2022-3655: Heap buffer overflow in Media Galleries. Reported by
koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute.
- CVE-2022-3656: Insufficient data validation in File System. Reported by
Ron Masas, Imperva.
- CVE-2022-3657: Use after free in Extensions. Reported by Omri Bushari,
Talon Cyber Security.
- CVE-2022-3658: Use after free in Feedback service on Chrome OS. Reported
by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research
Institute.
- CVE-2022-3659: Use after free in Accessibility. Reported by @ginggilBesel.
- CVE-2022-3660: Inappropriate implementation in Full screen mode. Reported
by Irvan Kurniawan (sourc7).
- CVE-2022-3661: Insufficient data validation in Extensions. Reported by
Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University.
* Disable building against QT5 (for now).
https://groups.google.com/a/chromium.org/g/chromium-packagers/c/-2VGexQAK6w
* debian/copyright:
- delete third_party/dawn/tools/golang binaries.
* debian/patches:
- upstream/armhf-ftbfs.patch: drop, merged upstream.
- upstream/fix-nullptr-qual.patch: drop, merged upstream.
- disable/catapult.patch: delete add'l blink reference to catapult.
- bullseye/clang13.patch: refresh for minor upstream changes.
- ppc64le/workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
- disable/clang-version-check.patch: added to fix build failure. Needs
to go upstream.
- ppc64le/workarounds/HACK-debian-clang-disable-skia-musttail.patch:
drop, upstream skia stopped using clang::musttail.
- upstream/re-fix-tflite.patch: re-add a build fix that upstream lost.
[ Timothy Pearson ]
* regenerate libaom configuration on ppc64el systems.
-- Andres Salomon <dilinger@debian.org> Tue, 25 Oct 2022 17:40:14 -0400
chromium (106.0.5249.119-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-3445: Use after free in Skia. Reported by Nan Wang
(@eternalsakura13) and Yong Liu of 360 Vulnerability Research Institute on
2022-09-16
- CVE-2022-3446: Heap buffer overflow in WebSQL. Reported by Kaijie Xu
(@kaijieguigui) on 2022-09-26
- CVE-2022-3447: Inappropriate implementation in Custom Tabs. Reported by
Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2022-09-22
- CVE-2022-3448: Use after free in Permissions API. Reported by raven at
KunLun lab on 2022-09-13
- CVE-2022-3449: Use after free in Safe Browsing. Reported by asnine on
2022-09-17
- CVE-2022-3450: Use after free in Peer Connection. Reported by Anonymous on
2022-09-30
-- Timothy Pearson <tpearson@raptorengineering.com> Tue, 11 Oct 2022 19:42:00 -0500
chromium (106.0.5249.103-2) unstable; urgency=low
* Reduce baseline compatibility for ppc64el builds from POWER9
to POWER8. This matches the current Debian build farm.
-- Timothy Pearson <tpearson@raptorengineering.com> Sat, 08 Oct 2022 14:35:00 -0500
chromium (106.0.5249.103-1) unstable; urgency=medium
* New upstream release.
* Add ppc64el patches maintained by me, and enable builds for ppc64el
(closes #1005083).
-- Timothy Pearson <tpearson@raptorengineering.com> Fri, 07 Oct 2022 17:54:00 -0500
chromium (106.0.5249.91-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-3370: Use after free in Custom Elements.
Reported by Aviv A.
- CVE-2022-3373: Out of bounds write in V8.
Reported by Tibor Klajnscek.
-- Andres Salomon <dilinger@debian.org> Sat, 01 Oct 2022 03:21:58 -0400
chromium (106.0.5249.61-1) unstable; urgency=high
* New upstream stable release.
- CVE-2022-3304: Use after free in CSS. Reported by Anonymous.
- CVE-2022-3201: Insufficient validation of untrusted input in
Developer Tools. Reported by NDevTK.
- CVE-2022-3305: Use after free in Survey. Reported by Nan
Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability
Research Institute.
- CVE-2022-3306: Use after free in Survey. Reported by Nan
Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability
Research Institute.
- CVE-2022-3307: Use after free in Media.
Reported by Anonymous Telecommunications Corp. Ltd.
- CVE-2022-3308: Insufficient policy enforcement in Developer Tools.
Reported by Andrea Cappa (zi0Black) @ Shielder.
- CVE-2022-3309: Use after free in Assistant.
Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab.
- CVE-2022-3310: Insufficient policy enforcement in Custom Tabs.
Reported by Ashwin Agrawal from Optus, Sydney.
- CVE-2022-3311: Use after free in Import.
Reported by Samet Bekmezci @sametbekmezci.
- CVE-2022-3312: Insufficient validation of untrusted input in VPN.
Reported by Andr.Ess.
- CVE-2022-3313: Incorrect security UI in Full Screen.
Reported by Irvan Kurniawan (sourc7).
- CVE-2022-3314: Use after free in Logging. Reported by Anonymous.
- CVE-2022-3315: Type confusion in Blink. Reported by Anonymous.
- CVE-2022-3316: Insufficient validation of untrusted input in Safe
Browsing. Reported by Sven Dysthe (@svn_dy).
- CVE-2022-3317: Insufficient validation of untrusted input in
Intents. Reported by Hafiizh.
- CVE-2022-3318: Use after free in ChromeOS Notifications.
Reported by GraVity0.
* debian/patches:
- disable/angle-perftests.patch: drop most of patch.
build_angle_perftests=false is set in d/rules, so no need to patch
it and its dependencies.
- upstream/browser-finder.patch: drop, merged upstream.
- upstream/disk-cache.patch: drop, merged upstream.
- upstream/masklayer-geom.patch: drop, merged upstream.
- fixes/tflite.patch: drop, merged upstream.
- bullseye/clang13.patch: update for upstream switching from one
unsupported clang warning flag to another.
- disable/catapult.patch: refresh.
- disable/installer.patch: drop, as there's no real need to delete
chrome/install_static; there's no licensing issues and it's only
actually built on windows.
- upstream/fix-missing-cmath.patch: added from upstream to fix ftbfs.
- upstream/fix-nullptr-qual.patch: added from upstream to fix ftbfs.
- fixes/fix-arm-vfpv3-d16-libaom.patch: add to fix a problem that
was currently papered over by disabling libaom on arm. This new
patch (hopefully) allows libaom to be built for the armhf arch.
- disable/libaom-arm.patch: drop now that we've fixed libaom on arm.
- system/event.patch: remove some old unused bits that patch gn.
* Stop deleting chrome/install_static in d/copyright, and also start
deleting third party libraries that we began linking to in v105 as
well as tools/gn.
* Remove mgilbert as an uploader; thanks for all your work on chromium
packaging!
-- Andres Salomon <dilinger@debian.org> Tue, 27 Sep 2022 14:14:44 -0400
chromium (105.0.5195.125-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-3195: Out of bounds write in Storage. Reported by
Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability
Research Institute.
- CVE-2022-3196: Use after free in PDF. Reported by triplepwns.
- CVE-2022-3197: Use after free in PDF. Reported by triplepwns.
- CVE-2022-3198: Use after free in PDF. Reported by MerdroidSG.
- CVE-2022-3199: Use after free in Frames. Reported by Anonymous.
- CVE-2022-3200: Heap buffer overflow in Internals.
Reported by Richard Lorenz, SAP.
- CVE-2022-3201: Insufficient validation of untrusted input in
DevTools. Reported by NDevTK
-- Andres Salomon <dilinger@debian.org> Wed, 14 Sep 2022 12:43:31 -0400
chromium (105.0.5195.102-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-3075: Insufficient data validation in Mojo.
* Update the cpu check to allow pni instead of sse3 (closes: #1018937).
* Enable v4l2 for arm platforms. This also disables VA-API on arm64, so
if that breaks things let me know. Thanks
Eschenbacher.Stefan@Scheidt-Bachmann.de for the patch (#1011346).
* debian/patches:
- upstream/armhf-ftbfs.patch: fix FTBFS introduced with v105 on armhf.
-- Andres Salomon <dilinger@debian.org> Mon, 05 Sep 2022 15:57:26 -0400
chromium (105.0.5195.52-1) unstable; urgency=high
* New upstream stable release.
- CVE-2022-3038: Use after free in Network Service.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2022-3039: Use after free in WebSQL. Reported by
Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability
Research Institute.
- CVE-2022-3040: Use after free in Layout. Reported by Anonymous.
- CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and
Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute.
- CVE-2022-3042: Use after free in PhoneHub. Reported by koocola
(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute.
- CVE-2022-3043: Heap buffer overflow in Screen Capture.
Reported by @ginggilBesel.
- CVE-2022-3044: Inappropriate implementation in Site Isolation.
Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research
- CVE-2022-3045: Insufficient validation of untrusted input in V8.
Reported by Ben Noordhuis <info@bnoordhuis.nl>.
- CVE-2022-3046: Use after free in Browser Tag.
Reported by Rong Jian of VRI.
- CVE-2022-3071: Use after free in Tab Strip.
Reported by @ginggilBesel.
- CVE-2022-3047: Insufficient policy enforcement in Extensions API.
Reported by Maurice Dauer.
- CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen.
Reported by Andr.Ess.
- CVE-2022-3049: Use after free in SplitScreen.
Reported by @ginggilBesel.
- CVE-2022-3050: Heap buffer overflow in WebUI.
Reported by Zhihua Yao of KunLun Lab.
- CVE-2022-3051: Heap buffer overflow in Exosphere.
Reported by @ginggilBesel.
- CVE-2022-3052: Heap buffer overflow in Window Manager.
Reported by Khalil Zhani.
- CVE-2022-3053: Inappropriate implementation in Pointer Lock.
Reported by Jesper van den Ende (Pelican Party Studios).
- CVE-2022-3054: Insufficient policy enforcement in DevTools.
Reported by Kuilin Li.
- CVE-2022-3055: Use after free in Passwords. Reported by Weipeng
Jiang (@Krace) and Guang Gong of 360 Vulnerability Research
Institute.
- CVE-2022-3056: Insufficient policy enforcement in Content
Security Policy. Reported by Anonymous.
- CVE-2022-3057: Inappropriate implementation in iframe Sandbox.
Reported by Gareth Heyes.
- CVE-2022-3058: Use after free in Sign-In Flow.
Reported by raven at KunLun lab.
* Drop workaround for lack of older clang's -ffile-prefix-map. This
should make reproducible builds happy.
* debian/copyright:
- Update for new libevent location (moved out of base/).
- libopenjpeg20 -> libopenjpeg
* debian/patches:
- debianization/support-i386.patch: refresh.
- disable/catapult.patch: refresh.
- disable/libaom-arm.patch: refresh.
- system/event.patch: update for new libevent location.
- system/openjpeg.patch: refresh.
- bullseye/clang13.patch: drop part of patch dropped upstream.
- upstream/disk-cache.patch: build fix pulled from upstream.
- upstream/browser-finder.patch: build fix pulled from upstream.
- upstream/masklayer-geom.patch: build fix pulled from upstream.
- system/jsoncpp.patch: drop, merged upstream.
- fixes/angle-wayland: build fix due to mismatched wayland headers
on sid. Only needed until angle updates its copy of wayland.
- disable/welcome-page.patch: drop. Upstream fixed the original
issue some time ago, and this new version finally cleaned up
the workaround.
- fixes/connection-message.patch: drop it. I looked at sending this
upstream, but the original extension doesn't exist any more,
and chromium properly prints an error if a proxy is unreachable.
If you can still reproduce the issue (described in
http://bugs.debian.org/864539), let me know so I can get it fixed
upstream.
* debian/scripts/unbundle: upstream tripled the number of (previously
vendored) libraries that we can use system versions of. However,
the majority of them are either not in bullseye or are too old, so
we'll have to wait to use the debian versions for the ones not newly
added as build-deps.
* Disable optimize_webui, due to a build failure using nodejs from
bullseye. I'll reenable this when it either gets fixed or we're done
with bullseye security support.
* Remove sse3-support dependency and just refuse to run if SSE3 is
not present. Breaking via preinst script isn't appropriate for
packages that might be installed by default (eg, by Debian Edu).
* debian/control: add build-deps for brotli, libdouble-conversion-dev,
libwoff-dev, and libxnvctrl-dev (closes: #987292).
* Rework default search engine stuff. People did not like the "Your
browser is managed" and "Your administrator can change your browser
setup remotely" messages, which are admittedly alarming.
Instead of using /etc/chromium/policies/recommended/duckduckgo.json,
delete that and use /etc/chromium/master_preferences instead.
-- Andres Salomon <dilinger@debian.org> Wed, 31 Aug 2022 20:48:11 -0400
chromium (104.0.5112.101-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-2852: Use after free in FedCM.
Reported by Sergei Glazunov of Google Project Zero
- CVE-2022-2854: Use after free in SwiftShader. Reported by Cassidy
Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
- CVE-2022-2855: Use after free in ANGLE. Reported by Cassidy Kim
of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
- CVE-2022-2857: Use after free in Blink. Reported by Anonymous
- CVE-2022-2858: Use after free in Sign-In Flow.
Reported by raven at KunLun lab
- CVE-2022-2853: Heap buffer overflow in Downloads.
Reported by Sergei Glazunov of Google Project Zero
- CVE-2022-2856: Insufficient validation of untrusted input in Intents
Reported by Ashley Shen and Christian Resell of Google Threat
Analysis Group
- CVE-2022-2859: Use after free in Chrome OS Shell. Reported by
Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
- CVE-2022-2860: Insufficient policy enforcement in Cookies.
Reported by Axel Chong
- CVE-2022-2861: Inappropriate implementation in Extensions API.
Reported by Rong Jian of VRI
* Change default search engine to DuckDuckGo for privacy reasons.
Set a different search engine under Settings -> Search Engine
(closes: #956012).
* Drop a bunch of versioned build-deps that have been satisfied
since at least oldoldstable.
* debian/NEWS.Debian:
- Document upstream dropping support for older TLSv1 and TLSv1.1
protocols (closes: #1005808).
- Document upstream dropping support for older x86 CPUs without
SSE3 instruction support (closes: #1010407).
- Document the Google to DuckDuckGo change.
- Document upstream's config renaming of AuthServerWhitelist to
AuthServerAllowlist (closes: #1013268).
-- Andres Salomon <dilinger@debian.org> Tue, 16 Aug 2022 17:29:29 -0400
chromium (104.0.5112.79-1) unstable; urgency=high
* New upstream stable release.
- CVE-2022-2603: Use after free in Omnibox. Reported by Anonymous
- CVE-2022-2604: Use after free in Safe Browsing. Reported by
Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
- CVE-2022-2605: Out of bounds read in Dawn. Reported by Looben Yang
- CVE-2022-2606: Use after free in Managed devices API. Reported by
Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
- CVE-2022-2607: Use after free in Tab Strip. Reported by @ginggilBesel
- CVE-2022-2608: Use after free in Overview Mode.
Reported by Khalil Zhani
- CVE-2022-2609: Use after free in Nearby Share. Reported by koocola
(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute
- CVE-2022-2610: Insufficient policy enforcement in Background Fetch.
Reported by Maurice Dauer
- CVE-2022-2611: Inappropriate implementation in Fullscreen API.
Reported by Irvan Kurniawan (sourc7)
- CVE-2022-2612: Side-channel information leakage in Keyboard input.
Reported by Erik Kraft (erik.kraft5@gmx.at),
Martin Schwarzl (martin.schwarzl@iaik.tugraz.at)
- CVE-2022-2613: Use after free in Input.
Reported by Piotr Tworek (Vewd)
- CVE-2022-2614: Use after free in Sign-In Flow.
Reported by raven at KunLun lab
- CVE-2022-2615: Insufficient policy enforcement in Cookies.
Reported by Maurice Dauer
- CVE-2022-2616: Inappropriate implementation in Extensions API.
Reported by Alesandro Ortiz
- CVE-2022-2617: Use after free in Extensions API.
Reported by @ginggilBesel
- CVE-2022-2618: Insufficient validation of untrusted input in
Internals. Reported by asnine
- CVE-2022-2619: Insufficient validation of untrusted input in Settings.
Reported by Oliver Dunk
- CVE-2022-2620: Use after free in WebUI. Reported by
Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
- CVE-2022-2621: Use after free in Extensions.
Reported by Huyna at Viettel Cyber Security
- CVE-2022-2622: Insufficient validation of untrusted input in
Safe Browsing. Reported by Imre Rad (@ImreRad) and @j00sean
- CVE-2022-2623: Use after free in Offline. Reported by
raven at KunLun lab
- CVE-2022-2624: Heap buffer overflow in PDF. Reported by YU-CHANG
CHEN and CHIH-YEN CHANG, working with DEVCORE Internship Program
* debian/patches:
- bullseye/nomerge.patch: drop, was only needed for clang-11.
- bullseye/clang11.patch: drop clang-11 bits, rename to clang13.patch.
- bullseye/blink-constexpr.patch: drop, only needed for clang-11.
- bullseye/byteswap-constexpr2.patch: drop, only needed for clang-11.
- disable/angle-perftests.patch: refresh
- disable/catapult.patch: refresh & drop some no longer needed bits.
- fixes/tflite.patch: fix a build error.
* debian/copyright:
- upstream dropped perfetto/ui/src/gen/.
-- Andres Salomon <dilinger@debian.org> Thu, 04 Aug 2022 11:31:44 -0400
chromium (103.0.5060.134-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-2477 : Use after free in Guest View. Reported by anonymous
- CVE-2022-2478 : Use after free in PDF. Reported by triplepwns
- CVE-2022-2479 : Insufficient validation of untrusted input in File.
Reported by anonymous
- CVE-2022-2480 : Use after free in Service Worker API.
Reported by Sergei Glazunov of Google Project Zero
- CVE-2022-2481: Use after free in Views. Reported by
YoungJoo Lee(@ashuu_lee) of CompSecLab at Seoul National University
- CVE-2022-2163: Use after free in Cast UI and Toolbar.
Reported by Chaoyuan Peng (@ret2happy)
-- Andres Salomon <dilinger@debian.org> Wed, 20 Jul 2022 00:51:39 -0400
chromium (103.0.5060.114-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-2294: Heap buffer overflow in WebRTC. Reported by
Jan Vojtesek from the Avast Threat Intelligence team
- CVE-2022-2295: Type Confusion in V8.
Reported by avaue and Buff3tts at S.S.L.
- CVE-2022-2296: Use after free in Chrome OS Shell.
Reported by Khalil Zhani
-- Andres Salomon <dilinger@debian.org> Sun, 10 Jul 2022 12:44:03 -0400
chromium (103.0.5060.53-1) unstable; urgency=high
* New upstream stable release.
- CVE-2022-2156: Use after free in Base.
Reported by Mark Brand of Google Project Zero
- CVE-2022-2157: Use after free in Interest groups. Reported by
Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
- CVE-2022-2158: Type Confusion in V8. Reported by
Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab
- CVE-2022-2160: Insufficient policy enforcement in DevTools.
Reported by David Erceg
- CVE-2022-2161: Use after free in WebApp Provider.
Reported by Zhihua Yao of KunLun Lab
- CVE-2022-2162: Insufficient policy enforcement in File System API.
Reported by Abdelhamid Naceri (halov)
- CVE-2022-2163: Use after free in Cast UI and Toolbar.
Reported by Chaoyuan Peng (@ret2happy)
- CVE-2022-2164: Inappropriate implementation in Extensions API.
Reported by José Miguel Moreno Computer Security Lab (COSEC) at UC3M
- CVE-2022-2165: Insufficient data validation in URL formatting.
Reported by Rayyan Bijoora
* debian/patches:
- upstream/dawn-version-fix.patch: drop merged upstream.
- upstream/blink-ftbfs.patch: drop, merged upstream.
- upstream/libxml.patch: drop, merged upstream.
- upstream/nested-nested-nested-nested-nested-nested-regex-patterns.patch:
drop, merged upstream.
- upstream/byteswap-constexpr.patch: drop, merged upstream.
- bullseye/byteswap-constexpr2.patch: sys_byteswap.h moved directories.
- disable/angle-perftests.patch: simple refresh.
- disable/catapult.patch: simple refresh.
- bullseye/clang11.patch: minor update for some code dropped upstream.
- system/openjpeg.patch: update for libopenjp2-7-dev's 2.4 -> 2.5 path
change.
-- Andres Salomon <dilinger@debian.org> Tue, 21 Jun 2022 02:59:01 +0000
chromium (102.0.5005.115-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-2007: Use after free in WebGPU. Reported by David Manouchehri
- CVE-2022-2008: Out of bounds memory access in WebGL.
Reported by khangkito - Tran Van Khang (VinCSS)
- CVE-2022-2010: Out of bounds read in compositing.
Reported by Mark Brand of Google Project Zero
- CVE-2022-2011: Use after free in ANGLE.
Reported by SeongHwan Park (SeHwa)
* debian/patches:
- bullseye/byteswap-constexpr2.patch - additional fix for bullseye
builds on 32-bit platforms (closes: #1011096).
- debianization/support-i386.patch - re-enable support for i386 builds.
Upstream no longer officially supports i386 builds on linux, so we
are on our own here.
-- Andres Salomon <dilinger@debian.org> Fri, 10 Jun 2022 02:37:57 +0000
chromium (102.0.5005.61-1) unstable; urgency=high
* New upstream stable release.
- CVE-2022-1853: Use after free in Indexed DB. Reported by Anonymous
- CVE-2022-1854: Use after free in ANGLE.
Reported by SeongHwan Park (SeHwa)
- CVE-2022-1855: Use after free in Messaging. Reported by Anonymous
- CVE-2022-1856: Use after free in User Education. Reported by
Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
- CVE-2022-1857: Insufficient policy enforcement in File System API.
Reported by Daniel Rhea
- CVE-2022-1858: Out of bounds read in DevTools. Reported by EllisVlad
- CVE-2022-1859: Use after free in Performance Manager. Reported by
Guannan Wang (@Keenan7310) of Tencent Security Xuanwu Lab
- CVE-2022-1860: Use after free in UI Foundations.
Reported by @ginggilBesel
- CVE-2022-1861: Use after free in Sharing. Reported by Khalil Zhani
- CVE-2022-1862: Inappropriate implementation in Extensions.
Reported by Alesandro Ortiz
- CVE-2022-1863: Use after free in Tab Groups. Reported by David Erceg
- CVE-2022-1864: Use after free in WebApp Installs.
Reported by Yuntao You (@GraVity0) of Bytedance Wuheng Lab
- CVE-2022-1865: Use after free in Bookmarks.
Reported by Rong Jian of VRI
- CVE-2022-1866: Use after free in Tablet Mode.
Reported by @ginggilBesel
- CVE-2022-1867: Insufficient validation of untrusted input in
Data Transfer. Reported by Michał Bentkowski of Securitum
- CVE-2022-1868: Inappropriate implementation in Extensions API.
Reported by Alesandro Ortiz
- CVE-2022-1869: Type Confusion in V8.
Reported by Man Yue Mo of GitHub Security Lab
- CVE-2022-1870: Use after free in App Service. Reported by
Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
- CVE-2022-1871: Insufficient policy enforcement in File System API.
Reported by Thomas Orlita
- CVE-2022-1872: Insufficient policy enforcement in Extensions API.
Reported by ChaobinZhang
- CVE-2022-1873: Insufficient policy enforcement in COOP.
Reported by NDevTK
- CVE-2022-1874: Insufficient policy enforcement in Safe Browsing.
Reported by hjy79425575
- CVE-2022-1875: Inappropriate implementation in PDF. Reported by NDevTK
- CVE-2022-1876: Heap buffer overflow in DevTools.
Reported by @ginggilBesel
* debian/patches:
- system/jpeg.patch - straight refresh.
- disable/swiftshader.patch - straight refresh.
- disable/swiftshader-2.patch - refresh for upstream dropping of legacy
swiftshader GL stuff; they now use ANGLE.
- disable/angle-perftests.patch - refresh.
- system/jsoncpp.patch - refresh for jsoncpp_no_deprecated_declarations
argument change.
- bullseye/clang11.patch - merge cast-call.patch into it, as well as
dropping additional unsupported clang arguments.
- bullseye/cast-call.patch - drop.
- upstream/dawn-version-fix.patch - add patch to deal w/ FTBFS.
- upstream/blink-ftbfs.patch - another FTBFS patch.
- upstream/nested-nested-nested-nested-nested-nested-regex-patterns.patch -
fix a build failure that only happens with clang + GNU's libstdc++.
- upstream/byteswap-constexpr.patch - add this to fix bullsye builds on
32-bit platforms (closes: #1011096).
* Don't build unneccessary dawn build tests.
-- Andres Salomon <dilinger@debian.org> Wed, 25 May 2022 02:09:10 -0400
chromium (101.0.4951.64-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-1633: Use after free in Sharesheet. Reported by Khalil Zhani
- CVE-2022-1634: Use after free in Browser UI. Reported by Khalil Zhani
- CVE-2022-1635: Use after free in Permission Prompts.
Reported by Anonymous
- CVE-2022-1636: Use after free in Performance APIs.
Reported by Seth Brenith, Microsoft
- CVE-2022-1637: Inappropriate implementation in Web Contents.
Reported by Alesandro Ortiz
- CVE-2022-1638: Heap buffer overflow in V8 Internationalization.
Reported by DoHyun Lee (@l33d0hyun) of DNSLab, Korea University
- CVE-2022-1639: Use after free in ANGLE.
Reported by SeongHwan Park (SeHwa)
- CVE-2022-1640: Use after free in Sharing. Reported by Weipeng
Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute
- CVE-2022-1641: Use after free in Web UI Diagnostics.
Reported by Rong Jian of VRI
-- Andres Salomon <dilinger@debian.org> Tue, 10 May 2022 21:52:11 -0400
chromium (101.0.4951.54-1) unstable; urgency=low
* Depend on sse3-support to ensure that chromium is only installed on
machines that support the SSE3 instruction set. Otherwise we crash,
as described in #1010407. We can also remove the manual sse2 check now.
Upstream describes the SSE3 requirement @ http://crbug.com/1123353
* New upstream stable release.
-- Andres Salomon <dilinger@debian.org> Tue, 03 May 2022 12:16:07 -0400
chromium (101.0.4951.41-2) unstable; urgency=high
* No changes, just the CVE list. The original blog post *did not*
have CVEs. >:(
- CVE-2022-1477: Use after free in Vulkan.
Reported by SeongHwan Park (SeHwa)
- CVE-2022-1478: Use after free in SwiftShader.
Reported by SeongHwan Park (SeHwa)
- CVE-2022-1479: Use after free in ANGLE.
Reported by Jeonghoon Shin of Theori
- CVE-2022-1480: Use after free in Device API. Reported by @uwu7586
- CVE-2022-1481: Use after free in Sharing. Reported by Weipeng Jiang
(@Krace) and Guang Gong of 360 Vulnerability Research Institute
- CVE-2022-1482: Inappropriate implementation in WebGL.
Reported by Christoph Diehl, Microsoft
- CVE-2022-1483: Heap buffer overflow in WebGPU.
Reported by Mark Brand of Google Project Zero
- CVE-2022-1484: Heap buffer overflow in Web UI Settings.
Reported by Chaoyuan Peng (@ret2happy)
- CVE-2022-1485: Use after free in File System API.
- CVE-2022-1486: Type Confusion in V8. Reported by Brendon Tiszka
- CVE-2022-1487: Use after free in Ozone. Reported by Sri
- CVE-2022-1488: Inappropriate implementation in Extensions API.
Reported by Thomas Beverley from Wavebox.io
- CVE-2022-1489: Out of bounds memory access in UI Shelf.
Reported by Khalil Zhani
- CVE-2022-1490: Use after free in Browser Switcher.
Reported by raven at KunLun lab
- CVE-2022-1491: Use after free in Bookmarks.
Reported by raven at KunLun lab
- CVE-2022-1492: Insufficient data validation in Blink Editing.
Reported by Michał Bentkowski of Securitum
- CVE-2022-1493: Use after free in Dev Tools.
Reported by Zhihua Yao of KunLun Lab
- CVE-2022-1494: Insufficient data validation in Trusted Types.
Reported by Masato Kinugawa
- CVE-2022-1495: Incorrect security UI in Downloads.
Reported by Umar Farooq
- CVE-2022-1496: Use after free in File Manager. Reported by Zhiyi
Zhang and Zhunki from Codesafe Team of Legendsec at Qi'anxin Group
- CVE-2022-1497: Inappropriate implementation in Input. Reported by
Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
- CVE-2022-1498: Inappropriate implementation in HTML Parser.
Reported by SeungJu Oh (@real_as3617)
- CVE-2022-1499: Inappropriate implementation in WebAuthentication.
Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research
- CVE-2022-1500: Insufficient data validation in Dev Tools.
Reported by Hoang Nguyen
- CVE-2022-1501: Inappropriate implementation in iframe.
Reported by Oriol Brufau
-- Andres Salomon <dilinger@debian.org> Tue, 26 Apr 2022 18:06:08 -0400
chromium (101.0.4951.41-1) unstable; urgency=low
* New upstream stable release.
* debian/copyright:
- Delete a bunch of file exclusion lines that no longer exist. That
png file workaround also goes away.
- Add a line to delete a prebuilt apache server & related modules that
upstream now includes for some reason?
* debian/patches:
- upstream/rvo-workaround.patch - drop, merged upstream.
- disable/android.patch - drop part of it that upstream fixed.
- disable/swiftshader.patch - refresh.
- upstream/libxml.patch - add fix for upstream bug related to
building against the system libxml.
- bullseye/cast-call.patch - add a patch to silence unsupported
flag warnings in clang <= 13.
-- Andres Salomon <dilinger@debian.org> Tue, 26 Apr 2022 17:18:09 -0400
chromium (100.0.4896.127-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-1364: Type Confusion in V8.
Reported by Clément Lecigne of Google's Threat Analysis Group
-- Andres Salomon <dilinger@debian.org> Thu, 14 Apr 2022 20:51:15 -0400
chromium (100.0.4896.88-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-1305: Use after free in storage. Reported by Anonymous
- CVE-2022-1306: Inappropriate implementation in compositing.
Reported by Sven Dysthe
- CVE-2022-1307: Inappropriate implementation in full screen.
Reported by Irvan Kurniawan (sourc7)
- CVE-2022-1308: Use after free in BFCache.
Reported by Samet Bekmezci @sametbekmezci
- CVE-2022-1309: Insufficient policy enforcement in developer tools.
Reported by David Erceg
- CVE-2022-1310: Use after free in regular expressions.
Reported by Brendon Tiszka
- CVE-2022-1311: Use after free in Chrome OS shell.
Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
- CVE-2022-1312: Use after free in storage. Reported by
Leecraso and Guang Gong of 360 Vulnerability Research Institute
- CVE-2022-1313: Use after free in tab groups. Reported by Thomas Orlita
- CVE-2022-1314: Type Confusion in V8.
Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab
-- Andres Salomon <dilinger@debian.org> Mon, 11 Apr 2022 23:45:07 -0400
chromium (100.0.4896.75-1) unstable; urgency=high
* debian/copyright:
- Stop dropping third_party/zlib/contrib/, which is just source code
with acceptable licenses.
- Replace the rule that dropped third_party/depot_tools with a more
specific rule that drops just the ninja binaries. Also delete some
unused png files to work around a bug in our scripts.
- Replace a rule that dropped third_party/devtools-frontend/src/test
with just dropping all wasm files ('*.wasm'), as well as
third_party/devtools-frontend/src/test/screenshots/image_diff/.
* debian/patches:
- upstream/rvo-workaround.patch - added to fix FTBFS w/ clang-11. Pulled
from upstream git.
- disable/swiftshader-2.patch - drop most of it that's wrapped in a
check for windows.
- disable/fuzzers.patch - drop it; with the last release modifying
fuzzer inclusion, we can now configure the build without this.
- disable/owners.patch - drop it; no longer needed with depot_tools
remaining in the source tree.
- disable/devtools-unittests.patch - drop it; no longer needed if
we keep third_party/devtools-frontend/src/test in the source tree.
- disable/tests.patch - drop half of it; the media/gpu changes aren't
needed, while keeping stuff in third_party/devtools-frontend/src/test
from building is still necessary.
* Drop enable_nacl_nonsfi=false from debian/rules, as upstream got rid
of the variable.
* New upstream security release.
- CVE-2022-1232: Type Confusion in V8.
Reported by Sergei Glazunov of Google Project Zero.
-- Andres Salomon <dilinger@debian.org> Wed, 06 Apr 2022 04:24:45 -0400
chromium (100.0.4896.60-1) unstable; urgency=high
* Fix debian/watch to find the correct upstream version.
* Ensure xz uses all available cpu cores when preparing orig.tar.gz
* Switch to bundled ICU, since Debian's ICU is 2 years old at this point
and upstream depends on a bunch of new API in ICU 69.1.
* debian/copyright:
- ensure all *.dlls are dropped from source.
- Stop dropping '*fuzz' directories. It was too aggressive, resulting
in build errors for perfectly fine BSD-3-clause and similar code.
- Instead, drop '*corpus' and '*corpora' directories. Some of it is
fine (lots generated by oss-fuzz with .dict files provided), but
not all of it is and it's easier to just drop it.
- Drop an esbuild binary.
- The full upstream tarball includes additional stuff we don't want,
so drop *.jar, tools/win, and some other stuff in third_party/.
* debian/rules:
- Disabling & deleting swiftshader now also needs to add
dawn_use_swiftshader=false.
- Switch from -lite upstream tarball to the full tarball in order to
include ICU sources.
* debian/patches:
- upstream/libdrm.patch - drop, merged upstream.
- debianization/manpage.patch - drop a small chunk merged upstream.
- system/icu.patch - drop now that we're bundling ICU.
- bullseye/icu-types.patch - drop now that we're bundling ICU.
- system/convertutf.patch - update build for bundled ICU path.
- fixes/closure.patch - drop now that we're no longer using lite tarball.
- disable/driver-chrome-path.patch - refresh for BUILDFLAG() macro.
- system/jsoncpp.patch - refresh for unrelated ios change.
- disable/catapult.patch - refresh due to moving around of .pak files.
* New upstream stable release.
- CVE-2022-1125: Use after free in Portals. Reported by Khalil Zhani
- CVE-2022-1127: Use after free in QR Code Generator.
Reported by anonymous
- CVE-2022-1128: Inappropriate implementation in Web Share API.
Reported by Abdel Adim (@smaury92) Oisfi of Shielder
- CVE-2022-1129: Inappropriate implementation in Full Screen Mode.
Reported by Irvan Kurniawan (sourc7)
- CVE-2022-1130: Insufficient validation of untrusted input in WebOTP.
Reported by Sergey Toshin of Oversecurity Inc.
- CVE-2022-1131: Use after free in Cast UI. Reported by
Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
- CVE-2022-1132: Inappropriate implementation in Virtual Keyboard.
Reported by Andr.Ess
- CVE-2022-1133: Use after free in WebRTC. Reported by Anonymous
- CVE-2022-1134: Type Confusion in V8.
Reported by Man Yue Mo of GitHub Security Lab
- CVE-2022-1135: Use after free in Shopping Cart.
Reported by Wei Yuan of MoyunSec VLab
- CVE-2022-1136: Use after free in Tab Strip . Reported by Krace
- CVE-2022-1137: Inappropriate implementation in Extensions.
Reported by Thomas Orlita
- CVE-2022-1138: Inappropriate implementation in Web Cursor.
Reported by Alesandro Ortiz
- CVE-2022-1139: Inappropriate implementation in Background Fetch API.
Reported by Maurice Dauer
- CVE-2022-1141: Use after free in File Manager.
Reported by raven at KunLun lab
- CVE-2022-1142: Heap buffer overflow in WebUI.
Reported by Leecraso and Guang Gong of 360 Alpha Lab
- CVE-2022-1143: Heap buffer overflow in WebUI.
Reported by Leecraso and Guang Gong of 360 Alpha Lab
- CVE-2022-1144: Use after free in WebUI.
Reported by Leecraso and Guang Gong of 360 Alpha Lab
- CVE-2022-1145: Use after free in Extensions.
Reported by Yakun Zhang of Baidu Security
- CVE-2022-1146: Inappropriate implementation in Resource Timing.
Reported by Sohom Datta
-- Andres Salomon <dilinger@debian.org> Fri, 01 Apr 2022 15:02:16 -0400
chromium (99.0.4844.84-1) unstable; urgency=high
* New upstream security ("just *ONE* security hole, that's it?!") release.
- CVE-2022-1096: Type Confusion in V8. Reported by anonymous.
-- Andres Salomon <dilinger@debian.org> Sat, 26 Mar 2022 00:16:52 -0500
chromium (99.0.4844.74-1) unstable; urgency=high
* New upstream security release.
- CVE-2022-0971: Use after free in Blink Layout.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2022-0972: Use after free in Extensions.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2022-0973: Use after free in Safe Browsing.
Reported by avaue and Buff3tts at S.S.L.
- CVE-2022-0974 : Use after free in Splitscreen.
Reported by @ginggilBesel.
- CVE-2022-0975: Use after free in ANGLE.
Reported by SeongHwan Park (SeHwa).
- CVE-2022-0976: Heap buffer overflow in GPU. Reported by Omair.
- CVE-2022-0977: Use after free in Browser UI. Reported by Khalil Zhani.
- CVE-2022-0978: Use after free in ANGLE. Reported by Cassidy Kim of
Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
- CVE-2022-0979: Use after free in Safe Browsing. Reported by anonymous.
- CVE-2022-0980: Use after free in New Tab Page. Reported by Krace.
-- Andres Salomon <dilinger@debian.org> Wed, 16 Mar 2022 13:30:00 -0500
chromium (99.0.4844.51-2) unstable; urgency=medium
* Change dependency on xdg-desktop-portal-* packages to be
libgtk-3-0|xdg-desktop-portal-backend. Some folks don't want all
the dependencies of the xdg portal packages, and chromium really just
requires gtk unless runnning under KDE (closes: #1006267).
* Disable fieldtrial testing config to fix some sandboxing issues. We
used to do this, but the config flag was renamed (closes: #1003622).
* Adjust patches:
+ system/zlib.patch: drop part of it that is unnecessary.
-- Andres Salomon <dilinger@debian.org> Sun, 06 Mar 2022 12:46:55 -0500
chromium (99.0.4844.51-1) unstable; urgency=high
* Embed harfbuzz instead of using the system harfbuzz. Debian doesn't
yet package harfbuzz-subset (see #988781). Once it is packaged, we
can go back to using it.
* Build against Debian's rapidjson-dev package instead of ANGLE's
bundled rapidjson.
* Adjust patches:
+ system/harfbuzz.patch - drop, we're using bundled harfbuzz now.
+ upstream/quiche-include.patch - drop, merged upstream.
+ upstream/restrict.patch - drop, merged upstream.
+ upstream/sequence-point.patch - drop, merged upstream.
+ disable/installer.patch - use new BUILDFLAG() macro.
+ disable/unrar.patch - use new BUILDFLAG() macro.
+ disable/welcome-page.patch - use new BUILDFLAG() macro.
+ disable/widevine-cdm.cu.patch - use new BUILDFLAG() macro.
+ disable/tests.patch - drop unnecessary parts of the patch (which ends
up being most of it).
+ disable/angle-perftests.patch - drop config disabling ANGLE's rapidjson.
+ disable/swiftshader.patch - drop removal of rapidjson dependency.
+ system/rapidjson.patch - add to enable building w/ rapidjson-dev.
* New upstream stable release.
- CVE-2022-0789: Heap buffer overflow in ANGLE.
Reported by SeongHwan Park (SeHwa).
- CVE-2022-0790: Use after free in Cast UI. Reported by Anonymous.
- CVE-2022-0791: Use after free in Omnibox.
Reported by Zhihua Yao of KunLun Lab.
- CVE-2022-0792: Out of bounds read in ANGLE.
Reported by Jaehun Jeong(@n3sk) of Theori.
- CVE-2022-0793: Use after free in Views. Reported by Thomas Orlita.
- CVE-2022-0794: Use after free in WebShare. Reported by Khalil Zhani.
- CVE-2022-0795: Type Confusion in Blink Layout. Reported by 0x74960.
- CVE-2022-0796: Use after free in Media. Reported by Cassidy Kim
of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
- CVE-2022-0797: Out of bounds memory access in Mojo.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2022-0798: Use after free in MediaStream.
Reported by Samet Bekmezci @sametbekmezci.
- CVE-2022-0799: Insufficient policy enforcement in Installer.
Reported by Abdelhamid Naceri (halov).
- CVE-2022-0800: Heap buffer overflow in Cast UI.
Reported by Khalil Zhani.
- CVE-2022-0801: Inappropriate implementation in HTML parser.
Reported by Michał Bentkowski of Securitum.
- CVE-2022-0802: Inappropriate implementation in Full screen mode.
Reported by Irvan Kurniawan (sourc7).
- CVE-2022-0803: Inappropriate implementation in Permissions.
Reported by Abdulla Aldoseri.
- CVE-2022-0804: Inappropriate implementation in Full screen mode.
Reported by Irvan Kurniawan (sourc7).
- CVE-2022-0805: Use after free in Browser Switcher.
Reported by raven at KunLun Lab.
- CVE-2022-0806: Data leak in Canvas. Reported by Paril.
- CVE-2022-0807: Inappropriate implementation in Autofill.
Reported by Alesandro Ortiz.
- CVE-2022-0808: Use after free in Chrome OS Shell.
Reported by @ginggilBesel.
- CVE-2022-0809: Out of bounds memory access in WebXR.
Reported by @uwu7586.
-- Andres Salomon <dilinger@debian.org> Wed, 02 Mar 2022 21:53:14 -0500
chromium (98.0.4758.102-1) unstable; urgency=high
* Enable pipewire support in webrtc (closes: #954824).
* Enable optimize_webui. This UI speed improvement was originally
disabled due to nodejs deps, but recent upstream changes makes those
deps necessary either way (closes: #970571).
* Switch to using bundled node modules, to deal with (frequent) build
failures (closes: #1005466).
* Manually depend on xdg-desktop-portal-* packages. The file saving
dialog needs a UI toolkit (closes: #1005230).
* New upstream security release.
- CVE-2022-0603: Use after free in File Manager.
Reported by Chaoyuan Peng (@ret2happy).
- CVE-2022-0604: Heap buffer overflow in Tab Groups. Reported by Krace.
- CVE-2022-0605: Use after free in Webstore API.
Reported by Thomas Orlita.
- CVE-2022-0606: Use after free in ANGLE.
- CVE-2022-0606: Use after free in ANGLE. Reported by Cassidy Kim of
Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
- CVE-2022-0607: Use after free in GPU. Reported by 0x74960.
- CVE-2022-0608: Integer overflow in Mojo.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2022-0609: Use after free in Animation. Reported by
Adam Weidemann and Clément Lecigne of Google's Threat Analysis Group.
- CVE-2022-0610: Inappropriate implementation in Gamepad API.
Reported by Anonymous.
-- Andres Salomon <dilinger@debian.org> Tue, 15 Feb 2022 15:37:54 -0500
chromium (98.0.4758.80-1) unstable; urgency=high
* Update manpage for package rename and everyone moving to https.
* Drop libnpsr4-dev versioned dep.
* Drop a bunch of patches (changes shouldn't affect chromium users).
See https://salsa.debian.org/chromium-team/chromium/-/commits/master/
for the dropped patches.
* New upstream stable release.
- CVE-2022-0452: Use after free in Safe Browsing.
Reported by avaue at S.S.L.
- CVE-2022-0453: Use after free in Reader Mode.
Reported by Rong Jian of VRI.
- CVE-2022-0454: Heap buffer overflow in ANGLE.
Reported by Seong-Hwan Park (SeHwa).
- CVE-2022-0455: Inappropriate implementation in Full Screen Mode.
Reported by Irvan Kurniawan (sourc7).
- CVE-2022-0456: Use after free in Web Search.
Reported by Zhihua Yao of KunLun Lab.
- CVE-2022-0457: Type Confusion in V8. Reported by rax of the Group0x58.
- CVE-2022-0458: Use after free in Thumbnail Tab Strip.
Reported by Anonymous.
- CVE-2022-0459: Use after free in Screen Capture.
Reported by raven (@raid_akame).
- CVE-2022-0460: Use after free in Window Dialog. Reported by 0x74960.
- CVE-2022-0461: Policy bypass in COOP. Reported by NDevTK.
- CVE-2022-0462: Inappropriate implementation in Scroll.
Reported by Youssef Sammouda.
- CVE-2022-0463: Use after free in Accessibility.
Reported by Zhihua Yao of KunLun Lab.
- CVE-2022-0464: Use after free in Accessibility.
Reported by Zhihua Yao of KunLun Lab.
- CVE-2022-0465: Use after free in Extensions.
Reported by Samet Bekmezci @sametbekmezci.
- CVE-2022-0466: Inappropriate implementation in Extensions Platform.
Reported by David Erceg.
- CVE-2022-0467: Inappropriate implementation in Pointer Lock.
Reported by Alesandro Ortiz.
- CVE-2022-0468: Use after free in Payments. Reported by Krace.
- CVE-2022-0469: Use after free in Cast. Reported by Thomas Orlita.
- CVE-2022-0470: Out of bounds memory access in V8. Reported by Looben Yang.
-- Andres Salomon <dilinger@debian.org> Sat, 05 Feb 2022 01:12:10 -0500
chromium (97.0.4692.99-1) unstable; urgency=high
* Add myself as an uploader.
* Ack my NMU (closes: #1003440).
* Remove Riku Voipio from uploaders at the request of the Debian MIA team -
thanks for all your past work on chromium, Riku! (closes: #1001562)
* Build-dep on terser | uglifyjs.terser (closes: #1001036).
* Revert automatic wayland detection for now (closes: #1003689).
We'll try again in chromium v98 or v99.
* New upstream stable release.
- CVE-2022-0289: Use after free in Safe browsing.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2022-0290: Use after free in Site isolation. Reported by
Brendon Tiszka and Sergei Glazunov of Google Project Zero.
- CVE-2022-0291: Inappropriate implementation in Storage.
Reported by Anonymous.
- CVE-2022-0292: Inappropriate implementation in Fenced Frames.
Reported by Brendon Tiszka.
- CVE-2022-0293: Use after free in Web packaging. Reported by
Rong Jian and Guang Gong of 360 Alpha Lab.
- CVE-2022-0294: Inappropriate implementation in Push messaging.
Reported by Rong Jian and Guang Gong of 360 Alpha Lab.
- CVE-2022-0295: Use after free in Omnibox. Reported by Weipeng Jiang
(@Krace) and Guang Gong of 360 Vulnerability Research Institute.
- CVE-2022-0296: Use after free in Printing. Reported by koocola(@alo_cook)
and Guang Gong of 360 Vulnerability Research Institute.
- CVE-2022-0297: Use after free in Vulkan. Reported by Cassidy Kim of
Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
- CVE-2022-0298: Use after free in Scheduling.
Reported by Yangkang (@dnpushme) of 360 ATA.
- CVE-2022-0300: Use after free in Text Input Method Editor. Reported by
Rong Jian and Guang Gong of 360 Alpha Lab.
- CVE-2022-0301: Heap buffer overflow in DevTools. Reported by
Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research.
- CVE-2022-0302: Use after free in Omnibox. Reported by Weipeng Jiang
(@Krace) and Guang Gong of 360 Vulnerability Research Institute.
- CVE-2022-0303: Race in GPU Watchdog.
Reported by Yiğit Can YILMAZ (@yilmazcanyigit).
- CVE-2022-0304: Use after free in Bookmarks. Reported by Rong Jian and
Guang Gong of 360 Alpha Lab.
- CVE-2022-0305: Inappropriate implementation in Service Worker API.
Reported by @uwu7586.
- CVE-2022-0306: Heap buffer overflow in PDFium.
Reported by Sergei Glazunov of Google Project Zero.
- CVE-2022-0307: Use after free in Optimization Guide.
Reported by Samet Bekmezci @sametbekmezci.
- CVE-2022-0308: Use after free in Data Transfer.
Reported by @ginggilBesel.
- CVE-2022-0309: Inappropriate implementation in Autofill.
Reported by Alesandro Ortiz.
- CVE-2022-0310: Heap buffer overflow in Task Manager.
Reported by Samet Bekmezci @sametbekmezci.
