-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 21 Nov 2024 16:12:03 -0500
Source: chromium
Architecture: source
Version: 131.0.6778.85-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
chromium (131.0.6778.85-1) unstable; urgency=high
.
[ Andres Salomon ]
* New upstream stable release.
- CVE-2024-11110: Inappropriate implementation in Blink.
Reported by Vsevolod Kokorin (Slonser) of Solidlab.
- CVE-2024-11111: Inappropriate implementation in Autofill.
Reported by Narendra Bhati, Suma Soft Pvt. Ltd - Pune (India).
- CVE-2024-11112: Use after free in Media. Reported by
Nan Wang(@eternalsakura13) and Zhenghang Xiao(@Kipreyyy) of
360 Vulnerability Research Institute.
- CVE-2024-11113: Use after free in Accessibility.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2024-11114: Inappropriate implementation in Views.
Reported by Micky.
- CVE-2024-11115: Insufficient policy enforcement in Navigation.
Reported by mastersplinter.
- CVE-2024-11116: Inappropriate implementation in Paint.
Reported by Thomas Orlita.
- CVE-2024-11117: Inappropriate implementation in FileSystem.
Reported by Ameen Basha M K.
- CVE-2024-11395: Type Confusion in V8. Reported by Anonymous.
* d/patches:
- upstream/wayland-gbm-pixmap.patch: drop, merged upstream.
- disable/catapult.patch: refresh.
- fixes/bindgen.patch: refresh.
- fixes/freetype.patch: add new patch to fix missing
enable_freetype arg declaration.
- fixes/updater-test.patch: add simple build fix for deleted
third_party/updater/.
.
[ Timothy Pearson ]
* d/patches/ppc64le:
- workarounds/HACK-debian-clang-disable-pa-musttail.patch: Work around
additional upstream musttail definitions
- workarounds/HACK-debian-clang-disable-base-musttail.patch: Refresh for
upstream changes
- third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
Refresh for upstream changes
Checksums-Sha1:
94d53f9624419dc3c1a6f3a02c933fe5cbf217b1 3773 chromium_131.0.6778.85-1.dsc
5d6b15ba05bff55b2035406a37f5c6d4a6cdb95a 842806384 chromium_131.0.6778.85.orig.tar.xz
85163f35d427a5df38a11391bb7d9645318a130e 417088 chromium_131.0.6778.85-1.debian.tar.xz
185b6b4f2a6aae8ab4c36584616aa738f658f5ed 23306 chromium_131.0.6778.85-1_source.buildinfo
Checksums-Sha256:
36626276960c4d0b2a03472c9f9424e25dc777bef70073339f66dee6b867fc7a 3773 chromium_131.0.6778.85-1.dsc
a78b4c3c53eef0ca396f1ee2163bbaf4bc6e2b4670e832dad6a0a2c5b330e8cc 842806384 chromium_131.0.6778.85.orig.tar.xz
1609f637b802fb62385408fd07a2eb1c5da7f590a20de3f166de78c871c713ef 417088 chromium_131.0.6778.85-1.debian.tar.xz
1a808635f3ab0b61f0f5d9984982493953e931af487bd8d95f19e064367c8723 23306 chromium_131.0.6778.85-1_source.buildinfo
Files:
645db85ba1ca2c44b58a5fdaea3b0695 3773 web optional chromium_131.0.6778.85-1.dsc
f060399b3842267b01d7f20429baea23 842806384 web optional chromium_131.0.6778.85.orig.tar.xz
673dd49abd38f727380bb21d5aac8eae 417088 web optional chromium_131.0.6778.85-1.debian.tar.xz
cbb8559294850e02a39f53313f3e298c 23306 web optional chromium_131.0.6778.85-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmc/pRYUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudjex8BAAk1gWcgCojtQTSfff3b9l0tatKhlT
E10W50dOs1h1NeBRqTIL7tTPXeAR1omzYWlR/gJOB2IdQnc7aKB3Kw7Q9FxchacN
BAWb48DwRp7vzhmpzoqDKsjLsTAJ2qH3pyh0kkOBS2F4LAwqaWt95HsY8cmj4RXL
fIZ3Xfsc0h7vTe5+88aEVBcrtxiwlJ7yNNDn2htFDjtH6CZQ9BKya0CvAz6ma9vu
PoUiuoVn46FN8/CN6lglJIJZ8qCaqX8VBQ5KsSTF4lSqlRlSUB79+hDJuqkh2bbR
sSD4SCAdz435epkdREaVbHLZ8p4MXLdh0tq38Mp3uu0XUFbYSVLGUYCpTxPgnGFw
mOBTPAgdgJnJvbBlGsvBkj3irLYLOZVyFu+0RZ2qfnw6rZd2IuPYwF6jQuzV4VXr
qipu8PsRnOzIBzqD+BZM60yUEwtZxpBTx2YJqk+H/J73i5I0ViHfCg/RgRQJenjw
W32Gg15ow3ch0JYZUCRu+BcmpLxGXcosYaiccvzIVm24Axq41ZLv6nrqx7VG0yh4
2KzdKm5QNiFWgwCcR0qdOdDEiXvBe3y13gnPsVYd3yK5IDK+v2jj5ljDoSUT3N74
RsLhRYY3Le9AIyjnC05l99uvB9nuADIkYZamzNl7l4IhQccE3QkMvrvOH0KSOznY
rhPh6lZ9bSP1HNs=
=lbp/
-----END PGP SIGNATURE-----
