Your message dated Mon, 10 Sep 2018 19:02:35 +0000 with message-id <[email protected]> and subject line Bug#904796: fixed in chromium-browser 69.0.3497.81-1~deb9u1 has caused the Debian Bug report #904796, regarding chromium for arm64 lacks security updates to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 904796: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904796 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: chromium Version: 66.0.3359.117-1~deb9u1 Severity: important Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? I am running Debian Sid on arm64 and use it as a desktop compuer. Chromium on arm64 in Debian Stretch stopped receiving security updates. Chromium for i386, amd64 and armhf received updates for versions 67 and 68, however chromium for arm64 is stuck on version 66. * What exactly did you do (or not do) that was effective (or ineffective)? upgrade debian arm64 system with apt * What was the outcome of this action? chromium is installed at version 66.0.3359.117-1~deb9u1 * What outcome did you expect instead? chromium on arm64 should be upgraded to version 68 just like on the other platforms. *** End of the template - remove these template lines *** -- System Information: Debian Release: 9.5 APT prefers stable APT policy: (500, 'stable') Architecture: arm64 (aarch64) Foreign Architectures: armel, armhf Kernel: Linux 4.17.10 (SMP w/4 CPU cores; PREEMPT) Locale: LANG=cs_CZ.UTF-8, LC_CTYPE=cs_CZ.UTF-8 (charmap=UTF-8), LANGUAGE=cs_CZ.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages chromium depends on: ii libasound2 1.1.3-5 ii libatk1.0-0 2.22.0-1 ii libavcodec57 7:3.2.11-1~deb9u1 ii libavformat57 7:3.2.11-1~deb9u1 ii libavutil55 7:3.2.11-1~deb9u1 ii libc6 2.24-11+deb9u3 ii libcairo2 1.14.8-1 ii libcups2 2.2.1-8+deb9u2 ii libdbus-1-3 1.10.26-0+deb9u1 ii libevent-2.0-5 2.0.21-stable-3 ii libexpat1 2.2.0-2+deb9u1 ii libflac8 1.3.2-1 ii libfontconfig1 2.11.0-6.7+b1 ii libfreetype6 2.6.3-3.2 ii libgcc1 1:6.3.0-18+deb9u1 ii libgdk-pixbuf2.0-0 2.36.5-2+deb9u2 ii libglib2.0-0 2.50.3-2 ii libgtk2.0-0 2.24.31-2 ii libicu57 57.1-6+deb9u2 ii libjpeg62-turbo 1:1.5.1-2 ii libminizip1 1.1-8+b1 ii libnspr4 2:4.12-6 ii libnss3 2:3.26.2-1.1+deb9u1 ii libopus0 1.2~alpha2-1 ii libpango-1.0-0 1.40.5-1 ii libpangocairo-1.0-0 1.40.5-1 ii libpng16-16 1.6.28-1 ii libpulse0 10.0-1+deb9u1 ii libre2-3 20170101+dfsg-1 ii libsnappy1v5 1.1.3-3 ii libstdc++6 6.3.0-18+deb9u1 ii libvpx4 1.6.1-3+deb9u1 ii libwebp6 0.5.2-1 ii libwebpdemux2 0.5.2-1 ii libwebpmux2 0.5.2-1 ii libx11-6 2:1.6.4-3 ii libx11-xcb1 2:1.6.4-3 ii libxcb1 1.12-1 ii libxcomposite1 1:0.4.4-2 ii libxcursor1 1:1.1.14-1+deb9u1 ii libxdamage1 1:1.1.4-2+b3 ii libxext6 2:1.3.3-1+b2 ii libxfixes3 1:5.0.3-1 ii libxi6 2:1.7.9-1 ii libxml2 2.9.4+dfsg1-2.2+deb9u2 ii libxrandr2 2:1.5.1-1 ii libxrender1 1:0.9.10-1 ii libxslt1.1 1.1.29-2.1 ii libxss1 1:1.2.2-1 ii libxtst6 2:1.2.3-1 ii x11-utils 7.7+3+b1 ii xdg-utils 1.1.1-1+deb9u1 ii zlib1g 1:1.2.8.dfsg-5 Versions of packages chromium recommends: ii fonts-liberation 1:1.07.4-2 ii libgl1-mesa-dri 13.0.6-1+b2 Versions of packages chromium suggests: pn chromium-driver <none> ii chromium-l10n 66.0.3359.117-1~deb9u1 pn chromium-shell <none> ii chromium-widevine 66.0.3359.117-1~deb9u1 -- no debconf information
