-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 22 Aug 2024 14:06:28 -0400
Source: chromium
Architecture: source
Version: 128.0.6613.84-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
chromium (128.0.6613.84-1) unstable; urgency=high
.
[ Andres Salomon ]
* New upstream stable release.
- CVE-2024-7964: Use after free in Passwords. Reported by Anonymous.
- CVE-2024-7965: Inappropriate implementation in V8. Reported by TheDog.
- CVE-2024-7966: Out of bounds memory access in Skia.
Reported by Renan Rios (@HyHy100).
- CVE-2024-7967: Heap buffer overflow in Fonts.
Reported by Tashita Software Security.
- CVE-2024-7968: Use after free in Autofill.
Reported by Han Zheng (HexHive).
- CVE-2024-7969: Type Confusion in V8.
Reported by CFF of Topsec Alpha Team.
- CVE-2024-7971: Type confusion in V8. Reported by Microsoft Threat
Intelligence Center (MSTIC), Microsoft Security Response Center (MSRC).
- CVE-2024-7972: Inappropriate implementation in V8.
Reported by Simon Gerst (intrigus-lgtm).
- CVE-2024-7973: Heap buffer overflow in PDFium. Reported by soiax.
- CVE-2024-7974: Insufficient data validation in V8 API.
Reported by bowu(@gocrashed).
- CVE-2024-7975: Inappropriate implementation in Permissions.
Reported by Thomas Orlita.
- CVE-2024-7976: Inappropriate implementation in FedCM.
Reported by Alesandro Ortiz.
- CVE-2024-7977: Insufficient data validation in Installer.
Reported by Kim Dong-uk (@justlikebono).
- CVE-2024-7978: Insufficient policy enforcement in Data Transfer.
Reported by NDevTK.
- CVE-2024-7979: Insufficient data validation in Installer.
Reported by VulnNoob.
- CVE-2024-7980: Insufficient data validation in Installer.
Reported by VulnNoob.
- CVE-2024-7981: Inappropriate implementation in Views.
Reported by Thomas Orlita.
- CVE-2024-8033: Inappropriate implementation in WebApp Installs.
Reported by Lijo A.T.
- CVE-2024-8034: Inappropriate implementation in Custom Tabs.
Reported by Bharat (mrnoob).
- CVE-2024-8035: Inappropriate implementation in Extensions.
Reported by Microsoft.
* d/copyright: delete third_party/siso/ which contains binaries.
* d/rules: set safe_browsing_use_unrar=false to disable unrar.
* d/patches:
- fixes/blink-frags.patch: drop, merged upstream.
- fixes/stats-collector.patch: drop, upstream deleted broken code.
- fixes/chromium-browser-ui-missing-deps.patch: drop, fixed upstream.
- upstream/armhf-ftbfs.patch: drop, merged upstream.
- upstream/containers-header.patch: drop, merged upstream.
- upstream/crabbyav1f.patch: drop, merged upstream.
- upstream/lock-impl.patch: drop, merged upstream.
- upstream/paint-layer-header.patch: drop, merged upstream.
- disable/unrar.patch: drop, merged upstream w/ build arg.
- bookworm/nvt.patch: drop, no longer needed.
- fixes/ps-print.patch: refresh.
- system/openjpeg.patch: refresh.
- bookworm/clang16.patch: refresh & remove another unsupported option.
- bookworm/constexpr.patch: refresh & add more fixes.
- bookworm/lex-3way.patch: pull in another STL function from clang-17.
- bookworm/blink-attrib.patch: add build fix to reorder __attribute__.
- fixes/highway-include-path.patch: upstream fixed the original issue
in a broken way, making this worse. Add more to this patch to work
around that.
.
[ Daniel Richard G. ]
* d/rules: Parameterize Rust sysroot to simplify using a different one.
.
