Your message dated Sat, 02 Feb 2019 14:52:32 +0000 with message-id <e1gpwem-000eql...@fasolo.debian.org> and subject line Bug#916320: fixed in chromium 72.0.3626.81-1 has caused the Debian Bug report #916320, regarding chromium: upgrade did opt-in to "Allow Chromium sign-in" to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 916320: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916320 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: chromium Severity: important Dear Maintainer, I see that nobody complained about this bug [1] This problem is somehow well-known these days in the Internet, look for "allow chromium sign-in" in a web search engine. After an upgrade (I don't remember exactly what version) chromium did an opt-in that says: By turning this off, you can sign in to Google sites like Gmail without signing in to Chromium I think that debian policy does not allow to opt-in data transmission (google account synchronization) without warning and without user consent. At least, this does not look to be very fair. Sorry for not providing any solution, at least I participated warning about the issue Cheers, Pedeb [1] https://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=chromium;dist=unstable -- System Information: Debian Release: 9.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-8-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages chromium depends on: ii libasound2 1.1.3-5 pn libatk1.0-0 <none> pn libatomic1 <none> pn libavcodec57 | libavcodec-extra57 <none> pn libavformat57 <none> pn libavutil55 <none> ii libc6 2.24-11+deb9u3 pn libcairo2 <none> pn libcups2 <none> ii libdbus-1-3 1.10.26-0+deb9u1 pn libdrm2 <none> ii libevent-2.0-5 2.0.21-stable-3 ii libexpat1 2.2.0-2+deb9u1 pn libflac8 <none> ii libfontconfig1 2.11.0-6.7+b1 ii libfreetype6 2.6.3-3.2 ii libgcc1 1:6.3.0-18+deb9u1 pn libgdk-pixbuf2.0-0 <none> ii libglib2.0-0 2.50.3-2 pn libgtk2.0-0 <none> ii libicu57 57.1-6+deb9u2 ii libjpeg62-turbo 1:1.5.1-2 pn libminizip1 <none> pn libnspr4 <none> pn libnss3 <none> pn libopenjp2-7 <none> pn libopus0 <none> pn libpango-1.0-0 <none> pn libpangocairo-1.0-0 <none> pn libpangoft2-1.0-0 <none> ii libpci3 1:3.5.2-1 ii libpng16-16 1.6.28-1 pn libpulse0 <none> pn libre2-3 <none> pn libsnappy1v5 <none> ii libstdc++6 6.3.0-18+deb9u1 pn libvpx4 <none> ii libwebp6 0.5.2-1 pn libwebpdemux2 <none> pn libwebpmux2 <none> ii libx11-6 2:1.6.4-3+deb9u1 pn libx11-xcb1 <none> ii libxcb1 1.12-1 pn libxcomposite1 <none> pn libxcursor1 <none> pn libxdamage1 <none> pn libxext6 <none> pn libxfixes3 <none> pn libxi6 <none> ii libxml2 2.9.4+dfsg1-2.2+deb9u2 pn libxrandr2 <none> pn libxrender1 <none> ii libxslt1.1 1.1.29-2.1 pn libxss1 <none> pn libxtst6 <none> pn x11-utils <none> pn xdg-utils <none> ii zlib1g 1:1.2.8.dfsg-5 Versions of packages chromium recommends: pn fonts-liberation <none> pn libgl1-mesa-dri <none> Versions of packages chromium suggests: pn chromium-driver <none> pn chromium-l10n <none> pn chromium-shell <none> pn chromium-widevine <none>
