-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 29 Aug 2024 01:10:43 -0400 Source: chromium Architecture: source Version: 128.0.6613.113-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Debian Chromium Team <chromium@packages.debian.org> Changed-By: Andres Salomon <dilinger@debian.org> Changes: chromium (128.0.6613.113-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream security release. - CVE-2024-7969: Type Confusion in V8. Reported by CFF of Topsec Alpha Team. - CVE-2024-8193: Heap buffer overflow in Skia. Reported by Renan Rios (@hyhy_100). - CVE-2024-8194: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n). - CVE-2024-8198: Heap buffer overflow in Skia. Reported by Renan Rios (@hyhy_100). * d/control: - Bump rustc-web build-dep up to >= 1.74. * d/patches: - bookworm/rust-downgrade-osstr-users.patch: drop, now that we have a newer rust in bookworm. - bookworm/crabbyav1f.patch: drop, no longer needed w/ new rust. - bookworm/rust-no-thin-lto.patch: drop, we can now enable thinlto w/ new rust. - fixes/clang-rust-target.patch: add, needed for thinlto in rust. - ppc64le/fixes/fix-different-data-layouts.patch: add, needed for mismatch between newer rust and older clang. Checksums-Sha1: 8c6fc6c3d8d2aca1687519153ec9ba6ef558d0f1 3806 chromium_128.0.6613.113-1~deb12u1.dsc 9df8abf26411a94844092251f1b1dcfa26d489eb 907936180 chromium_128.0.6613.113.orig.tar.xz 60fa26526756088430a961ad3607c56943974400 8488368 chromium_128.0.6613.113-1~deb12u1.debian.tar.xz 79b0b644592511c3dc781f1aec4ee344abe4e6ae 22059 chromium_128.0.6613.113-1~deb12u1_source.buildinfo Checksums-Sha256: 62354943162c828d2095fb9707978881d47eaf685513d8922a40409b72c0bb3e 3806 chromium_128.0.6613.113-1~deb12u1.dsc 9314de0589c2989849313f4ed1eef8c635c3d0bd92f014e6f77cfe4552862113 907936180 chromium_128.0.6613.113.orig.tar.xz 5d1780c2b56de9374cb2140b118fb1ab2902effad04265f7bda32d1d70f40029 8488368 chromium_128.0.6613.113-1~deb12u1.debian.tar.xz 22511b22f8fd5a645a2616cd125006498ecf265445957dacf9d2c1966dc8d152 22059 chromium_128.0.6613.113-1~deb12u1_source.buildinfo Files: 192e05e8d6871591005d5ccb5030bb0c 3806 web optional chromium_128.0.6613.113-1~deb12u1.dsc eb69c5911fb2304cc1b1b170c44117a7 907936180 web optional chromium_128.0.6613.113.orig.tar.xz 62d7cf6a416ab5fbbaa30b70662f3540 8488368 web optional chromium_128.0.6613.113-1~deb12u1.debian.tar.xz ea684d13c572299a07fe80ccfdac1a08 22059 web optional chromium_128.0.6613.113-1~deb12u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmbQkL8UHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8NudjeP0g//S8cENo9YqCQ2Th/lDSV0H6WVHxaC oH7Df5P1buieR7WjzEM5UjWNZ6GvvsTgu++WUAtknwseQ4JtyolVGHTzIl3ieVwu I75WCCAJ8xy88EMeYX0XpaCXF+xoevz0NalykEqBE+vZuQq+KOxHspBcGdECPdD4 ez7/wd4VOTIBcFV94mnV9gHDjMlUkouBdxtWsFZmSw4scdcYK+lrqW/0RZ+a/vQa 2/5zN2iAaerIgxsXftEUCERuMkrafPaSM5ALUYITkwsBZNYUnnICkmlYZRSDyTkA U5347Bzy+ZZEebt146Ah6da1xFXtTBmJRzMvWODR30phtQuOAYB0nr6gcLpg3TL2 XFxmWpz+cDt0hX/6tYgiyQ1qQWodrDl3YN08bB26qN1UYlkCbJcAbxKDp/C+cQ0A eeWX8l8Q4JXys4g3XCGf5SUatJAx354DG5C/d8fx0KFdyvzoiVy3ihX3bSquwmp+ koqknT07xOIlgOP4+lo7EsO3/2pFb1j5ybK73/8VnY/Foy6yfeTH0B2lPBHJLiWs HkWvXtEilFsU8kQgISuUOQXoik7yWEPutxXBCvL/HR1hL5z2WooveFtHetpDdFtM QoYUpGbIsWMXzGWBpEzKgrr3DX6gqwzSj4irVbUBazRXXk/S4mQKHb1MBzyKB6cG TRnIELPmnA0igCw= =3JMY -----END PGP SIGNATURE-----