-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 21 Nov 2024 16:12:03 -0500 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: amd64 Version: 131.0.6778.85-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: amd64 Build Daemon (x86-grnet-01) <buildd_amd64-x86-grnet-01@buildd.debian.org> Changed-By: Andres Salomon <dilinger@debian.org> Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (131.0.6778.85-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2024-11110: Inappropriate implementation in Blink. Reported by Vsevolod Kokorin (Slonser) of Solidlab. - CVE-2024-11111: Inappropriate implementation in Autofill. Reported by Narendra Bhati, Suma Soft Pvt. Ltd - Pune (India). - CVE-2024-11112: Use after free in Media. Reported by Nan Wang(@eternalsakura13) and Zhenghang Xiao(@Kipreyyy) of 360 Vulnerability Research Institute. - CVE-2024-11113: Use after free in Accessibility. Reported by Weipeng Jiang (@Krace) of VRI. - CVE-2024-11114: Inappropriate implementation in Views. Reported by Micky. - CVE-2024-11115: Insufficient policy enforcement in Navigation. Reported by mastersplinter. - CVE-2024-11116: Inappropriate implementation in Paint. Reported by Thomas Orlita. - CVE-2024-11117: Inappropriate implementation in FileSystem. Reported by Ameen Basha M K. - CVE-2024-11395: Type Confusion in V8. Reported by Anonymous. * d/patches: - upstream/wayland-gbm-pixmap.patch: drop, merged upstream. - disable/catapult.patch: refresh. - fixes/bindgen.patch: refresh. - fixes/freetype.patch: add new patch to fix missing enable_freetype arg declaration. - fixes/updater-test.patch: add simple build fix for deleted third_party/updater/. - upstream/stack-header.patch: drop, merged upstream. - bookworm/clang16.patch: refresh. - bookworm/bubble-contents.patch: refresh. - bookworm/constexpr.patch: refresh. - bookworm/gn-absl.patch: add a few more places where libs needed to be made visible. - bookworm/gn-funcs.patch: add another deletion of newer gn features. - bookworm/constexpr-assert.patch: add patch to work around more clang-16 constexpr bugs; this time a fun one with branching optimizations. Whee! . [ Timothy Pearson ] * d/patches/ppc64le: - workarounds/HACK-debian-clang-disable-pa-musttail.patch: Work around additional upstream musttail definitions - workarounds/HACK-debian-clang-disable-base-musttail.patch: Refresh for upstream changes - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch: Refresh for upstream changes Checksums-Sha1: 0891e4871e306a5505c4f01c36b45f473b021ca4 4804776 chromium-common-dbgsym_131.0.6778.85-1~deb12u1_amd64.deb bc52b0a0a596507958c17f72ca070ca49f2fb065 10122888 chromium-common_131.0.6778.85-1~deb12u1_amd64.deb 901ebae2c0af218a4753d154b1df227d34624767 32331556 chromium-dbgsym_131.0.6778.85-1~deb12u1_amd64.deb d0bb0380afce45d5e9c3b17ab3b8d146f0592f2a 7033040 chromium-driver_131.0.6778.85-1~deb12u1_amd64.deb c4fa061197b9562cdff93d3fd6ba9c601ba406db 13740 chromium-sandbox-dbgsym_131.0.6778.85-1~deb12u1_amd64.deb 94a90333f9b5f3489f957ed27bf77ea914a52dc1 97596 chromium-sandbox_131.0.6778.85-1~deb12u1_amd64.deb e77fbee494f1705f2734c042f697e6a7f9067279 26901216 chromium-shell-dbgsym_131.0.6778.85-1~deb12u1_amd64.deb dca2630a7fd0cc848ec1cb9432343e84121fb158 52540076 chromium-shell_131.0.6778.85-1~deb12u1_amd64.deb 05a9465d7bde380ab71c8fee9d296443f9df230b 