--- End Message ---
--- Begin Message ---Source: chromium Source-Version: 72.0.3626.81-1 We believe that the bug you reported is fixed in the latest version of chromium, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 916...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Gilbert <mgilb...@debian.org> (supplier of updated chromium package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 02 Feb 2019 05:05:43 +0000 Source: chromium Architecture: source Version: 72.0.3626.81-1 Distribution: unstable Urgency: medium Maintainer: Debian Chromium Team <chrom...@packages.debian.org> Changed-By: Michael Gilbert <mgilb...@debian.org> Closes: 856255 916320 Changes: chromium (72.0.3626.81-1) unstable; urgency=medium . * New upstream stable release. - Stack buffer overflow in Skia. Reported by Ivan Fratric - Use after free in Mojo, FileAPI, and Payments. Reported by Mark Brand - CVE-2018-17481: Use after free in PDFium. Reported by Anonymous - CVE-2019-5754: Inappropriate implementation in QUIC Networking. Reported by Klzgrad - CVE-2019-5755: Inappropriate implementation in V8. Reported by Jay Bosamiya - CVE-2019-5756: Use after free in PDFium. Reported by Anonymous - CVE-2019-5757: Type Confusion in SVG. Reported by Alexandru Pitis - CVE-2019-5758: Use after free in Blink. Reported by Zhe Jin - CVE-2019-5759: Use after free in HTML select elements. Reported by Almog Benin - CVE-2019-5760: Use after free in WebRTC. Reported by Zhe Jin - CVE-2019-5762: Use after free in PDFium. Reported by Anonymous - CVE-2019-5763: Insufficient validation of untrusted input in V8. Reported by Guang Gong - CVE-2019-5764: Use after free in WebRTC. Reported by Eyal Itkin - CVE-2019-5765: Insufficient policy enforcement in the browser. Reported by Sergey Toshin - CVE-2019-5766: Insufficient policy enforcement in Canvas. Reported by David Erceg - CVE-2019-5767: Incorrect security UI in WebAPKs. Reported by Haoran Lu, Yifan Zhang, Luyi Xing, and Xiaojing Liao - CVE-2019-5768: Insufficient policy enforcement in DevTools. Reported by Rob Wu - CVE-2019-5769: Insufficient validation of untrusted input in Blink. Reported by Guy Eshel - CVE-2019-5770: Heap buffer overflow in WebGL. Reported by hemidallt - CVE-2019-5772: Use after free in PDFium. Reported by Zhen Zhou - CVE-2019-5773: Insufficient data validation in IndexedDB. Reported by Yongke Wang - CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing. Reported by Junghwan Kang and Juno Im - CVE-2019-5775: Insufficient policy enforcement in Omnibox. Reported by evi1m0 - CVE-2019-5776: Insufficient policy enforcement in Omnibox. Reported by Lnyas Zhang - CVE-2019-5777: Insufficient policy enforcement in Omnibox. Reported by Khalil Zhani - CVE-2019-5778: Insufficient policy enforcement in Extensions. Reported by David Erceg - CVE-2019-5779: Insufficient policy enforcement in ServiceWorker. Reported by David Erceg - CVE-2019-5780: Insufficient policy enforcement. Reported by Andreas Hegenberg - CVE-2019-5781: Insufficient policy enforcement in Omnibox. Reported