-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 31 Aug 2022 20:48:11 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: arm64 Version: 105.0.5195.52-1~deb11u1 Distribution: bullseye-security Urgency: high Maintainer: arm Build Daemon (arm-conova-01) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Closes: 987292 Changes: chromium (105.0.5195.52-1~deb11u1) bullseye-security; urgency=high . * New upstream stable release. - CVE-2022-3038: Use after free in Network Service. Reported by Sergei Glazunov of Google Project Zero. - CVE-2022-3039: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3040: Use after free in Layout. Reported by Anonymous. - CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute. - CVE-2022-3042: Use after free in PhoneHub. Reported by koocola (@alo_cook) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3043: Heap buffer overflow in Screen Capture. Reported by @ginggilBesel. - CVE-2022-3044: Inappropriate implementation in Site Isolation. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research - CVE-2022-3045: Insufficient validation of untrusted input in V8. Reported by Ben Noordhuis . - CVE-2022-3046: Use after free in Browser Tag. Reported by Rong Jian of VRI. - CVE-2022-3071: Use after free in Tab Strip. Reported by @ginggilBesel. - CVE-2022-3047: Insufficient policy enforcement in Extensions API. Reported by Maurice Dauer. - CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen. Reported by Andr.Ess. - CVE-2022-3049: Use after free in SplitScreen. Reported by @ginggilBesel. - CVE-2022-3050: Heap buffer overflow in WebUI. Reported by Zhihua Yao of KunLun Lab. - CVE-2022-3051: Heap buffer overflow in Exosphere. Reported by @ginggilBesel. - CVE-2022-3052: Heap buffer overflow in Window Manager. Reported by Khalil Zhani. - CVE-2022-3053: Inappropriate implementation in Pointer Lock. Reported by Jesper van den Ende (Pelican Party Studios). - CVE-2022-3054: Insufficient policy enforcement in DevTools. Reported by Kuilin Li. - CVE-2022-3055: Use after free in Passwords. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3056: Insufficient policy enforcement in Content Security Policy. Reported by Anonymous. - CVE-2022-3057: Inappropriate implementation in iframe Sandbox. Reported by Gareth Heyes. - CVE-2022-3058: Use after free in Sign-In Flow. Reported by raven at KunLun lab. * Drop workaround for lack of older clang's -ffile-prefix-map. This should make reproducible builds happy. * debian/copyright: - Update for new libevent location (moved out of base/). - libopenjpeg20 -> libopenjpeg * debian/patches: - debianization/support-i386.patch: refresh. - disable/catapult.patch: refresh. - disable/libaom-arm.patch: refresh. - system/event.patch: update for new libevent location. - system/openjpeg.patch: refresh. - bullseye/clang13.patch: drop part of patch dropped upstream. - upstream/disk-cache.patch: build fix pulled from upstream. - upstream/browser-finder.patch: build fix pulled from upstream. - upstream/masklayer-geom.patch: build fix pulled from upstream. - system/jsoncpp.patch: drop, merged upstream. - fixes/angle-wayland: build fix due to mismatched wayland headers on sid. Only needed until angle updates its copy of wayland. - disable/welcome-page.patch: drop. Upstream fixed the original issue some time ago, and this new version finally cleaned up the workaround. - fixes/connection-message.patch: drop it. I looked at sending this upstream, but the original extension doesn't exist any more, and chromium properly prints an error if a proxy is unreachable. If you can still reproduce the issue (described in http://bugs.debian.org/864539), let me know so I can get it fixed upstream. * debian/scripts/unbundle: upstream tripled the number of (previously vendored) libraries that we can use system versions of. However, the majority of them are either not in bullseye or are too old, so we'll have to wait to use the debian versions for the ones not newly added as build-deps. * Disable optimize_webui, due to a build failure using nodejs from bullseye. I'll reenable this when it either gets fixed or we're done with bullseye security support. * Remove sse3-support dependency and just refuse to run if SSE3 is not present. Breaking via preinst script isn't appropriate for packages that might be installed by default (eg, by Debian Edu). * debian/control: add build-deps for brotli, libdouble-conversion-dev, libwoff-dev, and libxnvctrl-dev (closes: #987292). * Rework default search