-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 30 Dec 2020 09:26:45 +0100 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-driver-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: amd64 Version: 87.0.4280.88-0.4~deb10u1 Distribution: buster-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-csail-01) Changed-By: Jan Luca Naumann Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (87.0.4280.88-0.4~deb10u1) buster-security; urgency=high . * Non-maintainer upload. * New upstream stable release. - CVE-2020-6510: Heap buffer overflow in background fetch. Reported by Leecraso and Guang Gong - CVE-2020-6511: Side-channel information leakage in content security policy. Reported by Mikhail Oblozhikhin - CVE-2020-6512: Type Confusion in V8. Reported by nocma, leogan, cheneyxu - CVE-2020-6513: Heap buffer overflow in PDFium. Reported by Aleksandar Nikolic - CVE-2020-6514: Inappropriate implementation in WebRTC. Reported by Natalie Silvanovich - CVE-2020-6515: Use after free in tab strip. Reported by DDV_UA - CVE-2020-6516: Policy bypass in CORS. Reported by Yongke Wang and Aryb1n - CVE-2020-6517: Heap buffer overflow in history. Reported by ZeKai Wu - CVE-2020-6518: Use after free in developer tools. Reported by David Erceg - CVE-2020-6519: Policy bypass in CSP. Reported by Gal Weizman - CVE-2020-6520: Heap buffer overflow in Skia. Reported by Zhen Zhou - CVE-2020-6521: Side-channel information leakage in autofill. Reported by Xu Lin, Panagiotis Ilia, Jason Polakis - CVE-2020-6522: Inappropriate implementation in external protocol handlers. Reported by Eric Lawrence - CVE-2020-6523: Out of bounds write in Skia. Reported by Liu Wei and Wu Zekai - CVE-2020-6524: Heap buffer overflow in WebAudio. Reported by Sung Ta - CVE-2020-6525: Heap buffer overflow in Skia. Reported by Zhen Zhou - CVE-2020-6526: Inappropriate implementation in iframe sandbox. Reported by Jonathan Kingston - CVE-2020-6527: Insufficient policy enforcement in CSP. Reported by Zhong Zhaochen - CVE-2020-6528: Incorrect security UI in basic auth. Reported by Rayyan Bijoora - CVE-2020-6529: Inappropriate implementation in WebRTC. Reported by kaustubhvats7 - CVE-2020-6530: Out of bounds memory access in developer tools. Reported by myvyang - CVE-2020-6531: Side-channel information leakage in scroll to text. Reported by Jun Kokatsu - CVE-2020-6533: Type Confusion in V8. Reported by Avihay Cohen - CVE-2020-6534: Heap buffer overflow in WebRTC. Reported by Anonymous - CVE-2020-6535: Insufficient data validation in WebUI. Reported by Jun Kokatsu - CVE-2020-6536: Incorrect security UI in PWAs. Reported by Zhiyang Zeng - CVE-2020-6537: Type Confusion in V8. Reported by Rong Jian and Guang Gong - CVE-2020-6532: Use after free in SCTP. Reported by Anonymous - CVE-2020-6538: Inappropriate implementation in WebView. Reported by Yongke Wang and Aryb1n - CVE-2020-6539: Use after free in CSS. Reported by Oriol Brufau - CVE-2020-6540: Heap buffer overflow in Skia. Reported by Zhen Zhou - CVE-2020-6541: Use after free in WebUSB. Reported by Sergei Glazunov - CVE-2020-16037: Use after free in clipboard. Reported by Ryoya Tsukasaki - CVE-2020-16038: Use after free in media. Reported by Khalil Zhani - CVE-2020-16039: Use after free in extensions. Reported by Anonymous - CVE-2020-16040: Insufficient data validation in V8. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research - CVE-2020-16041: Out of bounds read in networking. Reported by Sergei Glazunov and Mark Brand of Google Project Zero - CVE-2020-16042: Uninitialized Use in V8. Reported by André Bargull - CVE-2020-16018: Use after free in payments. Reported by Man Yue Mo of GitHub Security Lab - CVE-2020-16019: Inappropriate implementation in filesystem. Reported by Rory McNamara - CVE-2020-16020: Inappropriate implementation in cryptohome. Reported by Rory McNamara - CVE-2020-16021: Race in ImageBurner. Reported by Rory McNamara - CVE-2020-16022: Insufficient policy enforcement in networking. Reported by @SamyKamkar - CVE-2020-16015: Insufficient data validation in WASM. Reported by Rong Jian and Leecraso of 360 Alpha Lab - CVE-2020-16014: Use after free in PPAPI. Reported by Rong Jian and Leecraso of 360 Alpha Lab - CVE-2020-16023: Use after free in WebCodecs. Reported by Brendon Tiszka and David Manouchehri supporting the @eff - CVE-2020-16024: Heap buffer overflow in UI. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-16025: Heap buffer overflow in clipboard. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-16026: Use after free in WebRTC. Reported by Jong-Gwon Kim - CVE-2020-16027: Insufficient policy enforcement in developer tools. Reported by David Erceg - CVE-2020-16028: Heap buffer overflow in WebRTC. Reported by asnine - CVE-2020-16029: Inappropriate implementation in PDFium. Reported by Anonymous - CVE-2020-16030: Insufficient data validation in Blink. Reported by Michał Bentkowski of Securitum - CVE-2019-8075: Insufficient data validation in Flash. Reported by Nethanel Gelernter, Cyberpion - CVE-2020-16031: Incorrect security UI in tab preview. Reported by wester0x01 - CVE-2020-16032: Incorrect security UI in sharing. Reported by wester0x01 - CVE-2020-16033: Incorrect security UI in WebUSB. Reported by Khalil Zhani - CVE-2020-16034: Inappropriate implementation in WebRTC. Reported by Benjamin Petermaier - CVE-2020-16035: Insufficient data validation in cros-disks. Reported by Rory McNamara - CVE-2020-16012: Side-channel information leakage in graphics. Reported by Aleksejs Popovs - CVE-2020-16036: Inappropriate implementation in cookies. Reported by Jun Kokatsu @shhnjk - CVE-2020-16013: Inappropriate implementation in V8. Reported by Anonymous - CVE-2020-16017: Use after free in site isolation. Reported by Anonymous - CVE-2020-16016: Inappropriate implementation in base. Reported by Rong Jian and Leecraso of 360 Alpha Lab - CVE-2020-16004: Use after free in user interface. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud - CVE-2020-16005: Insufficient policy enforcement in ANGLE. Reported by Jaehun Jeong @n3sk of Theori - CVE-2020-16006: Inappropriate implementation in V8. Reported by Bill Parks - CVE-2020-16007: Insufficient data validation in installer. Reported by Abdelhamid Naceri - CVE-2020-16008: Stack buffer overflow in WebRTC. Reported by Tolya Korniltsev - CVE-2020-16009: Inappropriate implementation in V8. Reported by Clement Lecigne of Google's Threat Analysis Group and Samuel Groß of Google Project Zero - CVE-2020-16011: Heap buffer overflow in UI on Windows. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-16000: Inappropriate implementation in Blink. Reported by amaebi_jp - CVE-2020-16001: Use after free in media. Reported by Khalil Zhani - CVE-2020-16002: Use after free in PDFium. Reported by Weipeng Jiang from Codesafe Team of Legendsec at Qi'anxin Group - CVE-2020-15999: Heap buffer overflow in Freetype. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-16003: Use after free in printing. Reported by Khalil Zhani - CVE-2020-15967: Use after free in payments. Reported by Man Yue Mo of GitHub Security Lab - CVE-2020-15968: Use after free in Blink. Reported by Anonymous - CVE-2020-15969: Use after free in WebRTC. Reported by Anonymous - CVE-2020-15970: Use after free in NFC. Reported by Man Yue Mo of GitHub Security Lab - CVE-2020-15971: Use after free in printing. