You can follow debian's progress on this here: https://security-tracker.debian.org/tracker/CVE-2020-16009
On Wed, 2020-11-11 at 20:46 +0100, l0f...@tuta.io wrote: > > Regarding CVE-2020-16009 <https://security.archlinux.org/CVE-2020-16009>, it > seems that some distros like Arch [1] have already updated their chromium > packages but no Debian yet. Right? > > Is it just a matter of extracting the security fix from 86.0.4240.183, > packaging it accordingly and pushing in a new version in Debian repositories? > > For Buster, will it lead eventually to a 83.0.4103.116-1~deb10uX or a > 86.0.4240.183~deb10uX version instead? > > Thanks in advance & Best regards, > l0f4r0 > > [1] : https://security.archlinux.org/CVE-2020-16009 >
