-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 30 Apr 2024 17:53:52 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: amd64 Version: 124.0.6367.118-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-csail-01) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (124.0.6367.118-1~deb12u1) bookworm-security; urgency=high . * New upstream security release. - CVE-2024-4331: Use after free in Picture In Picture. Reported by Zhenghang Xiao (@Kipreyyy). - CVE-2024-4368: Use after free in Dawn. Reported by wgslfuzz. * Build-dep on libhwy-dev and delete the bundled third_party/highway. * Build-dep on libharfbuzz-dev and delete the bundled harfbuzz-ng. * Build-dep on libdav1d-dev and delete the bundled third_party/dav1d. * d/patches: - ppc64le/third_party/0001-Add-PPC64-support-for-libdav1d.patch, ppc64le/third_party/0001-Fix-libdav1d-compilation-on-clang-ppc.patch, ppc64le/third_party/0003-thirdparty-fix-dav1d-gn.patch, fixes/arm64-ftbfs.patch: drop these 4 patches that are only needed for bundled libdav1d. - ppc64le/third_party/0001-Fix-highway-ppc-hwcap.patch, ppc64le/third_party/0002-Highway-disable-128-bit-vsx.patch: drop these two patches that were needed for bundled highway. - upstream/ozone1.patch: drop, merged upstream. - upstream/ozone2.patch: drop, merged upstream. - fixes/bad-font-gc2.patch: refresh. . [ Timothy Pearson ] * d/patches/ppc64le: - third_party/0001-Add-PPC64-support-for-boringssl.patch: Fix inadvertent breakage of i386 build Checksums-Sha1: e3f79996b0c73812e47e3d42727029af3ed3da99 1220264 chromium-common-dbgsym_124.0.6367.118-1~deb12u1_amd64.deb 26c641b6528073c3e06bcdc785cbc4416a92e1ec 5003016 chromium-common_124.0.6367.118-1~deb12u1_amd64.deb 1f04b8e29935835d3a4c2cb3a563982f2fa93b28 34811892 chromium-dbgsym_124.0.6367.118-1~deb12u1_amd64.deb ef38d52dc2631dff8802d371f8cec88b390e35b2 6143540 chromium-driver_124.0.6367.118-1~deb12u1_amd64.deb 44506894c770168103650fa04952bc2b6ffa8e8c 14112 chromium-sandbox-dbgsym_124.0.6367.118-1~deb12u1_amd64.deb ea1aaff4428ee35e0c16d3fb13b9ec3c3690f046 89412 chromium-sandbox_124.0.6367.118-1~deb12u1_amd64.deb 93827dc5a442173a25a4641c475283b2f1b0619d 30231996 chromium-shell-dbgsym_124.0.6367.118-1~deb12u1_amd64.deb dca117084bb265fe8238bf09920e95ba023ed8df 51743200 chromium-shell_124.0.6367.118-1~deb12u1_amd64.deb c6922d511269250aff46aafd4ec5917783014810 24708 chromium_124.0.6367.118-1~deb12u1_amd64-buildd.buildinfo 76edd536c39412171de717e998ff61054fd84c27 73790936 chromium_124.0.6367.118-1~deb12u1_amd64.deb Checksums-Sha256: cdc50a6be8be46cd8a760f63ca04156714143e5e54432c7f47d3e0256cbbfd2e 1220264 chromium-common-dbgsym_124.0.6367.118-1~deb12u1_amd64.deb ae03a7f6fa67c00f49346ebeca8e7e22190d6ca36a679d1b6c02b82d5d43430d 5003016 chromium-common_124.0.6367.118-1~deb12u1_amd64.deb f20c8ae41106827fffb8d310a5578baa11c6b37af5e3e0063685450e54baa008 