engine stuff. People did not like the "Your browser is managed" and "Your administrator can change your browser setup remotely" messages, which are admittedly alarming. Instead of using /etc/chromium/policies/recommended/duckduckgo.json, delete that and use /etc/chromium/master_preferences instead. Checksums-Sha1: fbbd189f5b35101e497f6c9814c8166617004d24 1039744 chromium-common-dbgsym_105.0.5195.52-1~deb11u1_arm64.deb 1a6798cf792f59fc988c16a653727b5910b53e5c 4686968 chromium-common_105.0.5195.52-1~deb11u1_arm64.deb 468d3236fb12af5ed212f4a95b9a14988c5255bb 26043888 chromium-dbgsym_105.0.5195.52-1~deb11u1_arm64.deb 19556b9f4f9452d0f188dc4a02fc73ff841159f3 4528616 chromium-driver_105.0.5195.52-1~deb11u1_arm64.deb e88c3303b880b5e908d4c95d7b4079254807ade8 12316 chromium-sandbox-dbgsym_105.0.5195.52-1~deb11u1_arm64.deb f557c6c707888414f75adc9603822a9b29d24a5d 125404 chromium-sandbox_105.0.5195.52-1~deb11u1_arm64.deb 57f8db42a087c011b97d457244979c1d28066d58 21597608 chromium-shell-dbgsym_105.0.5195.52-1~deb11u1_arm64.deb f6eb93817f03bec8bc2ac9baae889d79fc957476 39470732 chromium-shell_105.0.5195.52-1~deb11u1_arm64.deb 03e9f4d74d1684be4d3469bbf1a5c9d51012de67 23845 chromium_105.0.5195.52-1~deb11u1_arm64-buildd.buildinfo 56674cf0dd48075668b7510733cf370b53877afe 56812984 chromium_105.0.5195.52-1~deb11u1_arm64.deb Checksums-Sha256: 6faf64cdccec5792504ddc15541898761a41052ea61709af1c6e63ab505558e3 1039744 chromium-common-dbgsym_105.0.5195.52-1~deb11u1_arm64.deb a0f4d0568658be8535fbf8f33b1cdcc8c2fa8a81c72d3c737de2a1a761ef717b 4686968 chromium-common_105.0.5195.52-1~deb11u1_arm64.deb 8a3156bcf9e250ba0facc0a329e1f66c7c0277c714fe44a0b6452d7311d70065 26043888 chromium-dbgsym_105.0.5195.52-1~deb11u1_arm64.deb 9ac6023ff925a1ea8a727158f1893ccda173bc2f237d7feb691e4d85ad752555 4528616 chromium-driver_105.0.5195.52-1~deb11u1_arm64.deb 25f281f4746b5cc70f6558258fa64414bf099315337631446c2b098829dcf390 12316 chromium-sandbox-dbgsym_105.0.5195.52-1~deb11u1_arm64.deb 7e5a06988234802790f92a0756889a342bd58b4ed2eefb2fda52dd3e1e906495 125404 chromium-sandbox_105.0.5195.52-1~deb11u1_arm64.deb fef550ec2d0c8b297295b9d6c282a4d5caeb45cd83044d1e740a2abf83d07508 21597608 chromium-shell-dbgsym_105.0.5195.52-1~deb11u1_arm64.deb 1def69b19ff2284c36a2dbd3ce55a999a0639e2fb24bd62364616d42fd64e5d0 39470732 chromium-shell_105.0.5195.52-1~deb11u1_arm64.deb 16e50ba85391e80dbe6d2464a8a8436e86cd3422be5eb347ea8150183309b046 23845 chromium_105.0.5195.52-1~deb11u1_arm64-buildd.buildinfo 96c7f86ed0e166da0007349af9c1da2d2df1d94378d6dc8bfa2551ce09ecfb93 56812984 chromium_105.0.5195.52-1~deb11u1_arm64.deb Files: 2350befc01b5aa0af4e2bbe9911bfe08 1039744 debug optional chromium-common-dbgsym_105.0.5195.52-1~deb11u1_arm64.deb 43c68d88c46a91d865ba24bba594c461 4686968 web optional chromium-common_105.0.5195.52-1~deb11u1_arm64.deb 0b571ba7dfdba4e1954642dd4cb4d88a 26043888 debug optional chromium-dbgsym_105.0.5195.52-1~deb11u1_arm64.deb 0837898ddf537568c233e049a252b158 4528616 web optional chromium-driver_105.0.5195.52-1~deb11u1_arm64.deb 2ee120f3a3874036286e8fbe6f54080e 12316 debug optional chromium-sandbox-dbgsym_105.0.5195.52-1~deb11u1_arm64.deb 06eca62457846f2b9088ff54f021136c 125404 web optional chromium-sandbox_105.0.5195.52-1~deb11u1_arm64.deb f60e1fbb23c01ea4752f3eb9c865c463 21597608 debug optional chromium-shell-dbgsym_105.0.5195.52-1~deb11u1_arm64.deb 6455c32b13fed9d1163d923337b0fcff 39470732 web optional chromium-shell_105.0.5195.52-1~deb11u1_arm64.deb 234978bea60c71a61b037bd13cc0d9e8 23845 web optional chromium_105.0.5195.52-1~deb11u1_arm64-buildd.buildinfo d3885fc1d1df36ddebc9783c6102de16 56812984 web optional chromium_105.0.5195.52-1~deb11u1_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE9yjyO7AjQ4rTmCmjz9oCowfyqlsFAmMSQWkACgkQz9oCowfy qlsRuA/+KCEs+tNdqMw38i1tU9yP64M2f7124O5HbH7S4ERqmHuTXdbpnNmWvEtP IMbjoXaHTDJTCSVSlYz8ipjTKF6A5yzqcMhK9GhTx+vC4lGSl+/gG157v9o5tCqn O/a9mzdXedWlF0Wds/jS3TuQS9QFbku0TZcddRfVwhePMClx6/xHixJoSg0Xa2D+ q/27LHbJXNgvQ1CvX7ZxlXS5wo5Pq0HhDqAjtSsNS/jxIGX14sDFqEWtHkxc4k6v NJbvi8XLfZ02XUR/aBYYyt1LHg+DE+XX3T7/EjVX0tcZpkc75rTFkpjKC3UKEJ/6 Fojy1X7S7PIt3A3ZD1vSCHqw4su6UY58V5lL423HMVnBDn/Kog5zf93sIDyd7Hkv eLegBWBvPuvagtOrxrmIpqe6xJIAYB1q583VSEjIFdWYlPohYhR6hmcAk/BsZZY3 W5Rd5nIm1BdQ1hTn9cIFNFfY8e4ttRj3tGVWy8gdqOhrudk0cKhUUDbfbNSITLIk otML02LCkdhjmtYVGuvNt3cRCh+ljHvQAk4Loa6vi3th/AS0E/O3M4G1lwjTB7cy LLoKkBA7W7UyvB2AbgVsiYKSz/x7zUX9Rh0S7J8OeftElM2brCBl7WluEtg4ngqM w379ugOts0MQs4Yg3CixInhobDQCs8orMfHxvEbhtItE93LtuL8= =7v5I -----END PGP SIGNATURE-----