- CVE-2022-0311: Heap buffer overflow in Task Manager.
Reported by Samet Bekmezci @sametbekmezci.
-- Andres Salomon <dilinger@debian.org> Wed, 19 Jan 2022 23:53:45 -0500
chromium (97.0.4692.71-0.1) unstable; urgency=high
* Non-maintainer upload.
* Stop building chromium's bunded gn and instead build-dep on generate-ninja.
* Drop numerous patches related to gcc building, since we just build w/ clang.
* Use python3 as default instead of relying on python2
(closes: #942962, #996375).
* Enable the ozone backend in the build (closes: #955540).
* Automatically detect & enable Wayland support when launching chromium
(closes: #861796).
* Rename crashpad_handler to chrome_crashpad_handler.
* No longer hardcode desktop GL implementation as default - it causes
the chromium compositor's draw buffer to fill up & crash on my system.
* Enable official builds.
* Switch to using bundled ffmpeg instead of debian's ffmpeg.
* New upstream stable release (closes: #995212).
- CVE-2022-0096: Use after free in Storage. Reported by Yangkang
(@dnpushme) of 360 ATA
- CVE-2022-0097: Inappropriate implementation in DevTools. Reported by
David Erceg
- CVE-2022-0098: Use after free in Screen Capture. Reported by
@ginggilBesel
- CVE-2022-0099: Use after free in Sign-in. Reported by Rox
- CVE-2022-0100: Heap buffer overflow in Media streams API. Reported by
Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications
Corp. Ltd.
- CVE-2022-0101: Heap buffer overflow in Bookmarks. Reported by raven
(@raid_akame)
- CVE-2022-0102: Type Confusion in V8. Reported by Brendon Tiszka
- CVE-2022-0103: Use after free in SwiftShader. Reported by Abraruddin
Khan and Omair
- CVE-2022-0104: Heap buffer overflow in ANGLE. Reported by Abraruddin
Khan and Omair
- CVE-2022-0105: Use after free in PDF. Reported by Cassidy Kim of Amber
Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
- CVE-2022-0106: Use after free in Autofill. Reported by Khalil Zhani
- CVE-2022-0107: Use after free in File Manager API. Reported by raven
(@raid_akame)
- CVE-2022-0108: Inappropriate implementation in Navigation. Reported by
Luan Herrera (@lbherrera_)
- CVE-2022-0109: Inappropriate implementation in Autofill. Reported by
Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University
- CVE-2022-0110: Incorrect security UI in Autofill. Reported by
Alesandro Ortiz
- CVE-2022-0111: Inappropriate implementation in Navigation. Reported by
garygreen
- CVE-2022-0112: Incorrect security UI in Browser UI. Reported by Thomas
Orlita
- CVE-2022-0113: Inappropriate implementation in Blink. Reported by Luan
Herrera (@lbherrera_)
- CVE-2022-0114: Out of bounds memory access in Web Serial. Reported by
Looben Yang
- CVE-2022-0115: Uninitialized Use in File API. Reported by Mark Brand
of Google Project Zero
- CVE-2022-0116: Inappropriate implementation in Compositing. Reported
by Irvan Kurniawan (sourc7)
- CVE-2022-0117: Policy bypass in Service Workers. Reported by
Dongsung Kim (@kid1ng)
- CVE-2022-0118: Inappropriate implementation in WebShare. Reported by
Alesandro Ortiz
- CVE-2022-0120: Inappropriate implementation in Passwords. Reported by
CHAKRAVARTHI (Ruler96)
(96.0.4664.110)
- CVE-2021-4098: Insufficient data validation in Mojo. Reported by
Sergei Glazunov of Google Project Zero
- CVE-2021-4099: Use after free in Swiftshader. Reported by Aki Helin
of Solita
- CVE-2021-4100: Object lifecycle issue in ANGLE. Reported by Aki Helin
of Solita
- CVE-2021-4101: Heap buffer overflow in Swiftshader. Reported by
Abraruddin Khan and Omair
- CVE-2021-4102: Use after free in V8. Reported by Anonymous
(96.0.4664.93)
- CVE-2021-4052: Use after free in web apps. Reported by Wei Yuan of
MoyunSec VLab
- CVE-2021-4053: Use after free in UI. Reported by Rox
- CVE-2021-4079: Out of bounds write in WebRTC. Reported by Brendon
Tiszka
- CVE-2021-4054: Incorrect security UI in autofill. Reported by
Alesandro Ortiz
- CVE-2021-4078: Type confusion in V8. Reported by Nan
Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
- CVE-2021-4055: Heap buffer overflow in extensions. Reported by Chen
Rong
- CVE-2021-4056: Type Confusion in loader. Reported by @__R0ng of 360
Alpha Lab
- CVE-2021-4057: Use after free in file API. Reported by Sergei
Glazunov of Google Project Zero
- CVE-2021-4058: Heap buffer overflow in ANGLE. Reported by Abraruddin
Khan and Omair
- CVE-2021-4059: Insufficient data validation in loader. Reported by
Luan Herrera (@lbherrera_)
- CVE-2021-4061: Type Confusion in V8. Reported by Paolo Severini
- CVE-2021-4062: Heap buffer overflow in BFCache. Reported by Leecraso
and Guang Gong of 360 Alpha Lab
- CVE-2021-4063: Use after free in developer tools. Reported by
Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
- CVE-2021-4064: Use after free in screen capture. Reported by
@ginggilBesel
- CVE-2021-4065: Use after free in autofill. Reported by 5n1p3r0010
from Topsec ChiXiao Lab
- CVE-2021-4066: Integer underflow in ANGLE. Reported by Jaehun
Jeong(@n3sk) of Theori
- CVE-2021-4067: Use after free in window manager. Reported by
@ginggilBesel
- CVE-2021-4068: Insufficient validation of untrusted input in new tab
page. Reported by NDevTK
(96.0.4664.45)
- CVE-2021-38008: Use after free in media. Reported by Marcin Towalski
- CVE-2021-38009: Inappropriate implementation in cache.
Reported by Luan Herrera (@lbherrera_)
- CVE-2021-38006: Use after free in storage foundation.
Reported by Sergei Glazunov of Google Project Zero
- CVE-2021-38007: Type Confusion in V8. Reported by Polaris Feng and
SGFvamll at Singular Security Lab
- CVE-2021-38005: Use after free in loader.
Reported by Sergei Glazunov of Google Project Zero
- CVE-2021-38010: Inappropriate implementation in service workers.
Reported by Sergei Glazunov of Google Project Zero
- CVE-2021-38011: Use after free in storage foundation.
Reported by Sergei Glazunov of Google Project Zero
- CVE-2021-38012: Type Confusion in V8. Reported by Yonghwi Jin (@jinmo123)
- CVE-2021-38013: Heap buffer overflow in fingerprint recognition.
Reported by raven (@raid_akame)
- CVE-2021-38014: Out of bounds write in Swiftshader.
Reported by Atte Kettunen of OUSPG
- CVE-2021-38015: Inappropriate implementation in input.
Reported by David Erceg
- CVE-2021-38016: Insufficient policy enforcement in background fetch.
Reported by Maurice Dauer
- CVE-2021-38017: Insufficient policy enforcement in iframe sandbox.
Reported by NDevTK
- CVE-2021-38018: Inappropriate implementation in navigation.
Reported by Alesandro Ortiz
- CVE-2021-38019: Insufficient policy enforcement in CORS.
Reported by Maurice Dauer
- CVE-2021-38020: Insufficient policy enforcement in contacts picker.
Reported by Luan Herrera (@lbherrera_)
- CVE-2021-38021: Inappropriate implementation in referrer.
Reported by Prakash (@1lastBr3ath)
- CVE-2021-38022: Inappropriate implementation in WebAuthentication.
Reported by Michal Kepkowski
(95.0.4638.69)
- CVE-2021-37997: Use after free in Sign-In. Reported by Wei Yuan of
MoyunSec VLab
- CVE-2021-37998: Use after free in Garbage Collection. Reported by
Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications
Corp. Ltd.
- CVE-2021-37999: Insufficient data validation in New Tab Page.
Reported by Ashish Arun Dhone
- CVE-2021-38000: Insufficient validation of untrusted input in Intents.
Reported by Clement Lecigne, Neel Mehta, and Maddie Stone of Google
Threat Analysis Group
- CVE-2021-38001: Type Confusion in V8. Reported by @s0rrymybad of
Kunlun Lab via Tianfu Cup
- CVE-2021-38002: Use after free in Web Transport. Reported by @__R0ng
of 360 Alpha Lab, 漏洞研究院青训队 via Tianfu Cup
- CVE-2021-38003: Inappropriate implementation in V8. Reported by Clément
Lecigne from Google TAG and Samuel Groß from Google Project Zero
- CVE-2021-38004: Insufficient policy enforcement in Autofill. Reported
by Mark Amery
(95.0.4638.54)
- CVE-2021-37981: Heap buffer overflow in Skia. Reported by Yangkang
(@dnpushme) of 360 ATA
- CVE-2021-37982: Use after free in Incognito. Reported by Weipeng Jiang
(@Krace) from Codesafe Team of Legendsec at Qi'anxin Group
- CVE-2021-37983: Use after free in Dev Tools. Reported by Zhihua Yao
of KunLun Lab
- CVE-2021-37984: Heap buffer overflow in PDFium. Reported by Antti
Levomäki, Joonas Pihlaja and Christian Jalio from Forcepoint
- CVE-2021-37985: Use after free in V8. Reported by Yangkang (@dnpushme)
of 360 ATA
- CVE-2021-37986: Heap buffer overflow in Settings.
Reported by raven (@raid_akame)
- CVE-2021-37987: Use after free in Network APIs. Reported by
Yangkang (@dnpushme) of 360 ATA
- CVE-2021-37988: Use after free in Profiles. Reported by raven
(@raid_akame)
- CVE-2021-37989: Inappropriate implementation in Blink.
Reported by Matt Dyas, Ankur Sundara
- CVE-2021-37990: Inappropriate implementation in WebView. Reported by
Kareem Selim of CyShield
- CVE-2021-37991: Race in V8. Reported by Samuel Groß of Google Project
Zero
- CVE-2021-37992: Out of bounds read in WebAudio. Reported by
sunburst@Ant Security Light-Year Lab
- CVE-2021-37993: Use after free in PDF Accessibility. Reported by Cassidy
Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
- CVE-2021-37996: Insufficient validation of untrusted input in Downloads.
Reported by Anonymous
- CVE-2021-37994: Inappropriate implementation in iFrame Sandbox.
Reported by David Erceg
- CVE-2021-37995: Inappropriate implementation in WebApp Installer.
Reported by Terence Eden
(94.0.4606.81)
- CVE-2021-37977: Use after free in Garbage Collection. Reported by
Anonymous
- CVE-2021-37978: Heap buffer overflow in Blink. Reported by Yangkang
(@dnpushme) of 360 ATA
- CVE-2021-37979: Heap buffer overflow in WebRTC. Reported by Marcin
Towalski of Cisco Talos
- CVE-2021-37980: Inappropriate implementation in Sandbox. Reported by
Yonghwi Jin (@jinmo123) of Theori
(94.0.4606.71)
- CVE-2021-37974: Use after free in Safe Browsing. Reported by Weipeng
Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group
- CVE-2021-37975: Use after free in V8. Reported by Anonymous
- CVE-2021-37976: Information leak in core. Reported by Clément Lecigne
from Google TAG, with technical assistance from Sergei Glazunov and
Mark Brand from Google Project Zero
(94.0.4606.61)
- CVE-2021-37973: Use after free in Portals. Reported by Clément Lecigne
from Google TAG, with technical assistance from Sergei Glazunov and
Mark Brand from Google Project Zero
(94.0.4606.54)
- CVE-2021-37956 Use after free in Offline use. Reported by Huyna at
Viettel Cyber Security
- CVE-2021-37957: Use after free in WebGPU. Reported by Looben Yang
- CVE-2021-37958: Inappropriate implementation in Navigation. Reported by
James Lee (@Windowsrcer)
- CVE-2021-37959: Use after free in Task Manager. Reported by raven
(@raid_akame)
- CVE-2021-37961: Use after free in Tab Strip. Reported by Khalil Zhani
- CVE-2021-37962: Use after free in Performance Manager. Reported by Sri
- CVE-2021-37963: Side-channel information leakage in DevTools. Reported
by Daniel Genkin and Ayush Agarwal, University of Michigan, Eyal Ronen
and Shaked Yehezkel, Tel Aviv University, Sioli O’Connell, University of
Adelaide, and Jason Kim, Georgia Institute of Technology
- CVE-2021-37964: Inappropriate implementation in ChromeOS Networking.
Reported by Hugo Hue and Sze Yiu Chau of the Chinese University of Hong
Kong
- CVE-2021-37965: Inappropriate implementation in Background Fetch API.
Reported by Maurice Dauer
- CVE-2021-37966: Inappropriate implementation in Compositing. Reported by
Mohit Raj (shadow2639)
- CVE-2021-37967: Inappropriate implementation in Background Fetch API.
Reported by SorryMybad (@S0rryMybad) of Kunlun Lab
- CVE-2021-37968: Inappropriate implementation in Background Fetch API.
Reported by Maurice Dauer
- CVE-2021-37969: Inappropriate implementation in Google Updater. Reported
by Abdelhamid Naceri (halov)
- CVE-2021-37970: Use after free in File System API. Reported by
SorryMybad (@S0rryMybad) of Kunlun Lab
- CVE-2021-37971: Incorrect security UI in Web Browser UI. Reported by
Rayyan Bijoora
- CVE-2021-37972: Out of bounds read in libjpeg-turbo. Reported by Xu
Hanyu and Lu Yutao from Panguite-Forensics-Lab of Qianxin
-- Andres Salomon <dilinger@debian.org> Mon, 10 Jan 2022 01:38:13 -0500
chromium (93.0.4577.82-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2021-30625: Use after free in Selection API. Reported by Marcin
Towalski of Cisco Talos
- CVE-2021-30626: Out of bounds memory access in ANGLE. Reported by
Jeonghoon Shin of Theori
- CVE-2021-30627: Type Confusion in Blink layout. Reported by Aki Helin of
OUSPG
- CVE-2021-30628: Stack buffer overflow in ANGLE. Reported by Jaehun Jeong
@n3sk of Theori
- CVE-2021-30629: Use after free in Permissions. Reported by Weipeng Jiang
@Krace from Codesafe Team of Legendsec at Qi'anxin Group
- CVE-2021-30630: Inappropriate implementation in Blink . Reported by
SorryMybad @S0rryMybad of Kunlun Lab
- CVE-2021-30631: Type Confusion in Blink layout. Reported by Atte Kettunen
of OUSPG
- CVE-2021-30632: Out of bounds write in V8. Reported by Anonymous
- CVE-2021-30633: Use after free in Indexed DB API. Reported by Anonymous
- CVE-2021-30606: Use after free in Blink. Reported by Nan Wang
@eternalsakura13 and koocola @alo_cook of 360 Alpha Lab
- CVE-2021-30607: Use after free in Permissions. Reported by Weipeng Jiang
@Krace from Codesafe Team of Legendsec at Qi'anxin Group
- CVE-2021-30608: Use after free in Web Share. Reported by Huyna at Viettel
Cyber Security
- CVE-2021-30609: Use after free in Sign-In. Reported by raven @raid_akame
- CVE-2021-30610: Use after free in Extensions API. Reported by Igor
Bukanov from Vivaldi
- CVE-2021-30611: Use after free in WebRTC. Reported by Nan Wang
@eternalsakura13 and koocola @alo_cook of 360 Alpha Lab
- CVE-2021-30612: Use after free in WebRTC. Reported by Nan Wang
@eternalsakura13 and koocola @alo_cook of 360 Alpha Lab
- CVE-2021-30613: Use after free in Base internals. Reported by Yangkang
@dnpushme of 360 ATA
- CVE-2021-30614: Heap buffer overflow in TabStrip. Reported by Huinian
Yang @vmth6 of Amber Security Lab, OPPO Mobile Telecommunications Corp.
Ltd.
- CVE-2021-30615: Cross-origin data leak in Navigation. Reported by NDevTK
- CVE-2021-30616: Use after free in Media. Reported by Anonymous
- CVE-2021-30617: Policy bypass in Blink. Reported by NDevTK
- CVE-2021-30618: Inappropriate implementation in DevTools. Reported by
@DanAmodio and @mattaustin from Contrast Security
- CVE-2021-30619: UI Spoofing in Autofill. Reported by Alesandro Ortiz
- CVE-2021-30620: Insufficient policy enforcement in Blink. Reported by Jun
Kokatsu, Microsoft Browser Vulnerability Research
- CVE-2021-30621: UI Spoofing in Autofill. Reported by Abdulrahman
Alqabandi, Microsoft Browser Vulnerability Research
- CVE-2021-30622: Use after free in WebApp Installs. Reported by Jun
Kokatsu, Microsoft Browser Vulnerability Research
- CVE-2021-30623: Use after free in Bookmarks. Reported by Leecraso and
Guang Gong of 360 Alpha Lab
- CVE-2021-30624: Use after free in Autofill. Reported by Wei Yuan of
MoyunSec VLab
- CVE-2021-30598: Type Confusion in V8. Reported by Manfred Paul
- CVE-2021-30599: Type Confusion in V8. Reported by Manfred Paul
- CVE-2021-30600: Use after free in Printing. Reported by Leecraso and
Guang Gong of 360 Alpha Lab
- CVE-2021-30601: Use after free in Extensions API. Reported by koocola
@alo_cook and Nan Wang @eternalsakura13 of 360 Alpha Lab
- CVE-2021-30602: Use after free in WebRTC. Reported by Marcin Towalski of
Cisco Talos
- CVE-2021-30603: Race in WebAudio. Reported by Sergei Glazunov of Google
Project Zero
- CVE-2021-30604: Use after free in ANGLE. Reported by Seong-Hwan Park
SeHwa of SecunologyLab
- CVE-2021-30554: Use after free in WebGL. Reported by anonymous
- CVE-2021-30555: Use after free in Sharing. Reported by David Erceg
- CVE-2021-30556: Use after free in WebAudio. Reported by Yangkang
@dnpushme of 360 ATA
- CVE-2021-30557: Use after free in TabGroups. Reported by David Erceg
- CVE-2021-30544: Use after free in BFCache. Reported by Rong Jian and
Guang Gong of 360 Alpha Lab
- CVE-2021-30545: Use after free in Extensions. Reported by kkwon with
everpall and kkomdal
- CVE-2021-30546: Use after free in Autofill. Reported by Abdulrahman
Alqabandi, Microsoft Browser Vulnerability Research
- CVE-2021-30547: Out of bounds write in ANGLE. Reported by Seong-Hwan Park
SeHwa of SecunologyLab
- CVE-2021-30548: Use after free in Loader. Reported by Yangkang @dnpushme
& Wanglu of Qihoo360 Qex Team
- CVE-2021-30549: Use after free in Spell check. Reported by David Erceg
- CVE-2021-30550: Use after free in Accessibility. Reported by David Erceg
- CVE-2021-30551: Type Confusion in V8. Reported by Clement Lecigne of
Google's Threat Analysis Group and Sergei Glazunov of Google Project Zero
- CVE-2021-30552: Use after free in Extensions. Reported by David Erceg
- CVE-2021-30553: Use after free in Network service. Reported by Anonymous
- CVE-2021-30521: Heap buffer overflow in Autofill. Reported by ZhanJia
Song
- CVE-2021-30522: Use after free in WebAudio. Reported by Piotr Bania of
Cisco Talos
- CVE-2021-30523: Use after free in WebRTC. Reported by Tolyan Korniltsev
- CVE-2021-30524: Use after free in TabStrip. Reported by David Erceg
- CVE-2021-30525: Use after free in TabGroups. Reported by David Erceg
- CVE-2021-30526: Out of bounds write in TabStrip. Reported by David Erceg
- CVE-2021-30527: Use after free in WebUI. Reported by David Erceg
- CVE-2021-30528: Use after free in WebAuthentication. Reported by Man Yue
Mo of GitHub Security Lab
- CVE-2021-30529: Use after free in Bookmarks. Reported by koocola
@alo_cook and Nan Wang @eternalsakura13 of 360 Alpha Lab
- CVE-2021-30530: Out of bounds memory access in WebAudio. Reported by
kkwon
- CVE-2021-30531: Insufficient policy enforcement in Content Security
Policy. Reported by Philip Papurt
- CVE-2021-30532: Insufficient policy enforcement in Content Security
Policy. Reported by Philip Papurt
- CVE-2021-30533: Insufficient policy enforcement in PopupBlocker. Reported
by Eliya Stein
- CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox.
Reported by Alesandro Ortiz
- CVE-2021-30535: Double free in ICU. Reported by nocma, leogan, cheneyxu
of WeChat Open Platform Security Team
- CVE-2021-21212: Insufficient data validation in networking. Reported by
Hugo Hue and Sze Yiu Chau of the Chinese University of Hong Kong
- CVE-2021-30536: Out of bounds read in V8. Reported by Chris Salls @salls
- CVE-2021-30537: Insufficient policy enforcement in cookies. Reported by
Jun Kokatsu @shhnjk
- CVE-2021-30538: Insufficient policy enforcement in content security
policy. Reported by Tianze Ding @D1iv3 of Tencent Security Xuanwu Lab
- CVE-2021-30539: Insufficient policy enforcement in content security
policy. Reported by unnamed researcher
- CVE-2021-30540: Incorrect security UI in payments. Reported by
@retsew0x01
-- Michel Le Bihan <michel@lebihan.pl> Thu, 16 Sep 2021 17:48:15 +0200
chromium (90.0.4430.212-1) unstable; urgency=medium
* New upstream security release.
- CVE-2021-30506: Incorrect security UI in Web App Installs. Reported by
@retsew0x01
- CVE-2021-30507: Inappropriate implementation in Offline. Reported by
Alison Huffman
- CVE-2021-30508: Heap buffer overflow in Media Feeds. Reported by Leecraso
and Guang Gong
- CVE-2021-30509: Out of bounds write in Tab Strip. Reported by David Erceg
- CVE-2021-30510: Race in Aura. Reported by Weipeng Jiang
- CVE-2021-30511: Out of bounds read in Tab Groups. Reported by David Erceg
- CVE-2021-30512: Use after free in Notifications. Reported by ZhanJia Song
- CVE-2021-30513: Type Confusion in V8. Reported by Man Yue Mo
- CVE-2021-30514: Use after free in Autofill. Reported by koocola and Wang
- CVE-2021-30515: Use after free in File API. Reported by Rong Jian and
Guang Gong
- CVE-2021-30516: Heap buffer overflow in History. Reported by ZhanJia Song
- CVE-2021-30517: Type Confusion in V8. Reported by laural
- CVE-2021-30518: Heap buffer overflow in Reader Mode. Reported by Jun
Kokatsu
- CVE-2021-30519: Use after free in Payments. Reported by asnine
- CVE-2021-30520: Use after free in Tab Strip. Reported by Khalil Zhani
-- Michael Gilbert <mgilbert@debian.org> Thu, 13 May 2021 02:50:43 +0000
chromium (90.0.4430.93-1) unstable; urgency=medium
* New upstream security release (closes: #987715).
- CVE-2021-21227: Insufficient data validation in V8. Reported by Gengming
Liu of Singular Security Lab
- CVE-2021-21232: Use after free in Dev Tools. Reported by Abdulrahman
Alqabandi, Microsoft Browser Vulnerability Research
- CVE-2021-21233: Heap buffer overflow in ANGLE. Reported by Omair
- CVE-2021-21228: Insufficient policy enforcement in extensions. Reported
by Rob Wu
- CVE-2021-21229: Incorrect security UI in downloads. Reported by Mohit Raj
shadow2639
- CVE-2021-21230: Type Confusion in V8. Reported by Manfred Paul
- CVE-2021-21231: Insufficient data validation in V8. Reported by Sergei
Glazunov of Google Project Zero
* Disable libaom on arm to potentially fix FTBFS on armhf
-- Michel Le Bihan <michel@lebihan.pl> Wed, 28 Apr 2021 12:15:32 +0200
chromium (90.0.4430.85-1) unstable; urgency=medium
* New upstream security release (closes: #987358).
- CVE-2021-21222: Heap buffer overflow in V8. Reported by Guang Gong of
Alpha Lab, Qihoo 360
- CVE-2021-21223: Integer overflow in Mojo. Reported by Guang Gong of Alpha
Lab, Qihoo 360
- CVE-2021-21224: Type Confusion in V8. Reported by Jose Martinez tr0y4
from VerSprite Inc.
- CVE-2021-21225: Out of bounds memory access in V8. Reported by Brendon
Tiszka @btiszka supporting the EFF
- CVE-2021-21226: Use after free in navigation. Reported by Brendon Tiszka
@btiszka supporting the EFF
-- Michel Le Bihan <michel@lebihan.pl> Thu, 22 Apr 2021 13:01:41 +0200
chromium (90.0.4430.72-1) unstable; urgency=medium
* New upstream security release (closes: #987053).
- CVE-2021-21201: Use after free in permissions. Reported by Gengming Liu
and Jianyu Chen when working at Tencent KeenLab
- CVE-2021-21202: Use after free in extensions. Reported by David Erceg
- CVE-2021-21203: Use after free in Blink. Reported by asnine
- CVE-2021-21204: Use after free in Blink. Reported by Chelse Tsai-Simek,
Jeanette Ulloa, and Emily Voigtlander of Seesaw
- CVE-2021-21205: Insufficient policy enforcement in navigation. Reported
by Alison Huffman, Microsoft Browser Vulnerability Research
- CVE-2021-21221: Insufficient validation of untrusted input in Mojo.
Reported by Guang Gong of Alpha Lab, Qihoo 360
- CVE-2021-21207: Use after free in IndexedDB. Reported by koocola
@alo_cook and Nan Wang @eternalsakura13 of 360 Alpha Lab
- CVE-2021-21208: Insufficient data validation in QR scanner. Reported by
Ahmed Elsobky @0xsobky
- CVE-2021-21209: Inappropriate implementation in storage. Reported by Tom
Van Goethem @tomvangoethem
- CVE-2021-21210: Inappropriate implementation in Network. Reported by
@bananabr
- CVE-2021-21211: Inappropriate implementation in Navigation. Reported by
Akash Labade m0ns7er
- CVE-2021-21212: Incorrect security UI in Network Config UI. Reported by
Hugo Hue and Sze Yiu Chau of the Chinese University of Hong Kong
- CVE-2021-21213: Use after free in WebMIDI. Reported by raven
@raid_akame
- CVE-2021-21214: Use after free in Network API. Reported by Anonymous
- CVE-2021-21215: Inappropriate implementation in Autofill. Reported by
Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
- CVE-2021-21216: Inappropriate implementation in Autofill. Reported by
Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
- CVE-2021-21217: Uninitialized Use in PDFium. Reported by Zhou Aiting
@zhouat1 of Qihoo 360 Vulcan Team
- CVE-2021-21218: Uninitialized Use in PDFium. Reported by Zhou Aiting
@zhouat1 of Qihoo 360 Vulcan Team
- CVE-2021-21219: Uninitialized Use in PDFium. Reported by Zhou Aiting
@zhouat1 of Qihoo 360 Vulcan Team
-- Michel Le Bihan <michel@lebihan.pl> Mon, 19 Apr 2021 19:13:47 +0200
chromium (89.0.4389.114-1) unstable; urgency=medium
* New upstream security release (closes: #986335).
- CVE-2021-21194: Use after free in screen capture. Reported by Leecraso
and Guang Gong
- CVE-2021-21195: Use after free in V8. Reported by Liu and Liang
- CVE-2021-21196: Heap buffer overflow in TabStrip. Reported by Khalil
Zhani
- CVE-2021-21197: Heap buffer overflow in TabStrip. Reported by Abdulrahman
Alqabandi
- CVE-2021-21198: Out of bounds read in IPC. Reported by Mark Brand
- CVE-2021-21199: Use Use after free in Aura. Reported by Weipeng Jiang
-- Michael Gilbert <mgilbert@debian.org> Sun, 04 Apr 2021 00:34:12 +0000
chromium (89.0.4389.90-1) unstable; urgency=medium
* New upstream security release (closes: #985271).
- CVE-2021-21191: Use after free in WebRTC. Reported by raven @raid_akame
- CVE-2021-21192: Heap buffer overflow in tab groups. Reported by
Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
- CVE-2021-21193: Use after free in Blink. Reported by Anonymous
(closes: #985142)
* Fix build with libvpx 1.7.0 and libicu63 (closes: #984926).
* Change debian/rules to not leave debian/scripts/mk-origtargz
-- Michel Le Bihan <michel@lebihan.pl> Mon, 15 Mar 2021 12:57:00 +0100
chromium (89.0.4389.82-1) unstable; urgency=medium
* New upstream stable release (closes: #984532).
- CVE-2021-21159: Heap buffer overflow in TabStrip. Reported by Khalil
Zhani
- CVE-2021-21160: Heap buffer overflow in WebAudio. Reported by Marcin
'Icewall' Noga of Cisco Talos
- CVE-2021-21161: Heap buffer overflow in TabStrip. Reported by Khalil
Zhani
- CVE-2021-21162: Use after free in WebRTC. Reported by Anonymous
- CVE-2021-21163: Insufficient data validation in Reader Mode. Reported by
Alison Huffman, Microsoft Browser Vulnerability Research
- CVE-2021-21164: Insufficient data validation in Chrome for iOS. Reported
by Muneaki Nishimura nishimunea
- CVE-2021-21165: Object lifecycle issue in audio. Reported by Alison
Huffman, Microsoft Browser Vulnerability Research
- CVE-2021-21166: Object lifecycle issue in audio. Reported by Alison
Huffman, Microsoft Browser Vulnerability Research
- CVE-2021-21167: Use after free in bookmarks. Reported by Leecraso and
Guang Gong of 360 Alpha Lab
- CVE-2021-21168: Insufficient policy enforcement in appcache. Reported by
Luan Herrera @lbherrera_
- CVE-2021-21169: Out of bounds memory access in V8. Reported by Bohan Liu
@P4nda20371774 and Moon Liang of Tencent Security Xuanwu Lab
- CVE-2021-21170: Incorrect security UI in Loader. Reported by David Erceg
- CVE-2021-21171: Incorrect security UI in TabStrip and Navigation.
Reported by Irvan Kurniawan sourc7
- CVE-2021-21172: Insufficient policy enforcement in File System API.
Reported by Maciej Pulikowski
- CVE-2021-21173: Side-channel information leakage in Network Internals.
Reported by Tom Van Goethem from imec-DistriNet, KU Leuven
- CVE-2021-21174: Inappropriate implementation in Referrer. Reported by
Ashish Gautam Kamble
- CVE-2021-21175: Inappropriate implementation in Site isolation. Reported
by Jun Kokatsu, Microsoft Browser Vulnerability Research
- CVE-2021-21176: Inappropriate implementation in full screen mode.
Reported by Luan Herrera @lbherrera_
- CVE-2021-21177: Insufficient policy enforcement in Autofill. Reported by
Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
- CVE-2021-21178: Inappropriate implementation in Compositing. Reported by
Japong
- CVE-2021-21179: Use after free in Network Internals. Reported by
Anonymous
- CVE-2021-21180: Use after free in tab search. Reported by Abdulrahman
Alqabandi, Microsoft Browser Vulnerability Research
- CVE-2020-27844: Heap buffer overflow in OpenJPEG. Reported by Sean
Campbell at Tableau
- CVE-2021-21181: Side-channel information leakage in autofill. Reported by
Xu Lin (University of Illinois at Chicago), Panagiotis Ilia University of
Illinois at Chicago, Jason Polakis University of Illinois at Chicago
- CVE-2021-21182: Insufficient policy enforcement in navigations. Reported
by Luan Herrera @lbherrera_
- CVE-2021-21183: Inappropriate implementation in performance APIs.
Reported by Takashi Yoneuchi @y0n3uchy
- CVE-2021-21184: Inappropriate implementation in performance APIs.
Reported by James Hartig
- CVE-2021-21185: Insufficient policy enforcement in extensions. Reported
by David Erceg
- CVE-2021-21186: Insufficient policy enforcement in QR scanning. Reported
by dhirajkumarnifty
- CVE-2021-21187: Insufficient data validation in URL formatting. Reported
by Kirtikumar Anandrao Ramchandani
- CVE-2021-21188: Use after free in Blink. Reported by Woojin Oh
@pwn_expoit of STEALIEN
- CVE-2021-21189: Insufficient policy enforcement in payments. Reported by
Khalil Zhani
- CVE-2021-21190: Uninitialized Use in PDFium. Reported by Zhou Aiting
@zhouat1 of Qihoo 360 Vulcan Team
-- Michel Le Bihan <michel@lebihan.pl> Mon, 08 Mar 2021 09:48:03 +0100
chromium (88.0.4324.182-1) unstable; urgency=medium
* New upstream security release.
- CVE-2021-21149: Stack overflow in Data Transfer. Reported by Ryoya
Tsukasaki
- CVE-2021-21150: Use after free in Downloads. Reported by Woojin Oh
- CVE-2021-21151: Use after free in Payments. Reported by Khalil Zhani
- CVE-2021-21152: Heap buffer overflow in Media. Reported by Anonymous
- CVE-2021-21153: Stack overflow in GPU Process. Reported by Jan Ruge
- CVE-2021-21154: Heap buffer overflow in Tab Strip . Reported by
Abdulrahman Alqabandi
- CVE-2021-21155: Heap buffer overflow in Tab Strip . Reported by Khalil
Zhani
- CVE-2021-21156: Heap buffer overflow in V8. Reported by Sergei Glazunov
- CVE-2021-21157: Use after free in Web Sockets. Reported by Anonymous
-- Michael Gilbert <mgilbert@debian.org> Thu, 18 Feb 2021 00:56:55 +0000
chromium (88.0.4324.150-1) unstable; urgency=medium
* New upstream security release (closes: #982205).
- CVE-2021-21148: Heap buffer overflow in V8. Reported by Mattias Buelens
-- Michel Le Bihan <michel@lebihan.pl> Tue, 09 Feb 2021 13:02:34 +0100
chromium (88.0.4324.146-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2021-21142: Use after free in Payments. Reported by Khalil Zhani
- CVE-2021-21143: Heap buffer overflow in Extensions. Reported by Allen
Parker & Alex Morgan of MU
- CVE-2021-21144: Heap buffer overflow in Tab Groups. Reported by Leecraso
and Guang Gong of 360 Alpha Lab
- CVE-2021-21145: Use after free in Fonts. Reported by Anonymous
- CVE-2021-21146: Use after free in Navigation. Reported by Alison Huffman
and Choongwoo Han of Microsoft Browser Vulnerability Research
- CVE-2021-21147: Inappropriate implementation in Skia. Reported by Roman
Starkov
-- Michel Le Bihan <michel@lebihan.pl> Wed, 03 Feb 2021 11:11:02 +0100
chromium (88.0.4324.96-2) unstable; urgency=medium
* Add Michel Le Bihan to uploaders.
* Add openjpeg include dirs to pdfium BUILD.gn (closes: #981270).
-- Michel Le Bihan <michel@lebihan.pl> Fri, 29 Jan 2021 12:37:49 +0100
chromium (88.0.4324.96-1) unstable; urgency=medium
* Organize patches.
* Use system vpx again.
* Support icu 6.3 and clang 7 in buster again.
* Apply the non-maintainer uploads (closes: #972134).
- Thanks to Michel Le Bihan, Jan Luca Naumann, and Peter Michael Green.
-- Michael Gilbert <mgilbert@debian.org> Wed, 27 Jan 2021 01:40:59 +0000
chromium (88.0.4324.96-0.1) unstable; urgency=medium
* Non-maintainer upload.
* New upstream stable release (closes: #980564).
- CVE-2021-21117: Insufficient policy enforcement in Cryptohome. Reported
by Rory McNamara
- CVE-2021-21118: Insufficient data validation in V8. Reported by Tyler
Nighswander @tylerni7 of Theori
- CVE-2021-21119: Use after free in Media. Reported by Anonymous
- CVE-2021-21120: Use after free in WebSQL. Reported by Nan Wang
@eternalsakura13 and Guang Gong of 360 Alpha Lab
- CVE-2021-21121: Use after free in Omnibox. Reported by Leecraso and Guang
Gong of 360 Alpha Lab
- CVE-2021-21122: Use after free in Blink. Reported by Renata Hodovan
- CVE-2021-21123: Insufficient data validation in File System API. Reported
by Maciej Pulikowski
- CVE-2021-21124: Potential user after free in Speech Recognizer. Reported
by Chaoyang Ding(@V4kst1z) from Codesafe Team of Legendsec at Qi'anxin
Group
- CVE-2021-21125: Insufficient policy enforcement in File System API.
Reported by Ron Masas
- CVE-2020-16044: Use after free in WebRTC. Reported by Ned Williamson of
Project Zero
- CVE-2021-21126: Insufficient policy enforcement in extensions. Reported
by David Erceg
- CVE-2021-21127: Insufficient policy enforcement in extensions. Reported
by Jasminder Pal Singh, Web Services Point WSP, Kotkapura
- CVE-2021-21128: Heap buffer overflow in Blink. Reported by Liang Dong
- CVE-2021-21129: Insufficient policy enforcement in File System API.
Reported by Maciej Pulikowski
- CVE-2021-21130: Insufficient policy enforcement in File System API.
Reported by Maciej Pulikowski
- CVE-2021-21131: Insufficient policy enforcement in File System API.
Reported by Maciej Pulikowski
- CVE-2021-21132: Inappropriate implementation in DevTools. Reported by
David Erceg
- CVE-2021-21133: Insufficient policy enforcement in Downloads. Reported by
wester0x01
- CVE-2021-21134: Incorrect security UI in Page Info. Reported by
wester0x01
- CVE-2021-21135: Inappropriate implementation in Performance API. Reported
by ndevtk
- CVE-2021-21136: Insufficient policy enforcement in WebView. Reported by
Shiv Sahni, Movnavinothan V and Imdad Mohammed
- CVE-2021-21137: Inappropriate implementation in DevTools. Reported by
bobblybear
- CVE-2021-21138: Use after free in DevTools. Reported by Weipeng Jiang
@Krace from Codesafe Team of Legendsec at Qi'anxin Group
- CVE-2021-21139: Inappropriate implementation in iframe sandbox. Reported
by Jun Kokatsu, Microsoft Browser Vulnerability Research
- CVE-2021-21140: Uninitialized Use in USB. Reported by David Manouchehri
- CVE-2021-21141: Insufficient policy enforcement in File System API.
Reported by Maciej Pulikowski
[ Jan Luca Naumann ]
* Add watch file.
[ Mattia Rizzolo ]
* Change get-orig-source to produce reproducible tarballs.
-- Michel Le Bihan <michel@lebihan.pl> Wed, 20 Jan 2021 23:23:08 +0100
chromium (87.0.4280.141-0.1) unstable; urgency=medium
* Non-maintainer upload.
* New upstream security release (closes: #979520).
- CVE-2021-21106: Use after free in autofill. Reported by Weipeng Jiang
@Krace from Codesafe Team of Legendsec at Qi'anxin Group
- CVE-2021-21107: Use after free in drag and drop. Reported by Leecraso and
Guang Gong of 360 Alpha Lab
- CVE-2021-21108: Use after free in media. Reported by Leecraso and Guang
Gong of 360 Alpha Lab
- CVE-2021-21109: Use after free in payments. Reported by Rong Jian and
Guang Gong of 360 Alpha Lab
- CVE-2021-21110: Use after free in safe browsing. Reported by Anonymous
- CVE-2021-21111: Insufficient policy enforcement in WebUI. Reported by
Alesandro Ortiz
- CVE-2021-21112: Use after free in Blink. Reported by YoungJoo Lee
@ashuu_lee of Raon Whitehat
- CVE-2021-21113: Heap buffer overflow in Skia. Reported by tsubmunu
- CVE-2020-16043: Insufficient data validation in networking. Reported by
Samy Kamkar, Ben Seri at Armis, Gregory Vishnepolsky at Armis
- CVE-2021-21114: Use after free in audio. Reported by Man Yue Mo of GitHub
Security Lab
- CVE-2020-15995: Out of bounds write in V8. Reported by Bohan Liu
@P4nda20371774 of Tencent Security Xuanwu Lab
- CVE-2021-21115: Use after free in safe browsing. Reported by Leecraso and
Guang Gong of 360 Alpha Lab
- CVE-2021-21116: Heap buffer overflow in audio. Reported by Alison
Huffman, Microsoft Browser Vulnerability Research
[ Jan Luca Naumann ]
* Use desktop gl implementation as default. (closes: #979135)
-- Michel Le Bihan <michel@lebihan.pl> Sat, 09 Jan 2021 11:24:58 +0100
chromium (87.0.4280.88-0.4) unstable; urgency=medium
* Non-maintainer upload.
[ Michel Le Bihan ]
* Install ANGLE EGL and GLESv2 libs (closes: #977870).
* Disable Widevine CDM component updater (closes: #960454).
* Disable usage of google-chrome in driver (closes: #930543).
[ Jan Luca Naumann ]
* Remove python3-xcbgen from Build-Deps
* Changes to allow building on buster
* Add patch for explicit python2 usage in scripts
-- Michel Le Bihan <michel@lebihan.pl> Tue, 29 Dec 2020 10:58:42 +0100
chromium (87.0.4280.88-0.3) unstable; urgency=medium
* Non-maintainer upload.
* Fix double-delete in content service worker (closes: #977901).
-- Michel Le Bihan <michel@lebihan.pl> Wed, 23 Dec 2020 11:55:48 +0100
chromium (87.0.4280.88-0.2) unstable; urgency=medium
* Non-maintainer upload.
* Exclude debian dir from unversioned python conversion script
-- Michel Le Bihan <michel@lebihan.pl> Sun, 20 Dec 2020 22:14:50 +0100
chromium (87.0.4280.88-0.1) unstable; urgency=medium
* Non-maintainer upload.
* New upstream stable release (closes: #973848).
- CVE-2020-16037: Use after free in clipboard. Reported by Ryoya Tsukasaki
- CVE-2020-16038: Use after free in media. Reported by Khalil Zhani
- CVE-2020-16039: Use after free in extensions. Reported by Anonymous
- CVE-2020-16040: Insufficient data validation in V8. Reported by Lucas
Pinheiro, Microsoft Browser Vulnerability Research
- CVE-2020-16041: Out of bounds read in networking. Reported by Sergei
Glazunov and Mark Brand of Google Project Zero
- CVE-2020-16042: Uninitialized Use in V8. Reported by André Bargull
- CVE-2020-16018: Use after free in payments. Reported by Man Yue Mo of
GitHub Security Lab
- CVE-2020-16019: Inappropriate implementation in filesystem. Reported by
Rory McNamara
- CVE-2020-16020: Inappropriate implementation in cryptohome. Reported by
Rory McNamara
- CVE-2020-16021: Race in ImageBurner. Reported by Rory McNamara
- CVE-2020-16022: Insufficient policy enforcement in networking. Reported
by @SamyKamkar
- CVE-2020-16015: Insufficient data validation in WASM. Reported by Rong
Jian and Leecraso of 360 Alpha Lab
- CVE-2020-16014: Use after free in PPAPI. Reported by Rong Jian and
Leecraso of 360 Alpha Lab
- CVE-2020-16023: Use after free in WebCodecs. Reported by Brendon Tiszka
and David Manouchehri supporting the @eff
- CVE-2020-16024: Heap buffer overflow in UI. Reported by Sergei Glazunov
of Google Project Zero
- CVE-2020-16025: Heap buffer overflow in clipboard. Reported by Sergei
Glazunov of Google Project Zero
- CVE-2020-16026: Use after free in WebRTC. Reported by Jong-Gwon Kim
- CVE-2020-16027: Insufficient policy enforcement in developer tools.
Reported by David Erceg
- CVE-2020-16028: Heap buffer overflow in WebRTC. Reported by asnine
- CVE-2020-16029: Inappropriate implementation in PDFium. Reported by
Anonymous
- CVE-2020-16030: Insufficient data validation in Blink. Reported by Michał
Bentkowski of Securitum
- CVE-2019-8075: Insufficient data validation in Flash. Reported by
Nethanel Gelernter, Cyberpion
- CVE-2020-16031: Incorrect security UI in tab preview. Reported by
wester0x01
- CVE-2020-16032: Incorrect security UI in sharing. Reported by wester0x01
- CVE-2020-16033: Incorrect security UI in WebUSB. Reported by Khalil Zhani
- CVE-2020-16034: Inappropriate implementation in WebRTC. Reported by
Benjamin Petermaier
- CVE-2020-16035: Insufficient data validation in cros-disks. Reported by
Rory McNamara
- CVE-2020-16012: Side-channel information leakage in graphics. Reported by
Aleksejs Popovs
- CVE-2020-16036: Inappropriate implementation in cookies. Reported by Jun
Kokatsu @shhnjk
- CVE-2020-16013: Inappropriate implementation in V8. Reported by Anonymous
- CVE-2020-16017: Use after free in site isolation. Reported by Anonymous
- CVE-2020-16016: Inappropriate implementation in base. Reported by Rong
Jian and Leecraso of 360 Alpha Lab
- CVE-2020-16004: Use after free in user interface. Reported by Leecraso
and Guang Gong of 360 Alpha Lab working with 360 BugCloud
- CVE-2020-16005: Insufficient policy enforcement in ANGLE. Reported by
Jaehun Jeong @n3sk of Theori
- CVE-2020-16006: Inappropriate implementation in V8. Reported by Bill
Parks
- CVE-2020-16007: Insufficient data validation in installer. Reported by
Abdelhamid Naceri
- CVE-2020-16008: Stack buffer overflow in WebRTC. Reported by Tolya
Korniltsev
- CVE-2020-16009: Inappropriate implementation in V8. Reported by Clement
Lecigne of Google's Threat Analysis Group and Samuel Groß of Google
Project Zero
- CVE-2020-16011: Heap buffer overflow in UI on Windows. Reported by Sergei
Glazunov of Google Project Zero
- CVE-2020-16000: Inappropriate implementation in Blink. Reported by
amaebi_jp
- CVE-2020-16001: Use after free in media. Reported by Khalil Zhani
- CVE-2020-16002: Use after free in PDFium. Reported by Weipeng Jiang from
Codesafe Team of Legendsec at Qi'anxin Group
- CVE-2020-15999: Heap buffer overflow in Freetype. Reported by Sergei
Glazunov of Google Project Zero
- CVE-2020-16003: Use after free in printing. Reported by Khalil Zhani
- CVE-2020-15967: Use after free in payments. Reported by Man Yue Mo of
GitHub Security Lab
- CVE-2020-15968: Use after free in Blink. Reported by Anonymous
- CVE-2020-15969: Use after free in WebRTC. Reported by Anonymous
- CVE-2020-15970: Use after free in NFC. Reported by Man Yue Mo of GitHub
Security Lab
- CVE-2020-15971: Use after free in printing. Reported by Jun Kokatsu,
Microsoft Browser Vulnerability Research
- CVE-2020-15972: Use after free in audio. Reported by Anonymous
- CVE-2020-15990: Use after free in autofill. Reported by Rong Jian and
Guang Gong of Alpha Lab, Qihoo 360
- CVE-2020-15991: Use after free in password manager. Reported by Rong Jian
and Guang Gong of Alpha Lab, Qihoo 360
- CVE-2020-15973: Insufficient policy enforcement in extensions. Reported
by David Erceg
- CVE-2020-15974: Integer overflow in Blink. Reported by Juno Im of Theori
- CVE-2020-15975: Integer overflow in SwiftShader. Reported by Anonymous
- CVE-2020-15976: Use after free in WebXR. Reported by YoungJoo Lee
@ashuu_lee of Raon Whitehat
- CVE-2020-6557: Inappropriate implementation in networking. Reported by
Matthias Gierlings and Marcus Brinkmann
- CVE-2020-15977: Insufficient data validation in dialogs. Reported by
Narendra Bhati
- CVE-2020-15978: Insufficient data validation in navigation. Reported by
Luan Herrera @lbherrera_
- CVE-2020-15979: Inappropriate implementation in V8. Reported by Avihay
Cohen @ SeraphicAlgorithms
- CVE-2020-15980: Insufficient policy enforcement in Intents. Reported by
Yongke Wang @Rudykewang and Aryb1n @aryb1n of Tencent Security Xuanwu Lab
- CVE-2020-15981: Out of bounds read in audio. Reported by Christoph
Guttandin
- CVE-2020-15982: Side-channel information leakage in cache. Reported by
Luan Herrera @lbherrera_
- CVE-2020-15983: Insufficient data validation in webUI. Reported by Jun
Kokatsu, Microsoft Browser Vulnerability Research
- CVE-2020-15984: Insufficient policy enforcement in Omnibox. Reported by
Rayyan Bijoora
- CVE-2020-15985: Inappropriate implementation in Blink. Reported by
Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
- CVE-2020-15986: Integer overflow in media. Reported by Mark Brand of
Google Project Zero
- CVE-2020-15987: Use after free in WebRTC. Reported by Philipp Hancke
- CVE-2020-15992: Insufficient policy enforcement in networking. Reported
by Alison Huffman, Microsoft Browser Vulnerability Research
- CVE-2020-15988: Insufficient policy enforcement in downloads. Reported by
Samuel Attard
- CVE-2020-15989: Uninitialized Use in PDFium. Reported by Gareth Evans
- CVE-2020-15960: Out of bounds read in storage. Reported by Anonymous
- CVE-2020-15961: Insufficient policy enforcement in extensions. Reported
by David Erceg
- CVE-2020-15962: Insufficient policy enforcement in serial. Reported by
Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud
- CVE-2020-15963: Insufficient policy enforcement in extensions. Reported
by David Erceg
- CVE-2020-15965: Out of bounds write in V8. Reported by Lucas Pinheiro,
Microsoft Browser Vulnerability Research
- CVE-2020-15966: Insufficient policy enforcement in extensions. Reported
by David Erceg
- CVE-2020-15964: Insufficient data validation in media. Reported by Woojin
Oh @pwn_expoit of STEALIEN
- CVE-2020-6573: Use after free in video. Reported by Leecraso and Guang
Gong of 360 Alpha Lab working with 360 BugCloud
- CVE-2020-6574: Insufficient policy enforcement in installer. Reported by
CodeColorist of Ant-Financial LightYear Labs
- CVE-2020-6575: Race in Mojo. Reported by Microsoft
- CVE-2020-6576: Use after free in offscreen canvas. Reported by Looben
Yang
- CVE-2020-15959: Insufficient policy enforcement in networking. Reported
by Eric Lawrence of Microsoft
- CVE-2020-6558: Insufficient policy enforcement in iOS. Reported by Alison
Huffman, Microsoft Browser Vulnerability Research
- CVE-2020-6559: Use after free in presentation API. Reported by Liu Wei
and Wu Zekai of Tencent Security Xuanwu Lab
- CVE-2020-6560: Insufficient policy enforcement in autofill. Reported by
Nadja Ungethuem from www.unnex.de
- CVE-2020-6561: Inappropriate implementation in Content Security Policy.
