-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 16 Aug 2022 17:29:29 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: amd64
Version: 104.0.5112.101-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) <buildd_amd64-x86-ubc-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Closes: 956012 1005808 1010407 1013268
Changes:
 chromium (104.0.5112.101-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-2852: Use after free in FedCM.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2022-2854: Use after free in SwiftShader. Reported by Cassidy
       Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-2855: Use after free in ANGLE. Reported by Cassidy Kim
       of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-2857: Use after free in Blink. Reported by Anonymous
     - CVE-2022-2858: Use after free in Sign-In Flow.
       Reported by raven at KunLun lab
     - CVE-2022-2853: Heap buffer overflow in Downloads.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2022-2856: Insufficient validation of untrusted input in Intents
       Reported by Ashley Shen and Christian Resell of Google Threat
       Analysis Group
     - CVE-2022-2859: Use after free in Chrome OS Shell. Reported by
       Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2022-2860: Insufficient policy enforcement in Cookies.
       Reported by Axel Chong
     - CVE-2022-2861: Inappropriate implementation in Extensions API.
       Reported by Rong Jian of VRI
   * Change default search engine to DuckDuckGo for privacy reasons.
     Set a different search engine under Settings -> Search Engine
     (closes: #956012).
   * Drop a bunch of versioned build-deps that have been satisfied
     since at least oldoldstable.
   * debian/NEWS.Debian:
     - Document upstream dropping support for older TLSv1 and TLSv1.1
       protocols (closes: #1005808).
     - Document upstream dropping support for older x86 CPUs without
       SSE3 instruction support (closes: #1010407).
     - Document the Google to DuckDuckGo change.
     - Document upstream's config renaming of AuthServerWhitelist to
       AuthServerAllowlist (closes: #1013268).
Checksums-Sha1:
 05edd35fe8de788f5c64521cb7db0e97f2c9b6ae 1035388 chromium-common-dbgsym_104.0.5112.101-1~deb11u1_amd64.deb
 f89d0b7f4b5eb79d00c89b5575ce646c384d92af 4846600 chromium-common_104.0.5112.101-1~deb11u1_amd64.deb
 5d5a00359d77eda62f1df2346cf3aae783ae3df0 27354772 chromium-dbgsym_104.0.5112.101-1~deb11u1_amd64.deb
 926201821dfc1e3540392c6a72964a853b99bd37 5063732 chromium-driver_104.0.5112.101-1~deb11u1_amd64.deb
 e3d96d1c80ce76a8c7d83b2e665027223c6f494a 12240 chromium-sandbox-dbgsym_104.0.5112.101-1~deb11u1_amd64.deb
 595c6dfb7d5d8e3b3953a86c7fd7b50889de5960 124212 chromium-sandbox_104.0.5112.101-1~deb11u1_amd64.deb
 f106135d30d38ca6714c9a21e08709891b2bc4d3 23622580 chromium-shell-dbgsym_104.0.5112.101-1~deb11u1_amd64.deb
 36385bff1a75ea107df8d1c7782c6b17a034da51 44892516 chromium-shell_104.0.5112.101-1~deb11u1_amd64.deb
 04f7cc2febd887820246bc78b48d47bd703bf7b6 23586 chromium_104.0.5112.101-1~deb11u1_amd64-buildd.buildinfo
 1ef567e249e6e032e21fa22c9e268d0f28f9ecf5 64319264 chromium_104.0.5112.101-1~deb11u1_amd64.deb
