-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 21 Feb 2024 19:56:32 -0500
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: amd64
Version: 122.0.6261.57-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (122.0.6261.57-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-1669: Out of bounds memory access in Blink.
       Reported by Anonymous.
     - CVE-2024-1670: Use after free in Mojo.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2024-1671: Inappropriate implementation in Site Isolation.
       Reported by Harry Chen.
     - CVE-2024-1672: Inappropriate implementation in Content Security Policy.
       Reported by Georg Felber (TU Wien) & Marco Squarcina (TU Wien).
     - CVE-2024-1673: Use after free in Accessibility.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2024-1674: Inappropriate implementation in Navigation.
       Reported by David Erceg.
     - CVE-2024-1675: Insufficient policy enforcement in Download.
       Reported by Bartłomiej Wacko.
     - CVE-2024-1676: Inappropriate implementation in Navigation.
       Reported by Khalil Zhani.
   * d/patches:
     - fixes/v8-compressed-ptrs.patch: drop, merged upstream.
     - fixes/stdint.patch: drop, merged upstream.
     - upstream/vector.patch: drop, merged upstream.
     - upstream/display-header.patch: drop, merged upstream.
     - upstream/bitset.patch: drop, merged upstream.
     - upstream/once_flag.patch: drop, merged upstream.
     - fixes/std-to-address.patch: refresh.
     - disable/signin.patch: refresh.
     - disable/catapult.patch: refresh.
     - bookworm/clang16.patch: refresh, and change
       -Wno-c++11-narrowing-const-reference to -Wno-c++11-narrowing.
     - bookworm/nvt.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
     - bookworm/undo-internal-alloc.patch: revert a commit that confuses
       clang16 w/ libstdc++. We need a better workaround than this.
     - upstream/mojo.patch: update from git.
     - bookworm/constexpr-equality.patch: add a few more build fixes
       (constexpr removals).
     - upstream/uniqptr.patch: add missing include.
     - upstream/optional.patch: add missing include.
     - upstream/bookmarknode.patch: add comparison equality fix pulled from
       upstream.
     - fixes/optional.patch: add missing includes.
     - bookworm/nvt2.patch: revert another upstream c++-20 change for clang-16.
     - upstream/bitset.patch: add missing include.
     - ppc64le/v8/0002-Add-ppc64-trap-instructions.patch: refresh.
     - bookworm/eraseif0.patch: revert another commit; needed by
       eraseif-lambda.patch.
     - bookworm/eraseif-lamba.patch: refresh.
     - bookworm/undo-rust-req.patch: refresh.
     - bookworm/bubble-contents.patch: remove static_assert() that fails with
       libstdc++12.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Properly-detect-little-endian-PPC64-systems.patch: drop, upstream
       fix in GIT hash 25a6e6
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
       upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
Checksums-Sha1:
 5c549384e5b9f5a57745dca9b9a47fd7bbd29d25 1203244 chromium-common-dbgsym_122.0.6261.57-1~deb12u1_amd64.deb
 b9dfd863fd52d69f8c2c399b02b8507b295d7c52 4966424 chromium-common_122.0.6261.57-1~deb12u1_amd64.deb
 90004846c8b44695f2570b98906cfa2582cba78d 32371720 chromium-dbgsym_122.0.6261.57-1~deb12u1_amd64.deb
 50e30ebd27eff3169bd3585ee360293a2bc3647d 6022120 chromium-driver_122.0.6261.57-1~deb12u1_amd64.deb
 796b4cd6c259a72ed4808370ad3fa7fde93a18d5 14124 chromium-sandbox-dbgsym_122.0.6261.57-1~deb12u1_amd64.deb
 24915dc0c65a885981290ff2a32fa4421127a963 86568 chromium-sandbox_122.0.6261.57-1~deb12u1_amd64.deb