Reported by Rob Wu
- CVE-2020-6562: Insufficient policy enforcement in Blink. Reported by
Masato Kinugawa
- CVE-2020-6563: Insufficient policy enforcement in intent handling.
Reported by Pedro Oliveira
- CVE-2020-6564: Incorrect security UI in permissions. Reported by Khalil
Zhani
- CVE-2020-6565: Incorrect security UI in Omnibox. Reported by Khalil Zhani
- CVE-2020-6566: Insufficient policy enforcement in media. Reported by Jun
Kokatsu, Microsoft Browser Vulnerability Research
- CVE-2020-6567: Insufficient validation of untrusted input in command line
handling. Reported by Joshua Graham of TSS
- CVE-2020-6568: Insufficient policy enforcement in intent handling.
Reported by Yongke Wang @Rudykewang and Aryb1n @aryb1n of Tencent
Security Xuanwu Lab
- CVE-2020-6569: Integer overflow in WebUSB. Reported by guaixiaomei
- CVE-2020-6570: Side-channel information leakage in WebRTC. Reported by
Signal/Tenable
- CVE-2020-6571: Incorrect security UI in Omnibox. Reported by Rayyan
Bijoora
- CVE-2020-6556: Heap buffer overflow in SwiftShader. Reported by Alison
Huffman, Microsoft Browser Vulnerability Research
- CVE-2020-6542: Use after free in ANGLE. Reported by Piotr Bania of Cisco
Talos
- CVE-2020-6543: Use after free in task scheduling. Reported by Looben Yang
- CVE-2020-6544: Use after free in media. Reported by Tim Becker of Theori
- CVE-2020-6545: Use after free in audio. Reported by Anonymous
- CVE-2020-6546: Inappropriate implementation in installer. Reported by
Andrew Hess
- CVE-2020-6547: Incorrect security UI in media. Reported by David Albert
- CVE-2020-6548: Heap buffer overflow in Skia. Reported by Choongwoo Han,
Microsoft Browser Vulnerability Research
- CVE-2020-6549: Use after free in media. Reported by Sergei Glazunov of
Google Project Zero
- CVE-2020-6550: Use after free in IndexedDB. Reported by Sergei Glazunov
of Google Project Zero
- CVE-2020-6551: Use after free in WebXR. Reported by Sergei Glazunov of
Google Project Zero
- CVE-2020-6552: Use after free in Blink. Reported by Tim Becker of Theori
- CVE-2020-6553: Use after free in offline mode. Reported by Alison
Huffman, Microsoft Browser Vulnerability Research
- CVE-2020-6554: Use after free in extensions. Reported by Anonymous
- CVE-2020-6555: Out of bounds read in WebGL. Reported by Marcin Towalski
of Cisco Talos
-- Michel Le Bihan <michel@lebihan.pl> Tue, 01 Dec 2020 00:00:00 +0000
chromium (84.0.4147.105-1) experimental; urgency=medium
* New upstream security release.
- CVE-2020-6537: Type Confusion in V8. Reported by Rong Jian and Guang Gong
- CVE-2020-6532: Use after free in SCTP. Reported by Anonymous
- CVE-2020-6538: Inappropriate implementation in WebView. Reported by
Yongke Wang and Aryb1n
- CVE-2020-6539: Use after free in CSS. Reported by Oriol Brufau
- CVE-2020-6540: Heap buffer overflow in Skia. Reported by Zhen Zhou
- CVE-2020-6541: Use after free in WebUSB. Reported by Sergei Glazunov
-- Michael Gilbert <mgilbert@debian.org> Sat, 01 Aug 2020 03:00:31 +0000
chromium (84.0.4147.89-1) experimental; urgency=medium
* New upstream stable release.
- CVE-2020-6510: Heap buffer overflow in background fetch. Reported by
Leecraso and Guang Gong
- CVE-2020-6511: Side-channel information leakage in content security
policy. Reported by Mikhail Oblozhikhin
- CVE-2020-6512: Type Confusion in V8. Reported by nocma, leogan, cheneyxu
- CVE-2020-6513: Heap buffer overflow in PDFium. Reported by Aleksandar
Nikolic
- CVE-2020-6514: Inappropriate implementation in WebRTC. Reported by
Natalie Silvanovich
- CVE-2020-6515: Use after free in tab strip. Reported by DDV_UA
- CVE-2020-6516: Policy bypass in CORS. Reported by Yongke Wang and Aryb1n
- CVE-2020-6517: Heap buffer overflow in history. Reported by ZeKai Wu
- CVE-2020-6518: Use after free in developer tools. Reported by David Erceg
- CVE-2020-6519: Policy bypass in CSP. Reported by Gal Weizman
- CVE-2020-6520: Heap buffer overflow in Skia. Reported by Zhen Zhou
- CVE-2020-6521: Side-channel information leakage in autofill. Reported by
Xu Lin, Panagiotis Ilia, Jason Polakis
- CVE-2020-6522: Inappropriate implementation in external protocol
handlers. Reported by Eric Lawrence
- CVE-2020-6523: Out of bounds write in Skia. Reported by Liu Wei and Wu
Zekai
- CVE-2020-6524: Heap buffer overflow in WebAudio. Reported by Sung Ta
- CVE-2020-6525: Heap buffer overflow in Skia. Reported by Zhen Zhou
- CVE-2020-6526: Inappropriate implementation in iframe sandbox. Reported
by Jonathan Kingston
- CVE-2020-6527: Insufficient policy enforcement in CSP. Reported by Zhong
Zhaochen
- CVE-2020-6528: Incorrect security UI in basic auth. Reported by Rayyan
Bijoora
- CVE-2020-6529: Inappropriate implementation in WebRTC. Reported by
kaustubhvats7
- CVE-2020-6530: Out of bounds memory access in developer tools. Reported
by myvyang
- CVE-2020-6531: Side-channel information leakage in scroll to text.
Reported by Jun Kokatsu
- CVE-2020-6533: Type Confusion in V8. Reported by Avihay Cohen
- CVE-2020-6534: Heap buffer overflow in WebRTC. Reported by Anonymous
- CVE-2020-6535: Insufficient data validation in WebUI. Reported by Jun
Kokatsu
- CVE-2020-6536: Incorrect security UI in PWAs. Reported by Zhiyang Zeng
* Update information in debian/copyright.
* Include more upstream metadata information.
-- Michael Gilbert <mgilbert@debian.org> Sun, 26 Jul 2020 15:21:41 +0000
chromium (83.0.4103.116-3.1) unstable; urgency=medium
* Non-maintainer upload.
* Add 64-bit time syscalls to syscall whitelist and clock selection
parameter filtering code
* Switch to explicitly versioned python2
+ Update build-depends
+ Replace references to /usr/bin/python and to env python
with /usr/bin/python2 and env python2
+ make exec_script in gn use python2
+ add code in debian/rules clean to set the shebang in
third_party/closure_compiler/compiler.py it seems someting in the upstream
build system sometimes resets it.
-- Peter Michael Green <plugwash@debian.org> Tue, 15 Sep 2020 13:10:35 +0000
chromium (83.0.4103.116-3) unstable; urgency=high
* Fix crashes when a connection error occurs (closes: #963548).
- Thank you so much to Riku Voipio.
-- Michael Gilbert <mgilbert@debian.org> Sat, 11 Jul 2020 14:56:34 +0000
chromium (83.0.4103.116-2) unstable; urgency=medium
* Fix crashes due to ffmpeg 4.3 (closes: #963035).
-- Michael Gilbert <mgilbert@debian.org> Mon, 29 Jun 2020 10:28:15 +0000
chromium (83.0.4103.116-1) unstable; urgency=medium
* New upstream security release.
- CVE-2020-6509: Use after free in extensions. Reported by Anonymous
-- Michael Gilbert <mgilbert@debian.org> Mon, 22 Jun 2020 19:45:51 +0000
chromium (83.0.4103.106-1) unstable; urgency=medium
* New upstream security release.
- CVE-2020-6493: Use after free in WebAuthentication. Reported by Anonymous
- CVE-2020-6494: Incorrect security UI in payments. Reported by Juho
Nurminen
- CVE-2020-6495: Insufficient policy enforcement in developer tools.
Reported by David Erceg
- CVE-2020-6496: Use after free in payments. Reported by Khalil Zhani
- CVE-2020-6497: Insufficient policy enforcement in Omnibox. Reported by
Rayyan Bijoora
- CVE-2020-6498: Incorrect security UI in progress display. Reported by
Rayyan Bijoora
- CVE-2020-6505: Use after free in speech. Reported by Khalil Zhani
- CVE-2020-6506: Insufficient policy enforcement in WebView. Reported by
Alesandro Ortiz
- CVE-2020-6507: Out of bounds write in V8. Reported by Sergei Glazunov
* Conflict with ffmpeg 4.3 (closes: #963080).
* Support building with icu 67 (closes: #960236).
* Support building with re2 20200501 (closes: #960361).
-- Michael Gilbert <mgilbert@debian.org> Fri, 19 Jun 2020 00:40:28 +0000
chromium (83.0.4103.83-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2020-6457: Use after free in speech recognizer. Reported by Leecraso
and Guang Gong
- CVE-2020-6458: Out of bounds read and write in PDFium. Reported by
Aleksandar Nikolic
- CVE-2020-6459: Use after free in payments. Reported by Zhe Jin
- CVE-2020-6460: Insufficient data validation in URL formatting. Reported
by Anonymous
- CVE-2020-6461: Use after free in storage. Reported by Zhe Jin
- CVE-2020-6462: Use after free in task scheduling. Reported by Zhe Jin
- CVE-2020-6463: Use after free in ANGLE. Reported by Pawel Wylecial
- CVE-2020-6464: Type Confusion in Blink. Reported by Looben Yang
- CVE-2020-6465: Use after free in reader mode. Reported by Woojin Oh
- CVE-2020-6466: Use after free in media. Reported by Zhe Jin
- CVE-2020-6467: Use after free in WebRTC. Reported by ZhanJia Song
- CVE-2020-6468: Type Confusion in V8. Reported by Chris Salls and Jake
Corina
- CVE-2020-6469: Insufficient policy enforcement in developer tools.
Reported by David Erceg
- CVE-2020-6470: Insufficient validation of untrusted input in clipboard.
Reported by Michał Bentkowski
- CVE-2020-6471: Insufficient policy enforcement in developer tools.
Reported by David Erceg
- CVE-2020-6472: Insufficient policy enforcement in developer tools.
Reported by David Erceg
- CVE-2020-6473: Insufficient policy enforcement in Blink. Reported by
Soroush Karami and Panagiotis Ilia
- CVE-2020-6474: Use after free in Blink. Reported by Zhe Jin
- CVE-2020-6475: Incorrect security UI in full screen. Reported by Khalil
Zhani
- CVE-2020-6476: Insufficient policy enforcement in tab strip. Reported by
Alexandre Le Borgne
- CVE-2020-6478: Inappropriate implementation in full screen. Reported by
Khalil Zhani
- CVE-2020-6479: Inappropriate implementation in sharing. Reported by Zhong
Zhaochen
- CVE-2020-6480: Insufficient policy enforcement in enterprise. Reported by
Marvin Witt
- CVE-2020-6481: Insufficient policy enforcement in URL formatting.
Reported by Rayyan Bijoora
- CVE-2020-6482: Insufficient policy enforcement in developer tools.
Reported by Abdulrahman Alqabandi
- CVE-2020-6483: Insufficient policy enforcement in payments. Reported by
Jun Kokatsu
- CVE-2020-6484: Insufficient data validation in ChromeDriver. Reported by
Artem Zinenko
- CVE-2020-6485: Insufficient data validation in media router. Reported by
Sergei Glazunov
- CVE-2020-6486: Insufficient policy enforcement in navigations. Reported
by David Erceg
- CVE-2020-6487: Insufficient policy enforcement in downloads. Reported by
Jun Kokatsu
- CVE-2020-6488: Insufficient policy enforcement in downloads. Reported by
David Erceg
- CVE-2020-6489: Inappropriate implementation in developer tools. Reported
by @lovasoa
- CVE-2020-6490: Insufficient data validation in loader. Reported by
Twitter
- CVE-2020-6491: Incorrect security UI in site information. Reported by
Sultan Haikal
- CVE-2020-6831: Stack buffer overflow in SCTP. Reported by Natalie
Silvanovich
-- Michael Gilbert <mgilbert@debian.org> Thu, 18 Jun 2020 02:05:11 +0000
chromium (81.0.4044.92-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2020-6423: Use after free in audio. Reported by Anonymous
- CVE-2020-6430: Type Confusion in V8. Reported by Avihay Cohen
- CVE-2020-6431: Insufficient policy enforcement in full screen. Reported
by Luan Herrera
- CVE-2020-6432: Insufficient policy enforcement in navigations. Reported
by David Erceg
- CVE-2020-6433: Insufficient policy enforcement in extensions. Reported by
David Erceg
- CVE-2020-6434: Use after free in devtools. Reported by HyungSeok Han
- CVE-2020-6435: Insufficient policy enforcement in extensions. Reported by
Sergei Glazunov
- CVE-2020-6436: Use after free in window management. Reported by Igor
Bukanov
- CVE-2020-6437: Inappropriate implementation in WebView. Reported by Jann
Horn
- CVE-2020-6438: Insufficient policy enforcement in extensions. Reported by
Ng Yik Phang
- CVE-2020-6439: Insufficient policy enforcement in navigations. Reported
by remkoboonstra
- CVE-2020-6440: Inappropriate implementation in extensions. Reported by
David Erceg
- CVE-2020-6441: Insufficient policy enforcement in omnibox. Reported by
David Erceg
- CVE-2020-6442: Inappropriate implementation in cache. Reported by B@rMey
- CVE-2020-6443: Insufficient data validation in developer tools. Reported
by @lovasoa
- CVE-2020-6444: Uninitialized use in WebRTC. Reported by mlfbrown
- CVE-2020-6445: Insufficient policy enforcement in trusted types. Reported
by Jun Kokatsu
- CVE-2020-6446: Insufficient policy enforcement in trusted types. Reported
by Jun Kokatsu
- CVE-2020-6447: Inappropriate implementation in developer tools. Reported
by David Erceg
- CVE-2020-6448: Use after free in V8. Reported by Guang Gong
- CVE-2020-6454: Use after free in extensions. Reported by leecraso and
Guang Gong
- CVE-2020-6455: Out of bounds read in WebSQL. Reported by Nan Wang and
Guang Gong
- CVE-2020-6456: Insufficient validation of untrusted input in clipboard.
Reported by Michał Bentkowski
-- Michael Gilbert <mgilbert@debian.org> Tue, 07 Apr 2020 23:05:20 +0000
chromium (80.0.3987.162-1) unstable; urgency=medium
* New upstream security release.
- CVE-2020-6450: Use after free in WebAudio. Reported by Man Yue Mo
- CVE-2020-6451: Use after free in WebAudio. Reported by Man Yue Mo
- CVE-2020-6452: Heap buffer overflow in media. Reported by asnine
-- Michael Gilbert <mgilbert@debian.org> Wed, 01 Apr 2020 04:30:14 +0000
chromium (80.0.3987.149-1) unstable; urgency=medium
* New upstream security release.
- CVE-2019-20503: Out of bounds read in usersctplib. Reported by Natalie
Silvanovich
- CVE-2020-6422: Use after free in WebGL. Reported by David Manouchehri
- CVE-2020-6424: Use after free in media. Reported by Sergei Glazunov
- CVE-2020-6425: Insufficient policy enforcement in extensions. Reported by
Sergei Glazunov
- CVE-2020-6426: Inappropriate implementation in V8. Reported by Avihay
Cohen
- CVE-2020-6427: Use after free in audio. Reported by Man Yue Mo
- CVE-2020-6428: Use after free in audio. Reported by Man Yue Mo
- CVE-2020-6429: Use after free in audio. Reported by Man Yue Mo
- CVE-2020-6449: Use after free in audio. Reported by Man Yue Mo
-- Michael Gilbert <mgilbert@debian.org> Fri, 20 Mar 2020 00:18:06 +0000
chromium (80.0.3987.132-1) unstable; urgency=medium
* New upstream security release.
- CVE-2020-6420: Insufficient policy enforcement in media. Reported by
Taras Uzdenov
-- Michael Gilbert <mgilbert@debian.org> Fri, 06 Mar 2020 16:40:19 +0000
chromium (80.0.3987.122-2) unstable; urgency=medium
* Reduce debugging symbols to avoid memory exhaustion while linking.
-- Michael Gilbert <mgilbert@debian.org> Tue, 03 Mar 2020 04:15:34 +0000
chromium (80.0.3987.122-1) unstable; urgency=medium
* New upstream security release.
- CVE-2020-6407: Out of bounds memory access in streams. Reported by
Sergei Glazunov
- CVE-2020-6418: Type confusion in V8. Reported by Clement Lecigne
-- Michael Gilbert <mgilbert@debian.org> Sun, 01 Mar 2020 01:25:59 +0000
chromium (80.0.3987.116-1) unstable; urgency=medium
* New upstream security release.
- CVE-2020-6383: Type confusion in V8. Reported by Sergei Glazunov
- CVE-2020-6384: Use after free in WebAudio. Reported by David Manouchehri
- CVE-2020-6386: Use after free in speech. Reported by Zhe Jin
-- Michael Gilbert <mgilbert@debian.org> Sat, 22 Feb 2020 03:01:15 +0000
chromium (80.0.3987.106-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2019-19923: Out of bounds memory access in SQLite. Reported by
Richard Lorenz
- CVE-2019-19925: Vulnerability in SQLite. Reported by Richard Lorenz
- CVE-2019-19926: Inappropriate implementation in SQLite. Reported by
Richard Lorenz
- CVE-2019-19880: Vulnerability in SQLite. Reported by Richard Lorenz
- CVE-2020-6381: Integer overflow in JavaScript. Reported by The UK's
National Cyber Security Centre
- CVE-2020-6382: Type Confusion in JavaScript. Reported by Soyeon Park and
Wen Xu
- CVE-2020-6385: Insufficient policy enforcement in storage. Reported by
Sergei Glazunov
- CVE-2020-6387: Out of bounds write in WebRTC. Reported by Natalie
Silvanovich
- CVE-2020-6388: Out of bounds memory access in WebAudio. Reported by
Sergei Glazunov
- CVE-2020-6389: Out of bounds write in WebRTC. Reported by Natalie
Silvanovich
- CVE-2020-6390: Out of bounds memory access in streams. Reported by Sergei
Glazunov
- CVE-2020-6391: Insufficient validation of untrusted input in Blink.
Reported by Michał Bentkowski
- CVE-2020-6392: Insufficient policy enforcement in extensions. Reported by
Microsoft Edge Team
- CVE-2020-6393: Insufficient policy enforcement in Blink. Reported by Mark
Amery
- CVE-2020-6394: Insufficient policy enforcement in Blink. Reported by Phil
Freo
- CVE-2020-6395: Out of bounds read in JavaScript. Reported by Pierre
Langlois
- CVE-2020-6396: Inappropriate implementation in Skia. Reported by William
Luc Ritchie
- CVE-2020-6397: Incorrect security UI in sharing. Reported by Khalil Zhani
- CVE-2020-6398: Uninitialized use in PDFium. Reported by pdknsk
- CVE-2020-6399: Insufficient policy enforcement in AppCache. Reported by
Luan Herrera
- CVE-2020-6400: Inappropriate implementation in CORS. Reported by Takashi
Yoneuchi
- CVE-2020-6401: Insufficient validation of untrusted input in Omnibox.
Reported by Tzachy Horesh
- CVE-2020-6402: Insufficient policy enforcement in downloads. Reported by
Vladimir Metnew
- CVE-2020-6403: Incorrect security UI in Omnibox. Reported by Khalil Zhani
- CVE-2020-6404: Inappropriate implementation in Blink. Reported by kanchi
- CVE-2020-6405: Out of bounds read in SQLite. Reported by Yongheng Chen
and Rui Zhong
- CVE-2020-6406: Use after free in audio. Reported by Sergei Glazunov
- CVE-2020-6408: Insufficient policy enforcement in CORS. Reported by Zhong
Zhaochen
- CVE-2020-6409: Inappropriate implementation in Omnibox. Reported by
Divagar S and Bharathi V
- CVE-2020-6410: Insufficient policy enforcement in navigation. Reported by
evi1m0
- CVE-2020-6411: Insufficient validation of untrusted input in Omnibox.
Reported by Khalil Zhani
- CVE-2020-6412: Insufficient validation of untrusted input in Omnibox.
Reported by Zihan Zheng
- CVE-2020-6413: Inappropriate implementation in Blink. Reported by Michał
Bentkowski
- CVE-2020-6414: Insufficient policy enforcement in Safe Browsing. Reported
by Lijo A.T
- CVE-2020-6415: Inappropriate implementation in JavaScript. Reported by
Avihay Cohen
- CVE-2020-6416: Insufficient data validation in streams. Reported by
Woojin Oh
- CVE-2020-6417: Inappropriate implementation in installer. Reported by
Renato Moraes and Altieres Rohr
* Remove --ignore-gpu-blacklist from the default flags (closes: #947207).
* Update standards version to 4.5.0.
* Build with clang instead of gcc.
-- Michael Gilbert <mgilbert@debian.org> Sun, 16 Feb 2020 23:33:50 +0000
chromium (79.0.3945.130-2) unstable; urgency=medium
* Add libx11-xcb-dev as a build dependency.
-- Michael Gilbert <mgilbert@debian.org> Sun, 19 Jan 2020 08:42:14 +0000
chromium (79.0.3945.130-1) unstable; urgency=medium
* New upstream security release.
- CVE-2020-6377: Use after free in audio. Reported by Zhe Jin
- CVE-2020-6378: Use-after-free in speech recognizer. Reported by Antti
Levomäki and Christian Jalio
- CVE-2020-6379: Use-after-free in speech recognizer. Reported by Guang
Gong
- CVE-2020-6380: Extension message verification error. Reported by Sergei
Glazunov
- CVE-2019-13767: Use after free in media picker. Reported by Sergei
Glazunov
* Fix memory instrumentation singleton initialization errors caused by
tracing patch included in the previous upload (closes: #945920).
-- Michael Gilbert <mgilbert@debian.org> Sat, 18 Jan 2020 20:26:26 +0000
chromium (79.0.3945.79-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2019-13725: Use after free in Bluetooth. Reported by Gengming Liu and
Jianyu Chen
- CVE-2019-13726: Heap buffer overflow in password manager. Reported by
Sergei Glazunov
- CVE-2019-13727: Insufficient policy enforcement in WebSockets. Reported
by @piochu
- CVE-2019-13728: Out of bounds write in V8. Reported by Rong Jian and
Guang Gong
- CVE-2019-13729: Use after free in WebSockets. Reported by Zhe Jin
- CVE-2019-13730: Type Confusion in V8. Reported by Soyeon Park and Wen Xu
- CVE-2019-13732: Use after free in WebAudio. Reported by Sergei Glazunov
- CVE-2019-13734: Out of bounds write in SQLite. Reported by Wenxiang Qian
- CVE-2019-13735: Out of bounds write in V8. Reported by Gengming Liu and
Zhen Feng
- CVE-2019-13764: Type Confusion in V8. Reported by Soyeon Park and Wen Xu
- CVE-2019-13736: Integer overflow in PDFium. Reported by Anonymous
- CVE-2019-13737: Insufficient policy enforcement in autocomplete. Reported
by Mark Amery
- CVE-2019-13738: Insufficient policy enforcement in navigation. Reported
by Johnathan Norman and Daniel Clark
- CVE-2019-13739: Incorrect security UI in Omnibox. Reported by xisigr
- CVE-2019-13740: Incorrect security UI. Reported by Khalil Zhani
- CVE-2019-13741: Insufficient validation of untrusted input in Blink.
Reported by Michał Bentkowski
- CVE-2019-13742: Incorrect security UI in Omnibox. Reported by Khalil
Zhani
- CVE-2019-13743: Incorrect security UI in external protocol handling.
Reported by Zhiyang Zeng
- CVE-2019-13744: Insufficient policy enforcement in cookies. Reported by
Prakash
- CVE-2019-13745: Insufficient policy enforcement in audio. Reported by
Luan Herrera
- CVE-2019-13746: Insufficient policy enforcement in Omnibox. Reported by
David Erceg
- CVE-2019-13747: Uninitialized Use in rendering. Reported by Ivan
Popelyshev and André Bonatti
- CVE-2019-13748: Insufficient policy enforcement in developer tools.
Reported by David Erceg
- CVE-2019-13749: Incorrect security UI in Omnibox. Reported by Khalil
Zhani
- CVE-2019-13750: Insufficient data validation in SQLite. Reported by
Wenxiang Qian
- CVE-2019-13751: Uninitialized Use in SQLite. Reported by Wenxiang Qian
- CVE-2019-13752: Out of bounds read in SQLite. Reported by Wenxiang Qian
- CVE-2019-13753: Out of bounds read in SQLite. Reported by Wenxiang Qian
- CVE-2019-13754: Insufficient policy enforcement in extensions. Reported
by Cody Crews
- CVE-2019-13755: Insufficient policy enforcement in extensions. Reported
by Masato Kinugawa
- CVE-2019-13756: Incorrect security UI in printing. Reported by Khalil
Zhani
- CVE-2019-13757: Incorrect security UI in Omnibox. Reported by Khalil
Zhani
- CVE-2019-13758: Insufficient policy enforcement in navigation. Reported
by Khalil Zhani
- CVE-2019-13759: Incorrect security UI. Reported by Wenxu Wu
- CVE-2019-13761: Incorrect security UI in Omnibox. Reported by Khalil
Zhani
- CVE-2019-13762: Insufficient policy enforcement in downloads. Reported by
csanuragjain
- CVE-2019-13763: Insufficient policy enforcement in payments. Reported by
weiwangpp93
-- Michael Gilbert <mgilbert@debian.org> Thu, 12 Dec 2019 04:36:09 +0000
chromium (79.0.3945.56-1) experimental; urgency=medium
* New upstream beta release.
* Update standards version to 4.4.1.
* Ignore the gpu blacklist by default again.
-- Michael Gilbert <mgilbert@debian.org> Wed, 27 Nov 2019 23:59:29 +0000
chromium (78.0.3904.108-1) unstable; urgency=medium
* New upstream security release.
- CVE-2019-13723: Use-after-free in Bluetooth. Reported by Yuxiang Li
- CVE-2019-13724: Out-of-bounds in Bluetooth. Reported by Yuxiang Li
* Disable vaapi on armhf (closes: #944627).
-- Michael Gilbert <mgilbert@debian.org> Wed, 20 Nov 2019 23:46:06 +0000
chromium (78.0.3904.97-1) unstable; urgency=medium
* New upstream security release.
* Enable vaapi (closes: #940074).
* Fix crash during profile manager shutdown.
* Drop libglewmx-dev build dependency (closes: #941050).
-- Michael Gilbert <mgilbert@debian.org> Sat, 09 Nov 2019 03:33:52 +0000
chromium (78.0.3904.87-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2019-5869: Use-after-free in Blink. Reported by Zhe Jin
- CVE-2019-5870: Use-after-free in media. Reported by Guang Gong
- CVE-2019-5871: Heap overflow in Skia. Reported by Anonymous
- CVE-2019-5872: Use-after-free in Mojo. Reported by Zhe Jin
- CVE-2019-5874: External URIs may trigger other browsers. Reported by
James Lee
- CVE-2019-5875: URL bar spoof. Reported by Khalil
Zhani
- CVE-2019-5876: Use-after-free in media. Reported by Man Yue Mo
- CVE-2019-5877: Out-of-bounds access in V8. Reported by Guang Gong
- CVE-2019-5878: Use-after-free in V8. Reported by Guang Gong
- CVE-2019-5879: Extensions can read some local files. Reported by Jinseo
Kim
- CVE-2019-5880: SameSite cookie bypass. Reported by Jun Kokatsu
- CVE-2019-13659: URL spoof. Reported by Lnyas Zhang
- CVE-2019-13660: Full screen notification overlap. Reported by Wenxu Wu
- CVE-2019-13661: Full screen notification spoof. Reported by Wenxu Wu
- CVE-2019-13662: CSP bypass. Reported by David Erceg
- CVE-2019-13663: IDN spoof. Reported by Lnyas Zhang
- CVE-2019-13664: CSRF bypass. Reported by thomas "zemnmez" shadwell
- CVE-2019-13665: Multiple file download protection bypass. Reported by
Jun Kokatsu
- CVE-2019-13666: Side channel using storage size estimate. Reported by
Tom Van Goethem
- CVE-2019-13667: URI bar spoof when using external app URIs. Reported by
Khalil Zhani
- CVE-2019-13668: Global window leak via console. Reported by David Erceg
- CVE-2019-13669: HTTP authentication spoof. Reported by Khalil Zhani
- CVE-2019-13670: V8 memory corruption in regex. Reported by Guang Gong
- CVE-2019-13671: Dialog box fails to show origin. Reported by xisigr
- CVE-2019-13673: Cross-origin information leak using devtools. Reported
by David Erceg
- CVE-2019-13674: IDN spoofing. Reported by Khalil Zhani
- CVE-2019-13675: Extensions can be disabled by trailing slash. Reported
by Jun Kokatsu
- CVE-2019-13676: Google URI shown for certificate warning. Reported by
Wenxu Wu
- CVE-2019-13677: Chrome web store origin needs to be isolated. Reported
by Jun Kokatsu
- CVE-2019-13678: Download dialog spoofing. Reported by Ronni Skansing
- CVE-2019-13679: User gesture needed for printing. Reported by Conrad
Irwin
- CVE-2019-13680: IP address spoofing to servers. Reported by Thijs
Alkemade
- CVE-2019-13681: Bypass on download restrictions. Reported by David Erceg
- CVE-2019-13682: Site isolation bypass. Reported by Jun Kokatsu
- CVE-2019-13683: Exceptions leaked by devtools. Reported by David Erceg
- CVE-2019-13685: Use-after-free in UI. Reported by Khalil Zhani
- CVE-2019-13686: Use-after-free in offline pages. Reported by Brendon
- CVE-2019-13687: Use-after-free in media. Reported by Man Yue Mo
- CVE-2019-13688: Use-after-free in media. Reported by Man Yue Mo
Tiszka
- CVE-2019-13691: Omnibox spoof. Reported by David Erceg
- CVE-2019-13692: SOP bypass. Reported by Jun Kokatsu
- CVE-2019-13693: Use-after-free in IndexedDB. Reported by Guang Gong
- CVE-2019-13694: Use-after-free in WebRTC. Reported by banananapenguin
- CVE-2019-13695: Use-after-free in audio. Reported by Man Yue Mo
- CVE-2019-13696: Use-after-free in V8. Reported by Guang Gong
- CVE-2019-13697: Cross-origin size leak. Reported by Luan Herrera
- CVE-2019-13699: Use-after-free in media. Reported by Man Yue Mo
- CVE-2019-13700: Buffer overrun in Blink. Reported by Man Yue Mo
- CVE-2019-13701: URL spoof in navigation. Reported by David Erceg
- CVE-2019-13702: Privilege elevation in Installer. Reported by Phillip
Langlois and Edward Torkington
- CVE-2019-13703: URL bar spoofing. Reported by Khalil Zhani
- CVE-2019-13704: CSP bypass. Reported by Jun Kokatsu
- CVE-2019-13705: Extension permission bypass. Reported by Luan Herrera
- CVE-2019-13706: Out-of-bounds read in PDFium. Reported by pdknsk
- CVE-2019-13707: File storage disclosure. Reported by Andrea Palazzo
- CVE-2019-13708: HTTP authentication spoof. Reported by Khalil Zhani
- CVE-2019-13709: File download protection bypass. Reported by Zhong
Zhaochen
- CVE-2019-13710: File download protection bypass. Reported by
bernardo.mrod
- CVE-2019-13711: Cross-context information leak. Reported by David Erceg
- CVE-2019-13713: Cross-origin data leak. Reported by David Erceg
- CVE-2019-13714: CSS injection. Reported by Jun Kokatsu
- CVE-2019-13715: Address bar spoofing. Reported by xisigr
- CVE-2019-13716: Service worker state error. Reported by Barron Hagerman
- CVE-2019-13717: Notification obscured. Reported by xisigr
- CVE-2019-13718: IDN spoof. Reported by Khalil Zhani
- CVE-2019-13719: Notification obscured. Reported by Khalil Zhani
- CVE-2019-13720: Use-after-free in audio. Reported by Anton Ivanov and
Alexey Kulaev
- CVE-2019-13721: Use-after-free in PDFium. Reported by banananapenguin
* Drop support for building with gcc 6 and gtk 2.
-- Michael Gilbert <mgilbert@debian.org> Sat, 02 Nov 2019 22:30:42 +0000
chromium (76.0.3809.100-1) unstable; urgency=medium
* New upstream security release.
- CVE-2019-5867: Out-of-bounds read in V8. Reported by Lucas Pinheiro
- CVE-2019-5868: Use-after-free in PDFium ExecuteFieldAction. Reported by
banananapenguin
-- Michael Gilbert <mgilbert@debian.org> Fri, 09 Aug 2019 19:58:55 +0000
chromium (76.0.3809.87-2) unstable; urgency=medium
* Fix inverted logic in enum comparison (closes: #933598).
-- Michael Gilbert <mgilbert@debian.org> Sat, 03 Aug 2019 14:31:59 +0000
chromium (76.0.3809.87-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2019-5847: V8 sealed/frozen elements cause crash. Reported by m3plex
- CVE-2019-5848: Font sizes may expose sensitive information. Reported by
Mark Amery
- CVE-2019-5850: Use-after-free in offline page fetcher. Reported by
Brendon Tiszka
- CVE-2019-5851: Use-after-poison in offline audio context. Reported by Zhe
Jin
- CVE-2019-5852: Object leak of utility functions. Reported by David Erceg
- CVE-2019-5853: Memory corruption in regexp length check. Reported by
yngwei and sakura
- CVE-2019-5854: Integer overflow in PDFium text rendering. Reported by
Zhen Zhou
- CVE-2019-5855: Integer overflow in PDFium. Reported by Zhen Zhou
- CVE-2019-5856: Insufficient checks on filesystem: URI permissions.
Reported by Yongke Wang
- CVE-2019-5857: Comparison of -0 and null yields crash. Reported by
cloudfuzzer
- CVE-2019-5858: Insufficient filtering of Open URL service parameters.
Reported by evi1m0
- CVE-2019-5859: res: URIs can load alternative browsers. Reported by James
Lee
- CVE-2019-5860: Use-after-free in PDFium. Reported by Anonymous
- CVE-2019-5861: Click location incorrectly checked. Reported by Robin Linus
- CVE-2019-5862: AppCache not robust to compromised renderers. Reported by
Jun Kokatsu
- CVE-2019-5864: Insufficient port filtering in CORS for extensions.
Reported by Devin Grindle
- CVE-2019-5865: Site isolation bypass from compromised renderer. Reported
by Ivan Fratric
* Use legacy call to avoid error in icu 6.3 (closes: #932049).
-- Michael Gilbert <mgilbert@debian.org> Mon, 29 Jul 2019 23:22:44 +0000
chromium (76.0.3809.71-1) unstable; urgency=medium
* New upstream beta release.
* Recommend system-config-printer (closes: #929106).
* Add -fno-delete-null-pointer-checks back into the build flags.
-- Michael Gilbert <mgilbert@debian.org> Wed, 24 Jul 2019 22:51:41 +0000
chromium (76.0.3809.62-1) unstable; urgency=medium
* New upstream beta release.
- Fixes error restoring multiple profiles on startup (closes: #930469).
* Update standards version to 4.4.0.
-- Michael Gilbert <mgilbert@debian.org> Wed, 10 Jul 2019 23:52:45 +0000
chromium (75.0.3770.90-1) unstable; urgency=medium
[ Riku Voipio ]
* Fix build on armhf (closes: #930348).
[ Michael Gilbert ]
* New upstream security release.
- CVE-2019-5842: Use-after-free in Blink. Reported by BUGFENSE
* Disable hardware accelerated video (closes: #926032).
* Fix signedness error when built with gcc (closes: #914886).
- Thanks to Maciej S. Szmigiero.
-- Michael Gilbert <mgilbert@debian.org> Fri, 14 Jun 2019 00:10:43 +0000
chromium (75.0.3770.80-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2019-5824: Parameter passing error in media player. Reported by
leecraso and Guang Gong
- CVE-2019-5825: Out-of-bounds write in V8. Reported by Gengming Liu,
Jianyu Chen, Zhen Feng, and Jessica Liu
- CVE-2019-5826: Use-after-free in IndexedDB. Reported by Gengming Liu,
Jianyu Chen, Zhen Feng, and Jessica Liu
- CVE-2019-5827: Out-of-bounds access issue in SQLite. Reported by
mlfbrown
- CVE-2019-5828: Use after free in ServiceWorker. Reported by leecraso and
Guang Gong
- CVE-2019-5829: Use after free in Download Manager. Reported by Lucas
Pinheiro
- CVE-2019-5830: Incorrectly credentialed requests in CORS. Reported by
Andrew Krasichkov
- CVE-2019-5831: Incorrect map processing in V8. Reported by yngwei
- CVE-2019-5832: Incorrect CORS handling in XHR. Reported by Sergey Shekyan
- CVE-2019-5833: Inconsistent security UI placement. Reported by Khalil
Zhani
- CVE-2019-5834: URL spoof in Omnibox on iOS. Reported by Khalil Zhani
- CVE-2019-5836: Heap buffer overflow in Angle. Reported by Omair
- CVE-2019-5837: Cross-origin resources size disclosure in Appcache.
Reported by Adam Iwaniuk
- CVE-2019-5838: Overly permissive tab access in Extensions. Reported by
David Erceg
- CVE-2019-5839: Incorrect handling of certain code points in Blink.
Reported by Masato Kinugawa
- CVE-2019-5840: Popup blocker bypass. Reported by Eliya Stein and Jerome
Dangu
- CVE-2019-5849: Out-of-bounds read in Skia. Reported by Zhen Zhou
-- Michael Gilbert <mgilbert@debian.org> Sun, 09 Jun 2019 18:59:50 +0000
chromium (75.0.3770.10-1) experimental; urgency=medium
* New upstream development release.
- Fixes crash when launching chromium a second time (closes: #927913).
* Document how to use widevine in README.debian (closes: #929026).
* Apply vaapi update from the Fedora chromium 73 package (closes: #926032).
-- Michael Gilbert <mgilbert@debian.org> Sun, 09 Jun 2019 18:35:36 +0000
chromium (74.0.3729.108-1) unstable; urgency=medium
* New upstream stable release.
- Eliminates flood of vsync error messages (closes: #901831).
- Correctly shuts down when SIGTERM is recieved (closes: #924901).
- Fixes regression in hardware accelerated video (closes: #926032).
- CVE-2019-5805: Use after free in PDFium. Reported by Anonymous
- CVE-2019-5806: Integer overflow in Angle. Reported by Wen Xu
- CVE-2019-5807: Memory corruption in V8. Reported by TimGMichaud
- CVE-2019-5808: Use after free in Blink. Reported by cloudfuzzer
- CVE-2019-5809: Use after free in Blink. Reported by Mark Brand
- CVE-2019-5810: User information disclosure in Autofill. Reported by Mark
Amery
- CVE-2019-5811: CORS bypass in Blink. Reported by Jun Kokatsu
- CVE-2019-5813: Out of bounds read in V8. Reported by Aleksandar Nikolic
- CVE-2019-5814: CORS bypass in Blink. Reported by @AaylaSecura1138
- CVE-2019-5815: Heap buffer overflow in Blink. Reported by Nicolas
Grégoire
- CVE-2019-5818: Uninitialized value in media reader. Reported by Adrian
Tolbaru
- CVE-2019-5819: Incorrect escaping in developer tools. Reported by Svyat
Mitin
- CVE-2019-5820: Integer overflow in PDFium. Reported by pdknsk
- CVE-2019-5821: Integer overflow in PDFium. Reported by pdknsk
- CVE-2019-5822: CORS bypass in download manager. Reported by Jun Kokatsu
- CVE-2019-5823: Forced navigation from service worker. Reported by David
Erceg
-- Michael Gilbert <mgilbert@debian.org> Wed, 24 Apr 2019 00:08:54 +0000
chromium (73.0.3683.75-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2019-5787: Use after free in Canvas. Reported by Zhe Jin
- CVE-2019-5788: Use after free in FileAPI. Reported by Mark Brand
- CVE-2019-5789: Use after free in WebMIDI. Reported by Mark Brand
- CVE-2019-5790: Heap buffer overflow in V8. Reported by Dimitri Fourny
- CVE-2019-5791: Type confusion in V8. Reported by Choongwoo Han
- CVE-2019-5792: Integer overflow in PDFium. Reported by pdknsk
- CVE-2019-5793: Excessive permissions for private API in Extensions.
Reported by Jun Kokatsu
- CVE-2019-5794: Security UI spoofing. Reported by Juno Im of Theori
- CVE-2019-5795: Integer overflow in PDFium. Reported by pdknsk
- CVE-2019-5796: Race condition in Extensions. Reported by Mark Brand
- CVE-2019-5797: Race condition in DOMStorage. Reported by Mark Brand
- CVE-2019-5798: Out of bounds read in Skia. Reported by Tran Tien Hung
- CVE-2019-5799: CSP bypass with blob URL. Reported by sohalt
- CVE-2019-5800: CSP bypass with blob URL. Reported by Jun Kokatsu
- CVE-2019-5802: Security UI spoofing. Reported by Ronni Skansing
- CVE-2019-5803: CSP bypass with Javascript URLs'. Reported by Andrew
Comminos
-- Michael Gilbert <mgilbert@debian.org> Tue, 19 Mar 2019 02:19:17 +0000
chromium (73.0.3683.56-2) experimental; urgency=medium
* Fix build failure on armhf.
-- Michael Gilbert <mgilbert@debian.org> Sun, 10 Mar 2019 04:35:32 +0000
chromium (73.0.3683.56-1) experimental; urgency=medium
* New upstream beta release.
-- Michael Gilbert <mgilbert@debian.org> Sat, 02 Mar 2019 18:02:02 +0000
chromium (72.0.3626.122-1) unstable; urgency=medium
* New upstream stable release.
-- Michael Gilbert <mgilbert@debian.org> Thu, 07 Mar 2019 14:05:20 +0000
chromium (72.0.3626.121-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2019-5786: Use-after-free in FileReader
-- Michael Gilbert <mgilbert@debian.org> Sat, 02 Mar 2019 16:28:16 +0000
chromium (72.0.3626.109-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2019-5784: Inappropriate implementation in V8. Reported by Lucas
Pinheiro
* Build pdfium using system lcms.
* Renable support for kerberos (closes: #916684).
* Fix 32-bit type error in the vaapi implementation (closes: #921823).
-- Michael Gilbert <mgilbert@debian.org> Mon, 04 Feb 2019 04:27:06 +0000
chromium (72.0.3626.81-1) unstable; urgency=medium
* New upstream stable release.
- Stack buffer overflow in Skia. Reported by Ivan Fratric
- Use after free in Mojo, FileAPI, and Payments. Reported by Mark Brand
- CVE-2018-17481: Use after free in PDFium. Reported by Anonymous
- CVE-2019-5754: Inappropriate implementation in QUIC Networking. Reported
by Klzgrad
- CVE-2019-5755: Inappropriate implementation in V8. Reported by Jay
Bosamiya
- CVE-2019-5756: Use after free in PDFium. Reported by Anonymous
- CVE-2019-5757: Type Confusion in SVG. Reported by Alexandru Pitis
- CVE-2019-5758: Use after free in Blink. Reported by Zhe Jin
- CVE-2019-5759: Use after free in HTML select elements. Reported by Almog
Benin
- CVE-2019-5760: Use after free in WebRTC. Reported by Zhe Jin
- CVE-2019-5762: Use after free in PDFium. Reported by Anonymous
- CVE-2019-5763: Insufficient validation of untrusted input in V8.
Reported by Guang Gong
- CVE-2019-5764: Use after free in WebRTC. Reported by Eyal Itkin
- CVE-2019-5765: Insufficient policy enforcement in the browser. Reported
by Sergey Toshin
- CVE-2019-5766: Insufficient policy enforcement in Canvas. Reported by
David Erceg
- CVE-2019-5767: Incorrect security UI in WebAPKs. Reported by Haoran Lu,
Yifan Zhang, Luyi Xing, and Xiaojing Liao
- CVE-2019-5768: Insufficient policy enforcement in DevTools. Reported by
Rob Wu
- CVE-2019-5769: Insufficient validation of untrusted input in Blink.
Reported by Guy Eshel
- CVE-2019-5770: Heap buffer overflow in WebGL. Reported by hemidallt
- CVE-2019-5772: Use after free in PDFium. Reported by Zhen Zhou
- CVE-2019-5773: Insufficient data validation in IndexedDB. Reported by
Yongke Wang
- CVE-2019-5774: Insufficient validation of untrusted input in
SafeBrowsing. Reported by Junghwan Kang and Juno Im
- CVE-2019-5775: Insufficient policy enforcement in Omnibox. Reported by
evi1m0
- CVE-2019-5776: Insufficient policy enforcement in Omnibox. Reported by
Lnyas Zhang
- CVE-2019-5777: Insufficient policy enforcement in Omnibox. Reported by
Khalil Zhani
- CVE-2019-5778: Insufficient policy enforcement in Extensions. Reported
by David Erceg
- CVE-2019-5779: Insufficient policy enforcement in ServiceWorker.