by evi1m0 - CVE-2019-5782: Inappropriate implementation in V8 reported by Qixun Zhao - CVE-2019-5783: Insufficient validation of untrusted input in DevTools. Reported by Shintaro Kobori * Opt out of all Google web service options by default (closes: #916320). * Enable support for hardware accelerated video decoding (closes: #856255). - Thanks to Akarshan Biswas. Checksums-Sha1: 715a40672675e56c86552aa3dec382f217792b27 4203 chromium_72.0.3626.81-1.dsc e36e53aed6e22407f5501e3c75733480b7182c19 200911460 chromium_72.0.3626.81.orig.tar.xz 8ed5e067ae11578fb03657ba5a11ffaaac4c1036 174920 chromium_72.0.3626.81-1.debian.tar.xz 2b355c81cf389d6c159d5749662989d05c2b239c 21523 chromium_72.0.3626.81-1_source.buildinfo Checksums-Sha256: d860a6d102f965e03e85c72e5385be8657f8136af5d52a96ba6eb5f9ce14d6d6 4203 chromium_72.0.3626.81-1.dsc bdd0222053c033c10ef9398c829f69a884face0e7e6426001addc60eab3d4b3d 200911460 chromium_72.0.3626.81.orig.tar.xz 49953e7e9b70edb29e2fd2a1307ccb3dbedfb83ff3e3d461dcbe54d4f4b2ff86 174920 chromium_72.0.3626.81-1.debian.tar.xz e115a6211b1b7d932044eccae9975e8383fa6beb8d4336e362957b8d0aef7786 21523 chromium_72.0.3626.81-1_source.buildinfo Files: ea3867844e4f4699fc31076b3cde6c93 4203 web optional chromium_72.0.3626.81-1.dsc 0e6ca23afbab65c9f67152048285582a 200911460 web optional chromium_72.0.3626.81.orig.tar.xz 32385ef4e2b9f7206c9462799ebd14a4 174920 web optional chromium_72.0.3626.81-1.debian.tar.xz 4b892217ea2d76da417deb159109b3e5 21523 web optional chromium_72.0.3626.81-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAlxVpfcACgkQuNayzQLW 9HOIex/9HC4GWMCG/Rq+aatm2tMQ6SW/Su0gGqvv7NWnhZqm5bnvcyo8ysEHjWJ5 bdmrrp+d8vMZ9rLmGjE0uhaRdQTXGI0YOdY/lZNos0ptV3inXaUg76MVDGBoWIcD kiG0v7iYaYSFb608Zx3zo9z8uPgxOuDaY19EQuOaCbSiHt/UYmqa6IZYnoOFSPK5 lcaCIB68I4xLaIqINVQGnKH225T8UH7k6hkRlBxuC4g6UCNdhasbXi7aXp+So17Y 7I1zHtgQexGqevC5THqXQm9px1ro6c9JRMGbtoTicD7+zzxPjGFSFPe3QxYz+7SB d/oYMtsxV8FRwzkDV/X3vAA0w8R3mj8Z2veJIjSpql/amM7S2OyQBqYax0Q+lRp9 PKFpCyWZYbalzLEDz+0/O7/q+iRkrOfN2h4vllPUOg//GcMzx12bQMJfduLBAXna xKk34HSk7rqqzTLiDrtukVI+sS28gEdLZ4tYHOwwZmUsSe+1ungDplQ7OymrJFE+ WEKMVk8yK8h0xxezKysnQkiO229wfcGdknLuG/pch4H1y/zmWaq3uvJW7VzmsS64 Dmr+JhJU57FG1WQbfP/L8HQB5E9mab/Y0+72FrC8nEmyuipwoOCAmRyifE1ioRe2 8plhqrqyrvH/vJyF0+Loco0ke/M1Cn6ljgTq4LDub8JzqR+E4f6ZIiCi+24VGQL/ W3R9woVqLpuZ8SgyhGtr+/BXNtSCeBJQ4uHkqFiGE85ir1tN//G1gC30a/+1XW9A r2vsgyslNU8P/f9INZPnqDT47heFSrYrnqj6wk9ms1ShNZv1WFHcbbchWUoW6N/H oZUlFRvXzm6RwL/LUruS6mp1QB+adLwglJcF/pzndzFlvbPrRyCox1dQmm1RQ611 YPHl6LUA0Zx6GnYl84aD8+MOufy7BSXiBnQloJm2mXkXREr170RIylJP9WxBmRqu CVBy7aVHuF9p3ycIqigM8uJ3p6A/f+l8yroXqe3HEwl4v/oAWHgNaD5Cxng1duxU b5vr4DRYMuJoLMcK2Fm6/l6hXRcPKH8e970o5cJVp371hgGp5rmNX6c8jJYN0COh CaEX/WGj/lF6cYc9duxFhnn6SoetKgVPcnXjjQIRBpJyajljclWGUmBNY43QVSmC iXiExc5aLHy641QOnV8mH5JfU/+ZN+IFdxRRFX+UM5H9Ykd0MpSYNsoR81bd7bBb Myng6aILN+OVSGPBZ8rly140UuXQ2NktDszTfiMVl+vKjZm3Q/qUwS1fNI6eI+N6 19/Di6/CpfpIgQ4iZQCgd0vTkYYhVOSod39pohJkMUDwf4cc2pAT5eapwhy3RzH7 xYQ/c9X2mf+nZe9tVv0s0dQYSq5fZw== =Mk7W -----END PGP SIGNATURE-----
--- End Message ---
