-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 19 Oct 2024 01:12:11 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: i386 Version: 130.0.6723.58-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (130.0.6723.58-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2024-9954: Use after free in AI. Reported by DarkNavy. - CVE-2024-9955: Use after free in Web Authentication. Reported by anonymous. - CVE-2024-9956: Inappropriate implementation in Web Authentication. Reported by mastersplinter. - CVE-2024-9957: Use after free in UI. Reported by lime(@limeSec_) and fmyy(@binary_fmyy) From TIANGONG Team of Legendsec at QI-ANXIN Group. - CVE-2024-9958: Inappropriate implementation in PictureInPicture. Reported by Lyra Rebane (rebane2001). - CVE-2024-9959: Use after free in DevTools. Reported by Sakana.S. - CVE-2024-9960: Use after free in Dawn. Reported by Anonymous. - CVE-2024-9961: Use after free in Parcel Tracking. Reported by lime(@limeSec_) and fmyy(@binary_fmyy) From TIANGONG Team of Legendsec at QI-ANXIN Group. - CVE-2024-9962: Inappropriate implementation in Permissions. Reported by Shaheen Fazim. - CVE-2024-9963: Insufficient data validation in Downloads. Reported by Anonymous. - CVE-2024-9964: Inappropriate implementation in Payments. Reported by Hafiizh. - CVE-2024-9965: Insufficient data validation in DevTools. Reported by Shaheen Fazim. - CVE-2024-9966: Inappropriate implementation in Navigations. Reported by Harry Chen. * d/copyright: rollup -> @rollup deletion. * d/patches: - debianization/sandbox.patch: refresh. - fixes/bindgen.patch: refresh. - disable/catapult.patch: refresh. - system/zlib.patch: drop. Upstream removed courgette, and its replacement (zucchini) doesn't appear to use zlib. - system/rollup.patch: update path due to upstream renaming; call ./rollup/.../rollup instead of ./@rollup/wasm-node/.../rollup. - system/event.patch: drop half of patch due to upstream deletions. - upstream/mojo-null.patch: merged into mojo.patch. - upstream/mojo.patch: update based on 130 test files. - bookworm/gn-absl.patch: refresh. - bookworm/gn-funcs.patch: refresh. - bookworm/cacheline.patch: add patch to revert usage of std::hardware_destructive_interference_size, which clang-16 lacks. - bookworm/constexpr2.patch: add around clang16 build failure workaround related to constexpr. - upstream/stack-header.patch: add missing include. . [ Daniel Richard G. ] * d/rules: Drop the clang-16 -I/-Wl,-rpath flags from CXXFLAGS/LDFLAGS as they are no longer needed. . [ Timothy Pearson ] * d/patches: - upstream/blink-fix-size-assertions.patch: Fix build on non-amd64 platforms - fixes/fix-assert-in-vnc-sessions.patch: Fix assertion and SIGTRAP when starting Chromium from within a VNC session * d/patches/ppc64le: - core/add-ppc64-pthread-stack-size.patch: Define correct pthread stack size on ppc64 systems - core/cargo-add-ppc64.diff - third_party/0001-Add-PPC64-support-for-boringssl.patch: Refresh for upstream changes - third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when- .patch: Refresh for upstream changes - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch: Refresh for upstream changes - third_party/skia-vsx-instructions.patch: Refresh for upstream changes - workarounds/HACK-debian-clang-disable-skia-musttail.patch: Refresh for upstream changes Checksums-Sha1: 64cf05e78f76c04ed1c51f80a5cc6ffca4a7378a 5456620 chromium-common-dbgsym_130.0.6723.58-1~deb12u1_i386.deb fd479e7816f0255150b53fb233453395a0356750 10241964 chromium-common_130.0.6723.58-1~deb12u1_i386.deb b26bab5cbc6dcc76864b246206069ccb363178d6 34289960 chromium-dbgsym_130.0.6723.58-1~deb12u1_i386.deb a125976167cdd435996dc769e6b7dd22473aee30 6848248 chromium-driver_130.0.6723.58-1~deb12u1_i386.deb 