-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 18 Sep 2024 20:47:23 -0400
Source: chromium
Architecture: source
Version: 129.0.6668.58-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
chromium (129.0.6668.58-1) unstable; urgency=high
.
[ Andres Salomon ]
* New upstream stable release.
- CVE-2024-8904: Type Confusion in V8. Reported by Popax21.
- CVE-2024-8905: Inappropriate implementation in V8.
Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
- CVE-2024-8906: Incorrect security UI in Downloads.
Reported by @retsew0x01.
- CVE-2024-8907: Insufficient data validation in Omnibox.
Reported by Muhammad Zaid Ghifari.
- CVE-2024-8908: Inappropriate implementation in Autofill.
Reported by Levit Nudi from Kenya.
- CVE-2024-8909: Inappropriate implementation in UI.
Reported by Shaheen Fazim.
* d/patches:
- debianization/sandbox.patch: refresh for upstream changes. Since we
have some downstream users of this package, retain the Ubuntu wording.
- disable/tests.patch: refresh.
- disable/catapult.patch: refresh.
- bookworm/clang16.patch: refresh, delete -Wno-dangling-assignment-gsl
- ppc64le/crashpad/0001-Implement-support-for-PPC64-on-Linux.patch:
refresh.
- ppc64le/sandbox/Sandbox-linux-services-credentials.cc-PPC.patch:
refresh.
- ppc64le/third_party/dawn-fix-ppc64le-detection.patch: refresh.
- bookworm/more-spaceships.patch: yet another clang-17 header
backport for clang-16 inadequecies.
- bookworm/signer-lambda.patch: clang-16 lambda bug workaround.
.
[ Timothy Pearson ]
* d/patches/ppc64le:
- third_party/dawn-fix-typos.patch: drop, applied upstream
- third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
refresh for upstream changes
- libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: refresh
for upstream changes
- core/cargo-add-ppc64.diff: Add ppc64 to cargo architecture definitions
Checksums-Sha1:
9bf69c8f9537eccf696a8ea02792a1685489a825 3760 chromium_129.0.6668.58-1.dsc
21e37f2343432358b55d6de7aee574b6cfdb72ce 793288280 chromium_129.0.6668.58.orig.tar.xz
970bbbced49793294f9edd44b88d3dcfd10fe091 411944 chromium_129.0.6668.58-1.debian.tar.xz
0c5150e284266f77b8237aba4f9db13b4065bccb 22928 chromium_129.0.6668.58-1_source.buildinfo
Checksums-Sha256:
868ee73a251136cd11f9829d656dfd17b87e13da938156e32a112b8fe0956cc3 3760 chromium_129.0.6668.58-1.dsc
fe1325cf12ffbfab47a074229cbe2a70f7c3d500b28bb34d7448477764b6a419 793288280 chromium_129.0.6668.58.orig.tar.xz
9437f51ab210464e13ddb35d4e3b5a80ae2ad86046521691c212b09acbe2fac1 411944 chromium_129.0.6668.58-1.debian.tar.xz
da4dfe72cb3dddb2d01b3391eda944981b21618615745a8233f2ef6e5c6ecae1 22928 chromium_129.0.6668.58-1_source.buildinfo
Files:
be7ae4ccb960742e30a14c87dbe945cf 3760 web optional chromium_129.0.6668.58-1.dsc
f5ad630e2e285f9fe88f5246c288b236 793288280 web optional chromium_129.0.6668.58.orig.tar.xz
764143fbe3790b8f52714209ef60252c 411944 web optional chromium_129.0.6668.58-1.debian.tar.xz
2b00c190314f6d74208a823f21ed3e3d 22928 web optional chromium_129.0.6668.58-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmbrdtwUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudje4FQ/+NmcR7NX9Rl5LQIkYQNRodYKl4a3j
LwJt/NhIEVsLEpkEmkXGJzlBkBVHPCl4IbQjpJNOInJcXA2QHSwouGamJmqsc7Zm
ZTfqAjw+9EDBVR0/PMDalZSQpTs1t+7wuPEtjKPQM71EphvnEAhOxvmplrOEWl6p
KMmj3cKC/crfDtdnP1qJzn3qSjEhrQW7rrvDfB/uFPoYrHEZuncD5ETV7NVPQUft
y79RUYjsoi5E6JI9p3Ly1KaxMGOpx5oetacjsw/FNgkKwxXwLScnz21gSf4NKhak
TUS89OnzJN2se0D0OmVwgL6jlOe5sKj2TW+7kbXC73GemZiOch/7/DnZbfEWyo27
1Hck884I0CZ4aW887IaNQgi8Zhjzd5wPz6OlyxXP/fzbj4gGKdLkBmK2C3jwnQ+c
mUkCOfbz4zTSGbOueM0nu9bB2jJSccXoWVUx8a5eKq/GV61ine8Eb17dB8vH2DIT
TpRNlzePdBukS983qeHZqjX7iE14vk39foyoUwFliobz7Gpg7Q4662Xu1aOtfwlK
mk1L3oQMnyZt/gdKchWv70O2DjkOSh0Y2mekyxLidqYpJHc/k7lFfWLkADjyICaT
t8gsTpyVCWZtR1F0TH4hv8XagnLGKh/TTgYKlPfkPCBrplzfR9E8dxxxUQ2vkuUB
kgUKC7Fw5E15SqI=
=HrX9
-----END PGP SIGNATURE-----