Reported by David Erceg
- CVE-2019-5780: Insufficient policy enforcement. Reported by Andreas
Hegenberg
- CVE-2019-5781: Insufficient policy enforcement in Omnibox. Reported by
evi1m0
- CVE-2019-5782: Inappropriate implementation in V8 reported by Qixun Zhao
- CVE-2019-5783: Insufficient validation of untrusted input in DevTools.
Reported by Shintaro Kobori
* Opt out of all Google web service options by default (closes: #916320).
* Enable support for hardware accelerated video decoding (closes: #856255).
- Thanks to Akarshan Biswas.
-- Michael Gilbert <mgilbert@debian.org> Sat, 02 Feb 2019 05:05:43 +0000
chromium (72.0.3626.53-1) unstable; urgency=medium
* New upstream beta release.
* Organize the gcc 6 patches.
* Update standards version to 4.3.0.
* Drop libsrtp from the build dependencies (closes: #918542).
-- Michael Gilbert <mgilbert@debian.org> Sat, 12 Jan 2019 07:17:20 +0000
chromium (72.0.3626.7-6) unstable; urgency=medium
* Upload to unstable: fix FTBFS on arm64 and armhf
-- Riku Voipio <riku.voipio@linaro.org> Tue, 08 Jan 2019 14:41:13 +0200
chromium (72.0.3626.7-5) experimental; urgency=medium
* Fix armhf and arm64 builds
-- Riku Voipio <riku.voipio@linaro.org> Fri, 04 Jan 2019 16:17:43 +0200
chromium (72.0.3626.7-4) unstable; urgency=medium
* Reenable support for widevine (closes: #916058).
* Update maintainer to chromium@packages.debian.org (closes: #915988).
-- Michael Gilbert <mgilbert@debian.org> Mon, 24 Dec 2018 19:41:02 +0000
chromium (72.0.3626.7-3) unstable; urgency=medium
* Remove unintended extra brace in arm patch.
-- Michael Gilbert <mgilbert@debian.org> Sun, 16 Dec 2018 22:37:19 +0000
chromium (72.0.3626.7-2) experimental; urgency=medium
* Fix build failures on arm.
-- Michael Gilbert <mgilbert@debian.org> Fri, 14 Dec 2018 02:50:58 +0000
chromium (72.0.3626.7-1) experimental; urgency=medium
* New upstream developmental release.
-- Michael Gilbert <mgilbert@debian.org> Tue, 11 Dec 2018 03:31:15 +0000
chromium (71.0.3578.80-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2018-17480: Out of bounds write in V8. Reported by Guang Gong
- CVE-2018-17481: Use after frees in PDFium. Reported by Anonymous
- CVE-2018-18335: Heap buffer overflow in Skia. Reported by Anonymous
- CVE-2018-18336: Use after free in PDFium. Reported by Huyna
- CVE-2018-18337: Use after free in Blink. Reported by cloudfuzzer
- CVE-2018-18338: Heap buffer overflow in Canvas. Reported by Zhe Jin
- CVE-2018-18339: Use after free in WebAudio. Reported by cloudfuzzer
- CVE-2018-18340: Use after free in MediaRecorder. Reported by Anonymous
- CVE-2018-18341: Heap buffer overflow in Blink. Reported by cloudfuzzer
- CVE-2018-18342: Out of bounds write in V8. Reported by Guang Gong
- CVE-2018-18343: Use after free in Skia. Reported by Tran Tien Hung
- CVE-2018-18344: Inappropriate implementation in Extensions. Reported by
Jann Horn
- CVE-2018-18345: Inappropriate implementation in Site Isolation. Reported
by Masato Kinugawa and Jun Kokatsu
- CVE-2018-18346: Incorrect security UI in Blink. Reported by Luan Herrera
- CVE-2018-18347: Inappropriate implementation in Navigation. Reported by
Luan Herrera
- CVE-2018-18348: Inappropriate implementation in Omnibox. Reported by
Ahmed Elsobky
- CVE-2018-18349: Insufficient policy enforcement in Blink. Reported by
David Erceg
- CVE-2018-18350: Insufficient policy enforcement in Blink. Reported by
Jun Kokatsu
- CVE-2018-18351: Insufficient policy enforcement in Navigation. Reported
by Jun Kokatsu
- CVE-2018-18352: Inappropriate implementation in Media. Reported by Jun
Kokatsu
- CVE-2018-18353: Inappropriate implementation in Network Authentication.
Reported by Wenxu Wu
- CVE-2018-18354: Insufficient data validation in Shell Integration.
Reported by Wenxu Wu
- CVE-2018-18355: Insufficient policy enforcement in URL Formatter.
Reported by evi1m0
- CVE-2018-18356: Use after free in Skia. Reported by Tran Tien Hung
- CVE-2018-18357: Insufficient policy enforcement in URL Formatter.
Reported by evi1m0
- CVE-2018-18358: Insufficient policy enforcement in Proxy. Reported by
Jann Horn
- CVE-2018-18359: Out of bounds read in V8. Reported by cyrilliu
- Inappropriate implementation in PDFium. Reported by Salem Faisal
Elmrayed
- Use after free in Extensions. Reported by Zhe Jin
- Inappropriate implementation in Navigation. Reported by Luan Herrera
- Inappropriate implementation in Navigation. Reported by Jesper van den
Ende
- Insufficient policy enforcement in Navigation. Reported by Ryan Pickren
- Insufficient policy enforcement in URL Formatter. Reported by evi1m0
-- Michael Gilbert <mgilbert@debian.org> Wed, 05 Dec 2018 00:45:35 +0000
chromium (71.0.3578.62-1) unstable; urgency=medium
* New upstream beta release.
* Rename the source package to chromium.
* Build using the system jsoncpp library.
* Remove non-free unrar source from the upstream tarball (closes: #914487).
- Requires safe browsing inspection of rar files to be disabled.
-- Michael Gilbert <mgilbert@debian.org> Wed, 21 Nov 2018 02:37:35 +0000
chromium-browser (70.0.3538.110-1) unstable; urgency=medium
* New upstream security release.
- CVE-2018-17479: Use-after-free in GPU.
-- Michael Gilbert <mgilbert@debian.org> Tue, 20 Nov 2018 00:45:46 +0000
chromium-browser (70.0.3538.102-1) unstable; urgency=medium
* New upstream security release.
- CVE-2018-17478: Out of bounds memory access in V8. Reported by
cloudfuzzer
* Fix new lintian warnings.
* Drop libjs-excanvas build dependency.
* Add support for building with harfbuzz 2.1.1.
* Document how to run chromium as root (closes: #838534).
* Output debian specific instructions when no working sandbox is available.
* Do not rely on transitive recommendation for the sandbox (closes: #913116).
-- Michael Gilbert <mgilbert@debian.org> Fri, 16 Nov 2018 03:12:53 +0000
chromium-browser (70.0.3538.67-3) unstable; urgency=medium
* Fix a compiler warning.
* Move the setuid sandbox into a separate package (closes: #839277).
-- Michael Gilbert <mgilbert@debian.org> Sat, 03 Nov 2018 17:30:16 +0000
chromium-browser (70.0.3538.67-2) unstable; urgency=medium
* Restore support for building with gtk2.
-- Michael Gilbert <mgilbert@debian.org> Tue, 23 Oct 2018 01:11:35 +0000
chromium-browser (70.0.3538.67-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2018-17462: Sandbox escape in AppCache. Reported by Ned Williamson
and Niklas Baumstark
- CVE-2018-17463: Remote code execution in V8. Reported by Ned Williamson
and Niklas Baumstark
- Heap buffer overflow in Little CMS in PDFium. Reported by Quang Nguyễn
- CVE-2018-17464: URL spoof in Omnibox. Reported by xisigr
- CVE-2018-17465: Use after free in V8. Reported by Lin Zuojian
- CVE-2018-17466: Memory corruption in Angle. Reported by Omair
- CVE-2018-17467: URL spoof in Omnibox. Reported by Khalil Zhani
- CVE-2018-17468: Cross-origin URL disclosure in Blink. Reported by James
Lee
- CVE-2018-17469: Heap buffer overflow in PDFium. Reported by Zhen Zhou
- CVE-2018-17470: Memory corruption in GPU Internals. Reported by Zhe Jin
- CVE-2018-17471: Security UI occlusion in full screen mode. Reported by
Lnyas Zhang
- CVE-2018-17473: URL spoof in Omnibox. Reported by Khalil Zhani
- CVE-2018-17474: Use after free in Blink. Reported by Zhe Jin
- CVE-2018-17475: URL spoof in Omnibox. Reported by Vladimir Metnew
- CVE-2018-17476: Security UI occlusion in full screen mode. Reported by
Khalil Zhani
- CVE-2018-5179: Lack of limits on update() in ServiceWorker. Reported by
Yannic Bonenberger
- CVE-2018-17477: UI spoof in Extensions. Reported by Aaron Muir Hamilton
* Fix build failure on i386.
* Fix installation path of the master preferences file (closes: #911056).
-- Michael Gilbert <mgilbert@debian.org> Tue, 16 Oct 2018 12:36:22 +0000
chromium-browser (70.0.3538.54-2) unstable; urgency=medium
* Build with gcc 8 (closes: #901368).
* Move the master preferences file to /etc/chromium (closes: #891232).
-- Michael Gilbert <mgilbert@debian.org> Sun, 14 Oct 2018 00:49:46 +0000
chromium-browser (70.0.3538.54-1) unstable; urgency=medium
* New upstream beta release.
-- Michael Gilbert <mgilbert@debian.org> Sat, 13 Oct 2018 04:18:08 +0000
chromium-browser (69.0.3497.100-1) unstable; urgency=medium
* New upstream stable release.
* Update standards version to 4.2.1.
* Clarify debugging section in README.debian (closes: #910842).
* Remove ConvertUTF from the upstream tarball (closes: #900596).
* Load all extensions installed to /usr/share/chromium/extensions.
- Thanks to Michael Meskes (closes: #890392).
* Remove audio_capture_enable setting from the default preferences
(closes: #884887).
-- Michael Gilbert <mgilbert@debian.org> Sat, 13 Oct 2018 02:35:46 +0000
chromium-browser (69.0.3497.92-1) unstable; urgency=medium
* New upstream security release.
- Function signature mismatch in WebAssembly. Reported by Kevin Cheung
- URL Spoofing in Omnibox. Reported by evi1m0
-- Michael Gilbert <mgilbert@debian.org> Thu, 13 Sep 2018 03:12:53 +0000
chromium-browser (69.0.3497.81-3) unstable; urgency=medium
* Move another file needed for the armhf build to where it is expected.
-- Michael Gilbert <mgilbert@debian.org> Fri, 07 Sep 2018 00:06:13 +0000
chromium-browser (69.0.3497.81-2) unstable; urgency=medium
* Disable swiftshader.
* Move file needed for the armhf build to where it is expected.
* Document disabled built-in extensions in README.debian (closes: #886358).
-- Michael Gilbert <mgilbert@debian.org> Thu, 06 Sep 2018 01:45:12 +0000
chromium-browser (69.0.3497.81-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2018-16065: Out of bounds write in V8. Reported by Brendon Tiszka
- CVE-2018-16066: Out of bounds read in Blink. Reported by cloudfuzzer
- CVE-2018-16067: Out of bounds read in WebAudio. Reported by Zhe Jin
- CVE-2018-16068: Out of bounds write in Mojo. Reported by Mark Brand
- CVE-2018-16069: Out of bounds read in SwiftShader. Reported by Mark Brand
- CVE-2018-16070: Integer overflow in Skia. Reported by Ivan Fratric
- CVE-2018-16071: Use after free in WebRTC. Reported by Natalie Silvanovich
- CVE-2018-16073: Site Isolation bypass after tab restore. Reported by Jun
Kokatsu
- CVE-2018-16074: Site Isolation bypass using Blob URLS. Reported by Jun
Kokatsu
- CVE-2018-16075: Local file access in Blink. Reported by Pepe Vila
- CVE-2018-16076: Out of bounds read in PDFium. Reported by Aleksandar
Nikolic
- CVE-2018-16077: Content security policy bypass in Blink. Reported by
Manuel Caballero
- CVE-2018-16078: Credit card information leak in Autofill. Reported by
Cailan Sacks
- CVE-2018-16079: URL spoof in permission dialogs. Reported by Markus
Vervier and Michele Orrù
- CVE-2018-16080: URL spoof in full screen mode. Reported by Khalil Zhani
- CVE-2018-16081: Local file access in DevTools. Reported by Jann Horn
- CVE-2018-16082: Stack buffer overflow in SwiftShader. Reported by Omair
- CVE-2018-16083: Out of bounds read in WebRTC. Reported by Natalie
Silvanovich
- CVE-2018-16084: User confirmation bypass in external protocol handling.
Reported by Jun Kokatsu
- CVE-2018-16085: Use after free in Memory Instrumentation. Reported by
Roman Kuksin
-- Michael Gilbert <mgilbert@debian.org> Wed, 05 Sep 2018 00:01:50 +0000
chromium-browser (69.0.3497.12-1) experimental; urgency=medium
* New upstream development release.
- Fixes an error that can occur on pages containing xml (closes: #865592).
* Install swiftshader libraries to /usr/lib/chromium (closes: #901831).
-- Michael Gilbert <mgilbert@debian.org> Sun, 29 Jul 2018 09:30:34 +0000
chromium-browser (68.0.3440.75-2) unstable; urgency=medium
* Restore a mistakenly omitted call to InitializeFFmpeg (closes: #902909).
-- Michael Gilbert <mgilbert@debian.org> Thu, 26 Jul 2018 00:37:11 +0000
chromium-browser (68.0.3440.75-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2018-4117: Cross origin information leak in Blink. Reported by
AhsanEjaz
- CVE-2018-6044: Request privilege escalation in Extensions . Reported by
Rob Wu
- CVE-2018-6150: Cross origin information disclosure in Service Workers.
Reported by Rob Wu
- CVE-2018-6151: Bad cast in DevTools. Reported by Rob Wu
- CVE-2018-6152: Local file write in DevTools. Reported by Rob Wu
- CVE-2018-6153: Stack buffer overflow in Skia. Reported by Zhen Zhou
- CVE-2018-6154: Heap buffer overflow in WebGL. Reported by Omair
- CVE-2018-6155: Use after free in WebRTC. Reported by Natalie Silvanovich
- CVE-2018-6156: Heap buffer overflow in WebRTC. Reported by Natalie
Silvanovich
- CVE-2018-6157: Type confusion in WebRTC. Reported by Natalie Silvanovich
- CVE-2018-6158: Use after free in Blink. Reported by Zhe Jin
- CVE-2018-6159: Same origin policy bypass in ServiceWorker. Reported by
Jun Kokatsu
- CVE-2018-6161: Same origin policy bypass in WebAudio. Reported by Jun
Kokatsu
- CVE-2018-6162: Heap buffer overflow in WebGL. Reported by Omair
- CVE-2018-6163: URL spoof in Omnibox. Reported by Khalil Zhani
- CVE-2018-6164: Same origin policy bypass in ServiceWorker. Reported by
Jun Kokatsu
- CVE-2018-6165: URL spoof in Omnibox. Reported by evi1m0
- CVE-2018-6166: URL spoof in Omnibox. Reported by Lnyas Zhang
- CVE-2018-6167: URL spoof in Omnibox. Reported by Lnyas Zhang
- CVE-2018-6168: CORS bypass in Blink. Reported by Gunes Acar and Danny Y.
Huang
- CVE-2018-6169: Permissions bypass in extension installation . Reported by
Sam P
- CVE-2018-6170: Type confusion in PDFium. Reported by Anonymous
- CVE-2018-6171: Use after free in WebBluetooth.
- CVE-2018-6172: URL spoof in Omnibox. Reported by Khalil Zhani
- CVE-2018-6173: URL spoof in Omnibox. Reported by Khalil Zhani
- CVE-2018-6174: Integer overflow in SwiftShader. Reported by Mark Brand
- CVE-2018-6175: URL spoof in Omnibox. Reported by Khalil Zhani
- CVE-2018-6176: Local user privilege escalation in Extensions. Reported by
Jann Horn
- CVE-2018-6177: Cross origin information leak in Blink. Reported by Ron
Masas
- CVE-2018-6178: UI spoof in Extensions. Reported by Khalil Zhani
- CVE-2018-6179: Local file information leak in Extensions.
-- Michael Gilbert <mgilbert@debian.org> Wed, 25 Jul 2018 00:28:20 +0000
chromium-browser (68.0.3440.42-1) experimental; urgency=medium
* New upstream beta release.
-- Michael Gilbert <mgilbert@debian.org> Sat, 30 Jun 2018 17:46:03 +0000
chromium-browser (68.0.3440.33-1) experimental; urgency=medium
* New upstream beta release.
* Build using upstream's "lite" tarball.
* Restore decoder initialization from chromium 66 to maintain compatibility
with ffmpeg 3.4 (closes: #900533).
-- Michael Gilbert <mgilbert@debian.org> Fri, 29 Jun 2018 20:48:51 +0000
chromium-browser (68.0.3440.25-1) experimental; urgency=medium
* New upstream beta release.
-- Michael Gilbert <mgilbert@debian.org> Sun, 24 Jun 2018 16:32:18 +0000
chromium-browser (68.0.3440.17-1) experimental; urgency=medium
* New upstream beta release.
* Recommend upower and notification-daemon.
-- Michael Gilbert <mgilbert@debian.org> Mon, 11 Jun 2018 04:40:58 +0000
chromium-browser (68.0.3440.7-1) experimental; urgency=medium
* New upstream development release.
-- Michael Gilbert <mgilbert@debian.org> Sun, 10 Jun 2018 23:44:14 +0000
chromium-browser (67.0.3396.87-1) unstable; urgency=medium
* New upstream security release.
- CVE-2018-6149: Out of bounds write in V8. Reported by Yu Zhou and
Jundong Xie
-- Michael Gilbert <mgilbert@debian.org> Tue, 19 Jun 2018 12:13:46 +0000
chromium-browser (67.0.3396.79-2) unstable; urgency=medium
* Use embedded ffmpeg code copy (closes: #900533).
-- Michael Gilbert <mgilbert@debian.org> Mon, 11 Jun 2018 00:33:39 +0000
chromium-browser (67.0.3396.79-1) unstable; urgency=medium
* New upstream security release.
- CVE-2018-6148: Incorrect handling of CSP header. Reported by Michał
Bentkowski
-- Michael Gilbert <mgilbert@debian.org> Sun, 10 Jun 2018 21:48:45 +0000
chromium-browser (67.0.3396.62-2) unstable; urgency=medium
* Fix build on arm64/armhf
-- Riku Voipio <riku.voipio@linaro.org> Fri, 08 Jun 2018 15:37:05 +0300
chromium-browser (67.0.3396.62-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2018-6123: Use after free in Blink. Reported by Looben Yang
- CVE-2018-6124: Type confusion in Blink. Reported by Guang Gong
- CVE-2018-6125: Overly permissive policy in WebUSB. Reported by Yubico
- CVE-2018-6126: Heap buffer overflow in Skia. Reported by Ivan Fratric
- CVE-2018-6127: Use after free in indexedDB. Reported by Looben Yang
- CVE-2018-6129: Out of bounds memory access in WebRTC. Reported by Natalie
Silvanovich
- CVE-2018-6130: Out of bounds memory access in WebRTC. Reported by Natalie
Silvanovich
- CVE-2018-6131: Incorrect mutability protection in WebAssembly. Reported
by Natalie Silvanovich
- CVE-2018-6132: Use of uninitialized memory in WebRTC. Reported by Ronald
E. Crane
- CVE-2018-6133: URL spoof in Omnibox. Reported by Khalil Zhani
- CVE-2018-6134: Referrer Policy bypass in Blink. Reported by Jun Kokatsu
- CVE-2018-6135: UI spoofing in Blink. Reported by Jasper Rebane
- CVE-2018-6136: Out of bounds memory access in V8. Reported by Peter Wong
- CVE-2018-6137: Leak of visited status of page in Blink. Reported by
Michael Smith
- CVE-2018-6138: Overly permissive policy in Extensions. Reported by
François Lajeunesse-Robert
- CVE-2018-6139: Restrictions bypass in the debugger extension API.
Reported by Rob Wu
- CVE-2018-6140: Restrictions bypass in the debugger extension API.
Reported by Rob Wu
- CVE-2018-6141: Heap buffer overflow in Skia. Reported by Yangkang
- CVE-2018-6142: Out of bounds memory access in V8. Reported by Choongwoo
Han
- CVE-2018-6143: Out of bounds memory access in V8. Reported by Guang Gong
- CVE-2018-6144: Out of bounds memory access in PDFium. Reported by pdknsk
- CVE-2018-6145: Incorrect escaping of MathML in Blink. Reported by Masato
Kinugawa
- CVE-2018-6147: Password fields not taking advantage of OS protections in
Views. Reported by Michail Pishchagin
-- Michael Gilbert <mgilbert@debian.org> Wed, 30 May 2018 13:03:02 +0000
chromium-browser (67.0.3396.57-1) experimental; urgency=medium
* New upstream beta release.
* Ignore more compiler warnings.
-- Michael Gilbert <mgilbert@debian.org> Tue, 29 May 2018 13:06:17 +0000
chromium-browser (67.0.3396.56-1) experimental; urgency=medium
* New upstream beta release.
-- Michael Gilbert <mgilbert@debian.org> Sun, 27 May 2018 04:27:00 +0000
chromium-browser (67.0.3396.48-1) experimental; urgency=medium
* New upstream beta release.
* Indicate that binary rules do not require root.
* Change maintainer address to chromium-browser@packages.debian.org.
* Drop widevine adapter package, no longer supported upstream (chromium
should automatically detect and use libwidevinecdm.so without the extra
adapter library now).
-- Michael Gilbert <mgilbert@debian.org> Sat, 19 May 2018 03:30:20 +0000
chromium-browser (66.0.3359.181-1) unstable; urgency=medium
* New upstream security release.
- CVE-2018-6120: Heap buffer overflow in PDFium. Reported by Zhou Aiting
- CVE-2018-6121: Privilege Escalation in extensions.
- CVE-2018-6122: Type confusion in V8.
-- Michael Gilbert <mgilbert@debian.org> Fri, 18 May 2018 21:08:59 +0000
chromium-browser (66.0.3359.139-1) unstable; urgency=medium
* New upstream security release.
- CVE-2018-6118: Use after free in Media Cache. Reported by Ned Williamson
* Enable jumbo build.
* Recommend libgl1-mesa-dri.
-- Michael Gilbert <mgilbert@debian.org> Sat, 28 Apr 2018 02:44:15 +0000
chromium-browser (66.0.3359.117-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson
- CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson
- CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous
- CVE-2018-6088: Use after free in PDFium. Reported by Anonymous
- CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by
Rob Wu
- CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song
- CVE-2018-6091: Incorrect handling of plug-ins by Service Worker.
Reported by Jun Kokatsu
- CVE-2018-6092: Integer overflow in WebAssembly. Reported by Natalie
Silvanovich
- CVE-2018-6093: Same origin bypass in Service Worker. Reported by Jun
Kokatsu
- CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris
Rohlf
- CVE-2018-6095: Lack of meaningful user interaction requirement before
file upload. Reported by Abdulrahman Alqabandi
- CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu
- CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr
- CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani
- CVE-2018-6099: CORS bypass in ServiceWorker. Reported by Jun Kokatsu
- CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang
- CVE-2018-6101: Insufficient protection of remote debugging prototol in
DevTools . Reported by Rob Wu
- CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani
- CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani
- CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani
- CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani
- CVE-2018-6106: Incorrect handling of promises in V8. Reported by
lokihardt
- CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani
- CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani
- CVE-2018-6109: Incorrect handling of files by FileAPI. Reported by
Dominik Weber
- CVE-2018-6110: Incorrect handling of plaintext files via file:// .
Reported by Wenxiang Qian
- CVE-2018-6111: Heap-use-after-free in DevTools. Reported by Khalil Zhani
- CVE-2018-6112: Incorrect URL handling in DevTools. Reported by Rob Wu
- CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani
- CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang
- CVE-2018-6115: SmartScreen bypass in downloads. Reported by James Feher
- CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by
Chengdu Security Response Center
- CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey
- Fixes proxy time out error (closes: #892994).
- Removes not implemented messages (closes: #893799).
* Remove third_party/chromite from the upstream tarball (closes: #895076).
-- Michael Gilbert <mgilbert@debian.org> Thu, 26 Apr 2018 01:27:39 +0000
chromium-browser (66.0.3359.26-2) unstable; urgency=medium
[ Michael Gilbert ]
* Build using gcc6.
* Move version control to salsa.debian.org.
* Change maintainer address to chromium-browser@tracker.debian.org.
[ Riku Voipio ]
* [arm64/armhf] Fix neon autodetection with patch from upstream
* [armhf] drop debug symbols
-- Michael Gilbert <mgilbert@debian.org> Sun, 08 Apr 2018 03:11:08 +0000
chromium-browser (66.0.3359.26-1) experimental; urgency=medium
* New upstream release.
* Use threaded compression while repacking the upstream tarball.
-- Michael Gilbert <mgilbert@debian.org> Mon, 26 Mar 2018 00:53:25 +0000
chromium-browser (66.0.3359.22-3) experimental; urgency=medium
* Build pdfium using the system openjpeg library.
-- Michael Gilbert <mgilbert@debian.org> Sat, 24 Mar 2018 22:53:20 +0000
chromium-browser (66.0.3359.22-2) experimental; urgency=medium
* Fix typo in vpx patch.
-- Michael Gilbert <mgilbert@debian.org> Sat, 24 Mar 2018 21:39:20 +0000
chromium-browser (66.0.3359.22-1) experimental; urgency=medium
* New upstream release.
- Fixes swiftshader library loading error (closes: #864606).
-- Michael Gilbert <mgilbert@debian.org> Mon, 19 Mar 2018 01:04:11 +0000
chromium-browser (65.0.3325.146-4) unstable; urgency=medium
* Fix another incomplete type build error (closes: #892891).
-- Michael Gilbert <mgilbert@debian.org> Thu, 15 Mar 2018 01:22:51 +0000
chromium-browser (65.0.3325.146-3) unstable; urgency=medium
* Fix incomplete type build error.
-- Michael Gilbert <mgilbert@debian.org> Sun, 11 Mar 2018 00:33:12 +0000
chromium-browser (65.0.3325.146-2) unstable; urgency=medium
* Fix a few gcc build warnings.
* Apply upstream's fix for a bug in gcc7's handling of non-copyable types
(closes: #890954).
-- Michael Gilbert <mgilbert@debian.org> Sat, 10 Mar 2018 00:36:33 +0000
chromium-browser (65.0.3325.146-1) unstable; urgency=medium
* New upstream stable release release.
- CVE-2018-6056: Incorrect derived class instantiation in V8. Reported by
lokihardt
- CVE-2018-6060: Use after free in Blink. Reported by Omair
- CVE-2018-6061: Race condition in V8. Reported by Guang Gong
- CVE-2018-6062: Heap buffer overflow in Skia. Reported by Anonymous
- CVE-2018-6057: Incorrect permissions on shared memory. Reported by Gal
Beniamini
- CVE-2018-6063: Incorrect permissions on shared memory. Reported by Gal
Beniamini
- CVE-2018-6064: Type confusion in V8. Reported by lokihardt
- CVE-2018-6065: Integer overflow in V8. Reported by Mark Brand
- CVE-2018-6066: Same Origin Bypass via canvas. Reported by Masato Kinugawa
- CVE-2018-6067: Buffer overflow in Skia. Reported by Ned Williamson
- CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab. Reported by
Luan Herrera
- CVE-2018-6069: Stack buffer overflow in Skia. Reported by Wanglu &
Yangkang
- CVE-2018-6070: CSP bypass through extensions. Reported by Rob Wu
- CVE-2018-6071: Heap bufffer overflow in Skia. Reported by Anonymous
- CVE-2018-6072: Integer overflow in PDFium. Reported by Atte Kettunen
- CVE-2018-6073: Heap bufffer overflow in WebGL. Reported by Omair
- CVE-2018-6074: Mark-of-the-Web bypass. Reported by Abdulrahman Alqabandi
- CVE-2018-6075: Overly permissive cross origin downloads. Reported by Inti
De Ceukelaire
- CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink.
Reported by Mateusz Krzeszowiec
- CVE-2018-6077: Timing attack using SVG filters. Reported by Khalil Zhani
- CVE-2018-6078: URL Spoof in OmniBox. Reported by Khalil Zhani
- CVE-2018-6079: Information disclosure via texture data in WebGL. Reported
by Ivars Atteka
- CVE-2018-6080: Information disclosure in IPC call. Reported by Gal
Beniamini
- CVE-2018-6081: XSS in interstitials. Reported by Rob Wu
- CVE-2018-6082: Circumvention of port blocking. Reported by WenXu Wu
- CVE-2018-6083: Incorrect processing of AppManifests. Reported by Jun
Kokatsu
* Enable support for vp9 (closes: #891831).
-- Michael Gilbert <mgilbert@debian.org> Mon, 05 Mar 2018 01:26:31 +0000
chromium-browser (65.0.3325.85-1) experimental; urgency=medium
* New upstream beta release.
* Remove third_party/ffmpeg from the upstream tarball.
-- Michael Gilbert <mgilbert@debian.org> Sat, 24 Feb 2018 08:17:44 +0000
chromium-browser (65.0.3325.74-1) experimental; urgency=medium
[ Michael Gilbert ]
* New upstream release.
* Update to debhelper 11.
* Update standards version.
* Remove third_party/llvm from the upstream tarball.
* Drop -fno-delete-null-pointer from debian/rules, applied upstream now.
[ Riku Voipio ]
* Fix skia build on arm64, (closes: #891062)
* Set some armhf specific gn args to help linking
-- Michael Gilbert <mgilbert@debian.org> Sat, 24 Feb 2018 02:36:40 +0000
chromium-browser (65.0.3325.73-1) experimental; urgency=medium
* New upstream beta release.
* Recommend libu2f-udev (closes: #890239).
* Add support for ffmpeg 4.0 (closes: #888387).
* Remove icc_profiles from the upstream tarball.
-- Michael Gilbert <mgilbert@debian.org> Sun, 18 Feb 2018 02:22:56 +0000
chromium-browser (64.0.3282.119-2) unstable; urgency=medium
* Drop chromecast patch (closes: #884173).
-- Michael Gilbert <mgilbert@debian.org> Sun, 11 Feb 2018 03:00:09 +0000
chromium-browser (64.0.3282.119-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall
- CVE-2017-15429: UXSS in V8. Reported by Anonymous
- CVE-2018-6031: Use after free in PDFium. Reported by Anonymous
- CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun
Kokatsu
- CVE-2018-6033: Race when opening downloaded files. Reported by Juho
Nurminen
- CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein
- CVE-2018-6035: Insufficient isolation of devtools from extensions.
Reported by Rob Wu
- CVE-2018-6036: Integer underflow in WebAssembly. Reported by The UK's
National Cyber Security Centre
- CVE-2018-6037: Insufficient user gesture requirements in autofill.
Reported by Paul Stone
- CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer
- CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen
- CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu
- CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera
- CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani
- CVE-2018-6043: Insufficient escaping with external URL handlers. Reported
by 0x09AL
- CVE-2018-6045: Insufficient isolation of devtools from extensions.
Reported by Rob Wu
- CVE-2018-6046: Insufficient isolation of devtools from extensions.
Reported by Rob Wu
- CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato
Kinugawa
- CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu
- CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu
- CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew
- CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso
- CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by
Tanner Emek
- CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset
Kabdenov
- CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu
-- Michael Gilbert <mgilbert@debian.org> Sun, 28 Jan 2018 01:00:12 +0000
chromium-browser (63.0.3239.84-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2017-15407: Out of bounds write in QUIC. Reported by Ned Williamson
- CVE-2017-15408: Heap buffer overflow in PDFium. Reported by Ke Liu
- CVE-2017-15409: Out of bounds write in Skia. Reported by Anonymous
- CVE-2017-15410: Use after free in PDFium. Reported by Luật Nguyễn
- CVE-2017-15411: Use after free in PDFium. Reported by Luật Nguyễn
- CVE-2017-15413: Type confusion in WebAssembly. Reported by Gaurav Dewan
- CVE-2017-15415: Pointer information disclosure in IPC call. Reported by
Viktor Brange
- CVE-2017-15416: Out of bounds read in Blink. Reported by Ned Williamson
- CVE-2017-15417: Cross origin information disclosure in Skia . Reported by
Max May
- CVE-2017-15418: Use of uninitialized value in Skia. Reported by Kushal
Arvind Shah
- CVE-2017-15419: Cross origin leak of redirect URL in Blink. Reported by
Jun Kokatsu
- CVE-2017-15420: URL spoofing in Omnibox. Reported by WenXu Wu
- CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. Reported by
Greg Hudson
- CVE-2017-15424: URL Spoof in Omnibox. Reported by Khalil Zhani
- CVE-2017-15425: URL Spoof in Omnibox. Reported by xisigr
- CVE-2017-15426: URL Spoof in Omnibox. Reported by WenXu Wu
- CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. Reported
by Junaid Farhan
* Update standards version to 4.1.2.
* Stricter default master preferences.
* Avoid showing the welcome page (closes: #857767).
* Switch from gtk2 to gtk3 again (closes: #883364).
-- Michael Gilbert <mgilbert@debian.org> Sun, 03 Dec 2017 16:05:00 +0000
chromium-browser (63.0.3239.40-1) experimental; urgency=medium
* New upstream beta release.
* Disable chromium signin feature.
* Fix error in icon installation script.
* Update to the latest standards version.
* Indicate that the package can be built without root.
-- Michael Gilbert <mgilbert@debian.org> Sun, 12 Nov 2017 05:36:26 +0000
chromium-browser (63.0.3239.30-1) experimental; urgency=medium
* New upstream beta release.
* Install 16 and 32 pixel png icon files (closes: #857071).
* Improve description for --temp-profile (closes: #881040).
* Document Debian bug reports in the manpage (closes: #880965).
* Stricter breaks/replaces to support security uploads (closes: #877970).
-- Michael Gilbert <mgilbert@debian.org> Wed, 08 Nov 2017 01:54:47 +0000
chromium-browser (62.0.3202.89-1) unstable; urgency=medium
* New upstream security release.
- CVE-2017-15398: Stack buffer overflow in QUIC. Reported by Ned
Williamson
- CVE-2017-15399: Use after free in V8. Reported by Zhao Qixun
* Revert new dependency on gconf.
* Link against system lcms2 library (closes: #879153).
* Disable device notifications by default (closes: #856571).
* Remove icon extension from the desktop file (closes: #860256).
-- Michael Gilbert <mgilbert@debian.org> Tue, 07 Nov 2017 02:22:17 +0000
chromium-browser (62.0.3202.75-1) unstable; urgency=medium
* New upstream stable release (closes: #879451).
- CVE-2017-5124: UXSS with MHTML. Reported by Anonymous
- CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous
- CVE-2017-5126: Use after free in PDFium. Reported by Luat Nguyen
- CVE-2017-5127: Use after free in PDFium. Reported by Luat Nguyen
- CVE-2017-5128: Heap overflow in WebGL. Reported by Omair
- CVE-2017-5129: Use after free in WebAudio. Reported by Omair
- CVE-2017-5131: Out of bounds write in Skia. Reported by Anonymous
- CVE-2017-5132: Incorrect stack manipulation in WebAssembly. Reported by
Gaurav Dewan
- CVE-2017-5133: Out of bounds write in Skia. Reported by Aleksandar
Nikolic
- CVE-2017-15386: UI spoofing in Blink. Reported by WenXu Wu
- CVE-2017-15387: Content security bypass. Reported by Jun Kokatsu
- CVE-2017-15388: Out of bounds read in Skia. Reported by Kushal Arvind
Shah
- CVE-2017-15389: URL spoofing in OmniBox. Reported by xisigr
- CVE-2017-15390: URL spoofing in OmniBox. Reported by Haosheng Wang
- CVE-2017-15391: Extension limitation bypass in Extensions. Reported by
João Lucas Melo Brasio
- CVE-2017-15392: Incorrect registry key handling in PlatformIntegration.
Reported by Xiaoyin Liu
- CVE-2017-15393: Referrer leak in Devtools. Reported by Svyat Mitin
- CVE-2017-15394: URL spoofing in extensions UI. Reported by Sam
- CVE-2017-15395: Null pointer dereference in ImageCapture. Reported by
Johannes Bergman
- CVE-2017-15396: Stack overflow in V8. Reported by Yuan Deng
* Enable chromecast feature switch (closes: #878244).
-- Michael Gilbert <mgilbert@debian.org> Sat, 04 Nov 2017 19:01:28 +0000
chromium-browser (61.0.3163.100-2) unstable; urgency=medium
* Add liblcms2-dev as a build dependency (closes: #876804).
-- Michael Gilbert <mgilbert@debian.org> Tue, 26 Sep 2017 12:54:35 +0000
chromium-browser (61.0.3163.100-1) unstable; urgency=medium
* New upstream stable release (closes: #876030).
- CVE-2017-5111: Use after free in PDFium. Reported by Luật Nguyễn
- CVE-2017-5112: Heap buffer overflow in WebGL. Reported by Tobias Klein
- CVE-2017-5113: Heap buffer overflow in Skia. Reported by Anonymous
- CVE-2017-5114: Memory lifecycle issue in PDFium. Reported by Ke Liu
- CVE-2017-5115: Type confusion in V8. Reported by Marco Giovannini
- CVE-2017-5116: Type confusion in V8. Reported by Anonymous
- CVE-2017-5117: Use of uninitialized value in Skia. Reported by Tobias
Klein
- CVE-2017-5118: Bypass of Content Security Policy in Blink. Reported by
WenXu Wu
- CVE-2017-5119: Use of uninitialized value in Skia. Reported by Anonymous
- CVE-2017-5120: Potential HTTPS downgrade during redirect navigation.
Reported by Xiaoyin Liu
- CVE-2017-5121: Out-of-bounds access in V8. Reported by Jordan Rabet
- CVE-2017-5122: Out-of-bounds access in V8. Reported by Choongwoo Han
- Adds support for gcc7 (closes: #853347).
* Update standards version.
* Use system libstdc++ instead of chromium's bundled custom libc++.
* Improve error message when network is unreachable (closes: #864539).
* Fix a mistake that lead to unstripped binary files (closes: #870531).
-- Michael Gilbert <mgilbert@debian.org> Sun, 24 Sep 2017 20:26:02 +0000
chromium-browser (60.0.3112.78-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2017-5091: Use after free in IndexedDB. Reported by Ned Williamson
- CVE-2017-5092: Use after free in PPAPI. Reported by Yu Zhou, Yuan Deng
- CVE-2017-5093: UI spoofing in Blink. Reported by Luan Herrera
- CVE-2017-5094: Type confusion in extensions. Reported by Anonymous
- CVE-2017-5095: Out-of-bounds write in PDFium. Reported by Anonymous
- CVE-2017-5096: User information leak via Android intents. Reported by
Takeshi Terada
- CVE-2017-5097: Out-of-bounds read in Skia. Reported by Anonymous
- CVE-2017-5098: Use after free in V8. Reported by Jihoon Kim
- CVE-2017-5099: Out-of-bounds write in PPAPI. Reported by Yuan Deng, Yu
Zhou
- CVE-2017-5100: Use after free in Chrome Apps. Reported by Anonymous
- CVE-2017-5101: URL spoofing in OmniBox. Reported by Luan Herrera
- CVE-2017-5102: Uninitialized use in Skia. Reported by Anonymous
- CVE-2017-5103: Uninitialized use in Skia. Reported by Anonymous
- CVE-2017-5104: UI spoofing in browser. Reported by Khalil Zhani
- CVE-2017-7000: Pointer disclosure in SQLite. Reported by Chaitin Security
Research Lab
- CVE-2017-5105: URL spoofing in OmniBox. Reported by Rayyan Bijoora
- CVE-2017-5106: URL spoofing in OmniBox. Reported by Jack Zac
- CVE-2017-5107: User information leak via SVG. Reported by David
Kohlbrenner
- CVE-2017-5108: Type confusion in PDFium. Reported by Guang Gong
- CVE-2017-5109: UI spoofing in browser. Reported by José María Acuña
Morgado
- CVE-2017-5110: UI spoofing in payments dialog. Reported by xisigr
-- Michael Gilbert <mgilbert@debian.org> Thu, 27 Jul 2017 03:22:03 +0000
chromium-browser (60.0.3112.72-1) unstable; urgency=medium
* New upstream beta release.
- Adds support for gcc 6.4 (closes: #868926).
* Update to debhelper version 10.
* Update to standards version 4.0.0.
* Only include pak files that are needed.
* Drop chromedriver transitional package.
* Drop ffmpeg.patch, now applied upstream.
* Drop libgnome-keyring-dev build dependency (closes: #867917).
* Install chromium-shell to /usr/lib/chromium (closes: #864565).
- Thanks to Bert Schulze.
-- Michael Gilbert <mgilbert@debian.org> Sat, 22 Jul 2017 16:41:59 +0000
chromium-browser (59.0.3071.104-1) unstable; urgency=medium
* New upstream security release.
- CVE-2017-5087: Sandbox Escape in IndexedDB. Reported by Ned Williamson
- CVE-2017-5088: Out of bounds read in V8. Reported by Xiling Gong
- CVE-2017-5089: Domain spoofing in Omnibox. Reported by Michał Bentkowski
* Update get-orig-source to support really long arguments to tar --delete.
-- Michael Gilbert <mgilbert@debian.org> Sat, 17 Jun 2017 20:03:49 +0000
chromium-browser (59.0.3071.86-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2017-5070: Type confusion in V8. Reported by Zhao Qixun
- CVE-2017-5071: Out of bounds read in V8. Reported by Choongwoo Han
- CVE-2017-5072: Address spoofing in Omnibox. Reported by Rayyan Bijoora
- CVE-2017-5073: Use after free in print preview. Reported by Khalil Zhani
- CVE-2017-5074: Use after free in Apps Bluetooth. Reported by anonymous
- CVE-2017-5075: Information leak in CSP reporting. Reported by Emmanuel
Gil Peyrot
- CVE-2017-5076: Address spoofing in Omnibox. Reported by Samuel Erb
- CVE-2017-5077: Heap buffer overflow in Skia. Reported by Sweetchip
- CVE-2017-5078: Possible command injection in mailto handling. Reported
by Jose Carlos Exposito Bueno
- CVE-2017-5079: UI spoofing in Blink. Reported by Khalil Zhani
- CVE-2017-5080: Use after free in credit card autofill. Reported by
Khalil Zhani
- CVE-2017-5081: Extension verification bypass. Reported by Andrey Kovalev
- CVE-2017-5082: Insufficient hardening in credit card editor. Reported by
Nightwatch Cybersecurity Research
- CVE-2017-5083: UI spoofing in Blink. Reported by Khalil Zhani
- CVE-2017-5085: Inappropriate javascript execution on WebUI pages.
Reported by Zhiyang Zeng
- CVE-2017-5086: Address spoofing in Omnibox. Reported by Rayyan Bijoora
-- Michael Gilbert <mgilbert@debian.org> Mon, 05 Jun 2017 23:09:28 +0000
chromium-browser (59.0.3071.71-1) experimental; urgency=medium
* New upstream beta release.
-- Michael Gilbert <mgilbert@debian.org> Sat, 27 May 2017 03:30:14 +0000
chromium-browser (59.0.3071.61-1) experimental; urgency=medium
* New upstream beta release.
-- Michael Gilbert <mgilbert@debian.org> Sun, 21 May 2017 19:34:39 +0000
chromium-browser (59.0.3071.47-1) experimental; urgency=medium
* New upstream beta release.
* Simplify approach for disabling vp9.
* Fix incomplete new interfaces to system ICU library.
* Remove XML_PARSE_NOXXE flag since system libxml2 does not yet support it.
-- Michael Gilbert <mgilbert@debian.org> Sat, 13 May 2017 16:09:05 +0000
chromium-browser (58.0.3029.96-1) unstable; urgency=medium
* New upstream security release.
- CVE-2017-5068: Race condition in WebRTC. Credit to Philipp Hancke
-- Michael Gilbert <mgilbert@debian.org> Sun, 07 May 2017 00:36:22 +0000
chromium-browser (58.0.3029.81-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong.
- CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil
Zhani
- CVE-2017-5059: Type confusion in Blink. Credit to SkyLined
- CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng
- CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang
- CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous
- CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip
- CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar
- CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani
- CVE-2017-5066: Incorrect signature handing in Networking. Credit to
chenchu
- CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani
- CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman
-- Michael Gilbert <mgilbert@debian.org> Wed, 19 Apr 2017 23:20:29 +0000
chromium-browser (58.0.3029.68-1) experimental; urgency=medium
* New upstream beta release.
- Drop arm patch, now applied upstream.
- Add missing file needed to be able to build gn.
- Update vpx.patch to continue using the system library.
- Set use_vulcanize=false to avoid bringing in the entire nodejs ecosystem.
* Enable remote extensions by default (closes: #856183).
-- Michael Gilbert <mgilbert@debian.org> Fri, 07 Apr 2017 04:51:22 +0000
chromium-browser (57.0.2987.133-1) unstable; urgency=medium
* New upstream security update.
- CVE-2017-5055: Use after free in printing. Credit to Wadih Matar
- CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar
- CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin
- CVE-2017-5056: Use after free in Blink. Credit to anonymous
- CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper
-- Michael Gilbert <mgilbert@debian.org> Fri, 07 Apr 2017 01:07:17 +0000
chromium-browser (57.0.2987.98-1) unstable; urgency=medium
* New upstream stable release.
- CVE-2017-5030: Memory corruption in V8. Credit to Brendon Tiszka
- CVE-2017-5031: Use after free in ANGLE. Credit to Looben Yang
- CVE-2017-5032: Out of bounds write in PDFium. Credit to Ashfaq Ansari
- CVE-2017-5029: Integer overflow in libxslt. Credit to Holger Fuhrmannek
- CVE-2017-5034: Use after free in PDFium. Credit to Ke Liu
- CVE-2017-5035: Incorrect security UI in Omnibox. Credit to Enzo Aguado
- CVE-2017-5036: Use after free in PDFium. Credit to Anonymous
- CVE-2017-5037: Multiple out of bounds writes in ChunkDemuxer. Credit to
Yongke Wang
- CVE-2017-5039: Use after free in PDFium. Credit to jinmo123
- CVE-2017-5040: Information disclosure in V8. Credit to Choongwoo Han
- CVE-2017-5041: Address spoofing in Omnibox. Credit to Jordi Chancel
- CVE-2017-5033: Bypass of Content Security Policy in Blink. Credit to
Nicolai Grødum
- CVE-2017-5042: Incorrect handling of cookies in Cast. Credit to Mike
Ruddy
- CVE-2017-5038: Use after free in GuestView. Credit to Anonymous
- CVE-2017-5043: Use after free in GuestView. Credit to Anonymous
- CVE-2017-5044: Heap overflow in Skia. Credit to Kushal Arvind Shah
- CVE-2017-5045: Information disclosure in XSS Auditor. Credit to Dhaval
Kapil
- CVE-2017-5046: Information disclosure in Blink. Credit to Masato Kinugawa
* Drop arm and MADV_FREE patches, which are now applied upstream.
-- Michael Gilbert <mgilbert@debian.org> Fri, 10 Mar 2017 22:00:06 +0000
chromium-browser (56.0.2924.76-5) unstable; urgency=medium
* Configure with fieldtrial_testing_like_official_build=true to avoid
building with experimental features enabled (closes: #855434).
* Do not disable background networking when remote extensions are enabled,
since that option also blocks updates to extensions (closes: #841401).
- Thanks to Tarmo Huuhka.
