Bug#980564: marked as done (chromium: 88.0.4324.96 stable release)

Thu, 21 Jan 2021 15:39:16 -0800 

Your message dated Thu, 21 Jan 2021 23:34:38 +0000
with message-id <e1l2jtk-000afk...@fasolo.debian.org>
and subject line Bug#980564: fixed in chromium 88.0.4324.96-0.1
has caused the Debian Bug report #980564,
regarding chromium: 88.0.4324.96 stable release
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
980564: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980564
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: chromium
Version: 87.0.4280.141-0.1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>

Hi

For Details please see
https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html
covering again a couple of critical and high rated issues.

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
Source: chromium
Source-Version: 88.0.4324.96-0.1
Done: Michel Le Bihan <mic...@lebihan.pl>

We believe that the bug you reported is fixed in the latest version of
chromium, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 980...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michel Le Bihan <mic...@lebihan.pl> (supplier of updated chromium package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 20 Jan 2021 23:23:08 +0100
Source: chromium
Architecture: source
Version: 88.0.4324.96-0.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Chromium Team <chrom...@packages.debian.org>
Changed-By: Michel Le Bihan <mic...@lebihan.pl>
Closes: 980564
Changes:
 chromium (88.0.4324.96-0.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * New upstream stable release (closes: 980564).
     - CVE-2021-21117: Insufficient policy enforcement in Cryptohome. Reported
       by Rory McNamara
     - CVE-2021-21118: Insufficient data validation in V8. Reported by Tyler
       Nighswander @tylerni7 of Theori
     - CVE-2021-21119: Use after free in Media. Reported by Anonymous
     - CVE-2021-21120: Use after free in WebSQL. Reported by Nan Wang
       @eternalsakura13 and Guang Gong of 360 Alpha Lab
     - CVE-2021-21121: Use after free in Omnibox. Reported by Leecraso and Guang
       Gong of 360 Alpha Lab
     - CVE-2021-21122: Use after free in Blink. Reported by Renata Hodovan
     - CVE-2021-21123: Insufficient data validation in File System API. Reported
       by Maciej Pulikowski
     - CVE-2021-21124: Potential user after free in Speech Recognizer. Reported
       by Chaoyang Ding(@V4kst1z) from Codesafe Team of Legendsec at Qi'anxin
       Group
     - CVE-2021-21125: Insufficient policy enforcement in File System API.
       Reported by Ron Masas
     - CVE-2020-16044: Use after free in WebRTC. Reported by Ned Williamson of
       Project Zero
     - CVE-2021-21126: Insufficient policy enforcement in extensions. Reported
       by David Erceg
     - CVE-2021-21127: Insufficient policy enforcement in extensions. Reported
       by Jasminder Pal Singh, Web Services Point WSP, Kotkapura
     - CVE-2021-21128: Heap buffer overflow in Blink. Reported by Liang Dong
     - CVE-2021-21129: Insufficient policy enforcement in File System API.
       Reported by Maciej Pulikowski
     - CVE-2021-21130: Insufficient policy enforcement in File System API.
       Reported by Maciej Pulikowski
     - CVE-2021-21131: Insufficient policy enforcement in File System API.
       Reported by Maciej Pulikowski
     - CVE-2021-21132: Inappropriate implementation in DevTools. Reported by
       David Erceg
     - CVE-2021-21133: Insufficient policy enforcement in Downloads. Reported by
       wester0x01
     - CVE-2021-21134: Incorrect security UI in Page Info. Reported by
       wester0x01
     - CVE-2021-21135: Inappropriate implementation in Performance API. Reported
       by ndevtk
     - CVE-2021-21136: Insufficient policy enforcement in WebView. Reported by
       Shiv Sahni, Movnavinothan V and Imdad Mohammed
     - CVE-2021-21137: Inappropriate implementation in DevTools. Reported by
       bobblybear
     - CVE-2021-21138: Use after free in DevTools. Reported by Weipeng Jiang
       @Krace from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-21139: Inappropriate implementation in iframe sandbox. Reported
       by Jun Kokatsu, Microsoft Browser Vulnerability Research
     - CVE-2021-21140: Uninitialized Use in USB. Reported by David Manouchehri
     - CVE-2021-21141: Insufficient policy enforcement in File System API.
       Reported by Maciej Pulikowski
 .
   [ Jan Luca Naumann ]
   * Add watch file.
 .
   [ Mattia Rizzolo ]
   * Change get-orig-source to produce reproducible tarballs.
Checksums-Sha1:
 6592da53ebc6f754bcc57ad1447a81d0986acb02 3569 chromium_88.0.4324.96-0.1.dsc
 c324a7b157c49e34d64264f469e02004ff2a0e32 393181596 
chromium_88.0.4324.96.orig.tar.xz
 8966062ec58f45e6a8df96d9a22bf18abbfe44b2 180912 
chromium_88.0.4324.96-0.1.debian.tar.xz
Checksums-Sha256:
 0ced990e1f388e376e4ccefc288442c1e95d08bb6105db4d9d7d2dcb5383e96e 3569 
chromium_88.0.4324.96-0.1.dsc
 ac6cce22a59330a16fc491c89140c86667a093a366b402f19d4e4bb9887246b4 393181596 
chromium_88.0.4324.96.orig.tar.xz
 e7f6fb83a6d27e1e94fe966f30060f5685da943def8f0daf2533c8e82e3db3de 180912 
chromium_88.0.4324.96-0.1.debian.tar.xz
Files:
 3fcf85af613056200236d37bf8a8cb78 3569 web optional 
chromium_88.0.4324.96-0.1.dsc
 513fa173068f1bd542ec51a67b68cc32 393181596 web optional 
chromium_88.0.4324.96.orig.tar.xz
 f58688b764ca9b280697f41675702ac9 180912 web optional 
chromium_88.0.4324.96-0.1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAmAKDFYACgkQCBa54Yx2
K63paw//btIR2hphWyl1N0ltSRdzv36LUdXvYa2VpSt0d+fjjpgecFuBFT4pnhX0
+5cfOBUnSJuDF5DSAlYSJ0PG21MNyVB6YVPTtwQlPWwyXeOPi8hykacPOMWPLBfp
LQacit72REx9Le65QwwG10fKBLQIVAqNk+PMCl4b856jsbLGOIkJ66XCmyES3FxK
XXmR/O2MoVF8mZWZmVECVXW/MGvLXb3WB24bEaqTUQ7Hx+dXSDEtc1w4LbhB8bGf
XiXizSoR0QRplP/ku5G6Quzi75cHAZwk77cbto1RjVopkogNfgdn1rmFT+XnOBEO
1Ww93/IGz1RMj3NeuQTIDydGQ1zlTFf0mxkNflp+HMj1DDrB54raO8S3V7NStKe1
OLo5RkmCpdSTnu82pJzlMin6CdXxPEgVi6WneUmoCHRQNND3iAfUmLDUZuKXFxh/
B8IOmaDVhGVe0xfWACaUxyJ11PsoQEsbGyZ8FRuhnxJnozL8NZcSs5YtRGjCHRoP
1xHeTYnd3FiJ2mDwMgzPTzE2O94OUig89BX65yv4/bgpUkpX7FboEB1qoiJvcuTq
BhZxPhSMbSg4J6dQB0HZqapHjZfTH10MikHSOS5zOnePXD6zHVwkd53tBhdEgSXX
YsFcnsYXHp9SLJOY+QYEqvaLmbacRRYNuQPhVl4ImPlNGr5Id9Y=
=Z4xo
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to