-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 11 Dec 2024 15:33:53 -0500
Source: chromium
Architecture: source
Version: 131.0.6778.139-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
chromium (131.0.6778.139-1) unstable; urgency=high
.
[ Andres Salomon ]
* New upstream security release.
- CVE-2024-12381: Type Confusion in V8.
Reported by Seunghyun Lee (@0x10n).
- CVE-2024-12382: Use after free in Translate. Reported by
lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group.
* (Temporarily?) switch from llvm's libc++ to gcc's libstdc++ to
simplify the prior clang-16/19 upgrades.
* d/patches:
- fixes/bindgen.patch: refresh.
- upstream/dawn-strlen.patch: add gcc-specific build fix.
- upstream/ink-isfinite.patch: add gcc-specific build fix.
- upstream/webrtc-optional.patch: add gcc-specific build fix.
- upstream/variant.patch: add gcc-specific build fixes.
- upstream/array.patch: add gcc-specific build fix.
- fixes/absl-optional.patch: re-introduce clang/gcc build workaround.
- upstream/mrc-copy-op.patch: add gcc-specific build fix.
- fixes/font-gc-asan.patch: add a better workaround for bad font-gc
behavior under libstdc++. This is self-contained and small, unlike
the prior reverts of the switch to font garbage collection.
.
[ Nathan Teodosio ]
* Simplify fixes/bindgen.patch so it doesn't need frequent rebasing.
.
[ Daniel Richard G. ]
* d/copyright: Expand list of Files-Excluded: entries.
* d/rules: Various updates to get-orig-source rule, including use of
grep-dctrl(1) and the LASTCHANGE.committime timestamp.
* d/scripts/check-upstream: Avoid issues with inaccurate $(pwd) value and
spaces in filenames, and print all errors instead of only the first one.
Checksums-Sha1:
473e9817bd12bb785a2b5642c04a1fdd626723f1 3747 chromium_131.0.6778.139-1.dsc
6f7d2127ba0901a01cda465dcb1858c265966ef1 767269748 chromium_131.0.6778.139.orig.tar.xz
fb529e429f7f814cd7522e486e84d45a70450d0f 427120 chromium_131.0.6778.139-1.debian.tar.xz
2d7529c3f2ec45f5d60514c30c830a6878597a3e 23121 chromium_131.0.6778.139-1_source.buildinfo
Checksums-Sha256:
5581b9c63532ce3b2e27ffb9c7d8c03047d6b9488a4327368f9552e2bd59daf5 3747 chromium_131.0.6778.139-1.dsc
759e351454012489e542ce83d7ee2c0aa0e1b97a2360c75da6649db06c0d4c0f 767269748 chromium_131.0.6778.139.orig.tar.xz
0d7c0c4bc20671c5120033cfc7f1d5a7b8891cff785e8133a7f6111e6dc319b5 427120 chromium_131.0.6778.139-1.debian.tar.xz
cc1c251339f587f86ffe378c235c8d95d33647fffe8bf92897beb3dae3e20fb1 23121 chromium_131.0.6778.139-1_source.buildinfo
Files:
56239a5303ba53ac95ec8031ad990b2f 3747 web optional chromium_131.0.6778.139-1.dsc
e480ad3b863b0a65c94083451b3dd6c1 767269748 web optional chromium_131.0.6778.139.orig.tar.xz
b7fe7ecd348d49f055da91b34d5b3dcc 427120 web optional chromium_131.0.6778.139-1.debian.tar.xz
649ff0c8c4826e95ceb53e80e2637f45 23121 web optional chromium_131.0.6778.139-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmdZ+g4UHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjcsyxAAk7dfllSCaAwU80CLgQYjUn5i9AeY
lEDD6yUsi2pMHZHeG5v8suk/Xj9jKTm3o6Mbv5CHNFn3dvAFYlEZIrHfDePdwnKA
6uyTnku/JzxL7hKOwigRpxPtRk/U4N65ml56PHyg11DeW6n8AuAWq2hzEBw1+QnM
JRlwGCqQsXQNBnu/iJOoFoHT0FX6mcOgN5s7n72SFnZoacrO/uKXld8St12tfDs9
aDTSeZEwWTrngGJHKexmkTEmcPu6wa/QJBxP8Am4i8/BRYblnV/ccu/pPaKRBL3Q
It+vtMdKovfGLtWHIgAsv52UcmfdyXygTXqA3Bs+qnWxJ9EUIUiOYN2lhBsIVsi6
B0AA/+xojG/rYowpa3njXRFJHBqoImAspYPJXJkXEHYx+Oc0sXSWNpz5swZ41qUB
0EZQvgpQ0xScoMe73YcoQjfGKUZKmPe+FSjxKaHvfQwbcm7o26SbjTcVxMfb5G9F
1jrMnE2CGtqK7khfwLRmSUHM4WT6jGDnNQ55UNLdHd7asbYERpLPT0WC8rUf5hye
6knDBK7YjBKU/yuzlUKmwCTCdmaDeE01N9ujzV+uVuOs7k+W9usM9hpwAHd+RJdW
gGPBwAbPSSDvnSVF9qLfDn3/X9j3KopvoRFokhs2Fsu5sYKMwv9WkHeNM8NFNd8M
zQxwygVzynbhpOQ=
=Wkmb
-----END PGP SIGNATURE-----
