Debian
chromium package

chromium 110.0.5481.77-1 source package in Debian

Changelog

chromium (110.0.5481.77-1) unstable; urgency=high

  [ Andres Salomon ]
  * New upstream stable release.
    - CVE-2023-0696: Type Confusion in V8.
      Reported by Haein Lee at KAIST Hacking Lab.
    - CVE-2023-0697: Inappropriate implementation in Full screen mode.
      Reported by Ahmed ElMasry.
    - CVE-2023-0698: Out of bounds read in WebRTC.
      Reported by Cassidy Kim(@cassidy6564).
    - CVE-2023-0699: Use after free in GPU.
      Reported by 7o8v and Cassidy Kim(@cassidy6564).
    - CVE-2023-0700: Inappropriate implementation in Download.
      Reported by Axel Chong.
    - CVE-2023-0701: Heap buffer overflow in WebUI.
      Reported by Sumin Hwang of SSD Labs.
    - CVE-2023-0702: Type Confusion in Data Transfer. Reported by Sri.
    - CVE-2023-0703: Type Confusion in DevTools.
      Reported by raven at KunLun lab.
    - CVE-2023-0704: Insufficient policy enforcement in DevTools.
      Reported by Rhys Elsmore and Zac Sims of the Canva security team.
    - CVE-2023-0705: Integer overflow in Core.
      Reported by SorryMybad (@S0rryMybad) of Kunlun Lab.
  * d/copyright: libpng16 binaries are gone, no longer need to exclude them.
  * d/scripts/unbundle: drop libjxl, which is dropped upstream. Add absl_log*.
  * d/patches:
    - debianization/optimization.patch: drop. This is unnecessary, as
      Debian's optimization flags override Chromium's by default.
    - disable/android.patch: upstream removed android_crazy_linker, so we can
      remove half of this patch.
    - disable/catapult.patch: refresh.
    - disable/google-api-warning.patch: refresh.
    - upstream/mojo.patch: refresh w/ what's in 110.
    - system/openjpeg.patch: completely rework due to upstream changes.
    - upstream/clamp.patch: backport a build fix.
    - upstream/blink-dbl-float.patch: another build fix.
  * Drop unused use_allocator="none" argument. This was used previously
    to switch from the default "partition" allocator. Upstream dropped
    the build flag in chromium v109. So in v109 we switched to the default
    "partition" allocator and I don't think anyone noticed, so let's just
    leave it on. Report issues if you notice any.

  [ Timothy Pearson ]
  * d/patches:
    - Refresh ppc64le patches for v110
    - Add upstream patches to fix build errors when use_custom_libcxx=false
    - Drop stack smashing fix patch for ppc64le due to fix included upstream

 -- Andres Salomon <email address hidden>  Wed, 08 Feb 2023 00:20:01 -0500

Upload details

Uploaded by:
Debian Chromium Team
Uploaded to:
Sid
Original maintainer:
Debian Chromium Team
Architectures:
i386 amd64 arm64 armhf ppc64el all
Section:
misc
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
chromium_110.0.5481.77-1.dsc 3.6 KiB f7ada81b3be45354481431a10841c4ab7a7176d8d30a4248b5b10856c2c68220
chromium_110.0.5481.77.orig.tar.xz 613.2 MiB 0a1933a34b0b30376c917f96e9c3fa97683979ab18c86ea63ccc19597795ac5a
chromium_110.0.5481.77-1.debian.tar.xz 293.8 KiB fde757b9f30b8c1aff97ba66b8e3a7f7024c4075e898f123c6a17ba1c3d2b4fa

No changes file available.

Binary packages built by this source