Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <>
Subject: Accepted chromium 125.0.6422.60-1~deb12u1 (source) into stable-security
Date: Fri, 17 May 2024 17:15:27 +0000
Signed by: Andres Salomon <dilinger@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 16 May 2024 18:55:41 -0400
Source: chromium
Architecture: source
Version: 125.0.6422.60-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (125.0.6422.60-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-4947: Type Confusion in V8. Reported by Vasily
       Berdnikov (@vaber_b) and Boris Larin (@oct0xor) of Kaspersky.
     - CVE-2024-4948: Use after free in Dawn. Reported by wgslfuzz.
     - CVE-2024-4949: Use after free in V8.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2024-4950: Inappropriate implementation in Downloads.
       Reported by Shaheen Fazim.
   * d/copyright: fix instrumented_libs deletion; upstream renamed it.
   * d/scripts/unbundle: bundle new requirement absl_crc (which is
     unavailable in bookworm).
   * d/patches:
     - upstream/uint-includes.patch: drop,merged upstream.
     - upstream/fps-optional.patch: drop, merged upstream.
     - upstream/span-optional.patch: drop, merged upstream.
     - upstream/extractor-bitset.patch: drop, merged upstream.
     - upstream/atomic.patch: drop, merged upstream.
     - upstream/webgpu-optional.patch: drop, merged upstream.
     - disable/catapult.patch: refresh.
     - i386/angle-lockfree.patch: drop, I _think_ it's no longer needed.
     - upstream/ruy-include.patch: add header build fix.
     - upstream/vulkan-include.patch: add header build fix.
     - upstream/mojo-bindings-include.patch: add header build fix.
     - upstream/appservice-include.patch: add header build fix.
     - upstream/no-vector-consts.patch: add build fix; gnu libstdc++
       doesn't allow const types inside vectors.
     - upstream/lens-include.patch: add header build fix.
     - bookworm/nvt2.patch: drop (replace with a better non-revert patch).
     - bookworm/v8-wrappable.patch: add nvt2.patch build fix replacement
       that just defines a single struct member.
     - upstream/ninja.patch: add build fix for failure triggered by
       ninja-1.12.
     - fixes/bad-font-gc00000.patch: add formatting patch revert to make
       other patches easier to apply.
     - fixes/bad-font-gc2.patch: add a build failure fix & refresh.
     - fixes/bad-font-gc11.patch: add a build failure fix & refresh.
     - bookworm/bubble-contents.patch: refresh.
     - bookworm/omnibox-constexpr.patch: add constexpr -> const build fix.
     - upstream/tabstrip-include.patch: add header build fix.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: Modify for
       upstream changes
     - third_party/0002-Add-PPC64-generated-files-for-boringssl.patch: Add
       pregenerated configuration for ppc64el support in BoringSSL
     - third_party/0002-third-party-boringssl-add-generated-files.patch:
       Rename to third_party/0002-Add-PPC64-generated-files-for-boringssl.patch
     - workarounds/HACK-debian-clang-disable-skia-musttail.patch: Refresh
       for upstream changes
     - third_party/skia-vsx-instructions.patch: Refresh for upstream changes
     - ffmpeg/0001-Add-support-for-ppc64.patch: Refresh for upstream changes
Checksums-Sha1:
 8eb05b1469084efbb95b804ab515231cc63fa979 3765 chromium_125.0.6422.60-1~deb12u1.dsc
 9665789268e56bf1bc48bcd9c93344b6b9dd2f64 843547668 chromium_125.0.6422.60.orig.tar.xz
 ff9e1379c9b85a9a6f9618e6a0be932aebe980d0 432452 chromium_125.0.6422.60-1~deb12u1.debian.tar.xz
 63162cd49eb31c3a7cff59dd059e99c9dd125db7 21784 chromium_125.0.6422.60-1~deb12u1_source.buildinfo
Checksums-Sha256:
 cad98e5607a1b66861b78d931a7fcbb89a5bdb67dc613b4c25a19ed58c1b7857 3765 chromium_125.0.6422.60-1~deb12u1.dsc
 6786fb606a7c6555de98fa642f722c9de9b740cf1d9e1a3beed4cdcfacb12bc3 843547668 chromium_125.0.6422.60.orig.tar.xz
 d800aee622975939035ebbfcbc4d43c30105b4cd12ed5e155b88fd1061e336f6 432452 chromium_125.0.6422.60-1~deb12u1.debian.tar.xz
 77ae1b2f83159ddb7c86275e48f67adb0c7646ad3bdd1b34f28cd3572227111d 21784 chromium_125.0.6422.60-1~deb12u1_source.buildinfo
Files:
 5bc908f0fe75d50975018c292774a953 3765 web optional chromium_125.0.6422.60-1~deb12u1.dsc
 d078db15b361e09ba4fe78e61712256f 843547668 web optional chromium_125.0.6422.60.orig.tar.xz
 e90110f278cd051c64eaea142b374ba5 432452 web optional chromium_125.0.6422.60-1~deb12u1.debian.tar.xz
 b00d0b49614b8ed760f692eeb3c145e4 21784 web optional chromium_125.0.6422.60-1~deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmZG+68UHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjeWAhAAg9DDiCaZpOOPaMtU72VyNuoVqwGJ
29AfG4mmf4a7rhHp4fzSB8rbIgLD2Gv+fX9YH5TGIBxYH6CU2ia8VG5NljMb132P
aEUdAN0rNnG6EN9/1BesMk9RzZtGxnecnZfnkA4dZBCu4z3d57woXwVJ6vclbSIu
TR/RFAl3OaMQK81udbevaYGUCdHSNeJM6XnZPDZpDH1sXArkv7orA59xvB+HCmX7
NLPerxSYgnNMODMRRHdd5XpK0h9ALWkOEaEpSfdXKsp4ZGKoWVc+zdnb9sC6HnUe
dzJpnUMAKcTbAph9TKo7jKs2SXwUfn1kvKvUhTlHbynZq2mHsg4ZuHujKgWt3ZGe
81Bu1jjYh9hJ/kptJj0M3Ub6GZX+/555JIHqJF78F9qbI76O+9MM1oZVXiOhMSLr
m7cFmpSRbygP5dIL8vVpIfLNdUmeBWwIjxLlYNZr+SKN6ApZYP4ISkijYGhV2Uyv
pvl1U8jJ3fLQC2rh1uqX5SLMKK1rPGI1tnTlXB2E+ZhqrUoJs9NxUiL4l8uH1P3w
C63Z709d8jDRKarNa2D776OZcxMe+bAU01i6+PUMijsk+eUDqFkkhGi6okeCSPrC
zyk1TPIUKB+R+Od8vTJCujUu5I/AXEhptaAnsfITOQ3dMxldTtb4WOIpS0L5cGGZ
IRGrDVpjHPUYexc=
=mPo1
-----END PGP SIGNATURE-----
News for package chromium
