Hi, 8 nov. 2020 à 18:50 de ggunin...@gmail.com:
> https://www.theregister.com/2020/11/04/google_chrome_critical_updates/ > > Wed 4 Nov 2020 > If you're an update laggard, buck up: Chrome zero-days are being > exploited in the wild > > Desktop and Android versions both at risk > Thanks Georgi for the link. Regarding CVE-2020-16009 <https://security.archlinux.org/CVE-2020-16009>, it seems that some distros like Arch [1] have already updated their chromium packages but no Debian yet. Right? Is it just a matter of extracting the security fix from 86.0.4240.183, packaging it accordingly and pushing in a new version in Debian repositories? For Buster, will it lead eventually to a 83.0.4103.116-1~deb10uX or a 86.0.4240.183~deb10uX version instead? Thanks in advance & Best regards, l0f4r0 [1] : https://security.archlinux.org/CVE-2020-16009