 14caf453e875428b14b3f45c7fdbbb460a3af2a0 27590580 chromium-shell-dbgsym_122.0.6261.57-1~deb12u1_amd64.deb
 f9ddc48df8e4e202fc4ccbeb2e306dcc1710275e 50639572 chromium-shell_122.0.6261.57-1~deb12u1_amd64.deb
 2ec1f4801a9db8a1f47e8a0a4310502b6fc8e3b9 24428 chromium_122.0.6261.57-1~deb12u1_amd64-buildd.buildinfo
 d8e15b587e6891124a3256035b2dfc58eedb17fc 72999728 chromium_122.0.6261.57-1~deb12u1_amd64.deb
Checksums-Sha256:
 049f9dfc21b1879fab389bc2ce017a15755e19636675f2487c518dfeb85162ef 1203244 chromium-common-dbgsym_122.0.6261.57-1~deb12u1_amd64.deb
 80b364f4ebeb0347da861cdccb388268ac91f3369abcc8a824d0d399c10b7e53 4966424 chromium-common_122.0.6261.57-1~deb12u1_amd64.deb
 731a01bbc438123d235d4f24d20bf44ad270748bd135048966b7b81a0e39fa57 32371720 chromium-dbgsym_122.0.6261.57-1~deb12u1_amd64.deb
 1d1707ac4a26c22df03909b97d305f336cf3bcb7ecda7ca71a85b9ea25d4fad8 6022120 chromium-driver_122.0.6261.57-1~deb12u1_amd64.deb
 09f2d3873a412356c3f5d9f1c0e71a2fe6cb1e323c2f33fd0b7e857ccf327391 14124 chromium-sandbox-dbgsym_122.0.6261.57-1~deb12u1_amd64.deb
 ba6c3aaf505a1166b3ab4dd8a0b73190fd5806f9e9d026f5f711aeec7b8b88d4 86568 chromium-sandbox_122.0.6261.57-1~deb12u1_amd64.deb
 c0532d146f7bc50ea3a9a3991f8907ec0533b045c44a7869c558cc9e6ccad352 27590580 chromium-shell-dbgsym_122.0.6261.57-1~deb12u1_amd64.deb
 0dee42f028813fa6bf1a086830a2ac63a66dd0be5208b5d4be9e8c50e6637f59 50639572 chromium-shell_122.0.6261.57-1~deb12u1_amd64.deb
 4c75de6bc740ce50a276c52991e61ead850a252162de27fc32295a421dec0854 24428 chromium_122.0.6261.57-1~deb12u1_amd64-buildd.buildinfo
 329ae1c2af4a4b853693fd0a736286179e2052c63d03121f493d97aa94b07dce 72999728 chromium_122.0.6261.57-1~deb12u1_amd64.deb
Files:
 eb70b155a863bcee702efdb004d28621 1203244 debug optional chromium-common-dbgsym_122.0.6261.57-1~deb12u1_amd64.deb
 e2af09f3449e743a3adbd6d3b03af4a6 4966424 web optional chromium-common_122.0.6261.57-1~deb12u1_amd64.deb
 1984f146ede7559faf0ae06cf48899c8 32371720 debug optional chromium-dbgsym_122.0.6261.57-1~deb12u1_amd64.deb
 8647c58f4472f449c69168e2459f20b1 6022120 web optional chromium-driver_122.0.6261.57-1~deb12u1_amd64.deb
 91d1af9492ac303e6346255f8cd48718 14124 debug optional chromium-sandbox-dbgsym_122.0.6261.57-1~deb12u1_amd64.deb
 1e89b33c99b7314fdd7baf7ad1e5a07b 86568 web optional chromium-sandbox_122.0.6261.57-1~deb12u1_amd64.deb
 86aa94905dc6166cef9c53d8e0c6d213 27590580 debug optional chromium-shell-dbgsym_122.0.6261.57-1~deb12u1_amd64.deb
 52bfcb2121f5b988eafdc761d6c3665a 50639572 web optional chromium-shell_122.0.6261.57-1~deb12u1_amd64.deb
 c207f0bd3dfcf9002b94595c2e2b9c2e 24428 web optional chromium_122.0.6261.57-1~deb12u1_amd64-buildd.buildinfo
 6162c8129fae1fdda2538bfee9f4ccb7 72999728 web optional chromium_122.0.6261.57-1~deb12u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEi/TVpVg0yb7dq8QfDZWW6X29YdoFAmXYMxEACgkQDZWW6X29
YdqiJBAApbv2h7mq2bhznVbbyxTW8Hx8AzwXUEgRqOwT8iw4ap6ytEWVQpSwygpk
jyuP78gZrX7neXiB+T6kFzI7QiozQyrpyPwzc0QLlQ3qFjg2SKJ64D4CnwOsyEba
Yrz5r61eTyBYGaLQds0cIzSdvNNj75+TJU8oi5N5gKjcWzQ66O7XAD0g6rVrj0g0
Bwl+KcNK5UwcvKi1LaVAChaKMzi7ugedEpxQswB87vG/DEdjcCLihSnp94Wn/Os4
6Pz+vOlK7R7ekJe6LtV6O+aD+Qcg84RhchKM6bFICbgdfPg+3EcxySjhnteXghtV
pCpM6Ma/emO4skU3e71kL8zCcDMnPEyeOXTZ/JHaFhpWkqR7xOwTp9htHFasOhWU
0mBYvf41W1/SubIcP2nUc69mawH8vUS9LuCJ3abV7A8p4TCX/J828HwCBPW6FIE4
+zBvk1xsRU3wFupi9/wS+orOhdJ1A2mcjSFGAeknDdyBzQzyPUjjZzrUBCFgezRj
r4sGjPnSgbXoepS8XYbAjKJ4JJSHCN1zEz7AOFgaPpu6nMevKyDzgOxBj4klSBxg
mhWqr47GoFJuHgjj1E3xk7Tks/9d3+ZD+PyHkbhV462Kvk+3l/207JwwXuczsnpp
DFNJHRdycKlHKWnm1q1SPPhXf33murMAo4IeVSK+aEf9UMhefNs=
=re4X
-----END PGP SIGNATURE-----