Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted chromium 125.0.6422.60-1 (source) into unstable
Date: Fri, 17 May 2024 00:16:03 +0000
Signed by: Andres Salomon <dilinger@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 16 May 2024 18:55:41 -0400
Source: chromium
Architecture: source
Version: 125.0.6422.60-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Closes: 1071197
Changes:
 chromium (125.0.6422.60-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-4947: Type Confusion in V8. Reported by Vasily
       Berdnikov (@vaber_b) and Boris Larin (@oct0xor) of Kaspersky.
     - CVE-2024-4948: Use after free in Dawn. Reported by wgslfuzz.
     - CVE-2024-4949: Use after free in V8.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2024-4950: Inappropriate implementation in Downloads.
       Reported by Shaheen Fazim.
   * d/copyright: fix instrumented_libs deletion; upstream renamed it.
   * d/scripts/unbundle: bundle new requirement absl_crc (which is
     unavailable in bookworm).
   * d/patches:
     - upstream/uint-includes.patch: drop,merged upstream.
     - upstream/fps-optional.patch: drop, merged upstream.
     - upstream/span-optional.patch: drop, merged upstream.
     - upstream/extractor-bitset.patch: drop, merged upstream.
     - upstream/atomic.patch: drop, merged upstream.
     - upstream/webgpu-optional.patch: drop, merged upstream.
     - disable/catapult.patch: refresh.
     - i386/angle-lockfree.patch: drop, I _think_ it's no longer needed.
     - upstream/ruy-include.patch: add header build fix.
     - upstream/vulkan-include.patch: add header build fix.
     - upstream/mojo-bindings-include.patch: add header build fix.
     - upstream/appservice-include.patch: add header build fix.
     - upstream/no-vector-consts.patch: add build fix; gnu libstdc++
       doesn't allow const types inside vectors.
     - upstream/lens-include.patch: add header build fix.
     - bookworm/nvt2.patch: drop (replace with a better non-revert patch).
     - bookworm/v8-wrappable.patch: add nvt2.patch build fix replacement
       that just defines a single struct member.
     - upstream/ninja.patch: add build fix for failure triggered by
       ninja-1.12 (closes: #1071197).
     - fixes/bad-font-gc00000.patch: add formatting patch revert to make
       other patches easier to apply.
     - fixes/bad-font-gc2.patch: add a build failure fix & refresh.
     - fixes/bad-font-gc11.patch: add a build failure fix & refresh.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: Modify for
       upstream changes
     - third_party/0002-Add-PPC64-generated-files-for-boringssl.patch: Add
       pregenerated configuration for ppc64el support in BoringSSL
     - third_party/0002-third-party-boringssl-add-generated-files.patch:
       Rename to third_party/0002-Add-PPC64-generated-files-for-boringssl.patch
     - workarounds/HACK-debian-clang-disable-skia-musttail.patch: Refresh
       for upstream changes
     - third_party/skia-vsx-instructions.patch: Refresh for upstream changes
     - ffmpeg/0001-Add-support-for-ppc64.patch: Refresh for upstream changes
Checksums-Sha1:
 5be4a22fe7e19535a2191dbeb1f8494bc5145621 3749 chromium_125.0.6422.60-1.dsc
 9665789268e56bf1bc48bcd9c93344b6b9dd2f64 843547668 chromium_125.0.6422.60.orig.tar.xz
 c4f4c13cc72d0f153b4dbb661495d9e6810993d3 429740 chromium_125.0.6422.60-1.debian.tar.xz
 b8576cf3c6cda222246da63806a128e83886f17c 22233 chromium_125.0.6422.60-1_source.buildinfo
Checksums-Sha256:
 83e767e29f9b31b4785c1fe3e66ecd881ca0e5c0e7fe9edf30a7146a654622d4 3749 chromium_125.0.6422.60-1.dsc
 6786fb606a7c6555de98fa642f722c9de9b740cf1d9e1a3beed4cdcfacb12bc3 843547668 chromium_125.0.6422.60.orig.tar.xz
 5b2c129216120df434b5f95450520b0225dfac80a6535efb41c9a17b501d2cb6 429740 chromium_125.0.6422.60-1.debian.tar.xz
 ede5e905a2a6bf069dcc4fd571aca8e79f741fd56182c39aba0a5f5f8facfb43 22233 chromium_125.0.6422.60-1_source.buildinfo
Files:
 6615ca17bea43f1ca1cefe8b7529ddf5 3749 web optional chromium_125.0.6422.60-1.dsc
 d078db15b361e09ba4fe78e61712256f 843547668 web optional chromium_125.0.6422.60.orig.tar.xz
 15b229c4f000a1f0b42ef565b5414c1e 429740 web optional chromium_125.0.6422.60-1.debian.tar.xz
 c24ace7229a2d860c6bb32f8f7e2019c 22233 web optional chromium_125.0.6422.60-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmZGj5EUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudjf5tA//cepzBMIMMhR6ZQePVRz9tAHJP6is
sNWU8T7nzk2VgRxZktRRnbm+Oxa8yvvaTSsa6Q8qOFR8Y9r9Fx8/4rrYoh2AdfTo
XnQH8l1AUT+NuVXihZChzUjLBZIlgFltk/ByoFIIpNa5ZbVAraRsYetxguuASuy5
Fp2CpW07ze3r3BYPruRDsJ8LampWROIe9iDMfpzsQshIzoUfEVrVAAoHhG3SKggM
uCW41OpzhZ1HHK1iuB+3svXH40pD9CsUoFr3JgtoJE7mFZrQJI1bhROf65aDfn8J
1RBc3YNfMe1qvkeLwfFep6dkn6JcmGSHFBabiLV6jLdssGoD+Esc9QkzSCgma0UY
10EDC6sGriKHDg8Bn/Eq17BKgKi9+Ecq3Gy2JNlXLAsOj0Y2UN59Ph7LIwKO8PNY
EderstaK8dcWqouEtXUUVayTLUAZ7ypFZBnXQwIG+N6c0102hRydASL3g7TTUKSN
rLOYBH1shzHWCINAL+Be3aHPgWkb49/VsrVcDXjE9IEsCx3rDz6mJ5p6Iajfow+W
6wwxQ/N3pr1OeEI6JH/MV/nNpxMkg7jZYH6m7tBD4vxCyiu8UCeMNcP0A+TPGa4o
n30YZzBx+mdvTZ82kGDGlOxFQao07nSUuHi2klqV3awuGjT6mWVVNOY9pqQa1Eef
QHhiyfLsfPewqNc=
=QoHq
-----END PGP SIGNATURE-----
News for package chromium