-- Michael Gilbert <mgilbert@debian.org> Sat, 25 Feb 2017 21:41:02 +0000
chromium-browser (56.0.2924.76-4) unstable; urgency=medium
* Do not create a dbgsym package for widevine (closes: #855529).
-- Michael Gilbert <mgilbert@debian.org> Sun, 19 Feb 2017 20:17:38 +0000
chromium-browser (56.0.2924.76-3) unstable; urgency=medium
* Upload to unstable.
-- Michael Gilbert <mgilbert@debian.org> Sun, 05 Feb 2017 19:47:22 +0000
chromium-browser (56.0.2924.76-2) experimental; urgency=medium
* Backport upstream bugfix for non-NEON builds (closes: #853108).
* Fix seccomp sandboxing on arm64 platforms with DRI3
-- Riku Voipio <riku.voipio@linaro.org> Thu, 02 Feb 2017 09:37:05 +0200
chromium-browser (56.0.2924.76-1) experimental; urgency=medium
* New upstream stable release:
- CVE-2017-5007: Universal XSS in Blink. Credit to Mariusz Mlynski
- CVE-2017-5006: Universal XSS in Blink. Credit to Mariusz Mlynski
- CVE-2017-5008: Universal XSS in Blink. Credit to Mariusz Mlynski
- CVE-2017-5010: Universal XSS in Blink. Credit to Mariusz Mlynski
- CVE-2017-5011: Unauthorised file access in Devtools. Credit to Khalil
Zhani
- CVE-2017-5009: Out of bounds memory access in WebRTC. Credit to Sean
Stanek and Chip Bradford
- CVE-2017-5012: Heap overflow in V8. Credit to Gergely Nagy
- CVE-2017-5013: Address spoofing in Omnibox. Credit to Haosheng Wang
- CVE-2017-5014: Heap overflow in Skia. Credit to sweetchip
- CVE-2017-5015: Address spoofing in Omnibox. Credit to Armin Razmdjou
- CVE-2017-5019: Use after free in Renderer. Credit to Wadih Matar
- CVE-2017-5016: UI spoofing in Blink. Credit to Haosheng Wang
- CVE-2017-5017: Uninitialised memory access in webm video. Credit to
danberm
- CVE-2017-5018: Universal XSS in chrome://apps. Credit to Rob Wu
- CVE-2017-5020: Universal XSS in chrome://downloads. Credit to Rob Wu
- CVE-2017-5021: Use after free in Extensions. Credit to Rob Wu
- CVE-2017-5022: Bypass of Content Security Policy in Blink. Credit to
PKAV Team.
- CVE-2017-5023: Type confusion in metrics. Credit to the UK's National
Cyber Security Centre (NCSC)
- CVE-2017-5026: UI spoofing. Credit to Ronni Skansing
-- Michael Gilbert <mgilbert@debian.org> Thu, 26 Jan 2017 01:42:21 +0000
chromium-browser (55.0.2883.75-6) unstable; urgency=medium
* Organize patches.
* Move widevine package to contrib (closes: #851917).
* Conflict with very old versions of libsecret (closes: #838864).
* Support --enable-remote-extensions option passed through CHROMIUM_FLAGS
(closes: #851927).
-- Michael Gilbert <mgilbert@debian.org> Sun, 22 Jan 2017 00:47:28 +0000
chromium-browser (55.0.2883.75-5) unstable; urgency=medium
* Fix new lintian warnings.
* Fix quoting error in run script (closes: #851634).
-- Michael Gilbert <mgilbert@debian.org> Thu, 19 Jan 2017 01:19:24 +0000
chromium-browser (55.0.2883.75-4) unstable; urgency=medium
* Add chromium-shell package.
* Rename chromedriver package to chromium-driver.
* Add chromium-widevine package (closes: #838515).
- Thanks to Felix Geyer.
* Add initial upstream metadata (closes: #848228).
* Set more options at runtime instead of build time.
* Install chromedriver to /usr/bin (closes: #845312).
* Update webkit copyright information (closes: #849264).
- Thanks to Sandro Knauß.
* Better handling of browser extensions (closes: #841401).
- Only support locally installed extensions by default.
- Add new command line flag --enable-remote-extensions, which bypasses the
new default, allowing remote extensions and automatic updating.
-- Michael Gilbert <mgilbert@debian.org> Mon, 02 Jan 2017 02:44:11 +0000
chromium-browser (55.0.2883.75-3) unstable; urgency=medium
* Merge experimental branch.
* Respect parallel setting in DEB_BUILD_OPTIONS while bootstrapping gn.
* Conflict libnettle4 rather than depend on libnettle6 (closes: #841213).
* Disable builtin media router since it only works with official Google
Chrome builds, not chromium (closes: #833477).
-- Michael Gilbert <mgilbert@debian.org> Sun, 18 Dec 2016 23:14:18 +0000
chromium-browser (55.0.2883.75-2+exp3) experimental; urgency=medium
* Correct typo from last build.
-- Riku Voipio <riku.voipio@linaro.org> Fri, 16 Dec 2016 14:31:37 +0200
chromium-browser (55.0.2883.75-2+exp2) experimental; urgency=medium
* Set arm_use_neon=false on armhf until we enable a neon-supporting
buildd in Debian.
-- Riku Voipio <riku.voipio@linaro.org> Thu, 15 Dec 2016 14:34:45 +0200
chromium-browser (55.0.2883.75-2+exp1) experimental; urgency=medium
* Add patches from upstream for gn builds on arm64
* Enable arm64/armhf builds
-- Riku Voipio <riku.voipio@linaro.org> Mon, 12 Dec 2016 14:04:19 +0200
chromium-browser (55.0.2883.75-2) unstable; urgency=medium
* Don't set FF_API_CONVERGENCE_DURATION since it is not a part of ffmpeg's
public API, and when defined leads to crashes (closes: #846648).
-- Michael Gilbert <mgilbert@debian.org> Sat, 10 Dec 2016 22:24:06 +0000
chromium-browser (55.0.2883.75-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2016-9651: Private property access in V8. Credit to Guang Gong
- CVE-2016-5208: Universal XSS in Blink. Credit to Mariusz Mlynski
- CVE-2016-5207: Universal XSS in Blink. Credit to Mariusz Mlynski
- CVE-2016-5206: Same-origin bypass in PDFium. Credit to Rob Wu
- CVE-2016-5205: Universal XSS in Blink. Credit to Anonymous
- CVE-2016-5204: Universal XSS in Blink. Credit to Mariusz Mlynski
- CVE-2016-5209: Out of bounds write in Blink. Credit to Giwan Go
- CVE-2016-5203: Use after free in PDFium. Credit to Anonymous
- CVE-2016-5210: Out of bounds write in PDFium. Credit to Ke Liu
- CVE-2016-5212: Local file disclosure in DevTools. Credit to Khalil Zhani
- CVE-2016-5211: Use after free in PDFium. Credit to Anonymous
- CVE-2016-5213: Use after free in V8. Credit to Khalil Zhani
- CVE-2016-5214: File download protection bypass. Credit to Jonathan Birch
and MSVR
- CVE-2016-5216: Use after free in PDFium. Credit to Anonymous
- CVE-2016-5215: Use after free in Webaudio. Credit to Looben Yang
- CVE-2016-5217: Use of unvalidated data in PDFium. Credit to Rob Wu
- CVE-2016-5218: Address spoofing in Omnibox. Credit to Abdulrahman
Alqabandi
- CVE-2016-5219: Use after free in V8. Credit to Rob Wu
- CVE-2016-5221: Integer overflow in ANGLE. Credit to Tim Becker
- CVE-2016-5220: Local file access in PDFium. Credit to Rob Wu
- CVE-2016-5222: Address spoofing in Omnibox. Credit to xisigr
- CVE-2016-9650: CSP Referrer disclosure. Credit to Jakub Żoczek
- CVE-2016-5223: Integer overflow in PDFium. Credit to Hwiwon Lee
- CVE-2016-5226: Limited XSS in Blink. Credit to Jun Kokatsu
- CVE-2016-5225: CSP bypass in Blink. Credit to Scott Helme
- CVE-2016-5224: Same-origin bypass in SVG. Credit to Roeland Krak
- CVE-2016-9652: Various fixes from internal audits, fuzzing and other
initiatives
* Make it possible to pass build flags into gn (closes: #845785).
-- Michael Gilbert <mgilbert@debian.org> Fri, 02 Dec 2016 02:06:59 +0000
chromium-browser (54.0.2840.101-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2016-5181: Universal XSS in Blink. Credit to Anonymous
- CVE-2016-5182: Heap overflow in Blink. Credit to Giwan Go
- CVE-2016-5183: Use after free in PDFium. Credit to Anonymous
- CVE-2016-5184: Use after free in PDFium. Credit to Anonymous
- CVE-2016-5185: Use after free in Blink. Credit to cloudfuzzer
- CVE-2016-5187: URL spoofing. Credit to Luan Herrera
- CVE-2016-5188: UI spoofing. Credit to Luan Herrera
- CVE-2016-5192: Cross-origin bypass in Blink. Credit to
haojunhou@gmail.com
- CVE-2016-5189: URL spoofing. Credit to xisigr
- CVE-2016-5186: Out of bounds read in DevTools. Credit to Abdulrahman
Alqabandi
- CVE-2016-5191: Universal XSS in Bookmarks. Credit to Gareth Hughes
- CVE-2016-5190: Use after free in Internals. Credit to Atte Kettunen
- CVE-2016-5193: Scheme bypass. Credit to Yuyang ZHOU
- CVE-2016-5194: Various fixes from internal audits, fuzzing and other
initiatives
- CVE-2016-5198: Out of bounds memory access in V8. Credit to Tencent Keen
Security Lab
- CVE-2016-5200: Out of bounds memory access in V8. Credit to Choongwoo Han
- CVE-2016-5201: Info leak in extensions. Credit to Rob Wu
- CVE-2016-5202: Various fixes from internal audits, fuzzing and other
initiatives
* Remove libxslt symlinks from the upstream taball.
* Drop cups patch that's been applied upstream.
* Build using gn and drop gyp dependency.
* Update debian/copyright.
-- Michael Gilbert <mgilbert@debian.org> Fri, 18 Nov 2016 01:36:36 +0000
chromium-browser (53.0.2785.143-1) unstable; urgency=medium
* New upstream security release:
- CVE-2016-5177: Use after free in V8. Credit to Anonymous
- CVE-2016-5178: Various fixes from internal audits, fuzzing and other
initiatives.
* Change StartupWMClass in the desktop file to chromium (closes: #813079).
* Support building with cups 2.2 (closes: #839377).
* Update debian/copyright.
-- Michael Gilbert <mgilbert@debian.org> Sat, 01 Oct 2016 11:08:42 +0000
chromium-browser (53.0.2785.113-1) unstable; urgency=medium
* New upstream security release:
- CVE-2016-5170: Use after free in Blink. Credit to Anonymous
- CVE-2016-5171: Use after free in Blink. Credit to Anonymous
- CVE-2016-5172: Arbitrary Memory Read in v8. Credit to Choongwoo Han
- CVE-2016-5173: Extension resource access. Credit to Anonymous
- CVE-2016-5174: Popup not correctly suppressed. Credit to Andrey Kovalev
- CVE-2016-5175: Various fixes from internal audits, fuzzing and other
initiatives.
-- Michael Gilbert <mgilbert@debian.org> Tue, 13 Sep 2016 23:12:03 +0000
chromium-browser (53.0.2785.92-3) unstable; urgency=medium
* Add -fno-delete-null-pointer checks to the build flags (closes: #833501).
-- Michael Gilbert <mgilbert@debian.org> Sun, 11 Sep 2016 14:47:55 +0000
chromium-browser (53.0.2785.92-2) unstable; urgency=medium
* Build with gcc 6 (closes: #835943).
* Add versioned harfbuzz dependency (closes: #833953).
-- Michael Gilbert <mgilbert@debian.org> Tue, 06 Sep 2016 00:53:14 +0000
chromium-browser (53.0.2785.92-1) unstable; urgency=medium
* New upstream stable release.
* Support building with glibc 2.24 (closes: #836611).
-- Michael Gilbert <mgilbert@debian.org> Sun, 04 Sep 2016 19:33:10 +0000
chromium-browser (53.0.2785.89-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2016-5147: Universal XSS in Blink. Credit to anonymous
- CVE-2016-5148: Universal XSS in Blink. Credit to anonymous
- CVE-2016-5149: Script injection in extensions. Credit to Max Justicz
- CVE-2016-5150: Use after free in Blink. Credit to anonymous
- CVE-2016-5151: Use after free in PDFium. Credit to anonymous
- CVE-2016-5152: Heap overflow in PDFium. Credit to GiWan Go of Stealien
- CVE-2016-5153: Use after destruction in Blink. Credit to Atte Kettunen
- CVE-2016-5154: Heap overflow in PDFium. Credit to anonymous
- CVE-2016-5155: Address bar spoofing. Credit to anonymous
- CVE-2016-5156: Use after free in event bindings. Credit to jinmo123
- CVE-2016-5157: Heap overflow in PDFium. Credit to anonymous
- CVE-2016-5158: Heap overflow in PDFium. Credit to GiWan Go
- CVE-2016-5159: Heap overflow in PDFium. Credit to GiWan Go
- CVE-2016-5160: Extensions web accessible resources bypass. Credit to
@l33terally
- CVE-2016-5161: Type confusion in Blink.
- CVE-2016-5162: Extensions web accessible resources bypass. Credit to
Nicolas Golubovic
- CVE-2016-5163: Address bar spoofing. Credit to Rafay Baloch
- CVE-2016-5164: Universal XSS using DevTools. Credit to anonymous
- CVE-2016-5165: Script injection in DevTools. Credit to Gregory Panakkal
- CVE-2016-5166: SMB Relay Attack via Save Page As. Credit to Gregory
Panakkal
- CVE-2016-5167: Various fixes from internal audits, fuzzing and other
initiatives.
-- Michael Gilbert <mgilbert@debian.org> Sat, 03 Sep 2016 16:30:44 +0000
chromium-browser (52.0.2743.116-2) unstable; urgency=medium
* Fix syntax error in debian/copyright.
* Include compiler info in the build log.
* Add information about debugging to README.debian.
* Build with gcc 5 during the gcc 6 transition (closes: #833501).
-- Michael Gilbert <mgilbert@debian.org> Sun, 07 Aug 2016 01:05:40 +0000
chromium-browser (52.0.2743.116-1) unstable; urgency=medium
* New upstream security release:
- CVE-2016-5141 Address bar spoofing. Credit to Sergey Glazunov
- CVE-2016-5142 Use-after-free in Blink. Credit to Sergey Glazunov
- CVE-2016-5139 Heap overflow in pdfium. Credit to GiWan Go
- CVE-2016-5140 Heap overflow in pdfium. Credit to Ke Liu
- CVE-2016-5145 Same origin bypass for images in Blink. Credit to Sergey
Glazunov
- CVE-2016-5143 Parameter sanitization failure in DevTools. Credit to
Gregory Panakkal
- CVE-2016-5144 Parameter sanitization failure in DevTools. Credit to
Gregory Panakkal
- CVE-2016-5146: Various fixes from internal audits, fuzzing and other
initiatives.
-- Michael Gilbert <mgilbert@debian.org> Thu, 04 Aug 2016 13:01:42 +0000
chromium-browser (52.0.2743.82-4) unstable; urgency=medium
* Remove menu file.
* Build with fastbuild=2.
* Disable background networking features.
* Link against system harfbuzz library again.
-- Michael Gilbert <mgilbert@debian.org> Sat, 30 Jul 2016 21:25:30 +0000
chromium-browser (52.0.2743.82-3) unstable; urgency=medium
* Fix a few lintian warnings.
* Use gtk3 backend instead of gtk2.
* Launch as a single process when debugging to get useful symbol info.
-- Michael Gilbert <mgilbert@debian.org> Sat, 30 Jul 2016 04:07:46 +0000
chromium-browser (52.0.2743.82-2) unstable; urgency=medium
* Bump standards version.
* Drop no longer needed speechd patch.
* Build complete debugging symbols again.
* Link against libusb 1.0 (closes: #810403).
* Fix path to master_preferences (closes: #830274).
* Add an explicit dependency on libnettle6 (closes: #832125).
-- Michael Gilbert <mgilbert@debian.org> Sun, 24 Jul 2016 22:02:56 +0000
chromium-browser (52.0.2743.82-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2016-1704: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2016-1705: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2016-1706: Sandbox escape in PPAPI. Credit to Pinkie Pie
- CVE-2016-1707: URL spoofing on iOS. Credit to xisigr.
- CVE-2016-1708: Use-after-free in Extensions. Credit to Adam Varsan
- CVE-2016-1709: Heap-buffer-overflow in sfntly. Credit to ChenQin.
- CVE-2016-1710: Same-origin bypass in Blink. Credit to Mariusz Mlynski
- CVE-2016-1711: Same-origin bypass in Blink. Credit to Mariusz Mlynski
- CVE-2016-5127: Use-after-free in Blink. Credit to cloudfuzzer
- CVE-2016-5128: Same-origin bypass in V8. Credit to Anonymous
- CVE-2016-5129: Memory corruption in V8. Credit to Jeonghoon Shin
- CVE-2016-5130: URL spoofing. Credit to Wadih Matar
- CVE-2016-5131: Use-after-free in libxml. Credit to Nick Wellnhofer
- CVE-2016-5132: Limited same-origin bypass in Service Workers. Credit to
Ben Kelly
- CVE-2016-5133: Origin confusion in proxy authentication. Credit to Patch
Eudor
- CVE-2016-5134: URL leakage via PAC script. Credit to Paul Stone
- CVE-2016-5135: Content-Security-Policy bypass. Credit to ShenYeYinJiu
- CVE-2016-5136: Use after free in extensions. Credit to Rob Wu
- CVE-2016-5137: History sniffing with HSTS and CSP. Credit to Xiaoyin Liu
-- Michael Gilbert <mgilbert@debian.org> Sat, 23 Jul 2016 03:56:18 +0000
chromium-browser (51.0.2704.79-1) unstable; urgency=medium
* New upstream security release:
- CVE-2016-1696: Cross-origin bypass in Extension bindings. Credit to
anonymous.
- CVE-2016-1697: Cross-origin bypass in Blink. Credit to
Mariusz Mlynski.
- CVE-2016-1698: Information leak in Extension bindings. Credit to
Rob Wu.
- CVE-2016-1699: Parameter sanitization failure in DevTools. Credit to
Gregory Panakkal.
- CVE-2016-1700: Use-after-free in Extensions. Credit to Rob Wu.
- CVE-2016-1701: Use-after-free in Autofill. Credit to Rob Wu.
- CVE-2016-1702: Out-of-bounds read in Skia. Credit to cloudfuzzer.
-- Michael Gilbert <mgilbert@debian.org> Thu, 02 Jun 2016 23:55:13 +0000
chromium-browser (51.0.2704.63-2) unstable; urgency=medium
* Fix libspeechd build error.
-- Michael Gilbert <mgilbert@debian.org> Sun, 29 May 2016 01:42:46 +0000
chromium-browser (51.0.2704.63-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2016-1667: Same origin bypass in DOM. Credit to Mariusz Mlynski.
- CVE-2016-1668: Same origin bypass in Blink V8 bindings. Credit to
Mariusz Mlynski.
- CVE-2016-1669: Buffer overflow in V8. Credit to Choongwoo Han.
- CVE-2016-1670: Race condition in loader. Credit to anonymous.
- CVE-2016-1672: Cross-origin bypass in extension bindings. Credit to
Mariusz Mlynski.
- CVE-2016-1673: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
- CVE-2016-1674: Cross-origin bypass in extensions. Credit to Mariusz
Mlynski.
- CVE-2016-1675: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
- CVE-2016-1676: Cross-origin bypass in extension bindings. Credit to Rob
Wu.
- CVE-2016-1677: Type confusion in V8. Credit to Guang Gong.
- CVE-2016-1678: Heap overflow in V8. Credit to Christian Holler.
- CVE-2016-1679: Heap use-after-free in V8 bindings. Credit to Rob Wu.
- CVE-2016-1680: Heap use-after-free in Skia. Credit to Atte Kettunen.
- CVE-2016-1681: Heap overflow in PDFium. Credit to Aleksandar Nikolic.
- CVE-2016-1682: CSP bypass for ServiceWorker. Credit to KingstonTime.
- CVE-2016-1685: Out-of-bounds read in PDFium. Credit to Ke Liu.
- CVE-2016-1686: Out-of-bounds read in PDFium. Credit to Ke Liu.
- CVE-2016-1687: Information leak in extensions. Credit to Rob Wu.
- CVE-2016-1688: Out-of-bounds read in V8. Credit to Max Korenko.
- CVE-2016-1689: Heap buffer overflow in media. Credit to Atte Kettunen.
- CVE-2016-1690: Heap use-after-free in Autofill. Credit to Rob Wu.
- CVE-2016-1691: Heap buffer-overflow in Skia. Credit to Atte Kettunen.
- CVE-2016-1692: Limited cross-origin bypass in ServiceWorker. Credit to
Til Jasper Ullrich.
- CVE-2016-1693: HTTP Download of Software Removal Tool. Credit to Khalil
Zhani.
- CVE-2016-1694: HPKP pins removed on cache clearance. Credit to Ryan
Lester and Bryant Zadegan.
- CVE-2016-1695: Various fixes from internal audits, fuzzing and other
initiatives.
-- Michael Gilbert <mgilbert@debian.org> Fri, 27 May 2016 01:52:42 +0000
chromium-browser (50.0.2661.94-1) unstable; urgency=medium
* New upstream security release:
- CVE-2016-1660: Out-of-bounds write in Blink. Credit to Atte Kettunen.
- CVE-2016-1661: Memory corruption in cross-process frames. Credit to Wadih
Matar.
- CVE-2016-1662: Use-after-free in extensions. Credit to Rob Wu.
- CVE-2016-1663: Use-after-free in Blink’s V8 bindings. Credit to anonymous.
- CVE-2016-1664: Address bar spoofing. Credit to Wadih Matar.
- CVE-2016-1665: Information leak in V8. Credit to gksgudtjr456.
- CVE-2016-1666: Various fixes from internal audits, fuzzing and other
initiatives.
-- Michael Gilbert <mgilbert@debian.org> Sat, 30 Apr 2016 03:39:44 +0000
chromium-browser (50.0.2661.75-2) unstable; urgency=medium
* Fix problem with linking to ffmpeg (closes: #821154).
- Thanks to Sebastian Ramacher.
-- Michael Gilbert <mgilbert@debian.org> Sat, 23 Apr 2016 00:55:40 +0000
chromium-browser (50.0.2661.75-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2016-1652: Universal XSS in extension bindings. Credit to anonymous.
- CVE-2016-1653: Out-of-bounds write in V8. Credit to Choongwoo Han.
- CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding.
- CVE-2016-1654: Uninitialized memory read in media. Credit to Atte
Kettunen.
- CVE-2016-1655: Use-after-free related to extensions. Credit to Rob Wu.
- CVE-2016-1657: Address bar spoofing. Credit to Luan Herrera.
- CVE-2016-1658: Potential leak of sensitive information to malicious
extensions. Credit to Antonio Sanso.
- CVE-2015-1659: Various fixes from internal audits, fuzzing and other
initiatives.
-- Michael Gilbert <mgilbert@debian.org> Thu, 14 Apr 2016 01:04:58 +0000
chromium-browser (49.0.2623.108-1) unstable; urgency=medium
* New upstream security release:
- CVE-2016-1646: Out-of-bounds read in V8. Credit to Wen Xu.
- CVE-2016-1647: Use-after-free in Navigation. Credit to anonymous.
- CVE-2016-1648: Use-after-free in Extensions. Credit to anonymous.
- CVE-2016-1649: Buffer overflow in libANGLE. Credit to lokihardt.
- CVE-2016-1650: Various fixes from internal audits, fuzzing and other
initiatives.
-- Michael Gilbert <mgilbert@debian.org> Sat, 12 Mar 2016 20:12:03 +0000
chromium-browser (49.0.2623.87-1) unstable; urgency=medium
* New upstream security release:
- CVE-2016-1643: Type confusion in Blink. Credit to cloudfuzzer.
- CVE-2016-1644: Use-after-free in Blink. Credit to Atte Kettunen.
- CVE-2016-1645: Out-of-bounds write in PDFium.
-- Michael Gilbert <mgilbert@debian.org> Wed, 09 Mar 2016 02:27:50 +0000
chromium-browser (49.0.2623.75-2) unstable; urgency=medium
* Update standards version.
* Add libffi-dev build dependency.
-- Michael Gilbert <mgilbert@debian.org> Fri, 04 Mar 2016 00:14:12 +0000
chromium-browser (49.0.2623.75-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2016-1630: Same-origin bypass in Blink. Credit to Mariusz Mlynski.
- CVE-2016-1631: Same-origin bypass in Pepper Plugin. Credit to Mariusz
Mlynski.
- CVE-2016-1632: Bad cast in Extensions. Credit to anonymous.
- CVE-2016-1633: Use-after-free in Blink. Credit to cloudfuzzer.
- CVE-2016-1634: Use-after-free in Blink. Credit to cloudfuzzer.
- CVE-2016-1635: Use-after-free in Blink. Credit to Rob Wu.
- CVE-2016-1636: SRI Validation Bypass. Credit to ryan@cyph.com.
- CVE-2015-8126: Out-of-bounds access in libpng. Credit to joerg.bornemann.
- CVE-2016-1637: Information Leak in Skia. Credit to Keve Nagy.
- CVE-2016-1638: WebAPI Bypass. Credit to Rob Wu.
- CVE-2016-1639: Use-after-free in WebRTC. Credit to Khalil Zhani.
- CVE-2016-1640: Origin confusion in Extensions UI. Credit to Luan Herrera.
- CVE-2016-1641: Use-after-free in Favicon. Credit to Atte Kettunen.
- CVE-2016-1642: Various fixes from internal audits, fuzzing and other
initiatives.
- Multiple vulnerabilities in libv8 (version 4.9.385.26).
* Set use_sysroot=0 to continue using system libraries.
-- Michael Gilbert <mgilbert@debian.org> Wed, 02 Mar 2016 23:47:54 +0000
chromium-browser (48.0.2564.116-1) unstable; urgency=medium
* New stable security release:
- CVE-2016-1622: Same-origin bypass in Extensions. Credit to anonymous.
- CVE-2016-1623: Same-origin bypass in DOM. Credit to Mariusz Mlynski.
- CVE-2016-1624: Buffer overflow in Brotli. Credit to lukezli.
- CVE-2016-1625: Navigation bypass in Chrome Instant. Credit to Jann Horn.
- CVE-2016-1626: Out-of-bounds read in PDFium. Credit to anonymous.
- CVE-2016-1627: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2016-1628: Out-of-bounds read in PDFium. Credit to anonymous.
- CVE-2016-1629: Same-origin bypass in Blink and Sandbox escape in Chrome.
Credit to anonymous.
-- Michael Gilbert <mgilbert@debian.org> Fri, 12 Feb 2016 02:53:42 +0000
chromium-browser (48.0.2564.82-2) unstable; urgency=medium
* Build with gcc instead of clang.
* Use ld.gold to avoid memory exhaustion while linking (closes: #812569).
-- Michael Gilbert <mgilbert@debian.org> Sun, 24 Jan 2016 21:35:33 +0000
chromium-browser (48.0.2564.82-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2016-1612: Bad cast in V8. Credit to cloudfuzzer.
- CVE-2016-1613: Use-after-free in PDFium. Credit to anonymous.
- CVE-2016-1614: Information leak in Blink. Credit to Christoph Diehl.
- CVE-2016-1615: Origin confusion in Omnibox. Credit to Ron Masas.
- CVE-2016-1616: URL Spoofing. Credit to Luan Herrera.
- CVE-2016-1617: History sniffing with HSTS and CSP. Credit to jenuis.
- CVE-2016-1618: Weak random number generator in Blink. Credit to Aaron
Toponce.
- CVE-2016-1619: Out-of-bounds read in PDFium. Credit to Keve Nagy.
- CVE-2016-1620: Various fixes from internal audits, fuzzing and other
initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 4.8 branch
(currently 4.8.271.17).
-- Michael Gilbert <mgilbert@debian.org> Thu, 21 Jan 2016 00:06:10 +0000
chromium-browser (47.0.2526.111-1) unstable; urgency=medium
* New upstream stable release:
- Removes native_client/toolchain files introduced in the previous upstream
version (closes: #807973)
* Drop libssl-dev build dependency.
* Migrate to dbgsym debug packages.
* Recommend fonts-liberation (closes: #808106).
-- Michael Gilbert <mgilbert@debian.org> Tue, 29 Dec 2015 02:45:48 +0000
chromium-browser (47.0.2526.80-3) unstable; urgency=medium
* Drop change to the fullscreen UI (closes: #808076).
* Fix installation of the English language pak (closes: #808046).
* Avoid symbol conflicts between the jpeg library embedded in pdfium and
the system jpeg library (closes: #794031).
-- Michael Gilbert <mgilbert@debian.org> Wed, 16 Dec 2015 02:27:17 +0000
chromium-browser (47.0.2526.80-2) unstable; urgency=medium
* Greatly simplify the arch:all build.
* Don't hide the UI in fullscreen mode.
* Ignore the GPU blacklist (closes: #802933).
* Fix WMClass in the desktop launcher (closes: #803989).
* Set the correct file name for the desktop launcher (closes: #806402).
-- Michael Gilbert <mgilbert@debian.org> Sun, 13 Dec 2015 06:16:19 +0000
chromium-browser (47.0.2526.80-1) unstable; urgency=medium
* New upstream stable release:
- Multiple vulnerabilities fixed in libv8 4.7.80.23.
- CVE-2015-6788: Type confusion in extensions. Credit to anonymous.
- CVE-2015-6789: Use-after-free in Blink. Credit to cloudfuzzer.
- CVE-2015-6790: Escaping issue in saved pages. Credit to Inti De
Ceukelaire.
- CVE-2015-6791: Various fixes from internal audits, fuzzing and other
initiatives.
* Add support for ffmpeg 2.9 (closes: #803806).
* Disable accelerated video decoding (closes: #804901).
-- Michael Gilbert <mgilbert@debian.org> Sat, 12 Dec 2015 22:37:45 +0000
chromium-browser (47.0.2526.73-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2015-1302: Information leak in PDF viewer. Credit to Rob Wu.
- CVE-2015-6765: Use-after-free in AppCache. Credit to anonymous.
- CVE-2015-6766: Use-after-free in AppCache. Credit to anonymous.
- CVE-2015-6767: Use-after-free in AppCache. Credit to anonymous.
- CVE-2015-6768: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
- CVE-2015-6769: Cross-origin bypass in core. Credit to Mariusz Mlynski.
- CVE-2015-6770: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
- CVE-2015-6771: Out of bounds access in v8. Credit to anonymous.
- CVE-2015-6772: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
- CVE-2015-6764: Out of bounds access in v8. Credit to Guang Gong.
- CVE-2015-6773: Out of bounds access in Skia. Credit to cloudfuzzer.
- CVE-2015-6774: Use-after-free in Extensions. Credit to anonymous.
- CVE-2015-6775: Type confusion in PDFium. Credit to Atte Kettunen.
- CVE-2015-6776: Out of bounds access in PDFium. Credit to Hanno Böck.
- CVE-2015-6777: Use-after-free in DOM. Credit to Long Liu.
- CVE-2015-6778: Out of bounds access in PDFium. Credit to Karl Skomski.
- CVE-2015-6779: Scheme bypass in PDFium. Credit to Til Jasper Ullrich.
- CVE-2015-6780: Use-after-free in Infobars. Credit to Khalil Zhani.
- CVE-2015-6781: Integer overflow in Sfntly. Credit to miaubiz.
- CVE-2015-6782: Content spoofing in Omnibox. Credit to Luan Herrera.
- CVE-2015-6784: Escaping issue in saved pages. Credit to Inti De
Ceukelaire.
- CVE-2015-6785: Wildcard matching issue in CSP. Credit to Michael
Ficarra.
- CVE-2015-6786: Scheme bypass in CSP. Credit to Michael Ficarra.
* Lengthen GPU timeout (closes: #781940).
* Enable accelerated video decoding (closes: #793815).
-- Michael Gilbert <mgilbert@debian.org> Thu, 03 Dec 2015 00:59:47 +0000
chromium-browser (46.0.2490.71-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2015-6755: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
- CVE-2015-6756: Use-after-free in PDFium. Credit to anonymous.
- CVE-2015-6757: Use-after-free in ServiceWorker. Credit to Collin Payne.
- CVE-2015-6758: Bad-cast in PDFium. Credit to Atte Kettunen of OUSPG.
- CVE-2015-6759: Information leakage in LocalStorage. Credit to Muneaki
Nishimura.
- CVE-2015-6760: Improper error handling in libANGLE. Credit to Ronald
Crane, an independent security researcher.
- CVE-2015-6762: CORS bypass via CSS fonts. Credit to Muneaki Nishimura.
- CVE-2015-6763: Various fixes from internal audits, fuzzing and other
initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 4.6 branch
(currently 4.6.85.23).
-- Michael Gilbert <mgilbert@debian.org> Fri, 16 Oct 2015 01:43:28 +0000
chromium-browser (45.0.2454.101-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2015-1303: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
- CVE-2015-1304: Cross-origin bypass in V8. Credit to Mariusz Mlynski.
-- Michael Gilbert <mgilbert@debian.org> Sat, 26 Sep 2015 15:57:23 +0000
chromium-browser (45.0.2454.85-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2015-1291: Cross-origin bypass in DOM. Credit to anonymous.
- CVE-2015-1292: Cross-origin bypass in ServiceWorker. Credit to Mariusz
Mlynski.
- CVE-2015-1293: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
- CVE-2015-1294: Use-after-free in Skia. Credit to cloudfuzzer.
- CVE-2015-1295: Use-after-free in Printing. Credit to anonymous.
- CVE-2015-1296: Character spoofing in omnibox. Credit to zcorpan.
- CVE-2015-1297: Permission scoping error in WebRequest. Credit to
Alexander Kashev.
- CVE-2015-1298: URL validation error in extensions. Credit to Rob Wu.
- CVE-2015-1299: Use-after-free in Blink. Credit to taro.suzuki.dev.
- CVE-2015-1300: Information leak in Blink. Credit to cgvwzq.
- CVE-2015-1301: Various fixes from internal audits, fuzzing and other
initiatives.
- Multiple vulnerabilities in the libv8 library (updated to 4.5.103.29).
-- Michael Gilbert <mgilbert@debian.org> Tue, 01 Sep 2015 22:07:59 +0000
chromium-browser (44.0.2403.157-1) unstable; urgency=medium
* New upstream stable release:
- GPU process race condition fixed (closes: #794472).
* Use system ffmpeg (closes: #763632):
- Thanks to Andreas Cadhalpun.
-- Michael Gilbert <mgilbert@debian.org> Sun, 23 Aug 2015 22:43:20 +0000
chromium-browser (44.0.2403.107-2) unstable; urgency=medium
* More updates to debian/copyright.
* Add some more instructions for bug presubmission.
* Remove no longer needed mainscript and preinst scripts.
* Use chromium.png in the desktop launcher (closes: #794818).
-- Michael Gilbert <mgilbert@debian.org> Sat, 08 Aug 2015 23:03:26 +0000
chromium-browser (44.0.2403.107-1) unstable; urgency=medium
* New upstream stable release.
* More updates to debian/copyright.
-- Michael Gilbert <mgilbert@debian.org> Sun, 26 Jul 2015 01:41:55 +0000
chromium-browser (44.0.2403.89-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2015-1270: Uninitialized memory read in ICU. Credit to Atte Kettunen.
- CVE-2015-1271: Heap-buffer-overflow in pdfium. Credit to cloudfuzzer.
- CVE-2015-1272: Use-after-free related to unexpected GPU process
termination. Credit to Chamal de Silva.
- CVE-2015-1273: Heap-buffer-overflow in pdfium. Credit to makosoft.
- CVE-2015-1274: Settings allowed executable files to run immediately after
download. Credit to andrewm.bpi.
- CVE-2015-1275: UXSS in Chrome for Android. Credit to WangTao(neobyte).
- CVE-2015-1276: Use-after-free in IndexedDB. Credit to Collin Payne.
- CVE-2015-1277: Use-after-free in accessibility. Credit to SkyLined.
- CVE-2015-1278: URL spoofing using pdf files. Credit to Chamal de Silva.
- CVE-2015-1279: Heap-buffer-overflow in pdfium. Credit to mlafon.
- CVE-2015-1280: Memory corruption in skia. Credit to cloudfuzzer.
- CVE-2015-1281: CSP bypass. Credit to Masato Kinugawa.
- CVE-2015-1282: Use-after-free in pdfium. Credit to Chamal de Silva.
- CVE-2015-1283: Heap-buffer-overflow in expat. Credit to Huzaifa
Sidhpurwala.
- CVE-2015-1284: Use-after-free in blink. Credit to Atte Kettunen.
- CVE-2015-1285: Information leak in XSS auditor. Credit to gazheyes.
- CVE-2015-1286: UXSS in blink. Credit to anonymous.
- CVE-2015-1287: SOP bypass with CSS. Credit to filedescriptor.
- CVE-2015-1288: Spell checking dictionaries fetched over HTTP. Credit to
Mike Ruddy.
- CVE-2015-1289: Various fixes from internal audits, fuzzing and other
initiatives.
* Remove hotword patch, now disabled by default upstream.
-- Michael Gilbert <mgilbert@debian.org> Tue, 21 Jul 2015 22:33:06 +0000
chromium-browser (43.0.2357.130-1) unstable; urgency=medium
* New upstream security release:
- CVE-2015-1266: Scheme validation error in WebUI. Credit to anonymous.
- CVE-2015-1268: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
- CVE-2015-1267: Cross-origin bypass in Blink. Credit to anonymous.
- CVE-2015-1269: Normalization error in HSTS/HPKP preload list. Credit to
Mike Ruddy.
* Don't build the Google Now extension.
* More updates to debian/copyright.
-- Michael Gilbert <mgilbert@debian.org> Tue, 23 Jun 2015 21:43:54 +0000
chromium-browser (43.0.2357.124-3) unstable; urgency=medium
* Fix syntax error in default-flags (closes: #789310).
-- Michael Gilbert <mgilbert@debian.org> Fri, 19 Jun 2015 22:04:28 +0000
chromium-browser (43.0.2357.124-2) unstable; urgency=medium
* More updates to debian/copyright.
* Disable all external component loading.
* Set flag to avoid hidden items in the about:extensions dialog.
-- Michael Gilbert <mgilbert@debian.org> Fri, 19 Jun 2015 05:31:48 +0000
chromium-browser (43.0.2357.124-1) unstable; urgency=medium
* New upstream release.
* Disable wallet extension.
* Remove more sourceless files.
* Remove files no longer included from debian/copright.
-- Michael Gilbert <mgilbert@debian.org> Wed, 17 Jun 2015 03:00:44 +0000
chromium-browser (43.0.2357.81-1) unstable; urgency=medium
* New upstream release fixing missing icon (closes: #786490).
* Disable hotword (closes: #786909).
* Remove some sourceless files.
-- Michael Gilbert <mgilbert@debian.org> Mon, 15 Jun 2015 04:04:34 +0000
chromium-browser (43.0.2357.65-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2015-1252: Sandbox escape in Chrome. Credit to anonymous.
- CVE-2015-1253: Cross-origin bypass in DOM. Credit to anonymous.
- CVE-2015-1254: Cross-origin bypass in Editing. Credit to
armin@rawsec.net.
- CVE-2015-1255: Use-after-free in WebAudio. Credit to Khalil Zhani.
- CVE-2015-1256: Use-after-free in SVG. Credit to Atte Kettunen.
- CVE-2015-1251: Use-after-free in Speech. Credit to SkyLined.
- CVE-2015-1257: Container-overflow in SVG. Credit to miaubiz.
- CVE-2015-1258: Negative-size parameter in Libvpx. Credit to cloudfuzzer
- CVE-2015-1259: Uninitialized value in PDFium. Credit to Atte Kettunen.
- CVE-2015-1260: Use-after-free in WebRTC. Credit to Khalil Zhani.
- CVE-2015-1261: URL bar spoofing. Credit to Juho Nurminen.
- CVE-2015-1262: Uninitialized value in Blink. Credit to miaubiz.
- CVE-2015-1263: Insecure download of spellcheck dictionary. Credit to
Mike Ruddy.
- CVE-2015-1264: Cross-site scripting in bookmarks. Credit to K0r3Ph1L.
- Fix for gzip file downloading (closes: #677948).
- Fix for bookmark navigation (closes: #756211).
* Enable HiDPI (closes: #763421).
* Make chromium-l10n binnmuable.
* Fix Built-Using fields.
-- Michael Gilbert <mgilbert@debian.org> Sat, 09 May 2015 22:37:06 +0000
chromium-browser (42.0.2311.135-2) unstable; urgency=medium
* Remove src/ prefix in debian/copyright.
* Fix path to default configuration files.
* Describe omnibox search in README.debian (closes: 781591).
* Fix application name in the launcher script (closes: #783858).
* Set CHROME_WRAPPER to /usr/bin/chromium by default (closes: #783097).
-- Michael Gilbert <mgilbert@debian.org> Sat, 09 May 2015 14:53:34 +0000
chromium-browser (42.0.2311.135-1) unstable; urgency=medium
[ Michael Gilbert ]
* Remove some unneeded files from the upstream tarball.
* Move default configuration files to /usr/share/chromium.
* New upstream stable release:
- CVE-2015-1243: Use-after-free in DOM. Credit to Saif El-Sherei.
- CVE-2015-1250: Various fixes from internal audits, fuzzing and other
initiatives.
[ Shawn Landden ]
* Suppress first run welcome page.
* Turn off safebrowsing.
* Turn off pinging Google on 404 and other HTTP errors.
-- Michael Gilbert <mgilbert@debian.org> Thu, 30 Apr 2015 01:08:53 +0000
chromium-browser (42.0.2311.90-2) unstable; urgency=medium
* Update debian/copyright.
* Drop some unused patches.
* Drop chromium-inspector package.
* Remove Giuseppe from the uploaders.
- Many thanks for the prior contributions.
* Fix built on text (closes: #782052).
* Fix path to master_preferences (closes: #777708).
* Disable default browser warning (closes: #777265).
* Conflict with libgl1-mesa-swx11 (closes: #776388).
* Add MHTML mimetype to chromium.desktop (closes: #769039).
* Tighten chromium-l10n versioned dependency (closes: #781505).
-- Michael Gilbert <mgilbert@debian.org> Sun, 26 Apr 2015 18:49:52 +0000
chromium-browser (42.0.2311.90-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2015-1235: Cross-origin-bypass in HTML parser. Credit to anonymous.
- CVE-2015-1236: Cross-origin-bypass in Blink. Credit to Amitay Dobo.
- CVE-2015-1237: Use-after-free in IPC. Credit to Khalil Zhani.
- CVE-2015-1238: Out-of-bounds write in Skia. Credit to cloudfuzzer.
- CVE-2015-1240: Out-of-bounds read in WebGL. Credit to w3bd3vil.
- CVE-2015-1241: Tap-Jacking. Credit to Phillip Moon and Matt Weston.
- CVE-2015-1242: Type confusion in V8. Credit to fcole@onshape.com.
- CVE-2015-1244: HSTS bypass in WebSockets. Credit to Mike Ruddy.
- CVE-2015-1245: Use-after-free in PDFium. Credit to Khalil Zhani.
- CVE-2015-1246: Out-of-bounds read in Blink. Credit to Atte Kettunen.
- CVE-2015-1247: Scheme issues in OpenSearch. Credit to Jann Horn.
- CVE-2015-1248: SafeBrowsing bypass. Credit to Vittorio Gambaletta.
- CVE-2015-1249: Various fixes from internal audits, fuzzing and other
initiatives. Also multiple issues in v8 4.2.77.14.
-- Michael Gilbert <mgilbert@debian.org> Thu, 16 Apr 2015 00:12:00 +0000
chromium-browser (41.0.2272.118-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2015-1233: A combination of V8, Gamepad and IPC bugs that can lead
to remote code execution outside of the sandbox.
- CVE-2015-1234: Buffer overflow via race condition in GPU. Credit to
lokihardt working with Pwn2Own and HP’s Zero Day Initiative.
-- Michael Gilbert <mgilbert@debian.org> Thu, 02 Apr 2015 00:33:12 +0000
chromium-browser (41.0.2272.76-2) unstable; urgency=medium
* Install v8 natives and snapshot blob files (closes: #779717).
- Thanks to Jason Rhinelander.
-- Michael Gilbert <mgilbert@debian.org> Fri, 06 Mar 2015 00:59:50 +0000
chromium-browser (41.0.2272.76-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2015-1212: Out-of-bounds write in media. Credit to anonymous.
- CVE-2015-1213: Out-of-bounds write in skia filters. Credit to
cloudfuzzer.
- CVE-2015-1214: Out-of-bounds write in skia filters. Credit to
cloudfuzzer.
- CVE-2015-1215: Out-of-bounds write in skia filters. Credit to
cloudfuzzer.
- CVE-2015-1216: Use-after-free in v8 bindings. Credit to anonymous.
- CVE-2015-1217: Type confusion in v8 bindings. Credit to anonymous.
- CVE-2015-1218: Use-after-free in dom. Credit to cloudfuzzer.
- CVE-2015-1219: Integer overflow in webgl. Credit to Chen Zhang.
- CVE-2015-1220: Use-after-free in gif decoder. Credit to Aki Helin.
- CVE-2015-1221: Use-after-free in web databases. Credit to Collin Payne.
- CVE-2015-1222: Use-after-free in service workers. Credit to Collin Payne.
- CVE-2015-1223: Use-after-free in dom. Credit to Maksymillian Motyl.
- CVE-2015-1224: Out-of-bounds read in vpxdecoder. Credit to Aki Helin.
- CVE-2015-1225: Out-of-bounds read in pdfium. Credit to cloudfuzzer.
- CVE-2015-1226: Validation issue in debugger. Credit to Rob Wu.
- CVE-2015-1227: Uninitialized value in blink. Credit to Christoph Diehl.
- CVE-2015-1228: Uninitialized value in rendering. Credit to miaubiz.
- CVE-2015-1229: Cookie injection via proxies. Credit to iliwoy.
- CVE-2015-1230: Type confusion in v8. Credit to Skylined.
- CVE-2015-1231: Various fixes from internal audits, fuzzing and other
initiatives.
-- Michael Gilbert <mgilbert@debian.org> Wed, 04 Mar 2015 00:11:46 +0000
chromium-browser (40.0.2214.111-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2015-1209: Use-after-free in DOM. Credit to Maksymillian Motyl.
- CVE-2015-1210: Cross-origin-bypass in V8 bindings. Credit to anonymous.
- CVE-2015-1211: Privilege escalation using service workers. Credit to
anonymous.
- CVE-2015-1212: Various fixes from internal audits, fuzzing and other
initiatives.
-- Michael Gilbert <mgilbert@debian.org> Fri, 13 Feb 2015 02:32:16 +0000
chromium-browser (40.0.2214.91-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning.
- CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne.
- CVE-2014-7925: Use-after-free in WebAudio. Credit to mark.buer.
- CVE-2014-7926: Memory corruption in ICU. Credit to yangdingning.
- CVE-2014-7927: Memory corruption in V8. Credit to Christian Holler.
- CVE-2014-7928: Memory corruption in V8. Credit to Christian Holler.
- CVE-2014-7929: Use-after-free in DOM. Credit to cloudfuzzer.
- CVE-2014-7930: Use-after-free in DOM. Credit to cloudfuzzer.
- CVE-2014-7931: Memory corruption in V8. Credit to cloudfuzzer.
- CVE-2014-7932: Use-after-free in DOM. Credit to Atte Kettunen.
- CVE-2014-7933: Use-after-free in FFmpeg. Credit to aohelin.
- CVE-2014-7934: Use-after-free in DOM. Credit to cloudfuzzer.
- CVE-2014-7935: Use-after-free in Speech. Credit to Khalil Zhani.
- CVE-2014-7936: Use-after-free in Views. Credit to Christoph Diehl.
