-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 16 Aug 2022 17:29:29 -0400 Source: chromium Architecture: source Version: 104.0.5112.101-1~deb11u1 Distribution: bullseye-security Urgency: high Maintainer: Debian Chromium Team <chrom...@packages.debian.org> Changed-By: Andres Salomon <dilin...@debian.org> Closes: 956012 1005808 1010407 1013268 Changes: chromium (104.0.5112.101-1~deb11u1) bullseye-security; urgency=high . * New upstream security release. - CVE-2022-2852: Use after free in FedCM. Reported by Sergei Glazunov of Google Project Zero - CVE-2022-2854: Use after free in SwiftShader. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. - CVE-2022-2855: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. - CVE-2022-2857: Use after free in Blink. Reported by Anonymous - CVE-2022-2858: Use after free in Sign-In Flow. Reported by raven at KunLun lab - CVE-2022-2853: Heap buffer overflow in Downloads. Reported by Sergei Glazunov of Google Project Zero - CVE-2022-2856: Insufficient validation of untrusted input in Intents Reported by Ashley Shen and Christian Resell of Google Threat Analysis Group - CVE-2022-2859: Use after free in Chrome OS Shell. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab - CVE-2022-2860: Insufficient policy enforcement in Cookies. Reported by Axel Chong - CVE-2022-2861: Inappropriate implementation in Extensions API. Reported by Rong Jian of VRI * Change default search engine to DuckDuckGo for privacy reasons. Set a different search engine under Settings -> Search Engine (closes: #956012). * Drop a bunch of versioned build-deps that have been satisfied since at least oldoldstable. * debian/NEWS.Debian: - Document upstream dropping support for older TLSv1 and TLSv1.1 protocols (closes: #1005808). - Document upstream dropping support for older x86 CPUs without SSE3 instruction support (closes: #1010407). - Document the Google to DuckDuckGo change. - Document upstream's config renaming of AuthServerWhitelist to AuthServerAllowlist (closes: #1013268). Checksums-Sha1: 5d5eb921054933b891ad60d45bc0f6a18f190f1d 3647 chromium_104.0.5112.101-1~deb11u1.dsc d02954c54934e57b62c3bf0d5969e1148d0b1560 610982780 chromium_104.0.5112.101.orig.tar.xz 31c79add8fb34b0d19b74c0e4e5e910fd348a127 210112 chromium_104.0.5112.101-1~deb11u1.debian.tar.xz a1903caafc303dff0faf5731f2a6ee977722bfc3 20790 chromium_104.0.5112.101-1~deb11u1_source.buildinfo Checksums-Sha256: 7702ba45e1694c8da6b736810667ceda426a20235ea28f8ddf1d14b85bfa96fa 3647 chromium_104.0.5112.101-1~deb11u1.dsc c56a57a2e3f25ed3b5ad6e0f239171d5f8e534d35631b72ea23f33feb8519067 610982780 chromium_104.0.5112.101.orig.tar.xz d7236fcf2bff08eb1a6095a6dd64e49ab2fe4499e9685129415b60531bddcee8 210112 chromium_104.0.5112.101-1~deb11u1.debian.tar.xz 2b7c7cdcfdf36fba2555807d0c257745caf5b262790313b730c24fba0d887b6e 20790 chromium_104.0.5112.101-1~deb11u1_source.buildinfo Files: 17351ad3958890b44659b0768a9d3afc 3647 web optional chromium_104.0.5112.101-1~deb11u1.dsc 6c34a263344736a464f7e385b64abc2c 610982780 web optional chromium_104.0.5112.101.orig.tar.xz 872889bb097bc9cbfa4bf5d6d204a43e 210112 web optional chromium_104.0.5112.101-1~deb11u1.debian.tar.xz efe3c2498de064f10b04348626400e52 20790 web optional chromium_104.0.5112.101-1~deb11u1_source.buildinfo
-----BEGIN PGP SIGNATURE----- iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmL8hcMUHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8Nudjd6bA/8DkZV/qcFSFJgCmDKNWKS362orXCf nOfjZ+dqp60vEScC8TILcN5rj7tc7IdmggGcVJ2CAfpECC1ruSqgh4npRzdeQJEf c69PmRMjh9q/8hRh4n3OCi/lg4oneyWluwWcXxUW46le05zdQy7n3KBBgGSIIvZr VCnrWEboDQGcdjNIY8HvJFRsZcVzfhbpn2QnyGm/8lJaYmZquSBM0tgBCipjvgoH UXpFzPCgkRO8YWDIl2doP0pfxL1wcVM4TaDskyAvl0gvTDLpcNdgWUZ8q6YmKIj0 2CLijBUZpKa2hUGS+uel0sDlYeFj8WStNUqh+4wcaZdRh+ZhZG6J3TR9Z7tMA0PM s0H1/7PpfeyS2QR20osB1va4OHmpJhmKGYT1FMAnVxyJSeGwxDH3tw7uCEIRJ362 I8vPNWdOUhsf0PPsFKx9MLFLVcc/TqvlCAdZi+nMTTWAo1qZRdL3oC8oFF8g/k15 7R7pCWxtPvJinRTp14kAmy28uapcg1FLhk4Pzt+hqdqY4PcFjPh9OQU0sGve33Rr yKfMpIJ07EqQ72RLNCn2zI/YxS10Y8ViPdYBch/yeCIM5t+QEe7V1Ncaq3JcwDPE DG7ma3rpJ4YfdnubJcInYn05BA8zPBHRAKCQ+aPw8xq5MBm4SacyKMeg0uZqFTHc yVOdJwVl2NJCsug= =O33K -----END PGP SIGNATURE-----