Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted chromium 122.0.6261.57-1 (source) into unstable
Date: Thu, 22 Feb 2024 02:17:20 +0000
Signed by: Andres Salomon <dilinger@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 21 Feb 2024 19:56:32 -0500
Source: chromium
Architecture: source
Version: 122.0.6261.57-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (122.0.6261.57-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-1669: Out of bounds memory access in Blink.
       Reported by Anonymous.
     - CVE-2024-1670: Use after free in Mojo.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2024-1671: Inappropriate implementation in Site Isolation.
       Reported by Harry Chen.
     - CVE-2024-1672: Inappropriate implementation in Content Security Policy.
       Reported by Georg Felber (TU Wien) & Marco Squarcina (TU Wien).
     - CVE-2024-1673: Use after free in Accessibility.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2024-1674: Inappropriate implementation in Navigation.
       Reported by David Erceg.
     - CVE-2024-1675: Insufficient policy enforcement in Download.
       Reported by Bartłomiej Wacko.
     - CVE-2024-1676: Inappropriate implementation in Navigation.
       Reported by Khalil Zhani.
   * d/patches:
     - fixes/v8-compressed-ptrs.patch: drop, merged upstream.
     - fixes/stdint.patch: drop, merged upstream.
     - upstream/vector.patch: drop, merged upstream.
     - upstream/display-header.patch: drop, merged upstream.
     - upstream/bitset.patch: drop, merged upstream.
     - upstream/once_flag.patch: drop, merged upstream.
     - fixes/std-to-address.patch: refresh.
     - disable/signin.patch: refresh.
     - disable/catapult.patch: refresh.
     - bookworm/clang16.patch: refresh, and change
       -Wno-c++11-narrowing-const-reference to -Wno-c++11-narrowing.
     - bookworm/nvt.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
     - bookworm/undo-internal-alloc.patch: revert a commit that confuses
       clang16 w/ libstdc++. We need a better workaround than this.
     - upstream/mojo.patch: update from git.
     - bookworm/constexpr-equality.patch: add a few more build fixes
       (constexpr removals).
     - upstream/uniqptr.patch: add missing include.
     - upstream/optional.patch: add missing include.
     - upstream/bookmarknode.patch: add comparison equality fix pulled from
       upstream.
     - fixes/optional.patch: add missing includes.
     - bookworm/nvt2.patch: revert another upstream c++-20 change for clang-16.
     - upstream/bitset.patch: add missing include.
     - ppc64le/v8/0002-Add-ppc64-trap-instructions.patch: refresh.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Properly-detect-little-endian-PPC64-systems.patch: drop, upstream
       fix in GIT hash 25a6e6
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
       upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
Checksums-Sha1:
 2ffcdf13c5e1ae93404f599a19fbce5e363bef0b 3719 chromium_122.0.6261.57-1.dsc
 32482d17a4860bd475a5d87965384d783307de86 831688880 chromium_122.0.6261.57.orig.tar.xz
 744090355aabf5b9490c2f903162cc5ac74bf93c 378808 chromium_122.0.6261.57-1.debian.tar.xz
 2f1c210c8a00b1e1e68aee5f6f70fa5df2997047 21996 chromium_122.0.6261.57-1_source.buildinfo
Checksums-Sha256:
 dbb4587dafbe97f4b1b55d4f7981f406fc1b7955db687473e36c6843b5d0057c 3719 chromium_122.0.6261.57-1.dsc
 0a01105fa3ab5cf3c9645cbf5c508cf4792c463a4e8d6d0c76272c720fd7e9fb 831688880 chromium_122.0.6261.57.orig.tar.xz
 759199afc3bca1fa3198baf6ee3c27543ccc839086e40ec51a4774ca42dd7653 378808 chromium_122.0.6261.57-1.debian.tar.xz
 8f54f85a907efa4b4b3ab72d64bb0c9babbd4dbe73ed732445087570a216ac75 21996 chromium_122.0.6261.57-1_source.buildinfo
Files:
 672f62b600be38bd17fc34b24956a5a4 3719 web optional chromium_122.0.6261.57-1.dsc
 6b1882ff077efc3f919ffe4519d7f997 831688880 web optional chromium_122.0.6261.57.orig.tar.xz
 42e909b83fdfc8e63622521506b44ba0 378808 web optional chromium_122.0.6261.57-1.debian.tar.xz
 883af146b92b11c38177457d5ef05bc5 21996 web optional chromium_122.0.6261.57-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmXWnnAUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjdPpg/+I6DKLXV3/KCrRv/Jo3hp13OlyEUo
3V30l5gA24Ln7ZbG6kL0z6FoAUmL+iio1XxpmjhSc4gfFqyzKG1go2FB7rH46Ytm
grzUDT8t15DVYXF4YVa3/+6jLYBpoCt91zc8kOGuzXx6BzgVKKMCCiN37hhE/o/y
1pXebSZSQ6UJpanyWzTTZP/zdpHAFRBg85Cr1UH3G/ky87tgVfXGqarquDeMW2L3
aywWJvK6TwdsCJpyvKJWCr9nvgd7EAgdX/p64oFt+W7nipbF3CKTTX7TuXuuhNYI
48pM18+n6MeYzfwJ0gNionb3EifzRAUTypdzKGuyWfhcW0e+05RUxif6Eh3CDluB
0VrXag2Ftm7YfEs0P4KvUzs3x8xhc6qNvswIFKm9soH3y0/7kWZF9+bn74vsMtT2
yZiPOynDWA2MEgxhg5YgxwUAo2T9XgQzfHcYAX2QByQhbWjyk5eC29QsMBqURFBB
1i4wS7HBIoDaqVfKVvd8YSYnlrALTv4Mf0GVA2KpfUi21wUSvOB+4/azUx1Kp8tb
Wtppj+CdvIIfVg9NaeTEtWkd/UZYzu/4qhdCYS8MzNrsi+IQsaMrthtg4Pko4ijD
hgDfX0lBU8+rL3/5TFdDyeaYgDDbjf0biGboDTpa5aYhANgKIr0kDGsgypTtSe73
s0JJxyYA5t9ah3Q=
=D9OX
-----END PGP SIGNATURE-----
News for package chromium