--- End Message ---
--- Begin Message ---Source: chromium-browser Source-Version: 69.0.3497.81-1~deb9u1 We believe that the bug you reported is fixed in the latest version of chromium-browser, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Gilbert <[email protected]> (supplier of updated chromium-browser package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 12 Aug 2018 01:10:32 +0000 Source: chromium-browser Binary: chromium chromium-l10n chromium-shell chromium-widevine chromium-driver chromedriver Architecture: source Version: 69.0.3497.81-1~deb9u1 Distribution: stretch-security Urgency: medium Maintainer: Debian Chromium Maintainers <[email protected]> Changed-By: Michael Gilbert <[email protected]> Description: chromedriver - web browser - WebDriver support transitional package chromium - web browser chromium-driver - web browser - WebDriver support chromium-l10n - web browser - language packs chromium-shell - web browser - minimal shell chromium-widevine - web browser - widevine content decryption support Closes: 904796 904798 Changes: chromium-browser (69.0.3497.81-1~deb9u1) stretch-security; urgency=medium . * New upstream stable release. - CVE-2018-16065: Out of bounds write in V8. Reported by Brendon Tiszka - CVE-2018-16066: Out of bounds read in Blink. Reported by cloudfuzzer - CVE-2018-16067: Out of bounds read in WebAudio. Reported by Zhe Jin - CVE-2018-16068: Out of bounds write in Mojo. Reported by Mark Brand - CVE-2018-16069: Out of bounds read in SwiftShader. Reported by Mark Brand - CVE-2018-16070: Integer overflow in Skia. Reported by Ivan Fratric - CVE-2018-16071: Use after free in WebRTC. Reported by Natalie Silvanovich - CVE-2018-16073: Site Isolation bypass after tab restore. Reported by Jun Kokatsu - CVE-2018-16074: Site Isolation bypass using Blob URLS. Reported by Jun Kokatsu - CVE-2018-16075: Local file access in Blink. Reported by Pepe Vila - CVE-2018-16076: Out of bounds read in PDFium. Reported by Aleksandar Nikolic - CVE-2018-16077: Content security policy bypass in Blink. Reported by Manuel Caballero - CVE-2018-16078: Credit card information leak in Autofill. Reported by Cailan Sacks - CVE-2018-16079: URL spoof in permission dialogs. Reported by Markus Vervier and Michele OrrĂ¹ - CVE-2018-16080: URL spoof in full screen mode. Reported by Khalil Zhani - CVE-2018-16081: Local file access in DevTools. Reported by Jann Horn - CVE-2018-16082: Stack buffer overflow in SwiftShader. Reported by Omair - CVE-2018-16083: Out of bounds read in WebRTC. Reported by Natalie Silvanovich - CVE-2018-16084: User confirmation bypass in external protocol handling. Reported by Jun Kokatsu - CVE-2018-16085: Use after free in Memory Instrumentation. Reported