-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 11 Jan 2021 17:04:13 +0100
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-driver-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: amd64
Version: 87.0.4280.141-0.1~deb10u1
Distribution: buster-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Jan Luca Naumann <j.naumann@fu-berlin.de>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Closes: 979135 979520
Changes:
 chromium (87.0.4280.141-0.1~deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload.
   * New upstream security release (closes: 979520).
     - CVE-2021-21106: Use after free in autofill. Reported by Weipeng Jiang
       @Krace from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-21107: Use after free in drag and drop. Reported by Leecraso and
       Guang Gong of 360 Alpha Lab
     - CVE-2021-21108: Use after free in media. Reported by Leecraso and Guang
       Gong of 360 Alpha Lab
     - CVE-2021-21109: Use after free in payments. Reported by Rong Jian and
       Guang Gong of 360 Alpha Lab
     - CVE-2021-21110: Use after free in safe browsing. Reported by Anonymous
     - CVE-2021-21111: Insufficient policy enforcement in WebUI. Reported by
       Alesandro Ortiz
     - CVE-2021-21112: Use after free in Blink. Reported by YoungJoo Lee
       @ashuu_lee of Raon Whitehat
     - CVE-2021-21113: Heap buffer overflow in Skia. Reported by tsubmunu
     - CVE-2020-16043: Insufficient data validation in networking. Reported by
       Samy Kamkar, Ben Seri at Armis, Gregory Vishnepolsky at Armis
     - CVE-2021-21114: Use after free in audio. Reported by Man Yue Mo of GitHub
       Security Lab
     - CVE-2020-15995: Out of bounds write in V8. Reported by Bohan Liu
       @P4nda20371774 of Tencent Security Xuanwu Lab
     - CVE-2021-21115: Use after free in safe browsing. Reported by Leecraso and
       Guang Gong of 360 Alpha Lab
     - CVE-2021-21116: Heap buffer overflow in audio. Reported by Alison
       Huffman, Microsoft Browser Vulnerability Research
   * Use desktop gl implementation as default. (closes: 979135)
Checksums-Sha1:
 f0f322b6ac1d6278248ff583296acc25c176edb7 213208 chromium-common-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 9bb5e79746839fb1b7af8f53f6489cc64a8f0aae 1381468 chromium-common_87.0.4280.141-0.1~deb10u1_amd64.deb
 2711ba9ada07ad455b8a226a04da0b9fe3ad023c 15033872 chromium-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 5100e1c6d5f78783cd160cb8b7e14c28dad284ba 4125316 chromium-driver-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 accf0e5d2a8b3b9219e22f099db4978065d0882f 4410324 chromium-driver_87.0.4280.141-0.1~deb10u1_amd64.deb
 21158b762f59d94371af579d5942111b30eb57dc 11280 chromium-sandbox-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 759a5f4e9cc480f3de02ee9486cdd86750c9202e 110388 chromium-sandbox_87.0.4280.141-0.1~deb10u1_amd64.deb
 1aa692ba44ef7393ab494446dc4da1f0f56f2c40 12453796 chromium-shell-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 441ab9d5dba870c67d46f60f8b3be956c6e38bc4 38146272 chromium-shell_87.0.4280.141-0.1~deb10u1_amd64.deb
 706443e0707e54119818b47ccf7b339d2fb5ee4a 25029 chromium_87.0.4280.141-0.1~deb10u1_amd64-buildd.buildinfo
 8b916bd6c0d289e9787122b66eab75fd4f1fd9f4 54549908 chromium_87.0.4280.141-0.1~deb10u1_amd64.deb
Checksums-Sha256:
 b31461556440b7d0fb88ef3688950af9bd1c8cf9570ef03aa17f2c91c8871a9d 213208 chromium-common-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 c51c4ee3f86e9c767b91552b3ff5d7c52f84488d4a9b57bc49d8a988cb8eb001 1381468 chromium-common_87.0.4280.141-0.1~deb10u1_amd64.deb
 50a74897fa693d9a39b189821ffc99ac33dfb234d43236c4806e1ddb63e5ab12 15033872 chromium-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 bd5b351c8e5a0c02bc22ded83864820da707ba5c67d584682296344138329023 4125316 chromium-driver-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 c6f4d989ef6eebb81adef1a8bbb2faa97ed7982f0548c0c5ad58e16c0696f519 4410324 chromium-driver_87.0.4280.141-0.1~deb10u1_amd64.deb
 0f28b82d015de9d402710fc89df5a6048c8fa848cae14962fef21d82f16d5ad6 11280 chromium-sandbox-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 11c2a09f23abb8cd0aa2ece7486b5e176663a7cd5409de6d1e753aa5fadcb125 110388 chromium-sandbox_87.0.4280.141-0.1~deb10u1_amd64.deb
 7d345a3a124e52ee21fef7363d4d802ce760535472bc5d597b0cb04f5ebacd7e 12453796 chromium-shell-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 e476f9599338734f3c4b377880486d963bde1b096ed837541c68332609011208 38146272 chromium-shell_87.0.4280.141-0.1~deb10u1_amd64.deb
 d29ae26eed9064464196168ff09105c601899747da44c560b05c240ed67f03b1 25029 chromium_87.0.4280.141-0.1~deb10u1_amd64-buildd.buildinfo
 c6b4cb6f2514ce856ea2c1d07d17eb5981643e9965960072606c3059643be45e 54549908 chromium_87.0.4280.141-0.1~deb10u1_amd64.deb
Files:
 2b28b3040ecde48d964e5c34aa4f0185 213208 debug optional chromium-common-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 de3d5a4b9f1c0cb29e76a8f616bd789d 1381468 web optional chromium-common_87.0.4280.141-0.1~deb10u1_amd64.deb
 373824710938220feaa7ffb184374407 15033872 debug optional chromium-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 8722074493316c890dc8ebcd456f5b8d 4125316 debug optional chromium-driver-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 b24724b9941ca821a195ee57bab41361 4410324 web optional chromium-driver_87.0.4280.141-0.1~deb10u1_amd64.deb
 e4f94afda6bc2703e83dc8ff7083fd07 11280 debug optional chromium-sandbox-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 90a94352a3370cdd09d8bb852883428d 110388 web optional chromium-sandbox_87.0.4280.141-0.1~deb10u1_amd64.deb
 b95feff995ed09210b3cca1ecf93ce32 12453796 debug optional chromium-shell-dbgsym_87.0.4280.141-0.1~deb10u1_amd64.deb
 b52ac4742881ba7a8ed9d03dd97054d0 38146272 web optional chromium-shell_87.0.4280.141-0.1~deb10u1_amd64.deb
 a4d9d82c7942c427aff4fe6e5f1eec69 25029 web optional chromium_87.0.4280.141-0.1~deb10u1_amd64-buildd.buildinfo
 ecd6fb7d23db87c985c2b358f8d9d8b1 54549908 web optional chromium_87.0.4280.141-0.1~deb10u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/7vrlRgMAcjt3zQ5J9KdAI8x88oFAl/+DE8ACgkQJ9KdAI8x
88pAWg//U+L68Pex2FidDDbE3Q7/ZiJNUrS17zNPVx0p/z2uEAfb/bLskCkxpxCT
KHAtnNFRdrYqAaSrd8bJmnOVsYbhJtAvfij3tUp+2FdFlB+SRvsoJouyFSBzlZ5W
6EMN4PkeUP6UudrDTNnkVQNmCjB55OK4TiV2Ff1tZWESjoMCG5pKCsQ8zxRiC3m9
V5UB/Vd8Ve5k5Zr8S1gK2Rx6BSmosz7oJUdNg2137Bd4Bi+rW6ZMb7G1a3RWo6cl
ynNFgN/yq8IxIxgjrQ2x11l7QWY7D+6bQPnrG6mUbiK936nomfAGfZH4VDkCjfEV
+SEuW3h5Q5dQLjrtiX9iJ1+68KJotMS/c6SmU0o6IQsZyojAYjtgVa7WM8J4ZJZ0
SNrTqcq303f5memTY2f5WEKR4y1bnemvh6h4L0VcI522vpyHWw0Ll9gISydaA+2U
8Ngae/mOepXc0qcZ5+NoZ6wscaUwINWqZNcAdrnUU9r0btYy7NDcxnPzZ5n77bsL
iGn+/xK5nKyQBMXG5WkhlQeonGOp7u5/ChYFUqjpdXdmrddIXN8JeZHk1bbDaLh3
lQYBUZ8xr0b4a926/+tVYRB+h61hOLFRD0+mMrQcdxTYWweASOr6/PGg2wFLwnmx
ww4ZZUuqNQysOMSUYJ40ym9RDd2iHD6OQzdHExFB8mrpOCNf/Rk=
=K+VB
-----END PGP SIGNATURE-----