- CVE-2014-7937: Use-after-free in FFmpeg. Credit to Atte Kettunen.
- CVE-2014-7938: Memory corruption in Fonts. Credit to Atte Kettunen.
- CVE-2014-7939: Same-origin-bypass in V8. Credit to Takeshi Terada.
- CVE-2014-7940: Uninitialized-value in ICU. Credit to miaubiz.
- CVE-2014-7941: Out-of-bounds read in UI. Credit to Atte Kettunen and
Christoph Diehl.
- CVE-2014-7942: Uninitialized-value in Fonts. Credit to miaubiz.
- CVE-2014-7943: Out-of-bounds read in Skia. Credit to Atte Kettunen.
- CVE-2014-7944: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
- CVE-2014-7945: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
- CVE-2014-7946: Out-of-bounds read in Fonts. Credit to miaubiz.
- CVE-2014-7947: Out-of-bounds read in PDFium. Credit to fuzztercluck.
- CVE-2014-7948: Caching error in AppCache. Credit to jiayaoqijia.
- CVE-2015-1205: Various fixes from internal audits, fuzzing and other
initiatives.
-- Michael Gilbert <mgilbert@debian.org> Thu, 22 Jan 2015 04:42:18 +0000
chromium-browser (39.0.2171.71-2) unstable; urgency=medium
* Add missing test to chromium.preinst (closes: #771684).
-- Michael Gilbert <mgilbert@debian.org> Tue, 02 Dec 2014 01:30:33 +0000
chromium-browser (39.0.2171.71-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2014-3566: SSLv3 support is now disabled by default.
- CVE-2014-7899: Address bar spoofing. Credit to Eli Grey.
- CVE-2014-7900: Use-after-free in pdfium. Credit to Atte Kettunen.
- CVE-2014-7901: Integer overflow in pdfium. Credit to cloudfuzzer.
- CVE-2014-7902: Use-after-free in pdfium. Credit to cloudfuzzer.
- CVE-2014-7903: Buffer overflow in pdfium. Credit to cloudfuzzer.
- CVE-2014-7904: Buffer overflow in Skia. Credit to Atte Kettunen.
- CVE-2014-7905: Flaw allowing navigation to intents that do not have the
BROWSABLE category. Credit to WangTao(neobyte).
- CVE-2014-7906: Use-after-free in pepper plugins. Credit to Chen Zhang.
- CVE-2014-0574: Double-free in Flash. Credit to biloulehibou.
- CVE-2014-7907: Use-after-free in blink. Credit to Chen Zhang.
- CVE-2014-7908: Integer overflow in media. Credit to Christoph Diehl.
- CVE-2014-7909: Uninitialized memory read in Skia. Credit to miaubiz.
* Display info about upstream ending support for non-sse2 (closes: #769836).
* Remove non-free RFCs from the upstream tarball (closes: #771640).
* Include a conf file for Google's API keys (closes: #748867).
* Handle dangling chromium icon directory (closes: #766420).
* Install icons into the correct path (closes: #767697).
-- Michael Gilbert <mgilbert@debian.org> Mon, 01 Dec 2014 01:13:44 +0000
chromium-browser (38.0.2125.101-3) unstable; urgency=medium
* Ignore dpkg files in /etc/chromium.d (closes: #765959).
* Remove trailing maintscript arguments (closes: #765528).
* Use libjpeg-dev instead of libjpeg8-dev (closes: #765821).
-- Michael Gilbert <mgilbert@debian.org> Fri, 17 Oct 2014 21:27:05 +0000
chromium-browser (38.0.2125.101-2) unstable; urgency=medium
* Disable HiDPI (closes: #764883).
* Fix conffile handling (closes: #764769).
* Correct icon installation logic (closes: #764828).
* Use embedded protobuf code copy (closes: #764911).
* Support larger set of html5 video formats again (closes: #764793).
-- Michael Gilbert <mgilbert@debian.org> Sun, 12 Oct 2014 21:34:26 +0000
chromium-browser (38.0.2125.101-1) unstable; urgency=medium
* New upstream stable release:
- CVE-2014-3188: A special thanks to Jüri Aedla for a combination of V8
and IPC bugs that can lead to remote code execution outside of the
sandbox.
- CVE-2014-3189: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
- CVE-2014-3190: Use-after-free in Events. Credit to cloudfuzzer, Chen
Zhang.
- CVE-2014-3191: Use-after-free in Rendering. Credit to cloudfuzzer.
- CVE-2014-3192: Use-after-free in DOM. Credit to cloudfuzzer.
- CVE-2014-3193: Type confusion in Session Management. Credit to miaubiz.
- CVE-2014-3194: Use-after-free in Web Workers. Credit to Collin Payne.
- CVE-2014-3195: Information Leak in V8. Credit to Jüri Aedla.
- CVE-2014-3196: Permissions bypass in Windows Sandbox. Credit to James
Forshaw.
- CVE-2014-3197: Information Leak in XSS Auditor. Credit to Takeshi
Terada.
- CVE-2014-3198: Out-of-bounds read in PDFium. Credit to Atte Kettunen.
- CVE-2014-3199: Release Assert in V8 bindings. Credit to Collin Payne.
- CVE-2014-3200: Various fixes from internal audits, fuzzing and other
initiatives (Chrome 38).
- Improved support for HiDPI displays (closes: #763421).
* Add libgnome-keyring-dev build dependency (closes: #764548).
* Install desktop file and icons again (closes: #764373).
* Correctly handle old conffiles (closes: #764180).
-- Michael Gilbert <mgilbert@debian.org> Fri, 10 Oct 2014 00:49:02 +0000
chromium-browser (37.0.2062.120-4) unstable; urgency=medium
* Merge changes from the experimental branch.
* Install chromium menu entry (closes: #752855).
* Use /etc/chromium.d for preferences (closes: #762574).
-- Michael Gilbert <mgilbert@debian.org> Sun, 28 Sep 2014 17:39:41 +0000
chromium-browser (37.0.2062.120-3) unstable; urgency=medium
* Build with clang 3.5.
* Enable support for HiDPI displays (closes: #763421).
* Document debian-specific command-line options (closes: #755401).
-- Michael Gilbert <mgilbert@debian.org> Sun, 28 Sep 2014 17:39:41 +0000
chromium-browser (37.0.2062.120-2) unstable; urgency=medium
* Build with clang instead of gcc.
* Add libexif-dev build dependency.
-- Michael Gilbert <mgilbert@debian.org> Sun, 21 Sep 2014 22:57:11 +0000
chromium-browser (37.0.2062.120-1) unstable; urgency=medium
* New upstream stable release (closes: #761090):
- CVE-2014-3160: Same-Origin-Policy bypass in SVG. Credit to Christian
Schneider.
- CVE-2014-3162: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3165: Use-after-free in web sockets. Credit to Collin Payne.
- CVE-2014-3166: Information disclosure in SPDY. Credit to Antoine
Delignat-Lavaud.
- CVE-2014-3167: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3168: Use-after-free in SVG. Credit to cloudfuzzer.
- CVE-2014-3169: Use-after-free in DOM. Credit to Andrzej Dyjak.
- CVE-2014-3170: Extension permission dialog spoofing. Credit to Rob Wu.
- CVE-2014-3171: Use-after-free in bindings. Credit to cloudfuzzer.
- CVE-2014-3172: Issue related to extension debugging. Credit to Eli Grey.
- CVE-2014-3173: Uninitialized memory read in WebGL. Credit to jmuizelaar.
- CVE-2014-3174: Uninitialized memory read in Web Audio. Credit to Atte
Kettunen from OUSPG.
- CVE-2014-3175: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3176: A special reward to lokihardt@asrt for a combination of
bugs in V8, IPC, sync, and extensions that can lead to remote code
execution outside of the sandbox.
- CVE-2014-3177: A special reward to lokihardt@asrt for a combination of
bugs in V8, IPC, sync, and extensions that can lead to remote code
execution outside of the sandbox.
- CVE-2014-3178: Use-after-free in rendering. Credit to miaubiz.
- CVE-2014-3179: Various fixes from internal audits, fuzzing and other
initiatives.
- Fixes segfault in angle with gcc 4.9 (closes: #751652).
- Includes an embedded pdf viewer (closes: #667591).
* Use pristine upstream that doesn't have pre-built nacl (closes: #753761).
* Correct webbrowser spelling in the desktop file (closes: #758143).
* Remove leftover conffiles (closes: #751848).
* Build using gcc 4.9 (closes: #754182).
-- Michael Gilbert <mgilbert@debian.org> Wed, 13 Aug 2014 22:56:16 +0000
chromium-browser (36.0.1985.125-0) experimental; urgency=medium
* New upstream beta release.
* Remove more files from the upstream tarball.
-- Michael Gilbert <mgilbert@debian.org> Wed, 16 Jul 2014 00:49:19 +0000
chromium-browser (36.0.1985.103-1) experimental; urgency=medium
* New upstream beta release.
* Remove android folders.
-- Michael Gilbert <mgilbert@debian.org> Sat, 12 Jul 2014 21:38:26 +0000
chromium-browser (36.0.1985.98-1) experimental; urgency=medium
* New upstream beta release.
* Remove more files from the upstream tarball.
-- Michael Gilbert <mgilbert@debian.org> Sun, 06 Jul 2014 04:05:56 +0000
chromium-browser (36.0.1985.97-1) experimental; urgency=medium
* New upstream beta release.
* Use system srtp, modpbase64, zlib, and minizip.
* Remove srtp files from the upstream tarball (closes: #753826).
-- Michael Gilbert <mgilbert@debian.org> Sun, 06 Jul 2014 00:06:57 +0000
chromium-browser (36.0.1985.84-1) experimental; urgency=medium
* New upstream beta release.
* Remove more files from the upstream tarball.
-- Michael Gilbert <mgilbert@debian.org> Sat, 21 Jun 2014 23:41:14 +0000
chromium-browser (36.0.1985.67-1) experimental; urgency=medium
* New upstream beta release.
* More verbose linking output.
* Fix unwanted output (closes: #751359).
* More robust fix for older processors (closes: #750361).
-- Michael Gilbert <mgilbert@debian.org> Wed, 18 Jun 2014 00:18:47 +0000
chromium-browser (36.0.1985.49-1) experimental; urgency=medium
* New upstream beta release.
* Remove more files from the upstream tarball.
-- Michael Gilbert <mgilbert@debian.org> Sun, 08 Jun 2014 01:49:51 +0000
chromium-browser (36.0.1985.36-1) experimental; urgency=medium
* Use system libre2.
* Remove more files from the upstream tarball.
* Don't set sse2 compiler flags on i386 (closes: #750361).
-- Michael Gilbert <mgilbert@debian.org> Sat, 07 Jun 2014 22:00:14 +0000
chromium-browser (36.0.1985.35-1) experimental; urgency=medium
* Remove more files from the upstream tarball.
* Only include TODO.Debian once (closes: #750568).
-- Michael Gilbert <mgilbert@debian.org> Thu, 05 Jun 2014 20:21:28 +0000
chromium-browser (36.0.1985.32-1) experimental; urgency=medium
* New upstream beta release.
* Add icon to menu entry (closes: #703307).
* Remove third_party/wtl (closes: #647529).
* Update package descriptions (closes: #749673).
-- Michael Gilbert <mgilbert@debian.org> Sat, 31 May 2014 19:05:32 +0000
chromium-browser (36.0.1985.18-2) experimental; urgency=medium
* Add libexif-dev build dependency.
* Add flags to avoid memory exhaustion while linking on i386.
-- Michael Gilbert <mgilbert@debian.org> Mon, 26 May 2014 23:43:25 +0000
chromium-browser (36.0.1985.18-1) experimental; urgency=medium
* New upstream beta release.
* Build with gcc 4.9.
* Rebuild the packaging from scratch using the "lite" upstream packages,
ninja instead of make, debhelper 9 instead of cdbs, and simplified
debian/rules.
* Use system versions of icu, png, jpeg, opus, snappy, and jsoncpp.
* No longer provide get-current-source rule (closes: #585814).
* Add a README.debian document with information about chromium-inspector
and command-line flags (closes: #629505, #649812).
* Add protobuf-compiler, ninja-build, bison, and gperf build dependencies
(closes: #748673).
-- Michael Gilbert <mgilbert@debian.org> Sun, 25 May 2014 03:39:39 +0000
chromium-browser (35.0.1916.153-2) unstable; urgency=medium
* Avoid gcc 4.9 (closes: #751294)
-- Michael Gilbert <mgilbert@debian.org> Thu, 12 Jun 2014 01:11:09 +0000
chromium-browser (35.0.1916.153-1) unstable; urgency=high
* New upstream stable release:
- CVE-2014-3154: Use-after-free in filesystem api. Credit to Collin Payne.
- CVE-2014-3155: Out-of-bounds read in SPDY. Credit to James March, Daniel
Sommermann and Alan Frindell of Facebook.
- CVE-2014-3156: Buffer overflow in clipboard. Credit to Atte Kettunen.
- CVE-2014-3157: Heap overflow in media.
* Don't set sse2 compiler flags on i386 (closes: #750361).
* Prefer libgcrypt11 (closes: #750304).
-- Michael Gilbert <mgilbert@debian.org> Wed, 11 Jun 2014 02:31:22 +0000
chromium-browser (35.0.1916.114-2) unstable; urgency=medium
* Add flags to avoid memory exhaustion while linking on i386
(closes: #746034).
-- Michael Gilbert <mgilbert@debian.org> Tue, 27 May 2014 03:09:00 +0000
chromium-browser (35.0.1916.114-1) unstable; urgency=high
* New upstream stable release:
- CVE-2014-1743: Use-after-free in styles. Credit to cloudfuzzer.
- CVE-2014-1744: Integer overflow in audio. Credit to Aaron Staple.
- CVE-2014-1745: Use-after-free in SVG. Credit to Atte Kettunen.
- CVE-2014-1746: Out-of-bounds read in media filters. Credit to
Holger Fuhrmannek.
- CVE-2014-1747: UXSS with local MHTML file. Credit to packagesu.
- CVE-2014-1748: UI spoofing with scrollbar. Credit to Jordan Milne.
- CVE-2014-1749: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3152: Integer underflow in V8 fixed in version 3.25.28.16.
-- Michael Gilbert <mgilbert@debian.org> Wed, 21 May 2014 23:15:51 +0000
chromium-browser (34.0.1847.137-1) unstable; urgency=medium
* New upstream stable release:
- High CVE-2014-1740: Use-after-free in WebSockets. Credit to Collin
Payne.
- High CVE-2014-1741: Integer overflow in DOM ranges. Credit to John
Butler.
- High CVE-2014-1742: Use-after-free in editing. Credit to cloudfuzzer.
-- Michael Gilbert <mgilbert@debian.org> Sat, 17 May 2014 13:06:30 +0000
chromium-browser (34.0.1847.132-1) unstable; urgency=medium
* New upstream stable release:
- High CVE-2014-1730: Type confusion in V8. Credit to Anonymous.
- High CVE-2014-1731: Type confusion in DOM. Credit to John Butler.
- High CVE-2014-1736: Integer overflow in V8. Credit to SkyLined working
with HP's Zero Day Initiative
- Medium CVE-2014-1732: Use-after-free in Speech Recognition. Credit to
Khalil Zhani
- Medium CVE-2014-1733: Compiler bug in Seccomp-BPF. Credit to Jed Davis
- CVE-2014-1734: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-1735: Multiple vulnerabilities in V8 fixed in version
3.24.35.33.
* Add libkrb5-dev build-dependency (closes: #745794).
* Remove non-free file (closes: #745397).
-- Michael Gilbert <mgilbert@debian.org> Sat, 26 Apr 2014 18:03:53 +0000
chromium-browser (34.0.1847.116-2) unstable; urgency=medium
* Add libgcrypt build-dependency.
-- Michael Gilbert <mgilbert@debian.org> Tue, 15 Apr 2014 00:22:36 +0000
chromium-browser (34.0.1847.116-1) unstable; urgency=high
* New upstream stable release:
- High CVE-2014-1716: UXSS in V8. Credit to Anonymous.
- High CVE-2014-1717: OOB access in V8. Credit to Anonymous.
- High CVE-2014-1718: Integer overflow in compositor. Credit to Aaron
Staple.
- High CVE-2014-1719: Use-after-free in web workers. Credit to Collin
Payne.
- High CVE-2014-1720: Use-after-free in DOM. Credit to cloudfuzzer.
- High CVE-2014-1721: Memory corruption in V8. Credit to Christian Holler.
- High CVE-2014-1722: Use-after-free in rendering. Credit to miaubiz.
- High CVE-2014-1723: Url confusion with RTL characters. Credit to George
McBay.
- High CVE-2014-1724: Use-after-free in speech. Credit to Atte Kettunen.
- Medium CVE-2014-1725: OOB read with window property. Credit to
Anonymous.
- Medium CVE-2014-1726: Local cross-origin bypass. Credit to Jann Horn.
- Medium CVE-2014-1727: Use-after-free in forms. Credit to Khalil Zhani.
- CVE-2014-1728: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-1729: Multiple vulnerabilities in V8 fixed in version
3.24.35.22.
* Remove sourceless javascript files (closes: #735355).
* Remove sourceless swf files (closes: #735344).
-- Michael Gilbert <mgilbert@debian.org> Fri, 11 Apr 2014 01:42:04 +0000
chromium-browser (33.0.1750.152-1) unstable; urgency=high
* [641361a] Disable new GN stuff
* [43cea90] Refreshed patches
* New stable release:
- High CVE-2014-1713: Use-after-free in Blink bindings
- High CVE-2014-1714: Windows clipboard vulnerability
- High CVE-2014-1705: Memory corruption in V8
- High CVE-2014-1715: Directory traversal issue
- High CVE-2014-1700: Use-after-free in speech. Credit to Chamal de Silva.
- High CVE-2014-1701: UXSS in events. Credit to aidanhs.
- High CVE-2014-1702: Use-after-free in web database.
Credit to Collin Payne.
- High CVE-2014-1703: Potential sandbox escape due to a use-after-free
in web sockets.
- CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version 3.23.17.18
- High CVE-2013-6663: Use-after-free in svg images. Credit to Atte
Kettunen of OUSPG.
- High CVE-2013-6664: Use-after-free in speech recognition.
Credit to Khalil Zhani.
- High CVE-2013-6665: Heap buffer overflow in software
rendering. Credit to cloudfuzzer.
- Medium CVE-2013-6666: Chrome allows requests in flash header request.
Credit to netfuzzerr.
- CVE-2013-6667: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2013-6668: Multiple vulnerabilities in V8 fixed in version 3.24.35.10
- High CVE-2013-6653: Use-after-free related to web contents.
Credit to Khalil Zhani.
- High CVE-2013-6654: Bad cast in SVG. Credit to TheShow3511.
- High CVE-2013-6655: Use-after-free in layout. Credit to cloudfuzzer.
- High CVE-2013-6656: Information leak in XSS auditor. Credit to NeexEmil.
- Medium CVE-2013-6657: Information leak in XSS auditor. Credit to NeexEmil
- Medium CVE-2013-6658: Use-after-free in layout. Credit to cloudfuzzer.
- Medium CVE-2013-6659: Issue with certificates validation in
TLS handshake. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan
from Prosecco, Inria Paris.
- Low CVE-2013-6660: Information leak in drag and drop. Credit to
bishopjeffreys.
- Low-High CVE-2013-6661: Various fixes from internal audits, fuzzing
and other initiatives. Of these, seven are fixes for issues that could
have allowed for sandbox escapes from compromised renderers.
-- Giuseppe Iuculano <iuculano@debian.org> Fri, 21 Mar 2014 17:20:44 +0100
chromium-browser (32.0.1700.123-4) unstable; urgency=medium
* Remove polymer.js.min.
-- Michael Gilbert <mgilbert@debian.org> Sun, 09 Mar 2014 22:30:14 +0000
chromium-browser (32.0.1700.123-3) unstable; urgency=medium
* Remove a lot of sourceless files.
* Suggest mozplugger (closes: #626400).
* Use file's -E option (closes: #740476).
* Capitalize Chromium in descriptions (closes: #632928, #715802).
-- Michael Gilbert <mgilbert@debian.org> Sun, 16 Feb 2014 18:50:06 +0000
chromium-browser (32.0.1700.123-2) unstable; urgency=medium
* Build with system libjs-jquery-flot.
* Build chromedriver (closes: #725130).
- Thanks to Vincent Bernat and Adrian Lang.
-- Michael Gilbert <mgilbert@debian.org> Sun, 16 Feb 2014 02:32:18 +0000
chromium-browser (32.0.1700.123-1) unstable; urgency=medium
* [a7cf72b] Refreshed Patches
* [0da7fc2] Added libdrm-dev and libcap-dev in build-deps
* New stable release:
- High CVE-2013-6649: Use-after-free in SVG images. Credit to
Atte Kettunen of OUSPG.
- High CVE-2013-6650: Memory corruption in V8. This issue was
fixed in v8 version 3.22.24.16. Credit to Christian Holler.
- High CVE-2013-6646: Use-after-free in web workers. Credit to
Collin Payne.
- High CVE-2013-6641: Use-after-free related to forms. Credit to
Atte Kettunen of OUSPG.
- High CVE-2013-6643: Unprompted sync with an attacker’s Google
account. Credit to Joao Lucas Melo Brasio.
- CVE-2013-6645 Use-after-free related to speech input elements.
Credit to Khalil Zhani.
- CVE-2013-6644: Various fixes from internal audits, fuzzing and other
initiatives.
-- Giuseppe Iuculano <iuculano@debian.org> Thu, 13 Feb 2014 19:36:17 +0100
chromium-browser (31.0.1650.63-1) unstable; urgency=medium
* New upstream stable release:
- Medium CVE-2013-6634: Session fixation in sync related to 302 redirects.
Credit to Andrey Labunets.
- High CVE-2013-6635: Use-after-free in editing. Credit to cloudfuzzer.
- Medium CVE-2013-6636: Address bar spoofing related to modal dialogs.
Credit to Bas Venis.
- CVE-2013-6637: Various fixes from internal audits, fuzzing and other
initiatives.
- Medium CVE-2013-6638: Buffer overflow in v8. This issue was fixed in v8
version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
- High CVE-2013-6639: Out of bounds write in v8. This issue was fixed in v8
version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
- Medium CVE-2013-6640: Out of bounds read in v8. This issue was fixed in
v8 version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
-- Michael Gilbert <mgilbert@debian.org> Thu, 05 Dec 2013 14:05:22 +0000
chromium-browser (31.0.1650.57-1) unstable; urgency=medium
* New upstream stable release:
- Medium-Critical CVE-2013-2931: Various fixes from internal audits,
fuzzing and other initiatives.
- Medium CVE-2013-6621: Use after free related to speech input elements.
Credit to Khalil Zhani.
- High CVE-2013-6622: Use after free related to media elements. Credit to
cloudfuzzer.
- High CVE-2013-6623: Out of bounds read in SVG. Credit to miaubiz.
- High CVE-2013-6624: Use after free related to “id” attribute strings.
Credit to Jon Butler.
- High CVE-2013-6625: Use after free in DOM ranges. Credit to cloudfuzzer.
- Low CVE-2013-6626: Address bar spoofing related to interstitial warnings.
Credit to Chamal de Silva.
- High CVE-2013-6627: Out of bounds read in HTTP parsing. Credit to
skylined.
- Medium CVE-2013-6628: Issue with certificates not being checked during
TLS renegotiation. Credit to Antoine Delignat-Lavaud and Karthikeyan
Bhargavan from Prosecco of INRIA Paris.
- Medium CVE-2013-6629: Read of uninitialized memory in libjpeg and
libjpeg-turbo. Credit to Michal Zalewski of Google.
- Medium CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo.
Credit to Michal Zalewski of Google.
- High CVE-2013-6631: Use after free in libjingle. Credit to Patrik Höglund
of the Chromium project.
- Critical CVE-2013-6632: Multiple memory corruption issues. Credit to
Pinkie Pie.
* Disable promos by default (closes: #634101).
* Set WANT_TESTS=0 if WANT_TESTS=1 fails (closes: #589654).
* Maintain window ordering when new tabs are opened (closes: #725350).
* Install chromium-inspector files to /usr/share instead of /usr/lib.
* Don't remove third party libraries from the upstream tarball.
* Remove non-default compression selections from debian/rules.
* Build with breakpad crash reporting.
* Fix some lintian warnings.
-- Michael Gilbert <mgilbert@debian.org> Wed, 13 Nov 2013 07:44:55 +0000
chromium-browser (30.0.1599.101-3) unstable; urgency=medium
* Fix sandbox installation path (closes: #728823).
-- Michael Gilbert <mgilbert@debian.org> Thu, 07 Nov 2013 04:24:55 +0000
chromium-browser (30.0.1599.101-2) unstable; urgency=medium
* Use system zlib.
* Remove arm patches.
* Update lintian overrides.
* Remove an unsafe symlink.
* Remove icu build dependency.
* Support poststript printing (closes: #717722).
* Use fonts-ipafont instead of ttf-kochi (closes: #725800).
-- Michael Gilbert <mgilbert@debian.org> Sat, 02 Nov 2013 21:25:50 +0000
chromium-browser (30.0.1599.101-1) unstable; urgency=low
[ Giuseppe Iuculano ]
* New stable release:
- High CVE-2013-2925: Use after free in XHR. Credit to Atte Kettunen of
OUSPG.
- High CVE-2013-2926: Use after free in editing. Credit to
cloudfuzzer.
- High CVE-2013-2927: Use after free in forms. Credit to
cloudfuzzer.
- CVE-2013-2928: Various fixes from internal audits, fuzzing and other
initiatives.
- Medium CVE-2013-2906: Races in Web Audio.
Credit to Atte Kettunen of OUSPG.
- Medium CVE-2013-2907: Out of bounds read in Window.prototype object.
Credit to Boris Zbarsky.
- Medium CVE-2013-2908: Address bar spoofing related to the "204
No Content" status code. Credit to Chamal de Silva.
- High CVE-2013-2909: Use after free in inline-block
rendering. Credit to Atte Kettunen of OUSPG.
- Medium CVE-2013-2910: Use-after-free in Web Audio. Credit to
Byoungyoung Lee of Georgia Tech Information Security Center (GTISC).
- High CVE-2013-2911: Use-after-free in XSLT. Credit to Atte
Kettunen of OUSPG.
- High CVE-2013-2912: Use-after-free in PPAPI. Credit to Chamal
de Silva and 41.w4r10r(at)garage4hackers.com.
- High CVE-2013-2913: Use-after-free in XML document parsing.
Credit to cloudfuzzer.
- High CVE-2013-2914: Use after free in the Windows color
chooser dialog. Credit to Khalil Zhani.
- Low CVE-2013-2915: Address bar spoofing via a malformed scheme.
Credit to Wander Groeneveld.
- High CVE-2013-2916: Address bar spoofing related to the "204
No Content” status code. Credit to Masato Kinugawa.
- Medium CVE-2013-2917: Out of bounds read in Web Audio. Credit
to Byoungyoung Lee and Tielei Wang of Georgia Tech Information
Security Center (GTISC).
- High CVE-2013-2918: Use-after-free in DOM. Credit to
Byoungyoung Lee of Georgia Tech Information Security Center (GTISC).
- High CVE-2013-2919: Memory corruption in V8. Credit to Adam
Haile of Concrete Data.
- Medium CVE-2013-2920: Out of bounds read in URL parsing. Credit to
Atte Kettunen of OUSPG.
- High CVE-2013-2921: Use-after-free in resource loader. Credit
to Byoungyoung Lee and Tielei Wang of Georgia Tech Information
Security Center (GTISC).
- High CVE-2013-2922: Use-after-free in template element. Credit
to Jon Butler.
- CVE-2013-2923: Various fixes from internal audits, fuzzing and other
initiatives (Chrome 30).
- Medium CVE-2013-2924: Use-after-free in ICU. Upstream bug here.
* [6651f1c] Added chrpath to build-depends
* [3c88b20] Refreshed Patches for version 30
* [743a0a6] Make default of third-party cookies the most secure for users.
Thanks to Chad Miller
* [9507f07] Do not install remoting_locales/en-US.pak
* [64b895b] Move chrome_sandbox to chrome-sandbox, chromium reads that file
[ Shawn Landden ]
* [6d027f1] rules: dpkg compresses .deb files with xz by default now
[ Michael Gilbert ]
* [18341ce] add some TODO tasks
-- Giuseppe Iuculano <iuculano@debian.org> Mon, 21 Oct 2013 13:06:14 +0200
chromium-browser (29.0.1547.57-3) unstable; urgency=medium
* Drop transitional packages (closes: #684369).
* Fix another copyright file syntax error.
* Remove libav build dependencies.
* Fix lintian override syntax.
* Fix version control URL.
* Use system vpx.
-- Michael Gilbert <mgilbert@debian.org> Tue, 27 Aug 2013 01:01:35 +0000
chromium-browser (29.0.1547.57-2) unstable; urgency=medium
* Mark chromium-inspector as multi-arch: foreign (closes: #695229).
* Use system libpng (closes: #699918).
* Fix copyright file syntax error.
* Drop implicit g++ dependency.
* Add some lintian overrides.
* Update my email address.
* Remove unsafe symlink.
-- Michael Gilbert <mgilbert@debian.org> Sun, 25 Aug 2013 02:15:35 +0000
chromium-browser (29.0.1547.57-1) unstable; urgency=medium
[ Michael Gilbert ]
* New upstream stable release:
- High CVE-2013-2900: Incomplete path sanitization in file handling. Credit
to Krystian Bigaj.
- Low CVE-2013-2905: Information leak via overly broad permissions on
shared memory files. Credit to Christian Jaeger.
- High CVE-2013-2901: Integer overflow in ANGLE. Credit to Alex Chapman.
- High CVE-2013-2902: Use after free in XSLT. Credit to cloudfuzzer.
- High CVE-2013-2903: Use after free in media element. Credit to
cloudfuzzer.
- High CVE-2013-2904: Use after free in document parsing. Credit to
cloudfuzzer.
- CVE-2013-2887: Various fixes from internal audits, fuzzing and other
initiatives (Chrome 29).
* Remove unused webkit layout tests (closes: 720446).
* Use source package name for get-orig-source rule.
* Remove gfdl documentation (closes: #708860).
* Build-depend on git.
[ Shawn Landden ]
* New standards version.
* Use canonical VCS url.
* Always use system includes rather than ones of a chroot.
-- Michael Gilbert <mgilbert@debian.org> Sat, 24 Aug 2013 20:14:52 +0000
chromium-browser (28.0.1500.95-3) unstable; urgency=medium
* Fix placement of -fuse-ld=gold in ldflags.
-- Michael Gilbert <mgilbert@debian.org> Thu, 01 Aug 2013 16:38:05 +0000
chromium-browser (28.0.1500.95-2) unstable; urgency=medium
* Use -fuse-ld=gold instead of binutils-gold.
* Drop libv8-dev build-dependency.
-- Michael Gilbert <mgilbert@debian.org> Wed, 31 Jul 2013 20:22:33 +0000
chromium-browser (28.0.1500.95-1) unstable; urgency=medium
* New upstream stable release:
- Medium CVE-2013-2881: Origin bypass in frame handling. Credit to Karthik
Bhargavan.
- High CVE-2013-2882: Type confusion in V8. Credit to Cloudfuzzer.
- High CVE-2013-2883: Use-after-free in MutationObserver. Credit to
Cloudfuzzer.
- High CVE-2013-2884: Use-after-free in DOM. Credit to Ivan Fratric of
Google Security Team.
- High CVE-2013-2885: Use-after-free in input handling. Credit to Ivan
Fratric of Google Security Team.
- High CVE-2013-2886: Various fixes from internal audits, fuzzing and other
initiatives.
-- Michael Gilbert <mgilbert@debian.org> Tue, 30 Jul 2013 20:34:19 +0000
chromium-browser (28.0.1500.71-2) unstable; urgency=medium
* Disable armhf.
* Remove outdated patches.
* Eliminate special handling for old compiler versions.
-- Michael Gilbert <mgilbert@debian.org> Mon, 15 Jul 2013 18:40:47 +0000
chromium-browser (28.0.1500.71-1) unstable; urgency=medium
[ Michael Gilbert ]
* New upstream stable release:
- Low CVE-2013-2867: Block pop-unders in various scenarios.
- High CVE-2013-2879: Confusion setting up sign-in and sync. Credit to
Andrey Labunets.
- Medium CVE-2013-2868: Incorrect sync of NPAPI extension component. Credit
to Andrey Labunets.
- Medium CVE-2013-2869: Out-of-bounds read in JPEG2000 handling. Credit to
Felix Groebert of Google Security Team.
- Critical CVE-2013-2870: Use-after-free with network sockets. Credit to
Collin Payne.
- Medium CVE-2013-2853: Man-in-the-middle attack against HTTP in SSL.
Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco
at INRIA Paris.
- High CVE-2013-2871: Use-after-free in input handling. Credit to miaubiz.
- High CVE-2013-2873: Use-after-free in resource loading. Credit to
miaubiz.
- Medium CVE-2013-2875: Out-of-bounds-read in SVG. Credit to miaubiz.
- Medium CVE-2013-2876: Extensions permissions confusion with
interstitials. Credit to Dev Akhawe.
- Low CVE-2013-2877: Out-of-bounds read in XML parsing. Credit to Aki Helin
of OUSPG.
- None: Remove the “viewsource” attribute on iframes. Credit to Collin
Jackson.
- Medium CVE-2013-2878: Out-of-bounds read in text handling. Credit to Atte
Kettunen of OUSPG.
- High CVE-2013-2880: Various fixes from internal audits, fuzzing and other
initiatives. Credit to Chrome 28 team.
* Install mksnapshot.
[ Shawn Landden ]
* Enable armhf.
* Build with system libwebp when version >= 0.3.0.
-- Michael Gilbert <mgilbert@debian.org> Fri, 12 Jul 2013 15:19:18 +0000
chromium-browser (27.0.1453.110-2) unstable; urgency=low
[ Michael Gilbert ]
* Use default gcc.
* Enable verbose build.
* Support gcc 4.8 (closes: #701256).
* Disable pie hardening flag due to ffmpeg linking issue.
[ Giuseppe Iuculano ]
* Remove hardening-wrapper and switch to dpkg-buildflags.
-- Michael Gilbert <mgilbert@debian.org> Sun, 07 Jul 2013 20:06:05 +0000
chromium-browser (27.0.1453.110-1) unstable; urgency=low
* New stable release:
- Medium CVE-2013-2855: Memory corruption in dev tools API.
Credit to "daniel.zulla".
- High CVE-2013-2856: Use-after-free in input handling. Credit
to miaubiz.
- High CVE-2013-2857: Use-after-free in image handling. Credit
to miaubiz.
- High CVE-2013-2858: Use-after-free in HTML5 Audio. Credit to
"cdel921".
- High CVE-2013-2859: Cross-origin namespace pollution. Credit
to "bobbyholley".
- High CVE-2013-2860: Use-after-free with workers accessing
database APIs. Credit to Collin Payne.
- High CVE-2013-2861: Use-after-free with SVG. Credit to
miaubiz.
- High CVE-2013-2862: Memory corruption in Skia GPU handling.
Credit to Atte Kettunen of OUSPG.
- Critical CVE-2013-2863: Memory corruption in SSL socket handling.
Credit to Sebastien Marchand of the Chromium development community.
- High CVE-2013-2864: Bad free in PDF viewer. Credit to Mateusz
Jurczyk, with contributions by Gynvael Coldwind, both from Google Security
Team.
- High CVE-2013-2865: Various fixes from internal audits, fuzzing and
other initiatives.
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 05 Jun 2013 17:00:28 +0200
chromium-browser (27.0.1453.93-1) unstable; urgency=low
* New stable release:
- High CVE-2013-2837: Use-after-free in SVG. Credit to Sławomir Błażek.
- Medium CVE-2013-2838: Out-of-bounds read in v8. Credit to Christian
Holler.
- High CVE-2013-2839: Bad cast in clipboard handling. Credit to Jon of MWR
InfoSecurity.
- High CVE-2013-2840: Use-after-free in media loader. Credit to Nils of
MWR InfoSecurity.
- High CVE-2013-2841: Use-after-free in Pepper resource handling. Credit
to Chamal de Silva.
- High CVE-2013-2842: Use-after-free in widget handling. Credit to Cyril
Cattiaux.
- High CVE-2013-2843: Use-after-free in speech handling. Credit to Khalil
Zhani.
- High CVE-2013-2844: Use-after-free in style resolution. Credit to Sachin
Shinde (@cons0ul).
- High CVE-2013-2845: Memory safety issues in Web Audio. Credit to Atte
Kettunen of OUSPG.
- High CVE-2013-2846: Use-after-free in media loader. Credit to Chamal de
Silva.
- High CVE-2013-2847: Use-after-free race condition with workers. Credit
to Collin Payne.
- Medium CVE-2013-2848: Possible data extraction with XSS Auditor. Credit
to Egor Homakov.
- Low CVE-2013-2849: Possible XSS with drag+drop or copy+paste. Credit to
Mario Heiderich.
-- Michael Gilbert <mgilbert@debian.org> Wed, 22 May 2013 03:03:49 +0000
chromium-browser (26.0.1410.43-1) unstable; urgency=medium
* New stable release:
- High CVE-2013-0916: Use-after-free in Web Audio. Credit to Atte Kettunen
of OUSPG.
- Low CVE-2013-0917: Out-of-bounds read in URL loader. Credit to Google
Chrome Security Team (Cris Neckar).
- Low CVE-2013-0918: Do not navigate dev tools upon drag and drop. Credit
to Vsevolod Vlasov of the Chromium development community.
- Medium CVE-2013-0919: Use-after-free with pop-up windows in extensions.
Credit to Google Chrome Security Team (Mustafa Emre Acer).
- Medium CVE-2013-0920: Use-after-free in extension bookmarks API. Credit
to Google Chrome Security Team (Mustafa Emre Acer).
- High CVE-2013-0921: Ensure isolated web sites run in their own processes.
- Low CVE-2013-0922: Avoid HTTP basic auth brute force attempts. Credit to
“t3553r”.
- Medium CVE-2013-0923: Memory safety issues in the USB Apps API. Credit to
Google Chrome Security Team (Mustafa Emre Acer).
- Low CVE-2013-0924: Check an extension’s permissions API usage again file
permissions. Credit to Benjamin Kalman of the Chromium development
community.
- Low CVE-2013-0925: Avoid leaking URLs to extensions without the tabs
permissions. Credit to Michael Vrable of Google.
- Medium CVE-2013-0926: Avoid pasting active tags in certain situations.
Credit to Subho Halder, Aditya Gupta, and Dev Kar of xys3c.
* Use embedded libvpx for vp9 support, which chromium now requires.
* Add libspeechd-dev build-dependency.
* Disable breakpad crash reporting.
-- Michael Gilbert <mgilbert@debian.org> Sat, 30 Mar 2013 14:44:33 +0000
chromium-browser (25.0.1364.160-1) unstable; urgency=high
* New stable security release:
- High CVE-2013-0912: Type confusion in WebKit. Credit to Nils and Jon of
MWR Labs.
-- Michael Gilbert <mgilbert@debian.org> Fri, 08 Mar 2013 03:46:20 +0000
chromium-browser (25.0.1364.152-1) unstable; urgency=high
* [8761d73] Remove armel and armhf. We cannot support them in wheezy
* New stable security release:
- High CVE-2013-0902: Use-after-free in frame loader. Credit to
Chamal de Silva.
- High CVE-2013-0903: Use-after-free in browser navigation
handling. Credit to "chromium.khalil".
- High CVE-2013-0904: Memory corruption in Web Audio.
Credit to Atte Kettunen of OUSPG.
- High CVE-2013-0905: Use-after-free with SVG animations.
Credit to Atte Kettunen of OUSPG.
- High CVE-2013-0906: Memory corruption in Indexed DB. Credit to Google
Chrome Security Team (Jüri Aedla).
- Medium CVE-2013-0907: Race condition in media thread handling. Credit
to Andrew Scherkus of the Chromium development community.
- Medium CVE-2013-0908: Incorrect handling of bindings for extension
processes.
- Low CVE-2013-0909: Referer leakage with XSS Auditor. Credit to Egor
Homakov.
- Medium CVE-2013-0910: Mediate renderer -> browser plug-in loads more
strictly. Credit to Google Chrome Security Team (Chris Evans).
- High CVE-2013-0911: Possible path traversal in database handling.
Credit to Google Chrome Security Team (Jüri Aedla).
-- Giuseppe Iuculano <iuculano@debian.org> Tue, 05 Mar 2013 11:14:34 +0100
chromium-browser (25.0.1364.97-1) unstable; urgency=low
* New stable release:
- High CVE-2013-0879: Memory corruption with web audio
node. Credit to Atte Kettunen of OUSPG.
- High CVE-2013-0880: Use-after-free in database handling.
Credit to Chamal de Silva.
- Medium CVE-2013-0881: Bad read in Matroska handling. Credit to
Atte Kettunen of OUSPG.
- High CVE-2013-0882: Bad memory access with excessive SVG
parameters. Credit to Renata Hodovan.
- Medium CVE-2013-0883: Bad read in Skia. Credit to Atte
Kettunen of OUSPG.
- Low CVE-2013-0884: Inappropriate load of NaCl. Credit to Google
Chrome Security Team (Chris Evans).
- Medium CVE-2013-0885: Too many API permissions granted to web store.
- Low CVE-2013-0887: Developer tools process has too many
permissions and places too much trust in the connected server.
- Medium CVE-2013-0888: Out-of-bounds read in Skia. Credit to Google
Chrome Security Team (Inferno).
- Low CVE-2013-0889: Tighten user gesture check for dangerous file
downloads.
- High CVE-2013-0890: Memory safety issues across the IPC
layer. Credit to Google Chrome Security Team (Chris Evans).
- High CVE-2013-0891: Integer overflow in blob handling. Credit to
Google Chrome Security Team (Jüri Aedla).
- Medium CVE-2013-0892: Lower severity issues across the IPC layer.
Credit to Google Chrome Security Team (Chris Evans).
- Medium CVE-2013-0893: Race condition in media handling. Credit to
Andrew Scherkus of the Chromium development community.
- High CVE-2013-0894: Buffer overflow in vorbis decoding. Credit to
Google Chrome Security Team (Inferno).
- High CVE-2013-0895: Incorrect path handling in file
copying. Credit to Google Chrome Security Team (Jüri Aedla).
- High CVE-2013-0896: Memory management issues in plug-in message
handling. Credit to Google Chrome Security Team (Cris Neckar).
- High CVE-2013-0898: Use-after-free in URL handling. Credit to
Alexander Potapenko of the Chromium development community.
- Low CVE-2013-0899: Integer overflow in Opus handling. Credit to
Google Chrome Security Team (Jüri Aedla).
- Medium CVE-2013-0900: Race condition in ICU. Credit to Google Chrome
Security Team (Inferno).
* [a5f15ae] Added libpci-dev to B-depends
* [ace2b7a] Refreshed patches
* [32c84fa] Install remoting_locales
* [f868804] Do not enable NEON on ARM, thanks Ubuntu.
* [d1a3e36] Ignore stamp files in missing checks
-- Giuseppe Iuculano <iuculano@debian.org> Sat, 23 Feb 2013 11:45:07 +0100
chromium-browser (24.0.1312.68-1) unstable; urgency=high
* New stable release:
- High CVE-2013-0839: Use-after-free in canvas font handling.
Credit to Atte Kettunen of OUSPG.
- Medium CVE-2013-0840: Missing URL validation when opening new
windows.
- High CVE-2013-0841: Unchecked array index in content blocking. Credit
to Google Chrome Security Team (Chris Evans).
- Medium CVE-2013-0842: Problems with NULL characters embedded in
paths. Credit to Google Chrome Security Team (Jüri Aedla).
- High CVE-2012-5145: Use-after-free in SVG layout. Credit to
Atte Kettunen of OUSPG.
- High CVE-2012-5146: Same origin policy bypass with malformed
URL. Credit to Erling A Ellingsen and Subodh Iyengar, both of Facebook.
- High CVE-2012-5147: Use-after-free in DOM handling. Credit to
José A. Vázquez.
- Medium CVE-2012-5148: Missing filename sanitization in hyphenation
support. Credit to Google Chrome Security Team (Justin Schuh).
- High CVE-2012-5149: Integer overflow in audio IPC handling. Credit to
Google Chrome Security Team (Chris Evans).
- High CVE-2012-5150: Use-after-free when seeking video. Credit to
Google Chrome Security Team (Inferno).
- High CVE-2012-5151: Integer overflow in PDF JavaScript. Credit to
Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google
Security Team.
- Medium CVE-2012-5152: Out-of-bounds read when seeking video. Credit
to Google Chrome Security Team (Inferno).
- High CVE-2012-5153: Out-of-bounds stack access in v8. Credit to
Andreas Rossberg of the Chromium development community.
- High CVE-2013-0829: Corruption of database metadata leading to
incorrect file access. Credit to Google Chrome Security Team (Jüri Aedla).
- Low CVE-2013-0831: Possible path traversal from extension process.
Credit to Google Chrome Security Team (Tom Sepez).
- [160380] Medium CVE-2013-0832: Use-after-free with printing. Credit to Google
Chrome Security Team (Cris Neckar).
- Medium CVE-2013-0833: Out-of-bounds read with printing. Credit to
Google Chrome Security Team (Cris Neckar).
- Medium CVE-2013-0834: Out-of-bounds read with glyph handling. Credit
to Google Chrome Security Team (Cris Neckar).
- Low CVE-2013-0835: Browser crash with geolocation. Credit to Arthur
Gerkis.
- High CVE-2013-0836: Crash in v8 garbage collection. Credit to Google
Chrome Security Team (Cris Neckar).
- Medium CVE-2013-0837: Crash in extension tab handling. Credit to Tom
Nielsen.
- Low CVE-2013-0838: Tighten permissions on shared memory
segments. Credit to Google Chrome Security Team (Chris Palmer).
- High CVE-2012-5139: Use-after-free with visibility events.
Credit to Chamal de Silva.
- High CVE-2012-5140: Use-after-free in URL loader. Credit to
Chamal de Silva.
- Medium CVE-2012-5141: Limit Chromoting client plug-in instantiation.
Credit to Google Chrome Security Team (Jüri Aedla).
- Critical CVE-2012-5142: Crash in history navigation. Credit to Michal
Zalewski of Google Security Team.
- Medium CVE-2012-5143: Integer overflow in PPAPI image buffers. Credit
to Google Chrome Security Team (Cris Neckar).
- High CVE-2012-5144: Stack corruption in AAC decoding. Credit
to pawlkt.
- High CVE-2012-5138: Incorrect file path handling. Credit to Google
Chrome Security Team (Jüri Aedla).
- High CVE-2012-5137: Use-after-free in media source handling.
Credit to Pinkie Pie.
- High CVE-2012-5133: Use-after-free in SVG filters. Credit to
miaubiz.
- Medium CVE-2012-5130: Out-of-bounds read in Skia. Credit to
Atte Kettunen of OUSPG.
- Low CVE-2012-5132: Browser crash with chunked encoding. Credit to
Attila Szász.
- High CVE-2012-5134: Buffer underflow in libxml. Credit to Google
Chrome Security Team (Jüri Aedla).
- Medium CVE-2012-5135: Use-after-free with printing. Credit to Fermin
Serna of Google Security Team.
- Medium CVE-2012-5136: Bad cast in input element handling. Credit to
Google Chrome Security Team (Inferno).
- Medium CVE-2012-5127: Integer overflow leading to
out-of-bounds read in WebP handling. Credit to Phil Turnbull.
- [Linux 64-bit only] Medium CVE-2012-5120: Out-of-bounds array
access in v8. Credit to Atte Kettunen of OUSPG.
- High CVE-2012-5116: Use-after-free in SVG filter handling.
Credit to miaubiz.
- High CVE-2012-5121: Use-after-free in video layout. Credit to
Atte Kettunen of OUSPG.
- Low CVE-2012-5117: Inappropriate load of SVG subresource in img
context. Credit to Felix Gröbert of the Google Security Team.
- Medium CVE-2012-5119: Race condition in Pepper buffer handling.
