-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 31 Aug 2022 20:48:11 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: i386 Version: 105.0.5195.52-1~deb11u1 Distribution: bullseye-security Urgency: high Maintainer: i386 Build Daemon (x86-grnet-01) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Closes: 987292 Changes: chromium (105.0.5195.52-1~deb11u1) bullseye-security; urgency=high . * New upstream stable release. - CVE-2022-3038: Use after free in Network Service. Reported by Sergei Glazunov of Google Project Zero. - CVE-2022-3039: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3040: Use after free in Layout. Reported by Anonymous. - CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute. - CVE-2022-3042: Use after free in PhoneHub. Reported by koocola (@alo_cook) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3043: Heap buffer overflow in Screen Capture. Reported by @ginggilBesel. - CVE-2022-3044: Inappropriate implementation in Site Isolation. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research - CVE-2022-3045: Insufficient validation of untrusted input in V8. Reported by Ben Noordhuis . - CVE-2022-3046: Use after free in Browser Tag. Reported by Rong Jian of VRI. - CVE-2022-3071: Use after free in Tab Strip. Reported by @ginggilBesel. - CVE-2022-3047: Insufficient policy enforcement in Extensions API. Reported by Maurice Dauer. - CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen. Reported by Andr.Ess. - CVE-2022-3049: Use after free in SplitScreen. Reported by @ginggilBesel. - CVE-2022-3050: Heap buffer overflow in WebUI. Reported by Zhihua Yao of KunLun Lab. - CVE-2022-3051: Heap buffer overflow in Exosphere. Reported by @ginggilBesel. - CVE-2022-3052: Heap buffer overflow in Window Manager. Reported by Khalil Zhani. - CVE-2022-3053: Inappropriate implementation in Pointer Lock. Reported by Jesper van den Ende (Pelican Party Studios). - CVE-2022-3054: Insufficient policy enforcement in DevTools. Reported by Kuilin Li. - CVE-2022-3055: Use after free in Passwords. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute. - CVE-2022-3056: Insufficient policy enforcement in Content Security Policy. Reported by Anonymous. - CVE-2022-3057: Inappropriate implementation in iframe Sandbox. Reported by Gareth Heyes. - CVE-2022-3058: Use after free in Sign-In Flow. Reported by raven at KunLun lab. * Drop workaround for lack of older clang's -ffile-prefix-map. This should make reproducible builds happy. * debian/copyright: - Update for new libevent location (moved out of base/). - libopenjpeg20 -> libopenjpeg * debian/patches: - debianization/support-i386.patch: refresh. - disable/catapult.patch: refresh. - disable/libaom-arm.patch: refresh. - system/event.patch: update for new libevent location. - system/openjpeg.patch: refresh. - bullseye/clang13.patch: drop part of patch dropped upstream. - upstream/disk-cache.patch: build fix pulled from upstream. - upstream/browser-finder.patch: build fix pulled from upstream. - upstream/masklayer-geom.patch: build fix pulled from upstream. - system/jsoncpp.patch: drop, merged upstream. - fixes/angle-wayland: build fix due to mismatched wayland headers on sid. Only needed until angle updates its copy of wayland. - disable/welcome-page.patch: drop. Upstream fixed the original issue some time ago, and this new version finally cleaned up the workaround. - fixes/connection-message.patch: drop it. I looked at sending this upstream, but the original extension doesn't exist any more, and chromium properly prints an error if a proxy is unreachable. If you can still reproduce the issue (described in http://bugs.debian.org/864539), let me know so I can get it fixed upstream. * debian/scripts/unbundle: upstream tripled the number of (previously vendored) libraries that we can use system versions of. However, the majority of them are either not in bullseye or are too old, so we'll have to wait to use the debian versions for the ones not newly added as build-deps. * Disable optimize_webui, due to a build failure using nodejs from bullseye. I'll reenable this when it either gets fixed or we're done with bullseye security support. * Remove sse3-support dependency and just refuse to run if SSE3 is not present. Breaking via preinst script isn't appropriate for packages that might be installed by default (eg, by Debian Edu). * debian/control: add build-deps for brotli, libdouble-conversion-dev, libwoff-dev, and libxnvctrl-dev (closes: #987292). * Rework default search engine stuff. People did not like the "Your browser is managed" and "Your administrator can change your browser setup remotely" messages, which are admittedly alarming. Instead of using /etc/chromium/policies/recommended/duckduckgo.json, delete that and use /etc/chromium/master_preferences instead. Checksums-Sha1: ab3943cf31fa37acc093fe4b6347ce1780125005 963344 chromium-common-dbgsym_105.0.5195.52-1~deb11u1_i386.deb 02ad75fe3e0706e1239eeb99b1faa85221dad0df 4826592 chromium-common_105.0.5195.52-1~deb11u1_i386.deb 888a555e4c72a4bf8d20b72b7184b812cb96c0a8 25098452 chromium-dbgsym_105.0.5195.52-1~deb11u1_i386.deb 2fcd2510080bc0e48ba1f58d1816ba7b15d3f6e6 5614068 chromium-driver_105.0.5195.52-1~deb11u1_i386.deb 7fcc7145452c0c0ec72b534cd9cb65525872101b 11656 chromium-sandbox-dbgsym_105.0.5195.52-1~deb11u1_i386.deb 6383e8a704b4e265eb0ba782d59000db4a4b9ab3 125480 chromium-sandbox_105.0.5195.52-1~deb11u1_i386.deb 6a95e51cae247f4380a76fddec3d02c4a8601016 21427616 chromium-shell-dbgsym_105.0.5195.52-1~deb11u1_i386.deb f63727c5cbf772eb94b21ec3a2fd0eef3e234a4a 45831672 chromium-shell_105.0.5195.52-1~deb11u1_i386.deb 01762577b149c5d27fa406214be61d896ea72bca 23905 chromium_105.0.5195.52-1~deb11u1_i386-buildd.buildinfo 21659124c6fc7ad36b91ca8b1eb2a9608d0d4d52 65705576 chromium_105.0.5195.52-1~deb11u1_i386.deb Checksums-Sha256: 5eb4a98b3bf5e794a9c4fb169b3e7824424231931a3b7ef0940d1ea351498675 963344 chromium-common-dbgsym_105.0.5195.52-1~deb11u1_i386.deb c6f5689998dea34af73acf5c1b36f35a7288559720fff8df120c056f57a04f89 4826592 chromium-common_105.0.5195.52-1~deb11u1_i386.deb 4fd27cc6b9f3c9d3c45def2adaf964ad0df1736efe8f142feb9a7d96be1998b8 25098452 chromium-dbgsym_105.0.5195.52-1~deb11u1_i386.deb 04f80d8f4d6a122eaa57ddfa9acac7508353f2d7a4e4e2908aeee404b4a254a2 5614068 chromium-driver_105.0.5195.52-1~deb11u1_i386.deb 1b9c8883a0f80a5d1857163a1efd0f09ac1c09ccf35f62b01cbbc80518568065 11656 chromium-sandbox-dbgsym_105.0.5195.52-1~deb11u1_i386.deb 25092cdec65a6b37ea636ca51abcf20a409d66d4a7c9270478b14d102b6f2cab 125480 chromium-sandbox_105.0.5195.52-1~deb11u1_i386.deb c9e287ceac43e900557564bc5ec3354504a4a51c64b229bf6e55503c60d65f9c 21427616 chromium-shell-dbgsym_105.0.5195.52-1~deb11u1_i386.deb c524db4e7b936122aeca5f4a897217803050104b4d2acb9eb4a10530cebb5d60 45831672 chromium-shell_105.0.5195.52-1~deb11u1_i386.deb 817883fea168b42738956cb5e5903c2850c82b7aaa9545e8c3e8e5c6aec4ed3a 23905 chromium_105.0.5195.52-1~deb11u1_i386-buildd.buildinfo 87408a1a3d8b699020166f3307f4a6ca5549d4aa0bdf13817d18f13789a02fac 65705576 chromium_105.0.5195.52-1~deb11u1_i386.deb Files: cd4f32ff68d7757029e90defce01b9ba 963344 debug optional chromium-common-dbgsym_105.0.5195.52-1~deb11u1_i386.deb e1ca69201ad69e286f8e76cf4846d592 4826592 web optional chromium-common_105.0.5195.52-1~deb11u1_i386.deb ed58c7b0cb5233315a41816879a2c31e 25098452 debug optional chromium-dbgsym_105.0.5195.52-1~deb11u1_i386.deb 7de241ac5d46b1f555e6b56c7ee1e9dc 5614068 web optional chromium-driver_105.0.5195.52-1~deb11u1_i386.deb 74ee3074fa9f474b1928c861496b45b5 11656 debug optional chromium-sandbox-dbgsym_105.0.5195.52-1~deb11u1_i386.deb e786b789413ff07e8d9474085e11a75b 125480 web optional chromium-sandbox_105.0.5195.52-1~deb11u1_i386.deb a99dbc7d76a8ab7c3a13bcf5f4964426 21427616 debug optional chromium-shell-dbgsym_105.0.5195.52-1~deb11u1_i386.deb 8a7dd9a134f545fff3db9e02d5a84535 45831672 web optional chromium-shell_105.0.5195.52-1~deb11u1_i386.deb 14bab904336d1cc3587a57d56479741e 23905 web optional chromium_105.0.5195.52-1~deb11u1_i386-buildd.buildinfo 03d2207fefe3b8e1cc284cfa60f75e3e 65705576 web optional chromium_105.0.5195.52-1~deb11u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEZ+kjGN6s2Ioxmya1SqddLxw5rsoFAmMQipoACgkQSqddLxw5 rsrTzRAAuHn0EowmeMbmRwgm3QFZwORnWG+mjLPeDKRPUDsgwiNzpvGjSH/u4kWt nLf+fMK3IdnY5TU8sBBPbEiON+MV/vNAev/d4GEVwIUpJNGZgs3FlfHrpEhu4X9t wOcsga09qpuBoyrN1ntu7uHljW5ffOhY/EUK/d8SnZt7/7LIReshmolPF2Sj/HDH rVCgw2WUxI7zdMqIoSKq8hb29T2I0xLzayz+5vNZ8bNVzmeQQmQpW/s+b1mJWwah kiLXeQflNVsy054FgYty807C1yEMrYC0xKveus0vleaaLIdrBGAVDud9Z0g4ha0P W6POPdqGXyOCjKQfgMzLMf7HBCRE3pXEGcY92yCFiaOxludRgj4BFvbtc7yI8/pY sQZbuPABWdn7koKWH84+nRcJKLkcAMdbFTvp1loOWPfWSS01SOm2IOt+KZR90dNZ 0zG3srIoHeOlNwfT70YwvKIWX9MUviJ+YUm2tRExM/gG3KD9KGHK61sx+bgVJruc GemfgyuLdLSUHb6ZxU2nREHVRA2oAx7DqUXcw3XrHMexgDG/BMbknjv0Q7umiHdC EepE8ZuygesCRxHJU0X9QM/TnuBOFiTYJptQbIJ6wKasxOjrDc+QVjvX/yzpolg4 WaSqoCiLmuPq/AH+JV8GahKd3ipCo7L42SSRObayixtKQ1KdAak= =uT+v -----END PGP SIGNATURE-----