24936 chromium_131.0.6778.85-1~deb12u1_amd64-buildd.buildinfo e6edd97145497b0b087f5066317dfd9d035926bf 85753116 chromium_131.0.6778.85-1~deb12u1_amd64.deb Checksums-Sha256: 70b7cc7731276ca6d0508f75f5fdd29f249df5f59e4ed466b5e72111c298b8e6 4804776 chromium-common-dbgsym_131.0.6778.85-1~deb12u1_amd64.deb 7b1b673f0331b2d9774617504b864a0243d91a3a108f67c61903ae8ff8ba40ed 10122888 chromium-common_131.0.6778.85-1~deb12u1_amd64.deb ff2e5f1d90226691b8261934f84ee9db091898736e466c2152bd8b10c5e32f7f 32331556 chromium-dbgsym_131.0.6778.85-1~deb12u1_amd64.deb f844751f133db3b701ed4e07c471d3a761b94615407297c241a2cbcedb25338b 7033040 chromium-driver_131.0.6778.85-1~deb12u1_amd64.deb 2ea48467327ff482e864e8a61ee58d48920eef439cae101feffedb771696760b 13740 chromium-sandbox-dbgsym_131.0.6778.85-1~deb12u1_amd64.deb 5ddfdcfce7bd6ad4c285916867f8aa4e1f4e4ab8930ee32913f644d18b059e65 97596 chromium-sandbox_131.0.6778.85-1~deb12u1_amd64.deb c9639cd75343e964a6b8fea3e08ce02d0dfd1c5c573df20699109c3e69fdab1f 26901216 chromium-shell-dbgsym_131.0.6778.85-1~deb12u1_amd64.deb c3d1328ebc1ba2f0d043e4643eb5c48955511520603b38a73a41a7021003da74 52540076 chromium-shell_131.0.6778.85-1~deb12u1_amd64.deb faff62ce45f292c5d611c5d88e6150bd35cf817e362c9855403c97900348a89f 24936 chromium_131.0.6778.85-1~deb12u1_amd64-buildd.buildinfo 2568e4727db01a3f2090ba3a27f473a89ff5014c3025ea2d0cfc72fa6466ffb0 85753116 chromium_131.0.6778.85-1~deb12u1_amd64.deb Files: 4120ace5b1417ccbf6c2dc2025aef395 4804776 debug optional chromium-common-dbgsym_131.0.6778.85-1~deb12u1_amd64.deb 383b193502e9519258a694318b517055 10122888 web optional chromium-common_131.0.6778.85-1~deb12u1_amd64.deb 43ca22c37f5e36890e1220f5c588c220 32331556 debug optional chromium-dbgsym_131.0.6778.85-1~deb12u1_amd64.deb e8209494a027a71923bff35215116d61 7033040 web optional chromium-driver_131.0.6778.85-1~deb12u1_amd64.deb 0e7664473b09149a5655b87177ad95f3 13740 debug optional chromium-sandbox-dbgsym_131.0.6778.85-1~deb12u1_amd64.deb b4d13d32b6b6eb8b12536a43a5fead11 97596 web optional chromium-sandbox_131.0.6778.85-1~deb12u1_amd64.deb b67137409e68f2d99054a56417eb32fc 26901216 debug optional chromium-shell-dbgsym_131.0.6778.85-1~deb12u1_amd64.deb 86889460d5572a4f3e1b7d972d7a8502 52540076 web optional chromium-shell_131.0.6778.85-1~deb12u1_amd64.deb 787cd2dbc41eb2d57519cc91092f2c3c 24936 web optional chromium_131.0.6778.85-1~deb12u1_amd64-buildd.buildinfo d4eaf6bcc0971b2cfff3363344738c9d 85753116 web optional chromium_131.0.6778.85-1~deb12u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEyTfXx8sBpQ0Lh3cUU9a0/LcaTpMFAmdBpnUACgkQU9a0/Lca TpPqWg//TYvpd+wB6ho1WO3LSG+na1pRCl3/fSL1B4iElOfuZX4wOmx9ht7Ljm27 40s2awrCu7AB7MMELdzV/0vjP+coNjDSf9r5R3Lb8Vk2nmZISppOeU+ZfIOyhS9f 0u7BwgYJNhrYeU83AvjR18Xs9MkVrqn9HWmP3h6MFW/H1aKadZsJ3KaXq5HGBOvn 30Tqzqscf32j373DlWePXGpbwi3hy+pndRwPD0HH7RV5b6877iJEqPSmkaIr1PIO SV5WO1SETF+uzCEFkpUgha7PSUHXam8OjuoEjBCijv9tF7Ay0jrt5Me+M1oo/Qqz Q3DDjwKUsRTjN+X0+DO3qbSoGPwKC57lCr+eXyM4aXi860bypZNaID1VO78H0aw6 P3CaNcjJlFX4QFzpsN4NTO8cTnXVfW7y8Oug54KDEvewsk8C6vOJ2vTbyTEu9x3/ zr241OZLU5StXj1gT/aG2PNYTZcU5nx709jLgu8HAub4iqT57uYk3MvkRfWZXiee m0/X1NQuO0085eNXP1s1Fpb2fjyGtRW6lUrR7u9/L88Rs2LJKTqA+f+VzvSrS8QA p2pSxXmDbuOqyvhyCq0Q6j475PVmy360ZnPpTd76lhaWgBZCNkrG2CMp1T3qB0bU HZ3Eeio2pfknDi2ZlyLhgxQRoVnC5OdTKPin04JjxWyR9Ctb4TU= =2rUR -----END PGP SIGNATURE-----