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research - CVE-2020-15972: Use after free in audio. Reported by Anonymous - CVE-2020-15990: Use after free in autofill. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 - CVE-2020-15991: Use after free in password manager. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 - CVE-2020-15973: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-15974: Integer overflow in Blink. Reported by Juno Im of Theori - CVE-2020-15975: Integer overflow in SwiftShader. Reported by Anonymous - CVE-2020-15976: Use after free in WebXR. Reported by YoungJoo Lee @ashuu_lee of Raon Whitehat - CVE-2020-6557: Inappropriate implementation in networking. Reported by Matthias Gierlings and Marcus Brinkmann - CVE-2020-15977: Insufficient data validation in dialogs. Reported by Narendra Bhati - CVE-2020-15978: Insufficient data validation in navigation. Reported by Luan Herrera @lbherrera_ - CVE-2020-15979: Inappropriate implementation in V8. Reported by Avihay Cohen @ SeraphicAlgorithms - CVE-2020-15980: Insufficient policy enforcement in Intents. Reported by Yongke Wang @Rudykewang and Aryb1n @aryb1n of Tencent Security Xuanwu Lab - CVE-2020-15981: Out of bounds read in audio. Reported by Christoph Guttandin - CVE-2020-15982: Side-channel information leakage in cache. Reported by Luan Herrera @lbherrera_ - CVE-2020-15983: Insufficient data validation in webUI. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research - CVE-2020-15984: Insufficient policy enforcement in Omnibox. Reported by Rayyan Bijoora - CVE-2020-15985: Inappropriate implementation in Blink. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research - CVE-2020-15986: Integer overflow in media. Reported by Mark Brand of Google Project Zero - CVE-2020-15987: Use after free in WebRTC. Reported by Philipp Hancke - CVE-2020-15992: Insufficient policy enforcement in networking. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2020-15988: Insufficient policy enforcement in downloads. Reported by Samuel Attard - CVE-2020-15989: Uninitialized Use in PDFium. Reported by Gareth Evans - CVE-2020-15960: Out of bounds read in storage. Reported by Anonymous - CVE-2020-15961: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-15962: Insufficient policy enforcement in serial. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud - CVE-2020-15963: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-15965: Out of bounds write in V8. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research - CVE-2020-15966: Insufficient policy enforcement in extensions. Reported by David Erceg - CVE-2020-15964: Insufficient data validation in media. Reported by Woojin Oh @pwn_expoit of STEALIEN - CVE-2020-6573: Use after free in video. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud - CVE-2020-6574: Insufficient policy enforcement in installer. Reported by CodeColorist of Ant-Financial LightYear Labs - CVE-2020-6575: Race in Mojo. Reported by Microsoft - CVE-2020-6576: Use after free in offscreen canvas. Reported by Looben Yang - CVE-2020-15959: Insufficient policy enforcement in networking. Reported by Eric Lawrence of Microsoft - CVE-2020-6558: Insufficient policy enforcement in iOS. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2020-6559: Use after free in presentation API. Reported by Liu Wei and Wu Zekai of Tencent Security Xuanwu Lab - CVE-2020-6560: Insufficient policy enforcement in autofill. Reported by Nadja Ungethuem from www.unnex.de - CVE-2020-6561: Inappropriate implementation in Content Security Policy. Reported by Rob Wu - CVE-2020-6562: Insufficient policy enforcement in Blink. Reported by Masato Kinugawa - CVE-2020-6563: Insufficient policy enforcement in intent handling. Reported by Pedro Oliveira - CVE-2020-6564: Incorrect security UI in permissions. Reported by Khalil Zhani - CVE-2020-6565: Incorrect security UI in Omnibox. Reported by Khalil Zhani - CVE-2020-6566: Insufficient policy enforcement in media. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research - CVE-2020-6567: Insufficient validation of untrusted input in command line handling. Reported by Joshua Graham of TSS - CVE-2020-6568: Insufficient policy enforcement in intent handling. Reported by Yongke Wang @Rudykewang and Aryb1n @aryb1n of Tencent Security Xuanwu Lab - CVE-2020-6569: Integer overflow in WebUSB. Reported by guaixiaomei - CVE-2020-6570: Side-channel information leakage in WebRTC. Reported by Signal/Tenable - CVE-2020-6571: Incorrect security UI in Omnibox. Reported by Rayyan Bijoora - CVE-2020-6556: Heap buffer overflow in SwiftShader. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2020-6542: Use after free in ANGLE. Reported by Piotr Bania of Cisco Talos - CVE-2020-6543: Use after free in task scheduling. Reported by Looben Yang - CVE-2020-6544: Use after free in media. Reported by Tim Becker of Theori - CVE-2020-6545: Use after free in audio. Reported by Anonymous - CVE-2020-6546: Inappropriate implementation in installer. Reported by Andrew Hess - CVE-2020-6547: Incorrect security UI in media. Reported by David Albert - CVE-2020-6548: Heap buffer overflow in Skia. Reported by Choongwoo Han, Microsoft Browser Vulnerability Research - CVE-2020-6549: Use after free in media. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-6550: Use after free in IndexedDB. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-6551: Use after free in WebXR. Reported by Sergei Glazunov of Google Project Zero - CVE-2020-6552: Use after free in Blink. Reported by Tim Becker of Theori - CVE-2020-6553: Use after free in offline mode. Reported by Alison Huffman, Microsoft Browser Vulnerability Research - CVE-2020-6554: Use after free in extensions. Reported by Anonymous - CVE-2020-6555: Out of bounds read in WebGL. Reported by Marcin Towalski of Cisco Talos * Add 64-bit time syscalls to syscall whitelist and clock selection parameter filtering code. * Switch to explicitly versioned python2. * Update information in debian/copyright. * Include more upstream metadata information. * Install ANGLE EGL and GLESv2 libs. Checksums-Sha1: 970a0eea6f62e8ea09597eea8baef0c7b7bfc2c4 213120 chromium-common-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb 616a9ad400cb54758eff64dcff4413188f12cdba 1382800 chromium-common_87.0.4280.88-0.4~deb10u1_amd64.deb 9bdc31bc6e0eae653eaac5661fc58001d7e8f51b 15035932 chromium-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb eb7b21a226994485d69dbdfa8202c21635614176 4123564 chromium-driver-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb 25205112f62061d101daccf58ace4ee2561850ed 4410212 chromium-driver_87.0.4280.88-0.4~deb10u1_amd64.deb a2b0cf0d77ff29f29b552d691865cac6d5245ac8 11276 chromium-sandbox-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb fda3e5c2f85731494354545918f6e007ca8938d0 110040 chromium-sandbox_87.0.4280.88-0.4~deb10u1_amd64.deb d5cb414dc9a1c76f6532b7c6f49eeffab9b63994 12455204 chromium-shell-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb 10339932dddc0555b07f50ad705c965aeffc5546 38144432 chromium-shell_87.0.4280.88-0.4~deb10u1_amd64.deb 6ca72564f20bd9b947e97b8a1fe7ffb22bfc70ea 24997 chromium_87.0.4280.88-0.4~deb10u1_amd64-buildd.buildinfo