-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 08 Dec 2023 11:40:41 -0500 Source: chromium Architecture: source Version: 120.0.6099.71-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Debian Chromium Team <chromium@packages.debian.org> Changed-By: Andres Salomon <dilinger@debian.org> Changes: chromium (120.0.6099.71-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2023-6508: Use after free in Media Stream. Reported by Cassidy Kim(@cassidy6564). - CVE-2023-6509: Use after free in Side Panel Search. Reported by Khalil Zhani. - CVE-2023-6510: Use after free in Media Capture. Reported by [pwn2car]. - CVE-2023-6511: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry. - CVE-2023-6512: Inappropriate implementation in Web Browser UI. Reported by Om Apip. * d/copyright: adjust path for chai.js & mocha.js deletion. - delete third_party/libsecret. * d/control: new build depends on libsecret-1-dev. * d/scripts/unbundle: keep bundled libhwy; it's not available in bullseye. - also keep vulkan_memory_allocator and flatbuffers. * d/patches: - fixes/gcc13-headers.patch: refresh. - fixes/blink-frags.patch: drop part of patch & refresh. - disable/catapult.patch: refresh. - disable/driver-chrome-path.patch: update for minor upstream changes. - ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium. - ungoogled/disable-web-environment-integrity.patch: update from from ungoogled-chromium. - upstream/mojo.patch: update patch from upstream's git. - bookworm/clang16.patch: new patch working around upstream's clang18 flags. - upstream/nullptr_t.patch: more libstdc++13 build fixes. - upstream/string-include.patch: add a simple header include build fix. - fixes/absl-optional.patch: add a workaround for a clang bug (https://github.com/llvm/llvm-project/issues/50248) by providing our own 'optional' header. - bookworm/constcountrycode.patch: add workaround for older libstdc++. . [ Timothy Pearson ] * d/patches/ppc64le: - third_party/0001-Add-PPC64-support-for-libdav1d.patch: refresh for upstream changes - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for upstream changes - third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch: regenerate - third_party/skia-vsx-instructions.patch: refresh for upstream changes - third_party/use-sysconf-page-size-on-ppc64.patch: refresh for upstream changes - Mass refresh all other patches against 120 codebase. No functional change. Checksums-Sha1: 2cdd24596b6131b29862ca191ea9e84036f750c8 3731 chromium_120.0.6099.71-1~deb12u1.dsc c3144a7d6cad23975cf06fa4d64da6a4dd913000 792499468 chromium_120.0.6099.71.orig.tar.xz 4a53d67c275754e52d00425dec9f072d662ff6a2 368716 chromium_120.0.6099.71-1~deb12u1.debian.tar.xz 64abab27a17f9b23d5a94e427a0b4f65fca13152 21468 chromium_120.0.6099.71-1~deb12u1_source.buildinfo Checksums-Sha256: 915621ba6baafaa2daa664debb814a6543f0916d8f9ab5f845b6be869f3bc9ae 3731 chromium_120.0.6099.71-1~deb12u1.dsc c5fe64346783113cb2f62c3e99ab33552c891609297f2791fda32ee440423d44 792499468 chromium_120.0.6099.71.orig.tar.xz 2141c00e9519377fa26c0542b237d7c1ba29630d33b0e4c272fa25fcf2389cf7 368716 chromium_120.0.6099.71-1~deb12u1.debian.tar.xz b78d3b3e9fc43bd14d0a5e9068d1db6870041373d34f43c6a2f20978c2406861 21468 chromium_120.0.6099.71-1~deb12u1_source.buildinfo Files: 203f3ece110ba6cce8a49e228b7d3142 3731 web optional chromium_120.0.6099.71-1~deb12u1.dsc fca7891decb6f31586eeba635845226a 792499468 web optional chromium_120.0.6099.71.orig.tar.xz 0051418f9e1f3db0635b61acf9b9a884 368716 web optional chromium_120.0.6099.71-1~deb12u1.debian.tar.xz d2992f73a38fa32ac6ec7eb04d9301c0 21468 web optional chromium_120.0.6099.71-1~deb12u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmVzSEcUHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8NudjdE+g//QSzyy3YYsBL/lKM1SapcAWf9cZfF C14spZQlz7+PJ6IzXzRLNz02jr3LGrd0JQbzWMqYuoU130m0J1BO+gBdLGquMigP uCZyk3S4jaO67bFPEry05LN06N7q/8tUu51am8VAPv0hvVXLfIAAlUO3Dpp4pHcg cwa/fqgbRAF0kOtzUPTALN1aT5Me0oDoWDCQUiQZ9Xk0Ry+BedI1jY5CNdKhvqt+ EphdKAbTr2+CYLdsggta0ASu55gwipOVtMQy2Hc0eAhuTuVpSLb9XCcfFXZ++04s y19A+I1H/AUTT3CnzHZggLal++tDlQN9XV12RlXX21WJ1UFL2VkZH1WP8+0IsuhO UZ4cinCa9ji4bH2d8hb4HctplLjl/DMbekdEYJkGT1uSICMdI0lhendNJfFRYYKT ku80ZLWISALZZU1bEvshufsltQlcbiPF0/N0czA+CRRBiInAF64nwuMuifeD6Txc /aMt3kGyTIFpNOfwIufHFG/ybTy6ZVT6o2s86XcPOROinxy1YDrDZV6k+uoPOvQ0 +JssWLtutrsoPeKi7AbrM26N7sIH9I8I22y+JinSRGEJyNCGVMEW/5jdQSG+ub/q 1LW9rfdKF2yJejDSgfZ5u/s3KDss6cTrV9y1m7rUmmmy89811GK//n691hkxMMD0 4LloMiFSxN8wAHk= =rE4I -----END PGP SIGNATURE-----