Credit to Fermin Serna of the Google Security Team.
- Medium CVE-2012-5122: Bad cast in input handling. Credit to Google
Chrome Security Team (Inferno).
- Medium CVE-2012-5123: Out-of-bounds reads in Skia. Credit to
Google Chrome Security Team (Inferno).
- High CVE-2012-5124: Memory corruption in texture handling. Credit to
Al Patrick of the Chromium development community.
- Medium CVE-2012-5125: Use-after-free in extension tab handling.
Credit to Alexander Potapenko of the Chromium development community.
- Medium CVE-2012-5126: Use-after-free in plug-in placeholder handling.
Credit to Google Chrome Security Team (Inferno).
- High CVE-2012-5128: Bad write in v8. Credit to Google Chrome Security
Team (Cris Neckar).
* [574d76c] Override the lintian flag:
embedded-library usr/lib/chromium/libffmpegsumo.so: libavcodec
* [3105012] Updated changelog
* [ac9c032] Use explicit library dependencies instead of dlopen
* [1ad217c] Fixed CHANNELS_URL
* [7c2d359] Drop SCM revision from the version
* [ca31c0c] Install all chromium libs
* [167aea7] Use internal copy of libpng. This is necessary because with
system libpng render process is consuming 100% CPU
(see http://code.google.com/p/chromium/issues/detail?id=174603)
* [8742d82] debian/patches/pulse_ftbfs.patch: Fix FTBFS
* [9e76ec7] Refreshed patches
* [1c6f4c3] Use Debian api key
* [cdf5c74] Refreshed patches
* [ad9480c] Remove useless embedded copy of documentation from source
containing non DFSG-compliant material:
- src/native_client/toolchain/linux_x86/info
- src/native_client/toolchain/linux_x86/man
- src/native_client/toolchain/linux_x86/share/info
- src/native_client/toolchain/linux_x86/x86_64-nacl/share/info
- src/native_client/toolchain/linux_x86_newlib/info
- src/native_client/toolchain/linux_x86_newlib/man
- src/native_client/toolchain/linux_x86_newlib/share/info
(Closes: #695703)
* [31ea388] Fixed Homepage field.
Thanks to Dmitry Shachnev (Closes: #686561)
* [d509e07] Override the lintian flag: embedded-library usr/lib/chromium/chromium: libpng
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 06 Feb 2013 15:34:17 +0100
chromium-browser (22.0.1229.94~r161065-3) unstable; urgency=medium
* Use system vpx library again (resolves armel build failures).
-- Michael Gilbert <mgilbert@debian.org> Sun, 28 Oct 2012 00:55:58 -0400
chromium-browser (22.0.1229.94~r161065-2) unstable; urgency=medium
* [574d76c] Override the lintian flag: embedded-library
usr/lib/chromium/libffmpegsumo.so: libavcodec
-- Giuseppe Iuculano <iuculano@debian.org> Tue, 23 Oct 2012 17:51:56 +0200
chromium-browser (22.0.1229.94~r161065-1) unstable; urgency=medium
* New stable release:
- High CVE-2012-2889: UXSS in frame handling. Credit to
Sergey Glazunov.
- High CVE-2012-2886: UXSS in v8 bindings. Credit to Sergey
Glazunov.
- High CVE-2012-2881: DOM tree corruption with plug-ins. Credit
to Chamal de Silva.
- High CVE-2012-2876: Buffer overflow in SSE2 optimizations.
Credit to Atte Kettunen of OUSPG.
- High CVE-2012-2883: Out-of-bounds write in Skia. Credit to
Atte Kettunen of OUSPG.
- High CVE-2012-2887: Use-after-free in onclick handling.
Credit to Atte Kettunen of OUSPG.
- High CVE-2012-2888: Use-after-free in SVG text references.
Credit to miaubiz.
- High CVE-2012-2894: Crash in graphics context handling.
Credit to Sławomir Błażek.
- Medium CVE-2012-2877: Browser crash with extensions and modal
dialogs. Credit to Nir Moshe.
- Low CVE-2012-2879: DOM topology corruption. Credit to pawlkt.
- Medium CVE-2012-2884: Out-of-bounds read in Skia. Credit to
Atte Kettunen of OUSPG.
- High CVE-2012-2874: Out-of-bounds write in Skia. Credit to Google
Chrome Security Team (Inferno).
- High CVE-2012-2878: Use-after-free in plug-in handling. Credit to
Fermin Serna of Google Security Team.
- Medium CVE-2012-2880: Race condition in plug-in paint buffer. Credit
to Google Chrome Security Team (Cris Neckar).
- High CVE-2012-2882: Wild pointer in OGG container handling. Credit to
Google Chrome Security Team (Inferno).
- Medium CVE-2012-2885: Possible double free on exit. Credit to the
Chromium development community.
- Low CVE-2012-2891: Address leak over IPC. Credit to Lei Zhang of the
Chromium development community.
- Low CVE-2012-2892: Pop-up block bypass. Credit to Google Chrome
Security Team (Cris Neckar).
- High CVE-2012-2893: Double free in XSL transforms. Credit to Google
Chrome Security Team (Cris Neckar).
- High CVE-2012-2900: Crash in Skia text rendering.
Credit to Atte Kettunen of OUSPG.
- Critical CVE-2012-5108: Race condition in audio device
handling. Credit to Atte Kettunen of OUSPG.
- Medium CVE-2012-5109: OOB read in ICU regex. Credit to Arthur
Gerkis.
- Medium CVE-2012-5110: Out-of-bounds read in compositor. Credit to
Google Chrome Security Team (Inferno).
- Low CVE-2012-5111: Plug-in crash monitoring was missing for Pepper
plug-ins. Credit to Google Chrome Security Team (Chris Evans).
- Critical CVE-2012-5112: SVG use-after-free and IPC arbitrary file write.
Credit to Pinkie Pie.
* [3de18b6] Use zlib internal copy. This is necessary due to the CRIME work
around. We can use the system zlib when chrome will remove
SPDY 2/3 support.
* [3b9811a] Updated patches
* [152902d] Install libvpx_obj_int_extract
-- Giuseppe Iuculano <iuculano@debian.org> Mon, 01 Oct 2012 15:22:27 +0200
chromium-browser (21.0.1180.89~r154005-1) unstable; urgency=high
* New stable security release:
- Medium CVE-2012-2865: Out-of-bounds read in line breaking. Credit to miaubiz.
- High CVE-2012-2866: Bad cast with run-ins. Credit to miaubiz.
- Low CVE-2012-2867: Browser crash with SPDY.
- Medium CVE-2012-2868: Race condition with workers and XHR.
Credit to miaubiz.
- High CVE-2012-2869: Avoid stale buffer in URL loading. Credit to
Fermin Serna of the Google Security Team.
- Low CVE-2012-2870: Lower severity memory management issues
in XPath. Credit to Nicolas Gregoire.
- High CVE-2012-2871: Bad cast in XSL transforms. Credit to
Nicolas Gregoire.
- Medium CVE-2012-2872: XSS in SSL interstitial. Credit to
Emmanuel Bronshtein.
-- Giuseppe Iuculano <iuculano@debian.org> Fri, 31 Aug 2012 11:24:58 +0200
chromium-browser (21.0.1180.75~r150248-1) unstable; urgency=medium
[ Shawn Landden ]
* [b7c6ba3] update changelog to record changes in last upload
* [3c6a149] master_prefs: don't go straight to internet, don't prompt to change default browser
* [e441276] initial_bookmarks.html: add Debian support page
* [2bb621a] compress source tarball as xz (Closes: #676774)
[ Giuseppe Iuculano ]
* New stable minor release fixing the following issues:
- REGRESSION: Rendering difference in Chrome 21 and 22 that affected on
Persian Wikipedia
- Some known crashes
- Audio objects are not "switched" immediately
- Print and Print Preview ignore paper size default in printer config
- Candidate windows is shown in wrong place in Retina display
- more of the choppy and distorted audio issues
- Japanese characters showing in Chinese font
- Sync invalidation notification broken after restart
-- Giuseppe Iuculano <iuculano@debian.org> Fri, 10 Aug 2012 17:31:57 +0200
chromium-browser (21.0.1180.57~r148591-1) unstable; urgency=medium
[ Giuseppe Iuculano ]
* [fd04758] Install demo extension
* New upstream stable release:
- Medium CVE-2012-2846: Cross-process interference in
renderers. Credit to Google Chrome Security Team (Julien Tinnes).
- Low CVE-2012-2847: Missing re-prompt to user upon excessive
downloads. Credit to Matt Austin of Aspect Security.
- Medium CVE-2012-2848: Overly broad file access granted after
drag+drop. Credit to Matt Austin of Aspect Security.
- Low CVE-2012-2849: Off-by-one read in GIF decoder. Credit to Atte
Kettunen of OUSPG.
- Medium CVE-2012-2853: webRequest can interfere with the Chrome Web
Store. Credit to Trev of Adblock.
- Low CVE-2012-2854: Leak of pointer values to WebUI renderers. Credit
to Nasko Oskov of the Chromium development community.
- High CVE-2012-2855: Use-after-free in PDF viewer. Credit to Mateusz
Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of
Google Security Team.
- High CVE-2012-2857: Use-after-free in CSS DOM. Credit to
- Arthur Gerkis.
- High CVE-2012-2858: Buffer overflow in WebP decoder. Credit
to Jüri Aedla.
- Critical CVE-2012-2859: Crash in tab handling. Credit to
Jeff Roberts of Google Security Team.
- Medium CVE-2012-2860: Out-of-bounds access when clicking in date
picker. Credit to Chamal de Silva.
[ Shawn Landden ]
* [0d2e43a9] Switch to xz/lzma2 compression for debs. (from lzma)
* [e3e9a801] replace incorrect prefs.patch with patch from OpenSUSE
* [faed2b9e] /etc/chromium/master_preferences: don't bug user for
Google account.
-- Giuseppe Iuculano <iuculano@debian.org> Tue, 07 Aug 2012 10:55:17 +0200
chromium-browser (20.0.1132.57~r145807-1) unstable; urgency=medium
[ Michael Gilbert ]
* New ustream stable security release:
- [129898] High CVE-2012-2842: Use-after-free in counter handling. Credit
to miaubiz.
- [130595] High CVE-2012-2843: Use-after-free in layout height tracking.
Credit to miaubiz.
- [133450] High CVE-2012-2844: Bad object access with JavaScript in PDF.
Credit to Alexey Samsonov of Google.
[ Shawn Landden ]
* Revert "Do not use binutils-gold in armel and armhf".
* Update vpx patch to use system headers (Closes: #674728).
* Fixup skia fixup for <armv6.
-- Michael Gilbert <mgilbert@debian.org> Fri, 13 Jul 2012 15:31:11 -0400
chromium-browser (20.0.1132.43~r143823-1) unstable; urgency=high
* New stable release
- Low CVE-2012-2815: Leak of iframe fragment id. Credit to Elie
Bursztein of Google.
- High CVE-2012-2817: Use-after-free in table section handling.
Credit to miaubiz.
- High CVE-2012-2818: Use-after-free in counter layout. Credit
to miaubiz.
- High CVE-2012-2819: Crash in texture handling. Credit to Ken "gets"
Russell of the Chromium development community.
- Medium CVE-2012-2820: Out-of-bounds read in SVG filter handling.
Credit to Atte Kettunen of OUSPG.
- Medium CVE-2012-2821: Autofill display problem. Credit to
"simonbrown60"
- High CVE-2012-2823: Use-after-free in SVG resource handling.
Credit to miaubiz.
- High CVE-2012-2824: Use-after-free in SVG painting. Credit to
miaubiz.
- Medium CVE-2012-2826: Out-of-bounds read in texture conversion.
Credit to Google Chrome Security Team (Inferno).
- High CVE-2012-2829: Use-after-free in first-letter handling.
Credit to miaubiz.
- High CVE-2012-2830: Wild pointer in array value setting.
Credit to miaubiz.
- [130356] High CVE-2012-2831: Use-after-free in SVG reference handling.
Credit to miaubiz.
- High CVE-2012-2834: Integer overflow in Matroska container.
Credit to Jüri Aedla.
-- Giuseppe Iuculano <iuculano@debian.org> Sat, 30 Jun 2012 14:33:40 +0200
chromium-browser (20.0.1132.41~r143299-1) unstable; urgency=medium
* [98cf55e] Do not use binutils-gold in armel and armhf
* New beta release
-- Giuseppe Iuculano <iuculano@debian.org> Fri, 22 Jun 2012 16:41:48 +0200
chromium-browser (20.0.1132.34~r141824-1) unstable; urgency=low
* [29f002e] Add -DUSE_EABI_HARDFLOAT in gyp defines for armhf
* [3a003ca] Added some armel and armhf patches.
Thanks to Shawn
* [2f15044] Search te correct icon when minimised.
Thanks to Jonathan Nieder (Closes: #651455)
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 20 Jun 2012 19:05:50 +0200
chromium-browser (20.0.1132.27~r140692-2) unstable; urgency=low
* [c0e9499] Improved sqlite patch.
Thanks to Andrew Chant (Closes: #676636)
* [62d276b] Backported: Use 32-byte alignment in AudioArray if using
WEBAUDIO_FFMPEG https://bugs.webkit.org/show_bug.cgi?id=87430
* [1183b6a] Added -DUSE_EABI_HARDFLOAT for armhf
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 13 Jun 2012 13:21:26 +0200
chromium-browser (20.0.1132.27~r140692-1) unstable; urgency=low
* New beta release.
* [e2adf90] Applied sqlite patch and fixed omnibox crash (Closes: #676636)
* [69cc508] Define arm_float_abi=soft for armel and arm_float_abi=hard
for armhf
-- Giuseppe Iuculano <iuculano@debian.org> Mon, 11 Jun 2012 17:54:51 +0200
chromium-browser (20.0.1132.21~r139451-3) unstable; urgency=low
* Upload to unstable.
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 06 Jun 2012 10:29:58 +0200
chromium-browser (20.0.1132.21~r139451-2) experimental; urgency=low
* [1de8e21] Build depends on binutils-gold also in armel and armhf
* [5890c9b] Do not use third_party/gold as the linker. (Closes: #675563)
* [e883861] Strip third_party/gold from upstream tarball.
Thanks to Andrew Chant
* [c9ac368] Use gcc 4.7
* [7f1ad3e] link against libgnome-keyring instead of using dlopen()
* [57f6712] Added gcc 4.7 patch
* [2be55e4] Use GConf and GIO
-- Giuseppe Iuculano <iuculano@debian.org> Sun, 03 Jun 2012 17:01:46 +0200
chromium-browser (20.0.1132.21~r139451-1) experimental; urgency=low
[ Jonathan Nieder ]
* [70fc5ec] Refresh patches and add descriptions
[ Giuseppe Iuculano ]
* [8cb8e89] Use gcc 4.6 for the moment (Closes: #671994)
[ Jonathan Nieder ]
* [cd6baae] Build-Depends: g++-4.6
* [09908a2] Remove workaround for bug #651912, which seems to have been fixed
in libnspr (Closes: #661948)
* [58d631d] Remove hardcoded versioned dependency on libnss3-1d
* [c9e2e81] Require nspr4 >= 2:4.9-2 (Closes: #651912)
[ Giuseppe Iuculano ]
* [150b326] Added libssl-dev in B-depends
* [88ff66a] Refreshed patches
* [7e7de0c] Disable tcmalloc, use internal copy of ffmpeg and libv8
* [ca0f508] Updated patches
* [1343b0c] Fixed floating point exception in protobuf internal copy.
Thanks to Andrew Chant
* [2b62b38] Disable protobuf patch
* [cae4c9c] updated vpx patch
* [7233f03] Start to fix build issues with gcc 4.7
* [b4e5b1d] Fix FTBFS when compiling with pulseaudio support
* [235e171] install all .pak files
-- Giuseppe Iuculano <iuculano@debian.org> Fri, 01 Jun 2012 15:36:07 +0200
chromium-browser (18.0.1025.168~r134367-1) unstable; urgency=low
* New stable release:
- High CVE-2011-3078: Use after free in floats handling. Credit to
Google Chrome Security Team (Marty Barbella) and independent later
discovery by miaubiz.
- High CVE-2012-1521: Use after free in xml parser. Credit to Google
Chrome Security Team (SkyLined) and independent later discovery by
wushi of team509 reported through iDefense VCP (V-874rcfpq7z).
- Medium CVE-2011-3079: IPC validation failure. Credit to PinkiePie.
- Medium CVE-2011-3080: Race condition in sandbox IPC. Credit to Willem
Pinckaers of Matasano.
- High CVE-2011-3081: Use after free in floats handling. Credit to miaubiz
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 02 May 2012 09:30:45 +0200
chromium-browser (18.0.1025.151~r130497-1) unstable; urgency=medium
* new stable release:
- [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping.
Credit to miaubiz.
- [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit
to Sergey Glazunov.
- [117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit
to miaubiz.
- [117728] High CVE-2011-3069: Use-after-free in line box handling.
Credit to miaubiz.
- [118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to
Google Chrome Security Team (SkyLined).
- [118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit
to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).
- [118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up
window. Credit to Sergey Glazunov.
- [118593] High CVE-2011-3073: Use-after-free in SVG resource handling.
Credit to Arthur Gerkis.
- [119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit
to Sławomir Błażek.
- [119525] High CVE-2011-3075: Use-after-free applying style command.
Credit to miaubiz.
- [120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to
miaubiz.
- [120189] Medium CVE-2011-3077: Read-after-free in script bindings.
Credit to Google Chrome Security Team (Inferno).
* [85dfed9] build-depend on libglewmx-dev instead of versioned libglewmx1.5-dev
* medium urgency for security fixes
-- Michael Gilbert <michael.s.gilbert@gmail.com> Thu, 05 Apr 2012 16:43:11 -0400
chromium-browser (18.0.1025.142~r129054-1) unstable; urgency=low
* New stable release:
- [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS
in EUC-JP. Credit to Masato Kinugawa.
- [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling.
Credit to Arthur Gerkis.
- [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment
handling. Credit to miaubiz.
- [116398] Medium CVE-2011-3061: SPDY proxy certificate checking error.
Credit to Leonidas Kontothanassis of Google.
- [116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to
Mateusz Jurczyk of the Google Security Team.
- [117417] Low CVE-2011-3063: Validate navigation requests from the
renderer more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie
and scarybeasts (Google Chrome Security Team).
- [117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to
Atte Kettunen of OUSPG.
- [117588] High CVE-2011-3065: Memory corruption in Skia. Credit to
Omair.
- [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
Holler.
* [19c4b51] include glib.h directly (closes: #666640)
* [d6e7094] remove .tmp files on clean
* [fd014ca] fix pulseaudio messageloop comparisons
* [6984cf7] build-depend on svn (required for upstream depot_tools checkout)
* [aae52af] refresh patches
* [102f9b7] depend on libv8 >= 3.8
* [bbd5511] build-depend on libudev-dev
-- Michael Gilbert <michael.s.gilbert@gmail.com> Sun, 01 Apr 2012 20:02:53 -0400
chromium-browser (17.0.963.83~r127885-1) unstable; urgency=high
* New stable release:
- CVE-2011-3050: Use-after-free with first-letter handling.
Credit to miaubiz.
- CVE-2011-3051: Use-after-free in CSS cross-fade
handling. Credit to Arthur Gerkis.
- CVE-2011-3052: Memory corruption in WebGL canvas handling.
Credit to Ben Vanik of Google.
- CVE-2011-3053: Use-after-free in block splitting. Credit
to miaubiz.
- Low CVE-2011-3054: Apply additional isolations to webui privileges.
Credit to Sergey Glazunov.
- CVE-2011-3055: Prompt in the browser native UI for unpacked
extension installation. Credit to PinkiePie.
- High CVE-2011-3056: Cross-origin violation with "magic
iframe". Credit to Sergey Glazunov.
- Low CVE-2011-3049: Extension web request API can interfere with
system requests. Credit to Michael Gundlach.
- CVE-2011-3047: Errant plug-in load and GPU process memory corruption.
Credit to PinkiePie.
-- Giuseppe Iuculano <iuculano@debian.org> Fri, 23 Mar 2012 09:45:08 +0100
chromium-browser (17.0.963.78~r125577-1) unstable; urgency=high
* New stable release fixed issue found at Google's Pwnium competition:
- CVE-2011-3046: UXSS and bad history navigation. Credit to Sergey
Glazunov.
-- Giuseppe Iuculano <iuculano@debian.org> Thu, 08 Mar 2012 23:41:39 +0100
chromium-browser (17.0.963.66~r124982-1) unstable; urgency=high
[ Jonathan Nieder ]
* [78437ab] Depend on libpng-dev instead of libpng12-dev at build time
(Closes: #662287)
[ Giuseppe Iuculano ]
* New stable release:
- High CVE-2011-3031: Use-after-free in v8 element wrapper.
Credit to Chamal de Silva.
- High CVE-2011-3032: Use-after-free in SVG value handling.
Credit to Arthur Gerkis.
- High CVE-2011-3033: Buffer overflow in the Skia
drawing library. Credit to Aki Helin of OUSPG.
- High CVE-2011-3034: Use-after-free in SVG document handling.
Credit to Arthur Gerkis.
- High CVE-2011-3035: Use-after-free in SVG use handling.
Credit to Arthur Gerkis.
- High CVE-2011-3036: Bad cast in line box handling. Credit to
miaubiz.
- High CVE-2011-3037: Bad casts in anonymous
block splitting. Credit to miaubiz.
- High CVE-2011-3038: Use-after-free in multi-column handling.
Credit to miaubiz.
- High CVE-2011-3039: Use-after-free in quote handling. Credit
to miaubiz.
- Medium CVE-2011-3040: Out-of-bounds read in text handling.
Credit to miaubiz.
- High CVE-2011-3041: Use-after-free in class attribute
handling. Credit to miaubiz.
- High CVE-2011-3042: Use-after-free in table section handling.
Credit to miaubiz.
- High CVE-2011-3043: Use-after-free in flexbox with floats.
Credit to miaubiz.
- High CVE-2011-3044: Use-after-free with SVG animation
elements. Credit to Arthur Gerkis.
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 07 Mar 2012 17:21:51 +0100
chromium-browser (17.0.963.56~r121963-1) unstable; urgency=high
[ Michael Gilbert ]
* [5c3bb1e] remove duplicate dependency on libgconf2-dev
* [a978400] exclude .git directories from upstream tarball
* [d29d859] add descriptions to patches
* [52af88b] update debian/copyright field to adhere to latest DEP5 specification
* [f3b7ba9] update patches for chromium 17
* [4634823] install content_resources.pak
* [e7883c9] depend on libv8 >= 3.7
* [dd4fe7d] use pulseaudio
[ Giuseppe Iuculano ]
* [826649a] Fix FTBFS on armel and added armhf.
Thanks to Riku Voipio (Closes: #632119)
* [e9ac7ab] Link against system vpx (Closes: #642760)
* [b88a849] Remove ardcoded dependency on libvpx0 (Closes: #660159)
* [9dec8df] Updated patches
* New stable release:
- Medium CVE-2011-3016: Read-after-free with counter nodes.
Credit to miaubiz.
- High CVE-2011-3017: Possible use-after-free in database
handling. Credit to miaubiz.
- High CVE-2011-3018: Heap overflow in path rendering. Credit
to Aki Helin of OUSPG.
- High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit to
Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk / Gynvael
Coldwind of the Google Security Team.
- Medium CVE-2011-3020: Native client validator error. Credit to Nick
Bray of the Chromium development community.
- High CVE-2011-3021: Use-after-free in subframe loading.
Credit to Arthur Gerkis.
- Medium CVE-2011-3022: Inappropriate use of http for translation
script. Credit to Google Chrome Security Team (Jorge Obes).
- Medium CVE-2011-3023: Use-after-free with drag and drop.
Credit to pa_kt.
- Low CVE-2011-3024: Browser crash with empty x509 certificate. Credit
to chrometot.
- Medium CVE-2011-3025: Out-of-bounds read in h.264 parsing.
Credit to Sławomir Błażek.
- High CVE-2011-3026: Integer overflow / truncation in libpng.
Credit to Jüri Aedla.
- High CVE-2011-3027: Bad cast in column handling. Credit to
miaubiz
- Low CVE-2011-3953: Avoid clipboard monitoring after paste event.
Credit to Daniel Cheng of the Chromium development community.
- Low CVE-2011-3954: Crash with excessive database usage. Credit to
Collin Payne.
- High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit to
David Grogan of the Chromium development community.
- Low CVE-2011-3956: Incorrect handling of sandboxed origins inside
extensions. Credit to Devdatta Akhawe, UC Berkeley.
- High CVE-2011-3958: Bad casts with column spans. Credit to
miaubiz.
- High CVE-2011-3959: Buffer overflow in locale handling.
Credit to Aki Helin of OUSPG.
- Medium CVE-2011-3960: Out-of-bounds read in audio decoding.
Credit to Aki Helin of OUSPG.
- Critical CVE-2011-3961: Race condition after crash of utility
process. Credit to Shawn Goertzen.
- Medium CVE-2011-3962: Out-of-bounds read in path clipping.
Credit to Aki Helin of OUSPG.
- Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to
Code Audit Labs of VulnHunt.com.
- Low CVE-2011-3965: Crash in signature check. Credit to Sławomir
Błażek.
- High CVE-2011-3966: Use-after-free in stylesheet error
handling. Credit to Aki Helin of OUSPG.
- Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben
Carrillo.
- High CVE-2011-3968: Use-after-free in CSS handling. Credit to
Arthur Gerkis.
- High CVE-2011-3969: Use-after-free in SVG layout. Credit to
Arthur Gerkis.
- Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to
Aki Helin of OUSPG.
- High CVE-2011-3971: Use-after-free with mousemove events.
Credit to Arthur Gerkis.
- Medium CVE-2011-3972: Out-of-bounds read in shader translator. Credit
to Google Chrome Security Team (Inferno).
-- Giuseppe Iuculano <iuculano@debian.org> Sun, 19 Feb 2012 20:29:17 +0100
chromium-browser (16.0.912.77~r118311-1) unstable; urgency=high
[ Jonathan Nieder ]
* [b9c1859] fix path in Ubuntu-specific build rules.
Thanks to Michael Kuhn (Closes: #655521)
[ Giuseppe Iuculano ]
* [c6132fa] Fix FTBFS with libav 0.8 (Closes: #654215)
* New stable release:
- High CVE-2011-3924: Use-after-free in DOM selections.
Credit to Arthur Gerkis.
- Critical CVE-2011-3925: Use-after-free in Safe Browsing
navigation. Credit to Chamal de Silva.
- High CVE-2011-3928: Use-after-free in DOM handling. Credit to wushi
of team509 reported through ZDI (ZDI-CAN-1415).
- High CVE-2011-3927: Uninitialized value in Skia. Credit to
miaubiz.
- High CVE-2011-3926: Heap-buffer-overflow in tree builder.
Credit to Arthur Gerkis.
-- Giuseppe Iuculano <iuculano@debian.org> Thu, 26 Jan 2012 10:57:28 +0100
chromium-browser (16.0.912.75~r116452-1) unstable; urgency=low
* New stable version:
- High CVE-2011-3921: Use-after-free in animation frames.
Credit to Boris Zbarsky of Mozilla.
- High CVE-2011-3919: Heap-buffer-overflow in libxml. Credit to Jüri Aedla.
- High CVE-2011-3922: Stack-buffer-overflow in glyph handling. Credit
to Google Chrome Security Team (Cris Neckar).
-- Giuseppe Iuculano <iuculano@debian.org> Mon, 09 Jan 2012 10:30:41 +0100
chromium-browser (16.0.912.63~r113337-1) unstable; urgency=low
[ Giuseppe Iuculano ]
* New stable version:
- Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to
David Holloway of the Chromium development community.
- Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google
Chrome Security Team (Inferno).
- Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit
to Aki Helin of OUSPG.
- High CVE-2011-3907: URL bar spoofing with view-source. Credit
to Luka Treiber of ACROS Security.
- Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to Aki
Helin of OUSPG.
- Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property
array. Credit to Google Chrome Security Team (scarybeasts) and Chu.
- Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling.
Credit to Google Chrome Security Team (Cris Neckar).
- High CVE-2011-3912: Use-after-free in SVG filters. Credit to
Arthur Gerkis.
- High CVE-2011-3913: Use-after-free in Range handling. Credit
to Arthur Gerkis.
- High CVE-2011-3914: Out-of-bounds write in v8 i18n handling.
Credit to Sławomir Błażek.
- High CVE-2011-3915: Buffer overflow in PDF font handling.
Credit to Atte Kettunen of OUSPG.
- Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to
Google Chrome Security Team (Marty Barbella).
- High CVE-2011-3904: Use-after-free in bidi handling. Credit to Google
Chrome Security Team (Inferno) and miaubiz.
* [5299644] Update patches for v16
[ Michael Gilbert ]
* [ce38c6a] depend on gyp >= r1119
* [d4236b8] fix upstream channel naming in source readme
* [3683f5d] refresh nss-workaround.patch and system_v8.patch
* [4c18347] add myself to uploaders
-- Giuseppe Iuculano <iuculano@debian.org> Sun, 01 Jan 2012 13:45:54 +0100
chromium-browser (15.0.874.121~r109964-1) unstable; urgency=high
[ Jonathan Nieder ]
* [f67eee0] chromium-inspector: Recommend chromium (>= 10) to avoid pulling in chromium-bsu
* [4de64d5] Use /etc/debian_version, not `lsb_release -sr`, to populate BUILD_DIST
* [7dba3cb] Permit '/' in Debian release names (Closes: #644526)
* [aa996fe] Unbreak get-orig-source in non-C locales by using "svn log --xml" instead of "svn info"
[ Giuseppe Iuculano ]
* [dc3b8be] Revert "Merge 104421 - Fix library paths for preloading NSS on Ubuntu 11.10."
Thanks to Jonathan Nieder (Closes: #647992)
* [d729967] Use system v8
* New stable release:
- High CVE-2011-3892: Double free in Theora decoder.
Credit to Aki Helin of OUSPG.
- Medium CVE-2011-3893: Out of bounds reads in MKV and
Vorbis media handlers. Credit to Aki Helin of OUSPG.
- High CVE-2011-3894: Memory corruption regression in VP8 decoding.
Credit to Andrew Scherkus of the Chromium development community.
- High CVE-2011-3895: Heap overflow in Vorbis decoder. Credit
to Aki Helin of OUSPG.
- High CVE-2011-3896: Buffer overflow in shader variable mapping.
Credit to Ken “strcpy” Russell of the Chromium development community.
- High CVE-2011-3897: Use-after-free in editing. Credit to pa_kt
reported through ZDI (ZDI-CAN-1416).
- Low CVE-2011-3898: Failure to ask for permission to run applets in
JRE7. Credit to Google Chrome Security Team (Chris Evans).
- High CVE-2011-3900: Out-of-bounds write in v8. Credit to Christian
Holler.
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 07 Dec 2011 09:12:54 +0100
chromium-browser (15.0.874.106~r107270-1) unstable; urgency=medium
[ Matteo F. Vescovi ]
* [fb744c6] debian/control: cosmetic typo corrections (Closes: #644386)
[ Giuseppe Iuculano ]
* New stable release:
- High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi
Chancel.
- Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to
Jordi Chancel.
- Low CVE-2011-3876: Avoid stripping whitespace at the end of download
filenames. Credit to Marc Novak.
- Low CVE-2011-3877: XSS in appcache internals page. Credit to Google
Chrome Security Team (Tom Sepez) plus independent discovery by
Juho Nurminen.
- Medium CVE-2011-3878: Race condition in worker process initialization.
Credit to miaubiz.
- Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to
Masato Kinugawa.
- Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit to
Vladimir Vorontsov, ONsec company.
- High CVE-2011-3881: Cross-origin policy violations.
Credit to Sergey Glazunov.
- High CVE-2011-3882: Use-after-free in media buffer handling. Credit to
Google Chrome Security Team (Inferno).
- High CVE-2011-3883: Use-after-free in counter handling. Credit to miaubiz.
- High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian
Ryner of the Chromium development community.
- High CVE-2011-3885: Stale style bugs leading to use-after-free.
Credit to miaubiz.
- High CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler.
- Medium CVE-2011-3887: Cookie theft with javascript URIs.
Credit to Sergey Glazunov.
- [99138] High CVE-2011-3888: Use-after-free with plug-in and editing.
Credit to miaubiz.
- High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
- High CVE-2011-3890: Use-after-free in video source handling. Credit to
Ami Fischman of the Chromium development community.
- High CVE-2011-3891: Exposure of internal v8 functions. Credit to
Steven Keuchel of the Chromium development community plus independent
discovery by Daniel Divricean.
* [62dfe31] Refreshed patches
* [ebe38a0] Added scons, libelf-dev, and python-simplejson in Build-Depends
* [301651c] Use icu and libv8 private copy and disable nacl
[ Jonathan Nieder ]
* [59f4ae6] debian/licenses: add Ms-PL license snippet.
Thanks to Alexander Reichle-Schmehl (Closes: #647528)
-- Giuseppe Iuculano <iuculano@debian.org> Sun, 06 Nov 2011 14:27:45 +0100
chromium-browser (14.0.835.202~r103287-1) unstable; urgency=low
[ Michael Gilbert ]
* [0e3387d] Remove unneeded shlibs:Depends
* [d7d8b22] Support libav's transition to multiarch
* [3211a33] Use url to writable git repo in vcs-git field
* [1c83896] Use relative symlinks to ffmpeg libraries
[ Giuseppe Iuculano ]
* New stable release:
- High CVE-2011-2876: Use-after-free in text line box handling.
Credit to miaubiz.
- High CVE-2011-2877: Stale font in SVG text handling. Credit to
miaubiz.
- High CVE-2011-2878: Inappropriate cross-origin access to the
window prototype. Credit to Sergey Glazunov.
- High CVE-2011-2879: Lifetime and threading issues in audio node
handling. Credit to Google Chrome Security Team (Inferno).
- High CVE-2011-2880: Use-after-free in the v8
bindings. Credit to Sergey Glazunov.
- High CVE-2011-2881: Memory corruption with v8 hidden objects.
Credit to Sergey Glazunov.
- Critical CVE-2011-3873: Memory corruption in shader translator.
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 05 Oct 2011 11:15:53 +0200
chromium-browser (14.0.835.163~r101024-1) unstable; urgency=low
[ Matteo F. Vescovi ]
* [82a8b0b] debian/control: changing b-deps to libjpeg-dev (Closes: 641099)
[ Giuseppe Iuculano ]
* [ac85d47] Use system ffmpeg and icu
* [b4fbcd0] debian/gbp.conf: Added conf for git-dch
* [a4f4ee1] Do not install ffmpeg internal copy
* New stable release:
- High CVE-2011-2835: Race condition in the certificate cache.
Credit to Ryan Sleevi of the Chromium development community.
- Low CVE-2011-2836: Infobar the Windows Media Player plug-in to avoid
click-free access to the system Flash. Credit to electronixtar.
- Low CVE-2011-2837: Use PIC / pie compiler flags. Credit to wbrana.
- Low CVE-2011-2838: Treat MIME type more authoritatively when loading
plug-ins. Credit to Michal Zalewski of the Google Security Team.
- High CVE-2011-2839: Crash in v8 script object wrappers.
Credit to Kostya Serebryany of the Chromium development community.
- Low CVE-2011-2840: Possible URL bar spoofs with unusual user interaction.
Credit to kuzzcc.
- Medium CVE-2011-2843: Out-of-bounds read with media buffers.
Credit to Kostya Serebryany of the Chromium development community.
- Medium CVE-2011-2844: Out-of-bounds read with mp3 files.
Credit to Mario Gomes.
- High CVE-2011-2846: Use-after-free in unload event handling.
Credit to Arthur Gerkis.
- High CVE-2011-2847: Use-after-free in document loader.
Credit to miaubiz.
- Medium CVE-2011-2848: URL bar spoof with forward button.
Credit to Jordi Chancel.
- Low CVE-2011-2849: Browser NULL pointer crash with WebSockets.
Credit to Arthur Gerkis.
- Medium CVE-2011-3234: Out-of-bounds read in box handling.
Credit to miaubiz.
- Medium CVE-2011-2850: Out-of-bounds read with Khmer characters.
Credit to miaubiz.
- Medium CVE-2011-2851: Out-of-bounds read in video handling.
Credit to Google Chrome Security Team (Inferno).
- High CVE-2011-2852: Off-by-one in v8. Credit to Christian Holler.
- High CVE-2011-2853: Use-after-free in plug-in handling.
Credit to Google Chrome Security Team (SkyLined).
- High CVE-2011-2854: Use-after-free in ruby / table style handing.
Credit to Sławomir Błażek, and independent later discoveries by miaubiz
and Google Chrome Security Team (Inferno).
- High CVE-2011-2855: Stale node in stylesheet handling.
Credit to Arthur Gerkis.
- High CVE-2011-2856: Cross-origin bypass in v8.
Credit to Daniel Divricean.
- High CVE-2011-2857: Use-after-free in focus controller. Credit to miaubiz.
- High CVE-2011-2834: Double free in libxml XPath handling.
Credit to Yang Dingning from NCNIPC, Graduate University of Chinese
Academy of Sciences.
- Medium CVE-2011-2859: Incorrect permissions assigned to non-gallery pages.
Credit to Bernhard ‘Bruhns’ Brehm of Recurity Labs.
- High CVE-2011-2860: Use-after-free in table style handling.
Credit to miaubiz.
- High CVE-2011-2862: Unintended access to v8 built-in objects.
Credit to Sergey Glazunov.
- Medium CVE-2011-2864: Out-of-bounds read with Tibetan characters.
Credit to Google Chrome Security Team (Inferno).
- Medium CVE-2011-2858: Out-of-bounds read with triangle arrays.
Credit to Google Chrome Security Team (Inferno).
- Low CVE-2011-2874: Failure to pin a self-signed cert for a session.
Credit to Nishant Yadant of VMware and Craig Chamberlain (@randomuserid).
- High CVE-2011-2875: Type confusion in v8 object sealing.
Credit to Christian Holler.
-- Giuseppe Iuculano <iuculano@debian.org> Sat, 17 Sep 2011 21:46:29 +0200
chromium-browser (14.0.835.157~r99685-1) experimental; urgency=low
* New beta release
* Fix gbp.conf for experimental branch
* Refreshed patches
* Use libv8 system copy
* Do not remove Makefile files
* Added libpulse-dev in Build-Depends.
* re-enable armel build
* Patch v8_i18n to compile with libv8 system copy, thanks to Jérémy Lal
* Added a lintian override for the NaCL IRT files
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 07 Sep 2011 13:06:57 +0200
chromium-browser (13.0.782.220~r99552-1) unstable; urgency=high
[ Giuseppe Iuculano ]
* Fixed the dummy chromium-browser-l10n dependency (Closes: 639126)
* New stable release:
- Revoked trust for SSL certificates issued by DigiNotar-controlled
intermediate CAs used by the Dutch PKIoverheid program.
[ Jonathan Nieder ]
* Add a replace and breaks entry to reflect the compatibility symlinks
having moved to the chromium-browser package.
[ Michael Gilbert ]
* Fix lintian warning.
* Fix manpage comment characters.
* Strip the Native Client Integrated RunTime (NaCl IRT) libraries.
* Objectify an old changelog entry (closes: #606261).
-- Giuseppe Iuculano <iuculano@debian.org> Tue, 06 Sep 2011 08:34:50 +0200
chromium-browser (13.0.782.215~r97094-1) unstable; urgency=low
[ Michael Gilbert ]
* Remove all automatically generated files during clean up (this makes
it possible to build from source twice in a row now).
* Bump standards version to 3.9.2.
* Fix an obsolete character encoding in debian/copyright.
* Fix build failure with cups >= 1.5.0.
* Don't support lenny's cups anymore.
* Use system config.guess and config.sub for yasm's autotools files.
* Add chromium-browser.png symlink so old menu entries keep their icons
(closes: #622841).
* Add chromium-browser manpage symlink.
* Clean up package short descriptions.
[ Giuseppe Iuculano ]
* Move the compatibility symlinks to the chromium-browser package
* Fix the Vcs-Browser control field
* New stable release:
- High CVE-2011-2823: Use-after-free in line box handling. Credit to Google
Chrome Security Team (SkyLined) and independent later discovery
by miaubiz.
- High CVE-2011-2824: Use-after-free with counter nodes. Credit to miaubiz.
- High CVE-2011-2825: Use-after-free with custom fonts. Credit to wushi of
team509 reported through ZDI (ZDI-CAN-1283), plus indepdendent later
discovery by miaubiz.
- High CVE-2011-2821: Double free in libxml XPath handling. Credit to Yang
Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
- High CVE-2011-2826: Cross-origin violation with empty origins.
Credit to Sergey Glazunov.
- High CVE-2011-2827: Use-after-free in text searching. Credit to miaubiz.
- High CVE-2011-2828: Out-of-bounds write in v8.
Credit to Google Chrome Security Team (SkyLined).
- High CVE-2011-2829: Integer overflow in uniform arrays.
Credit to Sergey Glazunov.
* Added autotools-dev in Build-Depends
-- Giuseppe Iuculano <iuculano@debian.org> Tue, 23 Aug 2011 17:31:19 +0200
chromium-browser (13.0.782.107~r94237-1) unstable; urgency=high
* New stable version
- Medium CVE-2011-2358: Always confirm an extension install via a browser
dialog. Credit to Sergey Glazunov.
- High CVE-2011-2359: Stale pointer due to bad line box tracking in
rendering. Credit to miaubiz and Martin Barbella.
- Low CVE-2011-2360: Potential bypass of dangerous file prompt.
Credit to kuzzcc.
- Low CVE-2011-2361: Improve designation of strings in the basic auth
dialog. Credit to kuzzcc.
- Medium CVE-2011-2782: File permissions error with drag and drop.
Credit to Evan Martin of the Chromium development community.
- Medium CVE-2011-2783: Always confirm a developer mode NPAPI extension
install via a browser dialog. Credit to Sergey Glazunov.
- Low CVE-2011-2784: Local file path disclosure via GL program log.
Credit to kuzzcc.
- Low CVE-2011-2785: Sanitize the homepage URL in extensions.
Credit to kuzzcc.
- Low CVE-2011-2786: Make sure the speech input bubble is always on-screen.
Credit to Olli Pettay of Mozilla.
- Medium CVE-2011-2787: Browser crash due to GPU lock re-entrancy issue.
Credit to kuzzcc.
- Low CVE-2011-2788: Buffer overflow in inspector serialization.
Credit to Mikołaj Małecki.
- Medium CVE-2011-2789: Use after free in Pepper plug-in instantiation.
Credit to Mario Gomes and kuzzcc.
- High CVE-2011-2790: Use-after-free with floating styles.
Credit to miaubiz.
- High CVE-2011-2791: Out-of-bounds write in ICU. Credit to Yang Dingning
from NCNIPC, Graduate University of Chinese Academy of Sciences.
- High CVE-2011-2792: Use-after-free with float removal. Credit to miaubiz.
- High CVE-2011-2793: Use-after-free in media selectors. Credit to miaubiz.
- Medium CVE-2011-2794: Out-of-bounds read in text iteration.
Credit to miaubiz.
- Medium CVE-2011-2795: Cross-frame function leak. Credit to Shih Wei-Long.
- High CVE-2011-2796: Use-after-free in Skia. Credit to Google Chrome
Security Team (Inferno) and Kostya Serebryany of the Chromium
development community.
- High CVE-2011-2797: Use-after-free in resource caching. Credit to miaubiz.
- Low CVE-2011-2798: Prevent a couple of internal schemes from being web
accessible. Credit to sirdarckcat of the Google Security Team.
- High CVE-2011-2799: Use-after-free in HTML range handling.
Credit to miaubiz.
- Medium CVE-2011-2800: Leak of client-side redirect target.
Credit to Juho Nurminen.
- High CVE-2011-2802: v8 crash with const lookups.
Credit to Christian Holler.
- Medium CVE-2011-2803: Out-of-bounds read in Skia paths.
Credit to Google Chrome Security Team (Inferno).
- High CVE-2011-2801: Use-after-free in frame loader. Credit to miaubiz.
- High CVE-2011-2818: Use-after-free in display box rendering.
Credit to Martin Barbella.
- High CVE-2011-2805: Cross-origin script injection.
Credit to Sergey Glazunov.
- [90222] High CVE-2011-2819: Cross-origin violation in base URI handling.
Credit to Sergey Glazunov.
* Re-added binutils-gold in Build-depends
* Refreshed patches
* Switch to git
* Use system vpx, flac, webp, speex libs
* Build-depens on gyp >= 0.1~svn971
* Run the gclient hooks when creating the source tarball, as we need files
from the Native Client's integrated runtime (IRT) library
(Thanks to Fabien Tassin)
* Install the NaCL IRT files
* Added a lintian override for the NaCL IRT files
-- Giuseppe Iuculano <iuculano@debian.org> Thu, 04 Aug 2011 11:02:34 +0200
chromium-browser (12.0.742.112~r90304-1) unstable; urgency=high
* New stable micro release
- [77493] Medium CVE-2011-2345: Out-of-bounds read in NPAPI string handling.
Credit to Philippe Arteau.
- [84355] High CVE-2011-2346: Use-after-free in SVG font handling.
Credit to miaubiz.
- [85003] High CVE-2011-2347: Memory corruption in CSS parsing.
Credit to miaubiz.
- [85102] High CVE-2011-2350: Lifetime and re-entrancy issues in the HTML parser.
Credit to miaubiz.
- [85177] High CVE-2011-2348: Bad bounds check in v8.
Credit to Aki Helin of OUSPG.
- [85211] High CVE-2011-2351: Use-after-free with SVG use element.
Credit to miaubiz.
- [85418] High CVE-2011-2349: Use-after-free in text selection.
Credit to miaubiz.
* Do not use the experimental gold linker
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 29 Jun 2011 15:28:33 +0200
chromium-browser (12.0.742.91~r87961-1) unstable; urgency=high
* New stable major release (Closes: 630548)
- [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues
in float handling. Credit to miaubiz.
- [75496] Medium CVE-2011-1809: Use-after-free in accessibility support.
Credit to Google Chrome Security Team (SkyLined).
- [75643] Low CVE-2011-1810: Visit history information leak in CSS.
Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability Research
- [76034] Low CVE-2011-1811: Browser crash with lots of form submissions.
Credit to “DimitrisV22”.
- [77026] Medium CVE-2011-1812: Extensions permission bypass.
Credit to kuzzcc.
- [78516] High CVE-2011-1813: Stale pointer in extension framework.
Credit to Google Chrome Security Team (Inferno).
- [79362] Medium CVE-2011-1814: Read from uninitialized pointer.
Credit to Eric Roman of the Chromium development community.
- [79862] Low CVE-2011-1815: Extension script injection into new tab page.
Credit to kuzzcc.
- [80358] Medium CVE-2011-1816: Use-after-free in developer tools.
Credit to kuzzcc.
- [81916] Medium CVE-2011-1817: Browser memory corruption in history
deletion. Credit to Collin Payne.
- [81949] High CVE-2011-1818: Use-after-free in image loader.
Credit to miaubiz.
- [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages.
Credit to Vladislavas Jarmalis, plus subsequent independent discovery
by Sergey Glazunov.
- [83275] High CVE-2011-2332: Same origin bypass in v8.
Credit to Sergey Glazunov.
- [83743] High CVE-2011-2342: Same origin bypass in DOM.
Credit to Sergey Glazunov.
* Refreshed patches.
* Use internal libv8 copy
* Use internal protobuf copy
* Remove armel from archs, too many toolchain issues and we want chromium in
testing.
* Override the embedded-library error, chromium uses a modified sqlite copy.
-- Giuseppe Iuculano <iuculano@debian.org> Fri, 17 Jun 2011 11:13:54 +0200
chromium-browser (11.0.696.71~r86024-1) unstable; urgency=low
* New Stable release:
- [72189] Low CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De Silva
- [82546] High CVE-2011-1804: Stale pointer in floats rendering.
Credit to Martin Barbella.
- [82873] Critical CVE-2011-1806: Memory corruption in GPU command buffer.
Credit to Google Chrome Security Team (Cris Neckar).