d13ad7e8c6df53f3bfc9fec8c360222fd88c34db 54552972 chromium_87.0.4280.88-0.4~deb10u1_amd64.deb Checksums-Sha256: db798c1b714bc32379ad60bbe20d67cdd935d54ae218d1d9c8ad0e2fd2c7956a 213120 chromium-common-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb 2fd37950e16aafe238796fd8c827a785a506586f37eafdb0b271b915d10f3c03 1382800 chromium-common_87.0.4280.88-0.4~deb10u1_amd64.deb 18007422afaf75c624f5959d820f40ee7d5a3209cbdb294cce073156a0b5fe1c 15035932 chromium-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb 3e7eb7018ec597dbfbb674dfb035872e3d69b8d22330da530575516e2b3485e8 4123564 chromium-driver-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb a97d506910b0dfc11178bd24180ac579295f5c75e2774becc3a0abeb76f46890 4410212 chromium-driver_87.0.4280.88-0.4~deb10u1_amd64.deb 62d51a95aa66202bbdae44203e1cd4ab76cb78ab56de5edb6ab49661e4e18fd6 11276 chromium-sandbox-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb fa52597fd00a1f02bcf11dd624e5572786dadeabb405f822d1511ffcf9117f51 110040 chromium-sandbox_87.0.4280.88-0.4~deb10u1_amd64.deb 04458a78e8fe8b62c5b8198b30726d9c8a2dcddc499b0e45375ac1da93455d2e 12455204 chromium-shell-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb 7fc17c55a7b747fefbd4aad92ad5dda6f370585618d5c44c6ff87552e91cc3ba 38144432 chromium-shell_87.0.4280.88-0.4~deb10u1_amd64.deb f5e2d53ef70e33b0ef257a9650739428f9e801b5ec6288e3ed7f96782c19ff96 24997 chromium_87.0.4280.88-0.4~deb10u1_amd64-buildd.buildinfo 1b689a66b263104ed66618212a756363163c43441e90f2dde5f7ee73e18ff0a6 54552972 chromium_87.0.4280.88-0.4~deb10u1_amd64.deb Files: 172b06a4097e099c6c0ae9419befc6ba 213120 debug optional chromium-common-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb 2659864aea578d896ccb737b0b23a684 1382800 web optional chromium-common_87.0.4280.88-0.4~deb10u1_amd64.deb cadfa60e483220dbe41ffe74b59bf493 15035932 debug optional chromium-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb 2c128ac6d9ff60fb64df8b980ae7a50a 4123564 debug optional chromium-driver-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb 227f9d3134f6e19712292ec9aabc7a23 4410212 web optional chromium-driver_87.0.4280.88-0.4~deb10u1_amd64.deb 26f23e3647d56cce2975389c90f60592 11276 debug optional chromium-sandbox-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb 7fd8a8c8f0012cd74c6585212be05b9c 110040 web optional chromium-sandbox_87.0.4280.88-0.4~deb10u1_amd64.deb de2da01bf4e6be23ff16897ad6521771 12455204 debug optional chromium-shell-dbgsym_87.0.4280.88-0.4~deb10u1_amd64.deb 9e35a5c437cb2e187ceadc02cc622cb4 38144432 web optional chromium-shell_87.0.4280.88-0.4~deb10u1_amd64.deb 704fa20ebea35fb22def2b8d59aacd33 24997 web optional chromium_87.0.4280.88-0.4~deb10u1_amd64-buildd.buildinfo f78103646f9dba6210aaec265f209ae3 54552972 web optional chromium_87.0.4280.88-0.4~deb10u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEo33KWLLUve5CxgHZGOxRpKJm/V0FAl/vB5MACgkQGOxRpKJm /V22KA//ZdRCzXF3qz31n2TiMv9A5crc/u15cNLIjt3kVf2XoxrxUbQzhZjeuq5r lvFJtVHootucgdtKLfgnW4/+RYg3uKn/EM0N00y88maV4EK5JGBZJede+i6Am34L tpz7YfZP8rwMdDO6Q3WZ4ka/1o+IcRT8xOQc7fJ7B1oXjlErmae93hgmO7a5J60n 8YYrU3T2G1B+nvrgXwH+MbyP9nBvmwojI7czdQ64g4VQpmO2H4hW52miHpeqor2X D2QQp3XJ9gd9zOtraHh8LuaHWNnhveCuPcn07Dzil6Y6Wm5wdz8DWiPOOd43wfoq +rSIU05w2DyMFyYaVf5pqwRF/l20+V4Z9Jtjj/fnRRybkEuxsOxJyClIfQ4zC0jz U9De5YHtqZ1Rvk1uJFELtQ6o0e9Ocsk0iBSgLFdMuOea5hSAlPIopLsvtFMCu8Ga RK/e/Vn4zUe4NKMViti+daont1Bk0UbMp64alRe/APKoH8bkvE66+UvHNwEngmKu DalhinCljcTH8TrhBwkRZ0w3PjvKdgsUulHf03MjjLGogDgplz40brkZnrl/sWbd aLRVh0WtLkvWwZjoy6JtdQcCGTVaIKBe1yRowKW4t4eV33kbdg0Mjo8gvIQsgsUR 1oNytrPigQNPFqkrVv3dMqEi9LrKQ9X5pMo9NnWARIZal1lUt7s= =hMuj -----END PGP SIGNATURE-----