-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 30 Apr 2024 17:53:52 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: i386 Version: 124.0.6367.118-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (124.0.6367.118-1~deb12u1) bookworm-security; urgency=high . * New upstream security release. - CVE-2024-4331: Use after free in Picture In Picture. Reported by Zhenghang Xiao (@Kipreyyy). - CVE-2024-4368: Use after free in Dawn. Reported by wgslfuzz. * Build-dep on libhwy-dev and delete the bundled third_party/highway. * Build-dep on libharfbuzz-dev and delete the bundled harfbuzz-ng. * Build-dep on libdav1d-dev and delete the bundled third_party/dav1d. * d/patches: - ppc64le/third_party/0001-Add-PPC64-support-for-libdav1d.patch, ppc64le/third_party/0001-Fix-libdav1d-compilation-on-clang-ppc.patch, ppc64le/third_party/0003-thirdparty-fix-dav1d-gn.patch, fixes/arm64-ftbfs.patch: drop these 4 patches that are only needed for bundled libdav1d. - ppc64le/third_party/0001-Fix-highway-ppc-hwcap.patch, ppc64le/third_party/0002-Highway-disable-128-bit-vsx.patch: drop these two patches that were needed for bundled highway. - upstream/ozone1.patch: drop, merged upstream. - upstream/ozone2.patch: drop, merged upstream. - fixes/bad-font-gc2.patch: refresh. . [ Timothy Pearson ] * d/patches/ppc64le: - third_party/0001-Add-PPC64-support-for-boringssl.patch: Fix inadvertent breakage of i386 build Checksums-Sha1: 6a3ee353051dc6856e97ee935fbe15c2c0c816d5 1178724 chromium-common-dbgsym_124.0.6367.118-1~deb12u1_i386.deb cd2d935d4bc8d22926b7028b56533f145f5e544b 5005196 chromium-common_124.0.6367.118-1~deb12u1_i386.deb 414dc72ff63c40dad040398f1a3a78f4bdb39cdb 34830012 chromium-dbgsym_124.0.6367.118-1~deb12u1_i386.deb a61317f94a7464aae8d2816138896ad5fff3c2a1 6337340 chromium-driver_124.0.6367.118-1~deb12u1_i386.deb 8393ea0b8c919732fae9b9623eedf633cd59b61d 13956 chromium-sandbox-dbgsym_124.0.6367.118-1~deb12u1_i386.deb 8ce713e1bf8ae96c6372730bd85f35ee0a2a30ae 89292 chromium-sandbox_124.0.6367.118-1~deb12u1_i386.deb 7149d7460aae4d33ad6e8e7f52184d2553dfe64e 30217676 chromium-shell-dbgsym_124.0.6367.118-1~deb12u1_i386.deb 849ecfc8f97eef6d4b2bae08fe540db2fdfd1f04 52837956 chromium-shell_124.0.6367.118-1~deb12u1_i386.deb 2040ad190345d1b3a67e4c7a5386890c558398c5 24704 chromium_124.0.6367.118-1~deb12u1_i386-buildd.buildinfo b359bcc45bdd7bb4e81229f44ac8c28d5c795cc4 75500700 chromium_124.0.6367.118-1~deb12u1_i386.deb Checksums-Sha256: b85628ff645abf401284939af3f118e2191cca973348fb5aa0dbe9af989e2a97 1178724 chromium-common-dbgsym_124.0.6367.118-1~deb12u1_i386.deb 2628ab799023023c0c0ce299bee3b0ab7dd4c26b60f6e1b77e633cb4e5e13eb6 5005196 chromium-common_124.0.6367.118-1~deb12u1_i386.deb c3a532adcb3b2d1a08a3f3efae009e7e6945b8b29a0bbb342a4350bb9f9be40c 34830012 