- [82903] Critical CVE-2011-1807: Out-of-bounds write in blob handling.
Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the
Chromium development community.
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 25 May 2011 09:16:11 +0200
chromium-browser (11.0.696.68~r84545-3) unstable; urgency=low
* Use the experimental gold linker
-- Giuseppe Iuculano <iuculano@debian.org> Mon, 23 May 2011 08:57:21 +0200
chromium-browser (11.0.696.68~r84545-2) unstable; urgency=low
* Fix the libv8 patch
* Disable javascript i18n api, we will re-enable it when libv8 will compile
i18n experimental extension, #627066
-- Giuseppe Iuculano <iuculano@debian.org> Tue, 17 May 2011 22:18:11 +0200
chromium-browser (11.0.696.68~r84545-1) unstable; urgency=high
* New Stable release:
- [64046] High CVE-2011-1799: Bad casts in Chromium WebKit glue.
Credit to Google Chrome Security Team (SkyLined).
- [80608] High CVE-2011-1800: Integer overflows in SVG filters.
Credit to Google Chrome Security Team (Cris Neckar).
* Added --password-store=detect in chromium flags
* Updated the svg logo
* Ship the app icon in all the sizes provided upstream (Thanks Fabien Tassin)
* Build-dep on gyp >= 0.1~svn917 to try to fix FTBFS on armel
* Use protobuf system copy, this should fix FTBFS on armel #616662
* Bump urgency, we want chromium 11 in wheezy
* Remove *.pyc from src/depot_tools and src/build (Closes: #626894)
-- Giuseppe Iuculano <iuculano@debian.org> Mon, 16 May 2011 22:05:07 +0200
chromium-browser (11.0.696.65~r84435-1) unstable; urgency=low
* New Stable release:
- Fixed password loss (Closes: #619903)
- [61502] High CVE-2011-1303: Stale pointer in floating object handling.
Credit to Scott Hess of the Chromium development community and
Martin Barbella.
- [70538] Low CVE-2011-1304: Pop-up block bypass via plug-ins.
Credit to Chamal De Silva.
- [70589] Medium CVE-2011-1305: Linked-list race in database handling.
Credit to Kostya Serebryany of the Chromium development community.
- [71586] Medium CVE-2011-1434: Lack of thread safety in MIME handling.
Credit to Aki Helin.
- [72523] Medium CVE-2011-1435: Bad extension with ‘tabs’ permission can
capture local files. Credit to Cole Snodgrass.
- [72910] Low CVE-2011-1436: Possible browser crash due to bad interaction
with X. Credit to miaubiz.
- [73526] High CVE-2011-1437: Integer overflows in float rendering.
Credit to miaubiz.
- [74653] High CVE-2011-1438: Same origin policy violation with blobs.
Credit to kuzzcc.
- [74763] High CVE-2011-1439: Prevent interference between renderer
processes. Credit to Julien Tinnes of the Google Security Team.
- [75186] High CVE-2011-1440: Use-after-free with <ruby> tag and CSS.
Credit to Jose A. Vazquez.
- [75347] High CVE-2011-1441: Bad cast with floating select lists.
Credit to Michael Griffiths.
- [75801] High CVE-2011-1442: Corrupt node trees with mutation events.
Credit to Sergey Glazunov and wushi of team 509.
- [76001] High CVE-2011-1443: Stale pointers in layering code.
Credit to Martin Barbella.
- [76542] High CVE-2011-1444: Race condition in sandbox launcher.
Credit to Dan Rosenberg.
- [76646] Medium CVE-2011-1445: Out-of-bounds read in SVG.
Credit to wushi of team509.
- [76666] [77507] [78031] High CVE-2011-1446: Possible URL bar spoofs with
navigation errors and interrupted loads. Credit to kuzzcc.
- [76966] High CVE-2011-1447: Stale pointer in drop-down list handling.
Credit to miaubiz.
- [77130] High CVE-2011-1448: Stale pointer in height calculations.
Credit to wushi of team509.
- [77346] High CVE-2011-1449: Use-after-free in WebSockets.
Credit to Marek Majkowski.
- [77349] Low CVE-2011-1450: Dangling pointers in file dialogs.
Credit to kuzzcc.
- [77463] High CVE-2011-1451: Dangling pointers in DOM id map.
Credit to Sergey Glazunov.
- [77786] Medium CVE-2011-1452: URL bar spoof with redirect and manual
reload. Credit to Jordi Chancel.
- [79199] High CVE-2011-1454: Use-after-free in DOM id handling.
Credit to Sergey Glazunov.
* Updated patches
* Use libv8 system copy
* Fixed FTBFS (converting to non-pointer type from NULL)
* Addeed libpam0g-dev in Build-Depends
* Fixed FTBFS with gcc 4.6 (closes: 624814)
* Do not use the to use the experimental gold linker, it causes FTBFS
* Added in install excluded files: genmacro genmodule genperf genstring
genversion re2c yasm
-- Giuseppe Iuculano <iuculano@debian.org> Sat, 14 May 2011 15:22:23 +0200
chromium-browser (10.0.648.205~r81283-1) unstable; urgency=low
* New stable release:
- [75629] Critical CVE-2011-1301: Use-after-free in the GPU process.
Credit to Google Chrome Security Team (Inferno).
- [78524] Critical CVE-2011-1302: Heap overflow in the GPU process.
Credit to Christoph Diehl.
-- Giuseppe Iuculano <iuculano@debian.org> Fri, 15 Apr 2011 09:13:45 +0200
chromium-browser (10.0.648.204~r79063-1) unstable; urgency=low
* New stable release:
- [72517] High CVE-2011-1291: Buffer error in base string handling. Credit to
Alex Turpin.
- [73216] High CVE-2011-1292: Use-after-free in the frame loader. Credit to
Sławomir Błażek.
- [73595] High CVE-2011-1293: Use-after-free in HTMLCollection. Credit to
Sergey Glazunov.
- [74562] High CVE-2011-1294: Stale pointer in CSS handling. Credit to Sergey
Glazunov.
- [74991] High CVE-2011-1295: DOM tree corruption with broken node parentage.
Credit to Sergey Glazunov.
- [75170] High CVE-2011-1296: Stale pointer in SVG text handling.
Credit to Sergey Glazunov.
* Depends on libvpx0 >= 0.9.6 (Closes: #618621)
-- Giuseppe Iuculano <iuculano@debian.org> Fri, 25 Mar 2011 12:20:13 +0100
chromium-browser (10.0.648.133~r77742-1) unstable; urgency=high
* New stable release:
- Fix CVE-2011-1290: Memory corruption in style handling. Credit to
Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers reported
through ZDI.
* chromium-browser: Depend on chromium (>= 10) (Closes: #617760)
* Added a symlink to old binary name in chromium-browser package
(Closes: #616623)
* Document the binary renaming in the NEWS file.
-- Giuseppe Iuculano <iuculano@debian.org> Fri, 11 Mar 2011 23:10:31 +0100
chromium-browser (10.0.648.127~r76697-1) unstable; urgency=low
* New stable version
* Refreshed patches
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 09 Mar 2011 23:04:13 +0100
chromium-browser (10.0.648.114~r75702-1) experimental; urgency=low
* New beta version
* Refreshed pathces
* Renamed binary packages, new names: chromium, chromium-l10n,
chromium-inspector, chromium-dbg
* Removed SMULBB instructions (Closes: 611725) Thanks to Jérémy Lal
* Move /etc/chromium-browser/{default,master_preferences} to
/etc/chromium/{default,master_preferences}
* Remove mips from archs
* Use in-source v8
* Added binutils-gold in build-depends to use the experimental gold linker
* debian/rules: Force $DEBIAN_NAME to chromium
* Fixed the webkit version parser. Patch from Ubuntu, thanks to Fabien Tassin
* Do not install anymore xdg-settings and xdg-mime copy
* Install libppGoogleNaClPluginChrome.so
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 02 Mar 2011 11:36:53 +0100
chromium-browser (9.0.597.107~r75357-1) unstable; urgency=low
[ Giuseppe Iuculano ]
* New Stable version:
- [54262] High URL bar spoof. Credit to Jordi Chancel.
- [63732] High Crash with javascript dialogs. Credit to Sergey Radchenko.
- [68263] High Stylesheet node stale pointer. Credit to Sergey Glazunov.
- [68741] High Stale pointer with key frame rule. Credit to Sergey Glazunov.
- [70078] High Crash with forms controls. Credit to Stefan van Zanden.
- [70244] High Crash in SVG rendering. Credit to Sławomir Błażek.
- [64-bit Linux only] [70376] Medium Out-of-bounds read in pickle
deserialization. Credit to Evgeniy Stepanov of the Chromium development community.
- [71114] High Stale node in table handling. Credit to Martin Barbella.
- [71115] High Stale pointer in table rendering. Credit to Martin Barbella.
- [71296] High Stale pointer in SVG animations. Credit to miaubiz.
- [71386] High Stale nodes in XHTML. Credit to wushi of team509.
- [71388] High Crash in textarea handling. Credit to wushi of team509.
- [71595] High Stale pointer in device orientation. Credit to
Sergey Glazunov.
- [71717] Medium Out-of-bounds read in WebGL. Credit to miaubiz.
- [71855] High Integer overflow in textarea handling. Credit to miaubiz.
- [71960] Medium Out-of-bounds read in WebGL.
Credit to Google Chrome Security Team (Inferno).
- [72214] High Accidental exposure of internal extension functions.
Credit to Tavis Ormandy of the Google Security Team.
- [72437] High Use-after-free with blocked plug-ins.
Credit to Chamal de Silva.
- [73235] High Stale pointer in layout. Credit to Martin Barbella.
[ Daniel Echeverry ]
* Added patch fix-manpage.patch Closes: #607503
-- Giuseppe Iuculano <iuculano@debian.org> Thu, 03 Mar 2011 11:42:01 +0100
chromium-browser (9.0.597.98~r74359-1) unstable; urgency=low
[ Giuseppe Iuculano ]
* New stable version:
- [67234] High Stale pointer in animation event handling. Credit to Rik
Cabanier.
- [68120] High Use-after-free in SVG font faces. Credit to miaubiz.
- [69556] High Stale pointer with anonymous block handling. Credit to
Martin Barbella.
- [69970] Medium Out-of-bounds read in plug-in handling. Credit to Bill
Budge of Google.
- [70456] Medium Possible failure to terminate process on out-of-memory
condition. Credit to David Warren of CERT/CC.
[ Daniel Echeverry ]
* Fixed FTBFS caused by nspr.patch (Closes: #612618)
-- Daniel Echeverry <epsilon77@gmail.com> Sun, 20 Feb 2011 13:57:29 -0500
chromium-browser (9.0.597.84~r72991-1) unstable; urgency=low
* New stable version:
- [55831] High Use-after-free in image loading. Credit to Aki Helin of OUSPG
- [59081] Low Apply some restrictions to cross-origin drag + drop. Credit to
Google Chrome Security Team (SkyLined) and the Google Security Team
(Michal Zalewski, David Bloom).
- [62791] Low Browser crash with extension with missing key. Credit to Brian
Kirchoff.
- [65669] Low Handle merging of autofill profiles more gracefully. Credit to
Google Chrome Security Team (Inferno).
- [68244] Low Browser crash with bad volume setting. Credit to Matthew
Heidermann.
- [69195] Critical Race condition in audio handling. Credit to the gamers of
Reddit!
-- Giuseppe Iuculano <iuculano@debian.org> Sun, 06 Feb 2011 23:50:23 +0100
chromium-browser (9.0.597.83~r72435-1) unstable; urgency=low
[ Giuseppe Iuculano ]
* New beta version.
* Added a README.Debian and warn about downgrading (Closes: #605548)
* honor DEB_BUILD_OPTIONS=nocheck, thanks to Jonathan Nieder
(Closes: #589653)
* Avoid "cannot access" messagges when using ffmpeg internal copy. Thanks to
Jonathan Nieder. (Closes: #589563)
* Refreshed patches.
* Build against libv8
* Use libicu system headers
* Use system glew
* Use system xdg-utils
* Build-depends on libv8-dev >= 2.5.9
* Update translations in Desktop file. Thanks to the Ubuntu translation team.
* Upload to unstable
[ Fabien Tassin ]
* Add libxt-dev to Build-deps needed by ppGoogleNaClPluginChrome
* Add x-scheme-handler/http and x-scheme-handler/https to the MimeType
entry of the desktop file
* Set CHROME_WRAPPER to the real name of the wrapper now that upstream
use its value
* Set CHROME_DESKTOP in the wrapper to help the default browser
checker (LP: #513133)
-- Giuseppe Iuculano <iuculano@debian.org> Sun, 30 Jan 2011 22:14:01 +0100
chromium-browser (9.0.597.45~r70550-1) experimental; urgency=low
* New beta version
-- Giuseppe Iuculano <iuculano@debian.org> Mon, 17 Jan 2011 09:55:51 +0100
chromium-browser (9.0.597.19~r68937-1) experimental; urgency=low
* New beta version
* Refreshed patches
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 29 Dec 2010 09:17:12 +0100
chromium-browser (9.0.587.0~r66374-1) experimental; urgency=low
* New dev version
-- Giuseppe Iuculano <iuculano@debian.org> Sat, 20 Nov 2010 18:33:03 +0100
chromium-browser (9.0.576.0~r65344-1) experimental; urgency=low
* New dev version
* Refreshed patches
* Added libxtst-dev in build-depends
* Use v8, libvpx and glew system copy for the moment.
* Disable tests
* Do not install /usr/lib/chromium-browser/libosmesa.so (Closes: #599511)
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 17 Nov 2010 22:26:37 +0100
chromium-browser (7.0.544.0~r61416-1) UNRELEASED; urgency=low
* New dev version
* Remove system-icu.patch, applied upstream
* Remove icu44.patch, applied upstream
* Refreshed patches
* Enable compile-time dependency on gnome-keyring
* Use system speex
* Build depends on libv8-dev >= 2.4.7
* Remove disable_dlog_and_dcheck_in_release_builds.patch
* Install libosmesa.so ssl_false_start_blacklist_process and xdg-mime
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 06 Oct 2010 14:55:53 +0200
chromium-browser (6.0.472.63~r59945-5.1) unstable; urgency=low
[ Daniel Echeverry ]
* Updated copyright file to DEP5. Closes: #580784
-- Daniel Echeverry <epsilon77@gmail.com> Mon, 17 Jan 2011 22:36:28 -0500
chromium-browser (6.0.472.63~r59945-5) unstable; urgency=high
* Backported security patches from stable:
- High Bad pointer handling in node iteration. Credit to Sergey Glazunov.
- High Stale pointer with CSS + canvas. Credit to Sergey Glazunov.
- High Stale pointer with CSS + cursors. Credit to Jan Tošovský.
- High Stale pointer with SVG use element. Credited anonymously; plus
indepdent discovery by miaubiz.
- High Vorbis decoder buffer overflows. Credit to David Warren of CERT.
- High Bad cast in anchor handling. Credit to Sergey Glazunov.
- High Bad cast in video handling. Credit to Sergey Glazunov.
- High Stale rendering node after DOM node removal. Credit to Martin
Barbella; plus independent discovery by Google Chrome Security Team
(SkyLined).
-- Giuseppe Iuculano <iuculano@debian.org> Sat, 15 Jan 2011 12:04:52 +0100
chromium-browser (6.0.472.63~r59945-4) unstable; urgency=high
* Backported security patches from stable:
- [64-bit Linux only] High Bad validation for message deserialization on
64-bit builds. Credit to Lei Zhang of the Chromium development community.
- Low Browser crash with NULL pointer in web worker handling. Credit to
Nathan Weizenbaum of Google.
- Medium Out-of-bounds read in CSS parsing. Credit to Chris Rohlf.
- High Stale pointers in cursor handling. Credit to Sławomir Błażek and
Sergey Glazunov.
-- Giuseppe Iuculano <iuculano@debian.org> Sat, 18 Dec 2010 17:39:19 +0100
chromium-browser (6.0.472.63~r59945-3) unstable; urgency=high
* Backported security patches from stable:
- Medium Cross-origin video theft with <canvas>. Credit to Nirankush
Panchbhai and Microsoft Vulnerability Research (MSVR).
- High Use after free in history handling. Credit to Stefan Troger.
- Medium Make sure the “dangerous file types” list is uptodate with the
Windows platforms. Credit to Billy Rios of the Google Security Team.
- High Crash due to bad indexing with malformed video. Credit to miaubiz.
- High Use after free with SVG animations. Credit to Sławomir Błażek.
- Medium Use after free in mouse dragging event handling. Credit to kuzzcc.
-- Giuseppe Iuculano <iuculano@debian.org> Tue, 07 Dec 2010 12:53:25 +0100
chromium-browser (6.0.472.63~r59945-2) unstable; urgency=high
* Added the missing changelog credit for the 5.0.375.29~r46008-1 revision.
This corrects a bad debian/changelog merge.
* Backported security patches from stable:
- High Use-after-free in text editing. Credit to David Bloom of the Google
Security Team, Google Chrome Security Team (Inferno) and Google Chrome
Security Team (Cris Neckar).
- High Memory corruption with enormous text area. Credit to wushi of
team509.
- High Bad cast with the SVG use element. Credit to the kuzzcc.
- High Use-after-free in text control selections. Credit to "vkouchna".
- High Integer overflows in font handling. Credit to Aki Helin of OUSPG.
- High Bad use of destroyed frame object. Credit to various developers,
including "gundlach".
- High Type confusions with event objects. Credit to "fam.lam" and Google
Chrome Security Team (Inferno).
- High Out-of-bounds array access in SVG handling. Credit to wushi of
team509.
-- Giuseppe Iuculano <iuculano@debian.org> Fri, 05 Nov 2010 09:19:33 +0100
chromium-browser (6.0.472.63~r59945-1) unstable; urgency=high
* New stable microrelease.
* Allow to choose whether links are opened in a new link or new tab.
(Closes: #581391) Thanks to Sam Morris
* Backported security patches:
- Medium Possible autofill / autocomplete profile spamming. Credit to
Google Chrome Security Team (Inferno).
- High Crash with forms. Credit to the Chromium development community.
- Critical Browser crash with form autofill. Credit to the Chromium
development community.
- High Possible URL spoofing on page unload. Credit to kuzzcc; plus
independent discovery by Jordi Chancel.
- High Possible memory corruption with animated GIF. Credit to Simon Schaak.
- High Failure to sandbox worker processes on Linux. Credit to Google
Chrome Security Team (Chris Evans).
- High Stale elements in an element map. Credit to Michal Zalewski of the
Google Security Team.
-- Giuseppe Iuculano <iuculano@debian.org> Tue, 19 Oct 2010 12:59:21 +0200
chromium-browser (6.0.472.62~r59676-1) unstable; urgency=low
* New stable security microrelease:
- [55114] High Bad cast with malformed SVG. Credit to wushi of team 509.
- [55119] Critical Buffer mismanagement in the SPDY protocol. Credit to Ron
Ten-Hove of Google.
- [55350] High Cross-origin property pollution. Credit to Stefano Di Paola
of MindedSecurity.
* Add translations for the "Name" field in the desktop file, and fix
some "Comment" / "GenericName". Thanks to the Ubuntu translation team.
* Build with PIE (Position Independent Executable)
-- Giuseppe Iuculano <iuculano@debian.org> Sat, 18 Sep 2010 16:48:44 +0200
chromium-browser (6.0.472.59~r59126-1) unstable; urgency=low
* New stable security microrelease:
- [50250] High Use-after-free when using document APIs during parse. Credit
to David Weston of Microsoft + Microsoft Vulnerability Research (MSVR) and
wushi of team 509 (independent discoveries).
- [50712] High Use-after-free in SVG styles. Credit to kuzzcc.
- [51252] High Use-after-free with nested SVG elements. Credit to kuzzcc.
- [51709] Low Possible browser assert in cursor handling. Credit to
"magnusmorton".
- [51919] High Race condition in console handling. Credit to kuzzcc.
- [53176] Low Unlikely browser crash in pop-up blocking. Credit to kuzzcc.
- [53394] High Memory corruption in Geolocation. Credit to kuzzcc.
- [53930] High Memory corruption in Khmer handling. Credit to Google Chrome
Security Team (Chris Evans).
- [54006] Low Failure to prompt for extension history access. Credit to
"adriennefelt".
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 15 Sep 2010 16:00:10 +0200
chromium-browser (6.0.472.53~r57914-3) unstable; urgency=low
* Upload to unstable, this release fixes the following security issue:
- [34414] Low Pop-up blocker bypass with blank frame target. Credit to
Google Chrome Security Team (Inferno) and “ironfist99”.
- [37201] Medium URL bar visual spoofing with homographic sequences. Credit
to Chris Weber of Casaba Security.
- [41654] Medium Apply more restrictions on setting clipboard content.
Credit to Brook Novak.
- [45659] High Stale pointer with SVG filters. Credit to Tavis Ormandy of
the Google Security Team.
- [45876] Medium Possible installed extension enumeration. Credit to
Lostmon.
- [46750] [51846] Low Browser NULL crash with WebSockets. Credit to Google
Chrome Security Team (SkyLined), Google Chrome Security Team
(Justin Schuh) and Keith Campbell.
- [50386] High Use-after-free in Notifications presenter. Credit to Sergey
Glazunov.
- [50839] High Notification permissions memory corruption. Credit to Michal
Zalewski of the Google Security Team and Google Chrome Security Team
(SkyLined).
- [51630] [51739] High Integer errors in WebSockets. Credit to
Keith Campbell and Google Chrome Security Team (Cris Neckar).
- [51653] High Memory corruption with counter nodes. Credit to kuzzcc.
- [51727] Low Avoid storing excessive autocomplete entries. Credit to Google
Chrome Security Team (Inferno).
- [52443] High Stale pointer in focus handling. Credit to VUPEN
Vulnerability Research Team (VUPEN-SR-2010-249).
- [52682] High Sandbox parameter deserialization error. Credit to Ashutosh
Mehra and Vineet Batra of the Adobe Reader Sandbox Team.
- [53001] Medium Cross-origin image theft. Credit to Isaac Dawson.
* Provide gnome-www-browser (Closes: #594057)
* use startup-notification correctly (Closes: #581347)
* the main scrollbar doesn'have anymore low contrast (Closes: #582648)
* check DISPLAY envvar (Closes: #587398)
* Doesn't segfault with cups (Closes: #593748)
-- Giuseppe Iuculano <iuculano@debian.org> Tue, 07 Sep 2010 18:49:45 +0200
chromium-browser (6.0.472.53~r57914-2) experimental; urgency=low
* Do not install libppapi_tests.so and DumpRenderTree_resources/
* Add libppapi_tests.so to INSTALL_EXCLUDE_FILES and
DumpRenderTree_resources/ to INSTALL_EXCLUDE_DIRS
-- Giuseppe Iuculano <iuculano@debian.org> Sat, 04 Sep 2010 08:28:27 +0200
chromium-browser (6.0.472.53~r57914-1) experimental; urgency=low
* New upstream release
* Merge the unstable branch
* Backport arm ffmpeg fix from unstable (v5)
* chromium-browser-inspector: added a conflict with
chromium-browser (<< ${source:Version}) (Closes: #594909)
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 01 Sep 2010 15:39:16 +0200
chromium-browser (6.0.472.36~r55963-1) experimental; urgency=low
* New beta release
* Refreshed patches
* Build and use the custom ffmpeg copy
* Build and use the custom protobuf copy.
-- Giuseppe Iuculano <iuculano@debian.org> Thu, 19 Aug 2010 09:53:03 +0200
chromium-browser (6.0.466.0~r52279-1) experimental; urgency=low
* Flush cairo surface at end of CanvasPaintLinux (Closes: #587164)
* New dev upstream for experimental suite
* Refreshed patches.
* Install new resource.pak
* Added libcups2-dev, libgnome-keyring-dev, libgconf2-dev in BUild-depends
* set disable_sse2=1
* Switch back to ffmpeg system libs
* Install DumpRenderTree_resources
* Define GOOGLE_PROTOBUF_NO_RTTI to fix FTBFS when compiling against system
protobuf
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 21 Jul 2010 14:40:57 +0200
chromium-browser (5.0.375.127~r55887-2) UNRELEASED; urgency=low
* Provide gnome-www-browser (Closes: #594057)
* Use hardening-wrapper
-- Giuseppe Iuculano <iuculano@debian.org> Sun, 29 Aug 2010 12:20:18 +0200
chromium-browser (5.0.375.127~r55887-1) unstable; urgency=high
* New stable security microrelease.
- Critical. Memory corruption with file dialog. Credit to Sergey Glazunov.
- High. Memory corruption with SVGs. Credit to wushi of team509.
- High. Bad cast with text editing. Credit to wushi of team509.
- High. Possible address bar spoofing with history bug. Credit to Mike
Taylor.
- High. Memory corruption in MIME type handling. Credit to Sergey Glazunov.
- Critical. Crash on shutdown due to notifications bug. Credit to Sergey
Glazunov.
- Medium. Stop omnibox autosuggest if the user might be about to type a
password. Credit to Robert Hansen.
- High. Memory corruption with Ruby support. Credit to kuzzcc.
- High. Memory corruption with Geolocation support. Credit to kuzzcc.
* Remove gecko-mediaplayer from blacklist (Closes: #590145)
-- Giuseppe Iuculano <iuculano@debian.org> Fri, 20 Aug 2010 11:09:16 +0200
chromium-browser (5.0.375.125~r53311-1) unstable; urgency=medium
* Flush cairo surface at end of CanvasPaintLinux (Closes: #587164)
* New stable micro release:
- Medium Memory contents disclosure in layout code. Credit to Michail
Nikolaev.
- High Issue with large canvases. Credit to sp3x of SecurityReason.com.
- High Memory corruption in rendering code. Credit to Jose A. Vazquez.
- High Memory corruption in SVG handling. Credit to Aki Helin of OUSPG.
- Low Avoid hostname truncation and incorrect eliding. Credit to Google
Chrome Security Team (Inferno).
-- Giuseppe Iuculano <iuculano@debian.org> Tue, 27 Jul 2010 12:44:58 +0200
chromium-browser (5.0.375.99~r51029-4) unstable; urgency=low
* Fix FTBFS with icu 4.4 (Closes: #589414)
* Do not use armv4 incompatible code
* Remove src/out and "*.pyc" files in clean target. (Closes: #589160)
Thanks to Timo Juhani Lindfors.
-- Giuseppe Iuculano <iuculano@debian.org> Sat, 17 Jul 2010 17:22:47 +0200
chromium-browser (5.0.375.99~r51029-3) unstable; urgency=low
* [armel] Disabled thumb to fix FTBFS in armel
* Bump to Standards-Version 3.9.0, no changes needed
* Backport support for the Ambiance/Radiance and Dust themes button ordering
by reading the gconf pref
-- Giuseppe Iuculano <iuculano@debian.org> Thu, 08 Jul 2010 13:34:15 +0200
chromium-browser (5.0.375.99~r51029-2) unstable; urgency=low
* Backport patch for CVE-2010-1760
* [armel] set arm_neon=0
* [armel] Remove all V5TE, VFP code from ffmpeg
-- Giuseppe Iuculano <iuculano@debian.org> Tue, 06 Jul 2010 16:14:12 +0200
chromium-browser (5.0.375.99~r51029-1) unstable; urgency=low
* DEB_HOST_ARCH_CPU in armel is arm, updating debian/rules
* New stable version, this release fixes the following security
issues:
- [42396] Low OOB read with WebGL. Credit to Sergey Glazunov; Google Chrome
Security Team (SkyLined).
- [42575] [42980] Medium Isolate sandboxed iframes more strongly. Credit to
sirdarckcat of Google Security Team.
- [43488] High Memory corruption with invalid SVGs. Credit to Aki Hekin of
OUSPG; wushi of team509.
- [44424] High Memory corruption in bidi algorithm. Credit to wushi of
team509.
- [45164] Low Crash with invalid image. Credit to javg0x83.
- [45983] High Memory corruption with invalid PNG (libpng bug). Credit to
Aki Helin of OUSPG.
- [46360] High Memory corruption in CSS style rendering. Credit to wushi of
team509.
- [46575] Low Annoyance with print dialogs. Credit to Mats Ahlgren.
- [47056] Low Crash with modal dialogs. Credit to Aki Helin of OUSPG.
* Remove armv6 and armv7 support from ffmpeg internal copy
* Set arm_thumb=0 to avoid FTBFS in armel. Thanks to Peter De Schrijver,
Timo Lindfors and Reinhard Tartler
-- Giuseppe Iuculano <iuculano@debian.org> Sat, 03 Jul 2010 13:23:26 +0200
chromium-browser (5.0.375.86~r49890-4) unstable; urgency=low
* Use the full path in chromium-browser.desktop Exec field (Closes: #580582)
* Remove the 3d patch, non-3d videos are messed up (Closes: 587389)
* Build depends on libicu-dev (>= 4.2.1) and libevent-dev (>= 1.4.13) to
avoid bad backports
-- Giuseppe Iuculano <iuculano@debian.org> Mon, 28 Jun 2010 15:10:05 +0200
chromium-browser (5.0.375.86~r49890-3) unstable; urgency=low
* Set ffmpeg_branding=Chrome to enable the h264 decoder (Closes: #587293)
* Backport VP8/WebM code and use system copy of libvpx
* Add xulrunner lib path to LD_LIBRARY_PATH (Closes: #574679)
* Removed license info for src/native_client/src/third_party/valgrind/bin/
* Fixed 3d visualization on youtube video with html5 and Webm
-- Giuseppe Iuculano <iuculano@debian.org> Sun, 27 Jun 2010 13:01:44 +0200
chromium-browser (5.0.375.86~r49890-2) unstable; urgency=low
* Partially revert info in about:version, it has significant impact in
first-run performance
* Build and use the custom ffmpeg copy, when ffmpeg 0.6 will be uploaded in
unstable chromium will use the system copy of ffmpeg. (Closes: #581507)
* Install libffmpegsumo
* Add a replace and conflict entry for chromium-codecs-ffmpeg and
chromium-codecs-ffmpeg-extra. This is necessary for people who used or
are using the unofficial PPA build.
* Update language list in chromium-browser-l10n description
-- Giuseppe Iuculano <iuculano@debian.org> Sat, 26 Jun 2010 09:47:17 +0200
chromium-browser (5.0.375.86~r49890-1) unstable; urgency=low
[ Jonathan Nieder ]
* Use dpkg-architecture directly instead of relying on
dpkg-buildpackage to set DEB_*_ARCH variables. Use
DEB_HOST_ARCH_CPU instead of DEB_BUILD_ARCH to detect target CPU.
(Closes: #585801)
[ Giuseppe Iuculano ]
* New stable version, this release fixes the following security
issues:
- [38105] Medium XSS via application/json response (regression). Credit to
Ben Davis for original discovery and Emanuele Gentili for regression
discovery.
- [43322] Medium Memory error in video handling. Credit to Mark Dowd under
contract to Google Chrome Security Team.
- [43967] High Subresource displayed in omnibox loading. Credit to Michal
Zalewski of Google Security Team.
- [45267] High Memory error in video handling. Credit to Google Chrome
Security Team (Cris Neckar).
- [46126] High Stale pointer in x509-user-cert response. Credit to Rodrigo
Marcos of SECFORCE.
- Drop the XLIB_SKIP_ARGB_VISUALS workaround as it creates regressions.
See http://crbug.com/46439
* Use /usr/bin/chromium-browser in chromium-browser.xml (Closes: #580582)
[ Fabien Tassin ]
* Show in about:version when chromium is running on a different
distribution that it has been built on
- udpate debian/rules
- rename and update debian/chromium-browser.sh =>
debian/chromium-browser.sh.in
-- Giuseppe Iuculano <iuculano@debian.org> Fri, 25 Jun 2010 10:15:35 +0200
chromium-browser (5.0.375.70~r48679-2) unstable; urgency=low
[ Fabien Tassin ]
* Accept 'stable' as value for $(CHANNEL)
- update debian/rules
[ Giuseppe Iuculano ]
* Use the full path in chromium-browser.xml, now Gnome's Preferred
Applications doesn't get confused. (Closes: #580582)
* debian/patches/protobuf.patch: Use system copy of libprotobuf
* Added protobuf-compiler and libprotobuf-dev in Build-Depends
* debian/patches/glew.patch: Use system copy of libglewmx (version with
support for thread-safe usage of multiple rendering contexts)
* Added libglewmx1.5-dev in Build-Depends
* Removed Fabien and Alexander from Uploaders.
* Updated VCS control fields
* Fix an infinite recursion crash when trying to wrap media elements without
a media player. (Closes: #582709)
-- Giuseppe Iuculano <iuculano@debian.org> Sun, 13 Jun 2010 22:23:59 +0200
chromium-browser (5.0.375.70~r48679-1) unstable; urgency=low
[ Fabien Tassin ]
* Add a --temp-profile knob to the launcher script starting Chromium with
a new profile which will last only for the duration of the session
- update debian/chromium-browser.sh
* Change StartupWMClass to Chromium-browser in the desktop launcher so
cairo-dock does the right thing (LP: #587664)
- update debian/chromium-browser.desktop
* Set XLIB_SKIP_ARGB_VISUALS=1 in the wrapper to prevent flash from dying
with a Gdk-ERROR when gtk2 is built with RGBA support (like in Maverick).
(LP: #584959)
- update debian/chromium-browser.sh
[ Giuseppe Iuculano ]
* New upstream stable release, this release fixes the following security
issues:
- [15766] Medium Cross-origin keystroke redirection.
- [39985] High Cross-origin bypass in DOM methods.
- [42723] High Memory error in table layout.
- [43304] High Linux sandbox escape.
- [43307] High Bitmap stale pointer.
- [43315] High Memory corruption in DOM node normalization.
- [43487] High Memory corruption in text transforms.
- [43902] Medium XSS in innerHTML property of textarea.
- [44740] High Memory corruption in font handling.
- [44868] High Geolocation events fire after document deletion.
- [44955] High Memory corruption in rendering of list markers.
-- Giuseppe Iuculano <iuculano@debian.org> Wed, 09 Jun 2010 12:08:42 +0200
chromium-browser (5.0.375.55~r47796-1) unstable; urgency=low
* New beta release.
- This release contains some minor crash and stability fixes.
* Switch to dpkg-source 3.0 (quilt) format.
* Don't use a tar.lzma-in-a-tar.gz
- Now debian/rules binary works (Closes: #580535)
* Refreshed patches and removed zoom_incognito.patch (applied upstream)
* Removed quilt from Build-Depends
* Build-depends on libv8-dev >= 2.2.7 and fix build-depends-on-1-revision
lintian warning
-- Giuseppe Iuculano <iuculano@debian.org> Sun, 23 May 2010 23:22:16 +0200
chromium-browser (5.0.375.38~r46659-2) unstable; urgency=low
[ Fabien Tassin ]
* Unbreak get-orig-source when it needs to drop its cache after a channel jump
(replace brace expansion - which is a bashism - with proper $(wildcard))
- update debian/rules
[ Giuseppe Iuculano ]
* chromium-browser-inspector: demoted chromium-browser to Recommend and
avoid circular dependency (Closes: #581743)
* Tell Chromium to look in /etc/chromium-browser for the master_preferences
file
- update debian/patches/series
- add debian/patches/prefs.patch
* Ship a custom first-run preferences file
- update debian/chromium-browser.install
- add debian/master_preferences
* Removed g++-4.3 | g++-4.2 from Build-Depends
- update debian/control
* Removed the icon field from the menu file
- update debian/chromium-browser.menu
* Removed libc6-dev-i386 [amd64] and g++-multilib [amd64] from Build-Depends
- update debian/control
* Install a presubj bug file
- update debian/chromium-browser.install
- add debian/presubj
* Forget zoom levels set/changed in incognito mode
- add debian/patches/zoom_incognito.patch
- update debian/patches/series
-- Giuseppe Iuculano <iuculano@debian.org> Tue, 18 May 2010 23:52:40 +0200
chromium-browser (5.0.375.38~r46659-1) unstable; urgency=low
[ Giuseppe Iuculano ]
* Use system copy of libv8
- update debian/control
- update debian/patches/series
- update debian/patches/system_v8.patch
- update debian/rules
* Build-depends on libv8-dev >= 2.2.7
See http://code.google.com/p/v8/issues/detail?id=506
- update debian/control
* Recognize iceweasel in about:memory
- update debian/patches/series
- add debian/patches/memory_iceweasel.patch
* Set arch to i386 amd64 armel mips
* New beta release
- In addition to crash and stability fixes, this release also includes
a localization refresh
* Upload in unstable
[ Andres Mejia ]
* Be able to use system ffmpeg-0.5.1. (Closes: #580947)
-- Giuseppe Iuculano <iuculano@debian.org> Thu, 13 May 2010 11:31:32 +0200
chromium-browser (5.0.375.29~r46008-3) experimental; urgency=low
* Include system copy of prtime.h
- add debian/patches/nspr.patch
- update debian/patches/series
* Use system libicu
- add debian/patches/system-icu.patch
* webkit needs to call nss to pull in nspr headers
- add debian/patches/nss.patch
- update debian/patches/series
* Ops, libavutil50 is not yet in Debian, removed from depends
(Closes: #580769)
- update debian/control
* Include system copy of expat.h
- update debian/patches/series
- add debian/patches/expat.patch
-- Giuseppe Iuculano <iuculano@debian.org> Sun, 09 May 2010 11:34:10 +0200
chromium-browser (5.0.375.29~r46008-2) experimental; urgency=low
* Do not pre-depend on lzma. Thanks to Sven Joachim. (Closes: #580485)
- update debian/control
* Do not force -j$(PROCESSORS), use DEB_BUILD_OPTIONS's parallel=n option
instead so the person doing the build can decide how many processes to run
in parallel. (Closes: #580490)
- update debian/rules
* Reintroduce add_enable_sse2_flag.patch (Closes: #580608)
- update debian/rules
- update debian/patches/add_enable_sse2_flag.patch
- update debian/patches/series
* Added a Debian menu file (Closes: #580591)
- add debian/chromium-browser.menu
* Use system yasm
- update debian/rules
- update debian/control
* Removed DEB_MAKE_EXTRA_ARGS, we already use DEB_MAKE_ENVVARS for parallel
build
- update debian/rules
* Set use_system_ffmpeg and symlink libavcodec libavformat and libavutil.
This enables HTML5 video (Closes: 580610)
- update debian/rules
- update debian/patches/series
- add debian/chromium-browser.links
- add debian/patches/ffmpeg-no-pkgconfig.patch
- add debian/patches/ffmpegfix.patch
* Added libavcodec52, libavformat52 and libavutil50 in Depends
- update debian/control
-- Giuseppe Iuculano <iuculano@debian.org> Sat, 08 May 2010 00:41:38 +0200
chromium-browser (5.0.375.29~r46008-1) experimental; urgency=low
[Giuseppe Iuculano]
* Switch to system libs and enabled libxml
- update debian/rules
* Use system libevent, libicu and libxslt
- update debian/rules
- update debian/control
* New upstream release from the Beta Channel
* Fixed a typo in the maintainer field
- update debian/control
* Removed ubuntu_dont_overwrite_default_download_directory.patch, the default
download location can be set via the options dialog
- update debian/patches/series
- removed ubuntu_dont_overwrite_default_download_directory.patch
* use dh_install --list-missing
- update debian/rules
* Updated VCS control field, at this moment is a private branch on launchpad
- update debian/control
* Updated debian/copyright and fixed glitches pointed out by ftpmaster
- update debian/copyright
- update debian/copyright.problems
* Added a strict depend in chromium-browser-inspector
- update debian/control
[ Fabien Tassin ]
* Add app_unittests_strings to INSTALL_EXCLUDE_DIRS
- update debian/rules
* Add a gnome-www-browser alternative (LP: #571103)
- update debian/chromium-browser.{postinst,prerm}
* Build with build_ffmpegsumo=0 instead of use_system_ffmpeg=1 (which
now means something else)
- update debian/rules
* Install resources/{bookmark_manager,net_internals} in the main deb
- update debian/chromium-browser.install
* Drop the sse2 patch, it has been applied upstream, and set disable_sse2
- drop debian/patches/drop_sse2.patch
- update debian/patches/series
- update debian/rules
* Add app_unittests_strings, resources/{calendar_app,docs_app,gmail_app}
and pyproto to INSTALL_EXCLUDE_DIRS
- update debian/rules
-- Giuseppe Iuculano <iuculano@debian.org> Thu, 06 May 2010 12:01:07 +0200
chromium-browser (5.0.342.9~r43360-1) experimental; urgency=low
[ Fabien Tassin ]
* Add xdg-utils to Depends (LP: #568984)
- update debian/control
* Disable DLOG and DCHECK. This should improve performances.
- update debian/rules
[ Giuseppe Iuculano ]
* Replace xbase-clients with x11-apps in build-depdends
- update debian/control
* Bump debhelper compatibility to 7
- update debian/control
- update debian/compat
* Bump to Standards-Version 3.8.4, no changes needed
- update debian/control
* Removed the strict depends in chromium-browser-l10n, and made
chromium-browser safely binNMUable
- update debian/control
* Set Priority extra for chromium-browser-dbg
- update debian/control
* Added the debhelper token in prerm and postinst scripts
- update debian/chromium-browser.postinst
- update debian/chromium-browser.prerm
* Removed cdbs cruft and fix patch-system-but-direct-changes-in-diff lintian
warning
- update debian/rules
* Build-depends on coreutils >= 7.5 | timeout
- update debian/control
* Use lzma only in Ubuntu, this is not yet permitted in the Debian archive
- update debian/rules
* Move chromium-browser-dbg in debug section and improve its extended
description
- update debian/control
* Set CHROME_VERSION_EXTRA to Debian in the Debian package
- update debian/rules
* Updated Maintainer and Uploader lists
- update debian/control
* Upload to experimental (Closes: #520324)
* Removed chromium-codecs-ffmpeg from Depends
- update debian/control
-- Giuseppe Iuculano <iuculano@debian.org> Mon, 26 Apr 2010 15:03:00 +0200
chromium-browser (5.0.342.9~r43360-0ubuntu2) lucid; urgency=low
[ Fabien Tassin <fta@ubuntu.com> ]
* Mention 'Chrome' in the main package description (LP: #561667)
- update debian/control
* When 'gclient update' fails, clear up the cache and retry. This helps
the channels updates often failing with a "Can't switch the checkout" error
- update debian/rules
[ Chris Coulson <chris.coulson@canonical.com> ]
* Update the default search URL
- update debian/rules
-- Fabien Tassin <fta@ubuntu.com> Fri, 16 Apr 2010 17:36:29 +0200
chromium-browser (5.0.342.9~r43360-0ubuntu1) lucid; urgency=low
* New upstream release from the Beta Channel
- Fix extensions installer where some extensions cannot be installed
(issue 38220)
* Don't build with system zlib on Intrepid/Jaunty (needed to unbreak the
backports). See http://crbug.com/38073
- update debian/rules
-- Fabien Tassin <fta@ubuntu.com> Wed, 07 Apr 2010 21:02:55 +0200
chromium-browser (5.0.342.7~r42476-0ubuntu1) lucid; urgency=low
* New upstream release from the Beta Channel
- fix an issue with Google SSL sites failing with 'error 107
(net::ERR_SSL_PROTOCOL_ERROR)' (issue 37722)
- Automatic translations and greater control over content for privacy
- Really, really reload. A normal reload causes the browser to check with
the server before reusing its cached content. The server can decide
whether or not the browser should use its cached content. A force reload
causes the browser to ignore its cached content and ask the server for a
fresh copy of the page. Use Shift+Reload to force a reload.
* Add libdbus-glib-1-dev to Build-Depends
- update debian/control
* Move third_party/gles2_book from STRIPPED_DIRS to ALMOST_STRIPPED_DIRS
as we now need its gyp file (but nothing else)
- update debian/rules
* Bump gyp requirement to >= 0.1~svn795, it's needed for the new syntax
- update debian/control
* Add 'timestats' to INSTALL_EXCLUDE_FILES
- update debian/rules
* Import translations and mime-types from the upstream desktop file
Thanks to Julien Lavergne <gilir@ubuntu.com> (LP: #538664)
- update debian/chromium-browser.desktop
* Import the free SVG logo from the Chromium website and install it
in /usr/share/icons/hicolor/scalable/apps (LP: #528640)
- add debian/chromium-browser.svg
- update debian/rules
* Move chromium-browser-inspector to Depends, it breaks some features
when it's not installed
- update debian/control
* Rename chromium-codecs-ffmpeg-nonfree into chromium-codecs-ffmpeg-extra
and move the two codecs back to Depends (LP: #537617, #513776)
- update debian/control
-- Fabien Tassin <fta@ubuntu.com> Thu, 25 Mar 2010 08:22:40 +0100
chromium-browser (5.0.307.11~r39572-0ubuntu1) lucid; urgency=low
* New upstream release from the Beta Channel
- Fixed an issue where an error resolving a proxy server would not try a
direct connection. (Issue 32316)
- Fixed an extensions bug that could crash the entire browser. (Issue 34778)
- Fixed an issue in the cross-site scripting auditor that could prevent
Google translate from working on sites. (Issue 33115)
-- Fabien Tassin <fta@ubuntu.com> Sat, 27 Feb 2010 17:07:23 +0100
chromium-browser (5.0.307.9~r39052-0ubuntu1) lucid; urgency=low
* New upstream release from the Beta Channel
- Fixed a tab crash that could be triggered by visiting wordpress.com,
http://acid3.acidtests.org/, and many other sites. (Issue 35498)
- Fixed a tab crash in image loading. (Issue 32230)
- Improved font bolding for fonts without native bold. (Issue 22360)
* Bump gyp Build-Depends to >= 0.1~svn785
- update debian/control
* Add --no-circular-check to gyp_chromium to prevent gyp from failing
- update debian/rules
-- Fabien Tassin <fta@ubuntu.com> Thu, 18 Feb 2010 00:20:07 +0100
chromium-browser (5.0.307.7~r38400+0-0ubuntu1) lucid; urgency=low
* Disable WANT_SYSTEM_LIBS since it makes Gmail/GCal crash (libxml,
libxslt, ..). See http://crbug.com/34725 (LP: #522078)
- update debian/rules
-- Fabien Tassin <fta@ubuntu.com> Mon, 15 Feb 2010 12:17:07 +0100
chromium-browser (5.0.307.7~r38400-0ubuntu1) lucid; urgency=low
* New upstream release from the Beta Channel
* Re-add the -l10n strict version dependency on chromium-browser
- update debian/control
-- Fabien Tassin <fta@ubuntu.com> Fri, 12 Feb 2010 22:00:39 +0100
chromium-browser (5.0.307.5~r37950+0-0ubuntu1) lucid; urgency=low
* Drop third_party/libxml from STRIPPED_SYSTEM_LIB_DIRS
- update debian/rules
-- Fabien Tassin <fta@ubuntu.com> Wed, 10 Feb 2010 18:46:55 +0100
chromium-browser (5.0.307.5~r37950-0ubuntu1) lucid; urgency=low
* Add libxss-dev to Build-Depends, the new browser sync engine needs
X11/extensions/scrnsaver.h
- update debian/control
* Add a safety net to get-orig-source when fetching sources for a channel
- update debian/rules
-- Fabien Tassin <fta@ubuntu.com> Tue, 09 Feb 2010 17:07:18 +0100
chromium-browser (4.0.305.0~svn20100123r36929-0ubuntu1) lucid; urgency=low
[ Fabien Tassin <fta@ubuntu.com> ]
* Initial release. (Closes: #520324, LP: #387765)
[ Alexander Sack <asac@ubuntu.com> ]
* extensive license review; see copyright and copyright.problems;
also see debian/licensecheck.pl for details how the copyright files are
generated
* address archive-admin comments:
+ add "Paul Hsieh's Public Domain Option" license snippet and mark
net/disk_cache/hash.cc to be govered by that; recreate copyright*
- add debian/licenses/LICENSE.Paul Hsieh's Public Domain Option
- update debian/licensecheck.pl
- update debian/copyright
- update debian/copyright.problems
-- Fabien Tassin <fta@ubuntu.com> Tue, 26 Jan 2010 17:43:19 +0100