by Roman Kuksin * Replace files from chromium-common on upgrade (closes: #904798). * Fix build failure on arm64 caused by binutils in stretch (closes: #904796). Checksums-Sha1: 9b0585919291caa8fbca1101c6c0c24c01b47edb 4370 chromium-browser_69.0.3497.81-1~deb9u1.dsc 0695bbc23da4160e9ce0e4dc43e1ea71ac4dbf0a 237086156 chromium-browser_69.0.3497.81.orig.tar.xz 4702c7f7e6b9264f48c993f055a50d37baf7cc96 143180 chromium-browser_69.0.3497.81-1~deb9u1.debian.tar.xz e33bc82614dc954c137c8eb372650e380876e7ff 20006 chromium-browser_69.0.3497.81-1~deb9u1_source.buildinfo Checksums-Sha256: b41aa8a0c2b3f8e84f738c0f302edfa8a7e56354628941add5c6e575ff62d283 4370 chromium-browser_69.0.3497.81-1~deb9u1.dsc 4eea1bbf8555ab56c9f93d2bde6541c30ab80d8f2d708ed39c9b0d52667658ee 237086156 chromium-browser_69.0.3497.81.orig.tar.xz ff5f450dc00465fbd89bedd5a4997ef5d5d974352a54fc01c7f26d3db86a449e 143180 chromium-browser_69.0.3497.81-1~deb9u1.debian.tar.xz b1718b4c58798987d8aacfbeeb493a1a6f86c10c8f025aca1d0fdd3c0b226a57 20006 chromium-browser_69.0.3497.81-1~deb9u1_source.buildinfo Files: 49d5592cc2131159f113a684271811be 4370 web optional chromium-browser_69.0.3497.81-1~deb9u1.dsc 75670f17fa49b226a78391390ebca1d9 237086156 web optional chromium-browser_69.0.3497.81.orig.tar.xz 8a3cc52c5be20c61d2add6cf64e4dada 143180 web optional chromium-browser_69.0.3497.81-1~deb9u1.debian.tar.xz 756379a48b1205eec3585ea4aec9ae53 20006 web optional chromium-browser_69.0.3497.81-1~deb9u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAluSdIsACgkQuNayzQLW 9HMZJyAAkbVzEX4MZzUWUpVF3Q2vYxCgIQuiLsPwT6lbRUoi3K368Ps3G2bI1/gw 5XzNnw0fbgduPPFgKJMl0q5A0Ojaf5i/ailRNYG4W1behOhaFJeFqO9FnCWkbGXj IuPSTvN3O+uw/LVqlYxXZX2t3QpsCXjM32mreBulCAhqh/DS8vg/SgmhtnLP5pDB DX8rDX9uijrWkVxJyHObYPMf1EikspyIxMRrOGiBmhnX1sYG6zZcqlAPueXNDo/2 +wX01O5c4VmibUk5NAuEfqTMtNAUmfVV0ixaKILVjV3yHHtDTzBPFOjTzQjsYMkc Aj+/Lmwyh6iwtogOV/vz7aP21tSRZWp1hddG1EPpp9EOLd2/msxAHXi82KNePzJf +eqb9KrIijWfQx6/G+oTkx8i5eBoU3YEshhjDsvaR6wDsui5DvjnzqA3scMMPfD2 3BVoslMfft014gyRbv8INjOLssTpYuaHdE9f/TqWhPZPxDqkeEDc1/BTuq9tatf1 RWuOl+hjvP2Y/Knf2Z6vGwYgnoziFzrA91sOnL3/LuRY1Os0N+taiLDOPK/josQm sA2Z/oWxUr4y9Y0On/GQFIDaHTIT1n7L70tOcWOhwS764XEzU1JbqDOum+xIYUxL Sh9nv4Jn9SeX1IInPWA677KSPuFiZ3mKkUPJDskZaJeNGrPJm+EUw0Lr4YIFdGf6 g91yzynoxVu4PfOd0HFK/etg6HgK6i6mfeyDzoLPe/g0vj0MUdZi9o2FQsbO4VLv WBLY4lkbPMgSnyj51T5vKw4RlNDrlP5G+I1+30mfgL7kF/wmWx2oHzom4O0JzAUo 6Mw+KaZ3I5UGfe4nnmpfDLCAQ6RqkmxsFhywsEKOrmt4qjJwpac5+D15vvmLrCeC Jr4lkh2W9HTQUsJE6JJklIkXXlK2atGVfJDoVv/ZPL457TfvXCtAEswP+18yxTKH H8Gpj+nl4D0ZsNZ1WQyOK9aFwzqMrJc6kovGYcDZBlofcncX59w9l4k0yys8s7Y0 Jj062BwFnfJjBIsUKyGuo9LeB9kpNLNK142ud22jS+42Md2B9up3eBa/MJpNtBUw hQNnI31SNHPhUCXfWmQowIGoHKcQWdKkg7DKe1v83OqaqH2+vxtDA/RrkbNA2Nqg nZBplRohn3ndS1dvpOmPGpBkTEEEwzsAXhHDRteZqbIcQC/qZUW1TImOLO7d9avo l9c5fivHJl2VwON/1T8Cyp8f9jVe8zAXCzJI4ra4zioht1Rtliu1Rv5YW8vy2xm5 i1pfZyskpYlJkyc2nRqctCgazHA65JSM37gdo434RACUWQSxMCRUuJ7gzTqFCjYJ qEIQjEBGJNS6brm+cIg5r6mN1xwp8g== =XBdF -----END PGP SIGNATURE-----
--- End Message ---