chromium-dbgsym_124.0.6367.118-1~deb12u1_i386.deb 0ce68291cf358a460fd571e07cd17b4c0f4b0c77d467266ac56e4ce1287f0093 6337340 chromium-driver_124.0.6367.118-1~deb12u1_i386.deb f07f83ead4006d39d406436a491f612ee3a7224b2579eec0dc6041bac0aae88a 13956 chromium-sandbox-dbgsym_124.0.6367.118-1~deb12u1_i386.deb 3e2ec9b2b2e0425eb5d5bd0b6061fa479c080b262760d89ed40b4e7d81a6b777 89292 chromium-sandbox_124.0.6367.118-1~deb12u1_i386.deb 48b815d575b44b05165e0e76ba87d71bc3e92b1392de8d8159c0065b01645507 30217676 chromium-shell-dbgsym_124.0.6367.118-1~deb12u1_i386.deb 9a7935787ca43f7df22be09f927138b2b6f8e92c0c6fe4bd97fc83948384460d 52837956 chromium-shell_124.0.6367.118-1~deb12u1_i386.deb 49529112b843ce6ae2e0dfbe5add26b680dc0a392fb9110b75a1d49ba23b77ae 24704 chromium_124.0.6367.118-1~deb12u1_i386-buildd.buildinfo 4bd15587ece9554a6909d03b88fad0c5de9cd65081ac76968c49d9751c3781bc 75500700 chromium_124.0.6367.118-1~deb12u1_i386.deb Files: 20bb05eb5a7adb99cddce03a5579136d 1178724 debug optional chromium-common-dbgsym_124.0.6367.118-1~deb12u1_i386.deb 5b06af69b7c55ada690b91355c5ae092 5005196 web optional chromium-common_124.0.6367.118-1~deb12u1_i386.deb c5092211d3bdf871a8de9ad10398808d 34830012 debug optional chromium-dbgsym_124.0.6367.118-1~deb12u1_i386.deb baf305e172f1b7d44117f3e5f8aaac75 6337340 web optional chromium-driver_124.0.6367.118-1~deb12u1_i386.deb ee9e57d6e6f7954b0db8a3349b80b5f2 13956 debug optional chromium-sandbox-dbgsym_124.0.6367.118-1~deb12u1_i386.deb 3926bb9e486835d65312fa0471a80567 89292 web optional chromium-sandbox_124.0.6367.118-1~deb12u1_i386.deb 14ddbaf9fa266c9a2fa71f9a33954419 30217676 debug optional chromium-shell-dbgsym_124.0.6367.118-1~deb12u1_i386.deb 9116f816435ceeeede80ddb62d957960 52837956 web optional chromium-shell_124.0.6367.118-1~deb12u1_i386.deb ad2cdc3e63d381d824c96c52b7534fe5 24704 web optional chromium_124.0.6367.118-1~deb12u1_i386-buildd.buildinfo 54879a21e669b18a7dce9bf7fc3be4cb 75500700 web optional chromium_124.0.6367.118-1~deb12u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErEDrIdpJkzFMm6K+PyQET5WCY90FAmYy+9MACgkQPyQET5WC Y92lmw/8CaJPuVPzKdsvI2izKzxyxW3OZ/ghSf+/AHvKf+J8BKwPrDFmW491Kw6o 5RYINireRg+DjGkTiFhlwG9cZL4iQf1ifGop4mzBMsy1sshh+T/ZmBhQKK7Jon41 Fze589zpqbn7dleJfKj7+reGzXlDrPTgaH0/mY2Sk4m9Xupi6BM/HCcgTHIxuOf5 PTAPqEVtOkyXvK+2CqQ4XhYQWyx9ZYE3LjkNq/mncqlrycorHSnJ+FBECAogI5o2 In8e2WpUk/d1euILw04BRZO2YfzwqanBQ1x0K6+k9oExjQ3eM/NLGemK4Y6I40hr aoFsLNjBOT1EMGhLZ0/DPuvrCF+A/OL7xjthmQq9O+4QtslyKDw37MAIun55jGsN 1Z4V/XzW34JN0/C8v3rfkwI8oGUzg3/lZLsap+MoVvziLvm4Easoy/DdAe+wsNIh 7f7zxst1k0oKjJq2nX/wXmhs6NkD60l3WvOxVWZoCMwgIh53+Q+5IUjiKTI3s3Lu uwai+fm0zaLj5Bs/LnUTLbhUTKMzGxn2gszjpD5+B5gQjjKY3X0eCEJMWdDZc63i WYGLytP7tnWeaGrHrU+vUmfb3fm/hedsNIi+PZJuE46IuDbi9wTYgONFv+Ht9di0 LhcHrua1rZIk+XQ781Zd0niM7YdtVznvWBI0I+e2ghcJHPLGnS0= =Qhj/ -----END PGP SIGNATURE-----