Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <>
Subject: Accepted chromium 122.0.6261.57-1~deb12u1 (source) into stable-security
Date: Fri, 23 Feb 2024 06:09:02 +0000
Signed by: Andres Salomon <dilinger@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 21 Feb 2024 19:56:32 -0500
Source: chromium
Architecture: source
Version: 122.0.6261.57-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (122.0.6261.57-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-1669: Out of bounds memory access in Blink.
       Reported by Anonymous.
     - CVE-2024-1670: Use after free in Mojo.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2024-1671: Inappropriate implementation in Site Isolation.
       Reported by Harry Chen.
     - CVE-2024-1672: Inappropriate implementation in Content Security Policy.
       Reported by Georg Felber (TU Wien) & Marco Squarcina (TU Wien).
     - CVE-2024-1673: Use after free in Accessibility.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2024-1674: Inappropriate implementation in Navigation.
       Reported by David Erceg.
     - CVE-2024-1675: Insufficient policy enforcement in Download.
       Reported by Bartłomiej Wacko.
     - CVE-2024-1676: Inappropriate implementation in Navigation.
       Reported by Khalil Zhani.
   * d/patches:
     - fixes/v8-compressed-ptrs.patch: drop, merged upstream.
     - fixes/stdint.patch: drop, merged upstream.
     - upstream/vector.patch: drop, merged upstream.
     - upstream/display-header.patch: drop, merged upstream.
     - upstream/bitset.patch: drop, merged upstream.
     - upstream/once_flag.patch: drop, merged upstream.
     - fixes/std-to-address.patch: refresh.
     - disable/signin.patch: refresh.
     - disable/catapult.patch: refresh.
     - bookworm/clang16.patch: refresh, and change
       -Wno-c++11-narrowing-const-reference to -Wno-c++11-narrowing.
     - bookworm/nvt.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
     - bookworm/undo-internal-alloc.patch: revert a commit that confuses
       clang16 w/ libstdc++. We need a better workaround than this.
     - upstream/mojo.patch: update from git.
     - bookworm/constexpr-equality.patch: add a few more build fixes
       (constexpr removals).
     - upstream/uniqptr.patch: add missing include.
     - upstream/optional.patch: add missing include.
     - upstream/bookmarknode.patch: add comparison equality fix pulled from
       upstream.
     - fixes/optional.patch: add missing includes.
     - bookworm/nvt2.patch: revert another upstream c++-20 change for clang-16.
     - upstream/bitset.patch: add missing include.
     - ppc64le/v8/0002-Add-ppc64-trap-instructions.patch: refresh.
     - bookworm/eraseif0.patch: revert another commit; needed by
       eraseif-lambda.patch.
     - bookworm/eraseif-lamba.patch: refresh.
     - bookworm/undo-rust-req.patch: refresh.
     - bookworm/bubble-contents.patch: remove static_assert() that fails with
       libstdc++12.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Properly-detect-little-endian-PPC64-systems.patch: drop, upstream
       fix in GIT hash 25a6e6
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
       upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
Checksums-Sha1:
 15e068b9f406b52cad390456991a4eedcbd52ef1 3731 chromium_122.0.6261.57-1~deb12u1.dsc
 32482d17a4860bd475a5d87965384d783307de86 831688880 chromium_122.0.6261.57.orig.tar.xz
 8222e0f9442a28abd869c130be8ac5b93fb60bbd 383192 chromium_122.0.6261.57-1~deb12u1.debian.tar.xz
 b7a81fcc2a3ab5d9e56151d386a5fe7c6d5e39af 21604 chromium_122.0.6261.57-1~deb12u1_source.buildinfo
Checksums-Sha256:
 c1215799b8b78871763696652e5791171b8a095207e16be28f8a0e468bef4404 3731 chromium_122.0.6261.57-1~deb12u1.dsc
 0a01105fa3ab5cf3c9645cbf5c508cf4792c463a4e8d6d0c76272c720fd7e9fb 831688880 chromium_122.0.6261.57.orig.tar.xz
 f1a7b3914de1fbb3f8a638f540ffd70d157a620668c40750fe82338d6f2a55ea 383192 chromium_122.0.6261.57-1~deb12u1.debian.tar.xz
 b7aa84b79185b81126fc159e0624ed7ba86e90953c178bcb68da6e31bcc39e4d 21604 chromium_122.0.6261.57-1~deb12u1_source.buildinfo
Files:
 6d35105844fd8ab1bcc16655ac5fd823 3731 web optional chromium_122.0.6261.57-1~deb12u1.dsc
 6b1882ff077efc3f919ffe4519d7f997 831688880 web optional chromium_122.0.6261.57.orig.tar.xz
 6cfcee0ca84ca774e40ab467242cfa4c 383192 web optional chromium_122.0.6261.57-1~deb12u1.debian.tar.xz
 96e3ea1111a4ba243fc4c3bcc9a41f99 21604 web optional chromium_122.0.6261.57-1~deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmXXkc8UHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjflahAAhwzw38zkfOxMRblOyBlnqUe7Ij06
qiJ8rWtka/NEo+NPOKa9P4Qw4Klwfyi69z2hCo9ewsXGHIJnIvYqfCvW4SWcpNjk
HyNAdyNiBSzM0yV6qxKgD1xmvBnHqRNyJgg/7qAbFq7cnri1W4Im+3TtzYS5TzaM
9HatOusAq5KkvBUzXOlh/meExLntcDfJNB9/nRXCYAWqj9yH45Qsyz14UEwrNTEU
btbUryAoK2BlNzdgbLF+6f6wEBFzGxQ39Qhoj+kQ60+d/w5irUJHukqxdUKme5H8
iMekiK/ggUK3jwxQheEwvucb7NXjpWGZRZFSxQYglN4vpnykoTMP0AyWzGz5QF+M
owJHKiF5/Ub3YXDJfQraAYcgWb4jtPOUMrsVWtRhCYJiMZ1Ol2j/HVnTI1i9+eSg
F6gwiLs+OfnulLWFOWHBftClBo72/b1soMgSiFEjmrqBTgPpdREV0VrM+HVaM8X9
1QWtTtmU2J0kCCEisePykzr0NV/xvPgt2keG4xAbw47uSMbmkQ4MT6H71D1TD9ZG
tTiI/oz82J5CK5u3RAIUm7LOAtHixybBDXDaiwcb1svSoTvzZceYuDl+mqZjCVXQ
pyvs4WWYEJBgG8vQlktw7i7VlPH5nB2+LsddaY7HAn6/xVhF3RpFQXGEbtKDBujs
b7ly523trvVv7dg=
=M9Eh
-----END PGP SIGNATURE-----
News for package chromium