44c6566f7facad7f192586199d3ac7a478e8c82e 14004 chromium-sandbox-dbgsym_130.0.6723.58-1~deb12u1_i386.deb 0aff7f0b2675b099495dc90df435f011fa5575af 96764 chromium-sandbox_130.0.6723.58-1~deb12u1_i386.deb 94aa9eac93b08f95a64a11cb4c330169a913f53b 29890776 chromium-shell-dbgsym_130.0.6723.58-1~deb12u1_i386.deb 260c951835bb437207c6e08d00c1c0c058bc7113 54665548 chromium-shell_130.0.6723.58-1~deb12u1_i386.deb 3a77b738846d138a2578bed722a8c9c921d02391 24876 chromium_130.0.6723.58-1~deb12u1_i386-buildd.buildinfo f623883614009764f13f4ea73a4d8e3e4dc12cda 77894324 chromium_130.0.6723.58-1~deb12u1_i386.deb Checksums-Sha256: 511d27a8f258297441f52ab257614f97f287aef8105ace0ca327b71579877808 5456620 chromium-common-dbgsym_130.0.6723.58-1~deb12u1_i386.deb bf3cfc2337ddf85ea38de0aedde2d81b89ab1c535e9c660c385a44fcf50d06dc 10241964 chromium-common_130.0.6723.58-1~deb12u1_i386.deb eb3bb8efa474c3ec2bd9a3fa723ce444cc600d474207c46f1ce957ea2e8fdb8a 34289960 chromium-dbgsym_130.0.6723.58-1~deb12u1_i386.deb 02b85c40957a899922c9b514f980a68705253373070b5204c595f3fe7f659808 6848248 chromium-driver_130.0.6723.58-1~deb12u1_i386.deb 8de1b2acda872507b955bf68923bd0780bc00c42072d23405348fca66ccb87cb 14004 chromium-sandbox-dbgsym_130.0.6723.58-1~deb12u1_i386.deb 5a1da0941b11a56a86de8eb6042967260eba59b63ff6bfb2d7b55c6e7b1e5524 96764 chromium-sandbox_130.0.6723.58-1~deb12u1_i386.deb 67b61a0600af704151e682634c7bca0fe36a9b206f34c55f30480e570202111f 29890776 chromium-shell-dbgsym_130.0.6723.58-1~deb12u1_i386.deb f66e71fe11a74511316a8aa4ac4b2250499c69b607ff493fc5e2f19f871ea81c 54665548 chromium-shell_130.0.6723.58-1~deb12u1_i386.deb dd157c76d46f43fe1222b4cd094a87097d95b4a85a2ebb340dfc89fee7237ff1 24876 chromium_130.0.6723.58-1~deb12u1_i386-buildd.buildinfo d4c7512c668a990cb7df2c48a991665aa1d9b510bb4443e990e3bc887ea33a1c 77894324 chromium_130.0.6723.58-1~deb12u1_i386.deb Files: 061ac0310b164655d265ba9d426600b8 5456620 debug optional chromium-common-dbgsym_130.0.6723.58-1~deb12u1_i386.deb 69f0d5ab484c723cf0182e73d6edf064 10241964 web optional chromium-common_130.0.6723.58-1~deb12u1_i386.deb 3d20107d92702d80aebcf83d1da3c6bb 34289960 debug optional chromium-dbgsym_130.0.6723.58-1~deb12u1_i386.deb 09f5378516db3ddea42a4f5f5a60bd25 6848248 web optional chromium-driver_130.0.6723.58-1~deb12u1_i386.deb 47ff5549445349b47fea6d0c9f3129ad 14004 debug optional chromium-sandbox-dbgsym_130.0.6723.58-1~deb12u1_i386.deb d4ef587a9e7b8e6d879729a46bcd3675 96764 web optional chromium-sandbox_130.0.6723.58-1~deb12u1_i386.deb 1a313cef26cacb1532dc311cdb78c0ad 29890776 debug optional chromium-shell-dbgsym_130.0.6723.58-1~deb12u1_i386.deb a55416e4d7713271c11afa9e42b48216 54665548 web optional chromium-shell_130.0.6723.58-1~deb12u1_i386.deb 34a39724e265811e7f44fb470a8aaab9 24876 web optional chromium_130.0.6723.58-1~deb12u1_i386-buildd.buildinfo c4089b89784fabbb00df69a137a69d29 77894324 web optional chromium_130.0.6723.58-1~deb12u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEGBeuno8wiDXCewDuqqLQG5ksqMMFAmcUVTgACgkQqqLQG5ks qMMruw//USKUsH2jbx3aPrbi+ZSk31MPTdtwItAQsjf7lllHrdJQQHEDzypWEKSu fMUrkKm3zMBEfTNuHXQG8WlyCDs/bqX0GDTliTMl50WlvrLeav+IXVr8cWlNLCoe vw5lREFVUhfLvOFxW4XPvhQ2idvVMYWlfrgocaWAqQ5tBk5boFzZk+eIWZHcBDoE 0N9nlFTK0j8Oqvy9IJsbaY/h7+QMANyaUjc/MSX8qI48SyauMOOesKqPKlrzmsOf HJ2TRYGpW6OpxgThEr+6Y54P9PlpXr2EPuNcB8YgRbSbAdrTbbH5vUVirXyhlFY/ X1j5aBCqB8SAwlIgpOfjYz6fqfra0XFNld/KV9EY4Y4hXre26BvATej726fOND9r 9dlM0HXO6IF4WN2bCizm6X9jy6CTIZtQG1ebAxcQ1sOXj69ojzANiyHGzRryWbjc De9Da6K1/Cj5Yx+x0awSea3dp8utFbwEHsex0QFa/b+urYWdBR7Rbi57vPnkRELi Z1IBoywViEm4KPiWcmOuQYuAZx/xm7DuR8az9a3Tfmnchx+Oz4oGDRiY5CWIR+Oo kChL2YeT2woTcGXQE75+mOwzf8cW7dcojXrMC7EKjsXa2VlJhoLkBh7oharbg2+W 3HHnEk64qx+YGdehIQcjdAgcKIAMjY3+YmMDhHMqSW9mXVYvRwA= =VvVF -----END PGP SIGNATURE-----