-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4911-1                   security@debian.org
https://www.debian.org/security/                          Michael Gilbert
May 03, 2021                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : chromium
CVE ID         : CVE-2021-21227 CVE-2021-21228 CVE-2021-21229 CVE-2021-21230
                 CVE-2021-21231 CVE-2021-21232 CVE-2021-21233

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2021-21227

    Gengming Liu discovered a data validation issue in the v8 javascript
    library.

CVE-2021-21228

    Rob Wu discovered a policy enforcement error.

CVE-2021-21229

    Mohit Raj discovered a user interface error in the file downloader.

CVE-2021-21230

    Manfred Paul discovered use of an incorrect type.

CVE-2021-21231

    Sergei Glazunov discovered a data validation issue in the v8 javascript
    library.

CVE-2021-21232

    Abdulrahman Alqabandi discovered a use-after-free issue in the developer
    tools.

CVE-2021-21233

    Omair discovered a buffer overflow issue in the ANGLE library.

For the stable distribution (buster), these problems have been fixed in
version 90.0.4430.93-1~deb10u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEIwTlZiOEpzUxIyp4mD40ZYkUaygFAmCQuj8ACgkQmD40ZYkU
ayhE0h/9Hs+mYCsZjlxPeksnlzdz/G1wWx/4XSLhAAItYsx38dJQ4ctK0s8LO3IL
Qc07rLC6YG+z2iJ3rwkv1DAwCFfheTw4+3RS1/or2Fs+oOmnxvBECxwskL+gdibT
FWTmDD3oRsQ4XgV+N8xhEFjJA3iWESnG2gdBbYJuKZVR1uFQQqfVoQTJrpdJyz+u
K3hAtLvkCb4Pl5Fxg0BUaLp4rERlqcwpvolQ8iodEl9nNgWJ/qFKcIcFrsDsXyk5
oAAlqmnFTWDbaCJsi0QTu2JrlsvsTJ7TcfaZiVY0eTxLhZlUNQL500b9dAMm+8DH
qHPpb67mJprWRL09G4jzkuIbDhASA9p+detMECFm9pMtvwgJ6AnYA2iGww69B+/E
HGSO/5jxJvy+rWwXLtD8w9yV7facZZhBWQTgmT1cOFFFsneJ/L/cWnSVyTVKW4pK
hrIbC3oPib8n9eIP0M2cexrLWzHuJLygncir8AvBNmmVX/VrY2DKk9b/tV9kXhmm
CO4MlHQ+TkhpA9zq2ZhgJqo/oUU5lZXZJoODZ0i8W41eIC4v/vcazQOH3HeH3Waa
4F0QDe5JB7yoDJF2riS2nhwV23YqGqazWAX2nWnxwlYCbniQvZ62g1Ej2lYS6e5y
p8XrfSQlhqCuRIX8AZt1a3RNXif1QmyBjjTGmM0raRs4NIjccy3dhxx6/SUgOhxI
BoHa5m2OH7brneA/ZCIjB3aoOUSIbtxOZhp6PcZNw4yL1VlRit9gZqqn5hG/f+JF
Xtm2OwQhYQl8pOvbmbcZcM7V/Gr2sXqJX8ZmrUMHnDQZbxFnBcyb+nAo0/AYnELV
gr9uQEHGvlj/6z9CclGPosHW6RiGtRnRuDE56b57DsD+j5w6TjP09puyb6D+miPu
yM4CVvOhYii+3/gSVs4kXbmsZMqmAf1qN9cd5rgkRmdkWc68EivdEZuYMUEjjisv
TpsVEgOhnMmnbki74lU7vA3L1nhtoVs8st00uJnh2De/iOnDSmPfDzq1+TWvGHLq
veO5CmWbl88fJETovXNXv4x+Z+9IDZOLktMyKB/hsv9QbVSL8K5hpelTa5DBegh+
DbofTY+c4DFvDiyasMof1IXbBo8bQTkCmvV2BELUsFhCYkMo+hWzxeey/yfu1ir1
tDfhH7ZJ+EP8gHbKelu7AlQFTQS5aQJSNGDKEFj8bAoa7s5xdYvh/tx8nksfn/WT
aU904mnD9m5dr6OXuHDPvy1fUFIhgD4liJaC620i0/lEyjPR3fkzs450+NDKWgiV
yj0C9HPB1ZhdLkWQ4bIhk16li557xoavByzze4WIvzY8+wICadWIGcqdUV5cYJgk
5BrzG4OQKjdRNEHQqbbOMWOjhwHf6w==
=EvIG
-----END PGP SIGNATURE-----