34811892 chromium-dbgsym_124.0.6367.118-1~deb12u1_amd64.deb e7b6a72dc67585ff435d9ad5e614e46fab193feb9b81dea7ca4aa96fc70e3f45 6143540 chromium-driver_124.0.6367.118-1~deb12u1_amd64.deb 4607112a357afd0d7f72c8f7d470e2ad15d49f69c9d10713790d995832540e81 14112 chromium-sandbox-dbgsym_124.0.6367.118-1~deb12u1_amd64.deb 5443b45d34dfad76b2f0dedaadb8b0cb2799e80b746e880f1a770cfef1148feb 89412 chromium-sandbox_124.0.6367.118-1~deb12u1_amd64.deb 0d084f6ac657bdc604c49ece81a5e3ae44513ee5d394c4ad1a1df716cf3ebd54 30231996 chromium-shell-dbgsym_124.0.6367.118-1~deb12u1_amd64.deb eac3beb00ac8a7e4dc75851aad655bdf5653b455a60c3b54343e5b916fb2c934 51743200 chromium-shell_124.0.6367.118-1~deb12u1_amd64.deb 9b61ad133cbba70ae11a981996dce410225b5bc30b1f1c69d5d54a5ad7ec8f20 24708 chromium_124.0.6367.118-1~deb12u1_amd64-buildd.buildinfo 6c2a30f22e664c977e583db3299a9ec24a9df792aa3aeebcd391913cf593729b 73790936 chromium_124.0.6367.118-1~deb12u1_amd64.deb Files: ee6783e23f299fe0a115b1e2933876af 1220264 debug optional chromium-common-dbgsym_124.0.6367.118-1~deb12u1_amd64.deb b6c0cf12f7cf693f3635a72ce9d42a90 5003016 web optional chromium-common_124.0.6367.118-1~deb12u1_amd64.deb 2483f17543f05c411bde15afd3703359 34811892 debug optional chromium-dbgsym_124.0.6367.118-1~deb12u1_amd64.deb dfdb388d3e932ed412b92070bcdbb798 6143540 web optional chromium-driver_124.0.6367.118-1~deb12u1_amd64.deb f30d6bc5fe542732b19da56b529ca7a9 14112 debug optional chromium-sandbox-dbgsym_124.0.6367.118-1~deb12u1_amd64.deb b0982380feed65975b104628948c0d70 89412 web optional chromium-sandbox_124.0.6367.118-1~deb12u1_amd64.deb f098d5cdac95e6c48ef1753a9d7ddd23 30231996 debug optional chromium-shell-dbgsym_124.0.6367.118-1~deb12u1_amd64.deb 323a9a84bb841cba4ccda481ea14d060 51743200 web optional chromium-shell_124.0.6367.118-1~deb12u1_amd64.deb 54237937e224a91bcdd0149056c7990e 24708 web optional chromium_124.0.6367.118-1~deb12u1_amd64-buildd.buildinfo fcbe1dfb0f41575062eed775a0aee282 73790936 web optional chromium_124.0.6367.118-1~deb12u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEvy6d65NNYPbL6IQIEQ1nooK/IAQFAmYy7LUACgkQEQ1nooK/ IARk1w/6AvCQrRLNLQugO1Yr/ONmKd7Nkww8digAMpOHRsqMGO56qSgoBcS7V19q kofDhihhUiqpOlaJ78qcHL1K3gSGi8KWs04MsLINl0Cb9x/to3vTx4VzTK9O7bVB J9xwIkEZo8rS5H4opwnzKv1SSdXUDOmpIJTwJC137mLniOEWEt7JyUPm25BwlRAG 4aLBwdf6PfnMURK9FOkPwTUP7oBP+zHqM3iU8P8uF9E3QZy9fBtJUfDK+Tqi8JHA Gmzvh0S1/bT2YwctH9Q6JFuKDOb7w60qnNn8c9qg8+n2048mFA8zY5e4+clnBAln 7ApxuHYXyXW4h103UGdoVpdkSUuKQZApg7GN6fuUaAaaEMhp3HGDXlpdf9vRn0Pv PziHvFQ8+jnJ6ED2mQH1x7gMSdJpo09XvPTVwjgX3bSLLB1BtE/Z6/71IQ+YaB5V tUERoNnbZ+HR2oSLscMb72sBxez3Ns7gY3czoX5Y3bahFoT/SlYTGol08pGH5YfV RsdNzdZ2p9Iplyw6TAGAQGwf1CTgMOFieLI865ft89DQ0IpR6pAmCC+uE8mwh7f/ XWlvZBdbtWA1XKVvKKYDfOMEXvZddtFYw78030EF+HXlyE1Yw7zsuEGc9jLQwNZC 3RdNd0bkGUWhfMjKmeQ9d+i48HC7wiJVjkWqT+zuZJRlAjmikcs= =JZIC -----END PGP SIGNATURE-----