Checksums-Sha256:
 795e9972e366290d75e8bf3ac5876166da43e0648d1bd4289c453fe2d8e8e9b7 1035388 chromium-common-dbgsym_104.0.5112.101-1~deb11u1_amd64.deb
 9f8e0f4a77676ee81b9503e6978e01c6d1cc275ce95fb1554f63df422d480189 4846600 chromium-common_104.0.5112.101-1~deb11u1_amd64.deb
 a848a964a4d05681d65d45edc2a9f4854a763b229d2128d97ff2040bf697514d 27354772 chromium-dbgsym_104.0.5112.101-1~deb11u1_amd64.deb
 9d4b5314c2648d6b15832c9cded070ef31bb73315757b00d554f48c7b149ef46 5063732 chromium-driver_104.0.5112.101-1~deb11u1_amd64.deb
 bc8fa0e57938db8b5b805d50e5ee56f3a2949cccfb2bc4fa686c10d33885984e 12240 chromium-sandbox-dbgsym_104.0.5112.101-1~deb11u1_amd64.deb
 29b683a43fcf57eb946a7b16bd93cd0bc28691464f984b1ccf30993b919dd788 124212 chromium-sandbox_104.0.5112.101-1~deb11u1_amd64.deb
 f62a30dadd9cca36a06c1f0e4929ceedc25d9b31bc39839bd1509b96beec9305 23622580 chromium-shell-dbgsym_104.0.5112.101-1~deb11u1_amd64.deb
 54793888d179060ebb06d9309d28060c6d954ee635e22c5b0dfb0d6dcd496073 44892516 chromium-shell_104.0.5112.101-1~deb11u1_amd64.deb
 f51c77e47a15a738b27fa453076c03c0c4e2d549aeb798bcb49f84268c0bef32 23586 chromium_104.0.5112.101-1~deb11u1_amd64-buildd.buildinfo
 95e907545eb804c2194bc642e1f834fceb0536a152fc4a022b82c13df4a6bb71 64319264 chromium_104.0.5112.101-1~deb11u1_amd64.deb
Files:
 f59a36076ec2efb30d925106cfa7b3e4 1035388 debug optional chromium-common-dbgsym_104.0.5112.101-1~deb11u1_amd64.deb
 667e30a1dfd26f3d5e4cf5766000e772 4846600 web optional chromium-common_104.0.5112.101-1~deb11u1_amd64.deb
 33f2c68dc2151de98c6b2af94b882314 27354772 debug optional chromium-dbgsym_104.0.5112.101-1~deb11u1_amd64.deb
 5edd7038837682b7f74b358a10d939ae 5063732 web optional chromium-driver_104.0.5112.101-1~deb11u1_amd64.deb
 03cb889b853877bdb0007058f3c03252 12240 debug optional chromium-sandbox-dbgsym_104.0.5112.101-1~deb11u1_amd64.deb
 319370df79b6e6bccc470b00387c4fea 124212 web optional chromium-sandbox_104.0.5112.101-1~deb11u1_amd64.deb
 6a2b6a806e8126b777994928e93ddf9b 23622580 debug optional chromium-shell-dbgsym_104.0.5112.101-1~deb11u1_amd64.deb
 b1c392d6b1df29e37fff6e1339dfd84b 44892516 web optional chromium-shell_104.0.5112.101-1~deb11u1_amd64.deb
 8f945c6b9057d497b2103dbc0ad22de8 23586 web optional chromium_104.0.5112.101-1~deb11u1_amd64-buildd.buildinfo
 96eb6bb058e83a155913716659614f52 64319264 web optional chromium_104.0.5112.101-1~deb11u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE2q+i4qaoTi/nmbi10RfxDyMLhSIFAmL9LrIACgkQ0RfxDyML
hSLqzw//fok8gh6WG+lu9RA3qv6lKSA5GfG7sSmUK14IuqB0KolYiuZgawzybI7b
A0tsDEhTwrgflJdlXDi29UdiHWkMY2TyXX7R9oRyc2e6hUhHvwyp5wk+2lFQ0ZPT
QAq/uz/ABp63m8zm2YWhS1x5qO9bj0j/AV/nOON/cSd2KeTKlynko8h4xF1128Sw
qDi3Oy/OX3zl0/zQsiA/PFq+19IAAgxIbFGPOU0KLr9EaDp+x4hFY3MKVHgxb6E7
+NWhDytXBUUCu824ZT+scUoe5GpIf4V1dbr3LgSTsfUwdQQNkXNHcGlUcWEoS8nZ
5lw9uvAP5ZY/Jb/BP0cm11bwGvYgfGs1hmVVqlwbPuDFpiO/n380MJPFINWUsYyg
LDgRmqKhimaLTEM3rrdT/gf05m2fo+LHvh4UrDFhUDyO+6c44dsaPPOYeW9PfZlz
HLrHa55vmeKjt37fquyLMpJZyx3zjh0RGsOWSlL0UFtDAWsqndte0Fhf7aY1cnjb
RPPx4/C1GrhNQnmqcN8mi06WfQWk/imAzNi7w2QxGipFhPB15zb4AOp907GWqfdV
e15yONjpnQHSBTGOXUY/XMmMJe0FkClPV3KiyC45eG4EtCL21uY0ELoclSYuZT8a
0DLxhioskY6TWTyP7ckzcuSVYTsQdQai7OVIXnwkq6zFV8yk6/M=
=ZEt4
-----END PGP SIGNATURE-----