-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 25 Sep 2024 15:23:27 -0400 Source: chromium Architecture: source Version: 129.0.6668.70-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Debian Chromium Team <chromium@packages.debian.org> Changed-By: Andres Salomon <dilinger@debian.org> Changes: chromium (129.0.6668.70-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream security release. - CVE-2024-9120: Use after free in Dawn. Reported by Anonymous. - CVE-2024-9121: Inappropriate implementation in V8. Reported by Tashita Software Security. - CVE-2024-9122: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n). - CVE-2024-9123: Integer overflow in Skia. Reported by raven at KunLun lab. * d/copyright: delete more upstream .clang, .git, and android residue. . [ Timothy Pearson ] * d/patches: - fixes/predictor-denial-of-service.patch: Work around upstream issue #368562245, which can cause denial of service of the entire browser process on specific types of Web sites. Checksums-Sha1: 3b1ef57f77d25d5ec82c32f3bfced0957630a441 3799 chromium_129.0.6668.70-1~deb12u1.dsc e986412a154dd002a83d900737eb76e7d611f0f0 786382348 chromium_129.0.6668.70.orig.tar.xz bc13e071116f9d8cbc019dc0a5eae6c4695d0956 8492228 chromium_129.0.6668.70-1~deb12u1.debian.tar.xz c9ea46ce1aef95fb87a52a6c7246dde507394ae3 22071 chromium_129.0.6668.70-1~deb12u1_source.buildinfo Checksums-Sha256: 0cc302cf7f724a6c8dd0926e24a80627754a2488f21dbf658fd560885bece573 3799 chromium_129.0.6668.70-1~deb12u1.dsc 1e06dabd40126cab7f601c3b5f813e1b1a9b48095b21d58e512acdd9774b655f 786382348 chromium_129.0.6668.70.orig.tar.xz 9e13d9e6367d19a016d37c94fc7cc5e1157809ba33bc056349feecd8ad6dc84a 8492228 chromium_129.0.6668.70-1~deb12u1.debian.tar.xz df9774641dbeafbf6ff99990c7b373a84f98f61795230ca1e3ffdd6985cff16e 22071 chromium_129.0.6668.70-1~deb12u1_source.buildinfo Files: 667ece925ab868ec04a844ed58853e93 3799 web optional chromium_129.0.6668.70-1~deb12u1.dsc 2219b8294860a0af9a903b91a21de67c 786382348 web optional chromium_129.0.6668.70.orig.tar.xz d9fee37545f56192713e4a1c917d374c 8492228 web optional chromium_129.0.6668.70-1~deb12u1.debian.tar.xz a947b91501feaf0d601d16dfedd98f30 22071 web optional chromium_129.0.6668.70-1~deb12u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmb0q1gUHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8Nudje0HBAAttGLqEG6jo0ixu2kVzK+0vta3nON hGP1A/uTdYgYw2R0ttUF3rbIuauR+k1SGh5D32Wv3B9MRBPaMGXQDZXF3+cnCeuu sVedWDabxbZkXKPtg4fRq5e3mLzkJh2QpRRY7sKjgx880tJ0ByL8sVFIsGGejvWT ZN9kADce/IipcA6jXVZV+fnZQLLY8SgGIx4pGAUNc+5ti0Jz2Jj0IMWt26byxn4r VWRgvGSm+9KVGnmXd05gOAEvLluCB5zar0RoURsVP9Z2Y22YPi/kuM0UkmiK9Jm6 IhaK5/Q8p5NOLRYwSfswGjE/0cUTDFZFOGtcJb6TiK/JeTusYytOYxY7GVRDr36a LJCJ1WDmwjW7FK74BaxZbT6KDgmCLOHKrabdCOwVAuUOUphExizvgEr12vbW4kHL Bqdj4b0sDBUDyrTjgQfidaGKy7DjW+ivGj0+JytNrYk/c4Wbg4hEVLBE0Au52X8I gSYaKT1M0/QiHI4A7yCe5xuxlVI4bTy4tKw/tJcJN5OotRwwdWwpJEWIYSvHYKzt wy7Kj5lU5ECAPTuPZMTI9WdTV+yFZcgZ8pZtGDyK6bPIP2N+EvNkm4WshTdzqicV k5sH7bbqLXnJfElYykfF6H/f7h8i8CLNfwsW0F4uRxWVIRhQkjXEE0dGNei0Nk8x IEZomi6Eh2TZwi8= =X4M9 -----END PGP SIGNATURE-----