[ Timothy Pearson ]
* d/patches/ppc64le:
- third_party/dawn-fix-typos.patch: Refresh for upstream changes
- third_party/use-sysconf-page-size-on-ppc64.patch: Refresh for upstream
changes
- third_party/0002-Add-PPC64-generated-files-for-boringssl.patch:
Refresh for upstream changes
- workarounds/HACK-debian-clang-disable-base-musttail.patch: Disable
musttail on ppc64el platforms
Checksums-Sha1:
56cda9bc9158b5f6f1a715f3eaa11b4f0309b65f 3770 chromium_128.0.6613.84-1.dsc
486e5db00ef5b4172968180c825c7e2ad4e8e364 906389068 chromium_128.0.6613.84.orig.tar.xz
895f19e9ce79b97895f6204b0f7404a89cc2d4dc 410248 chromium_128.0.6613.84-1.debian.tar.xz
1ec9b9f7bfd95ced501e26e203e201ef61ec52b9 22851 chromium_128.0.6613.84-1_source.buildinfo
Checksums-Sha256:
53913d81c1b218c713eac9c1162fe032fea7087157db8fc6cb0b00013ffa438b 3770 chromium_128.0.6613.84-1.dsc
247d056eb23920a261e3be2f1df48cb715e3e3438591b450f1204b12a22e349a 906389068 chromium_128.0.6613.84.orig.tar.xz
1a60023014aa573f1f5bd75125bd20d0554862d138fce49f50437c5e1e5eb713 410248 chromium_128.0.6613.84-1.debian.tar.xz
6f5df63a48f93f6720376c65e09b8338335ac4977753201874cd5e3a0b68a2d9 22851 chromium_128.0.6613.84-1_source.buildinfo
Files:
94e389b462495364bc1c24462fc99e03 3770 web optional chromium_128.0.6613.84-1.dsc
92bdb7804fd2baef329ad84275fd8333 906389068 web optional chromium_128.0.6613.84.orig.tar.xz
d98b8a5cdb1f7a792c7515a9a141f2ad 410248 web optional chromium_128.0.6613.84-1.debian.tar.xz
a5c389f4e8f35d4b5acbf0702ec47e47 22851 web optional chromium_128.0.6613.84-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmbHiDoUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudjepyg//drZHYWy+TYcX69G9AeQccM45W5OM
1c/utIqnYCTBgtc+xUZNdPReFAriGLaJur8fvAiuIDRnLDLTJVDx3x7Fwwp5dbBQ
uewbnU1stnUpxa9yTclNl4Fh0HWttDTQsn3fRffQRfTLj9mPx/TmeFR2/H1ALQ8Z
l3NUueedaIFtxFSLDyfHBuw6pEVkLf/IsGaYLizliIXquCTG4GPsqtFmLLcdbOF9
GAI4f/DtGvFoeo6WLaJZnDMLzuCSf/GHGdR9Hh1piGTsdaTOQnkYXHZ2RRqN2rxG
b+9bEh0LHHdmzb7Z0RdSeD4eqan8GXbeZiB6h2sNmjDTeMJZNNhNv4ZIhYva/2tM
4i4GJF/+xNJII1NNM9vnnjXYoilrnt+9APuWdUMJqNHbjP5l2uY9x2zXgXdwmSGo
L4ZxvHZeDleYrV968QPP87TJhteCXnj9G5+iojk0DpEgTiRlg8UTHtdDilHPsbgj
FTsJokciANe8YWe4u+Ln8T9sKWytGBrWhvEYh2LCPiC0fS8puvxrXB7Wb0Jm73Tt
EsmNdKyK904pgdjBAGS5wECtQ3sRmeIcyBjjzKL7rTLYdBQtcviiaczkWqWdA1l8
uk2oHz34Pm8RjL8wkUSvhqtgUN4XsvpnBqubGHtP6BXWc2i7wf+kF/9wvaQYo49b
P8088xEvjK7jZmI=
=Yi8/
-----END PGP SIGNATURE-----
