Package: chromium Version: 70.0.3538.110-1 Severity: important I am not completely sure how to handle this issue: it is obviously not present in Google Chrome, only in Chromium so upstream isssue tracker doesn't seem to be the best fit. Also I'm not sure how the SafeBrowsing component is maintained in _Chromium_. If you believe this should be somehow reported upstream please do it or request me to (with some details as of how and what).
Anyway, Chromium SafeBrowsing seems not to work at all, despite that both "SafeBrowsing" and "Help improve SB" is on. Just go to this URL and see no warnings: https://www[.]xn--bbox-vw5a[.]com/login (It is a phishing site for bibox.com with TLS domain padlock.) The URL is detected by both FireFox and Google SafeBrowsing website. I would say this is a pretty serious problem, considering the aforementioned example of the phishing site WITH the padlock, where Average Joe have no real chance to see the URL forgery. -- System Information: Debian Release: buster/sid APT prefers oldstable-updates APT policy: (500, 'oldstable-updates'), (500, 'unstable'), (500, 'oldstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.16.0-2-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF8, LC_CTYPE=en_US.UTF8 (charmap=UTF-8), LANGUAGE=en_US.UTF8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: sysvinit (via /sbin/init) LSM: AppArmor: enabled Versions of packages chromium depends on: ii chromium-common 70.0.3538.110-1 ii libasound2 1.1.6-1 ii libatk-bridge2.0-0 2.26.1-1 ii libatk1.0-0 2.28.1-1 ii libatomic1 8.2.0-7 ii libavcodec58 10:4.0.2-dmo1 ii libavformat58 10:4.0.2-dmo1 ii libavutil56 10:4.0.2-dmo1 ii libc6 2.27-5 ii libcairo-gobject2 1.16.0-1 ii libcairo2 1.16.0-1 ii libcups2 2.2.8-5 ii libdbus-1-3 1.12.10-1 ii libdrm2 2.4.89-1 ii libevent-2.1-6 2.1.8-stable-4 ii libexpat1 2.2.5-3 ii libflac8 1.3.2-1 ii libfontconfig1 2.13.1-2 ii libfreetype6 2.8.1-0.1 ii libgcc1 1:8.2.0-7 ii libgdk-pixbuf2.0-0 2.38.0+dfsg-6 ii libglib2.0-0 2.58.1-2 ii libgtk-3-0 3.22.30-1 ii libharfbuzz0b 2.1.1-1+b1 ii libicu63 63.1-4 ii libjpeg62-turbo 1:1.5.2-2+b1 ii liblcms2-2 2.9-1 ii libminizip1 1.1-8+b1 ii libnspr4 2:4.16-1+b1 ii libnss3 2:3.34-1 ii libopenjp2-7 2.3.0-1 ii libopus0 1.3~beta+20180518-1 ii libpango-1.0-0 1.42.4-3 ii libpangocairo-1.0-0 1.42.4-3 ii libpci3 1:3.5.2-1 ii libpng16-16 1.6.34-1 ii libpulse0 12.0-1 ii libre2-4 20180301+dfsg-1 ii libsnappy1v5 1.1.7-1 ii libstdc++6 8.2.0-7 ii libvpx5 1.7.0-3 ii libwebp6 0.6.1-2 ii libwebpdemux2 0.6.1-2 ii libwebpmux3 0.6.1-2 ii libx11-6 2:1.6.5-1 ii libx11-xcb1 2:1.6.4-3 ii libxcb1 1.13-2 ii libxcomposite1 1:0.4.4-2 ii libxcursor1 1:1.1.15-1 ii libxdamage1 1:1.1.4-3 ii libxext6 2:1.3.3-1+b2 ii libxfixes3 1:5.0.3-1 ii libxi6 2:1.7.9-1 ii libxml2 2.9.4+dfsg1-6.1+b1 ii libxrandr2 2:1.5.1-1 ii libxrender1 1:0.9.10-1 ii libxslt1.1 1.1.29-5 ii libxss1 1:1.2.2-1+b2 ii libxtst6 2:1.2.3-1 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages chromium recommends: ii chromium-sandbox 70.0.3538.102-1 Versions of packages chromium suggests: pn chromium-driver <none> pn chromium-l10n <none> pn chromium-shell <none> Versions of packages chromium-common depends on: ii x11-utils 7.7+4 ii xdg-utils 1.1.2-1 Versions of packages chromium-common recommends: ii chromium-sandbox 70.0.3538.102-1 ii dunst [notification-daemon] 1.2.0-2 ii fonts-liberation 1:1.07.4-8 ii libgl1-mesa-dri 17.3.1-1 pn libu2f-udev <none> ii notification-daemon 3.20.0-2 ii upower 0.99.7-1 ii xfce4-notifyd [notification-daemon] 0.4.2-1 Versions of packages chromium-sandbox depends on: ii libatomic1 8.2.0-7 ii libc6 2.27-5 ii libgcc1 1:8.2.0-7 ii libstdc++6 8.2.0-7 -- no debconf information
