-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 19 Oct 2024 01:12:11 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: arm64 Version: 130.0.6723.58-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-ubc-01) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (130.0.6723.58-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2024-9954: Use after free in AI. Reported by DarkNavy. - CVE-2024-9955: Use after free in Web Authentication. Reported by anonymous. - CVE-2024-9956: Inappropriate implementation in Web Authentication. Reported by mastersplinter. - CVE-2024-9957: Use after free in UI. Reported by lime(@limeSec_) and fmyy(@binary_fmyy) From TIANGONG Team of Legendsec at QI-ANXIN Group. - CVE-2024-9958: Inappropriate implementation in PictureInPicture. Reported by Lyra Rebane (rebane2001). - CVE-2024-9959: Use after free in DevTools. Reported by Sakana.S. - CVE-2024-9960: Use after free in Dawn. Reported by Anonymous. - CVE-2024-9961: Use after free in Parcel Tracking. Reported by lime(@limeSec_) and fmyy(@binary_fmyy) From TIANGONG Team of Legendsec at QI-ANXIN Group. - CVE-2024-9962: Inappropriate implementation in Permissions. Reported by Shaheen Fazim. - CVE-2024-9963: Insufficient data validation in Downloads. Reported by Anonymous. - CVE-2024-9964: Inappropriate implementation in Payments. Reported by Hafiizh. - CVE-2024-9965: Insufficient data validation in DevTools. Reported by Shaheen Fazim. - CVE-2024-9966: Inappropriate implementation in Navigations. Reported by Harry Chen. * d/copyright: rollup -> @rollup deletion. * d/patches: - debianization/sandbox.patch: refresh. - fixes/bindgen.patch: refresh. - disable/catapult.patch: refresh. - system/zlib.patch: drop. Upstream removed courgette, and its replacement (zucchini) doesn't appear to use zlib. - system/rollup.patch: update path due to upstream renaming; call ./rollup/.../rollup instead of ./@rollup/wasm-node/.../rollup. - system/event.patch: drop half of patch due to upstream deletions. - upstream/mojo-null.patch: merged into mojo.patch. - upstream/mojo.patch: update based on 130 test files. - bookworm/gn-absl.patch: refresh. - bookworm/gn-funcs.patch: refresh. - bookworm/cacheline.patch: add patch to revert usage of std::hardware_destructive_interference_size, which clang-16 lacks. - bookworm/constexpr2.patch: add around clang16 build failure workaround related to constexpr. - upstream/stack-header.patch: add missing include. . [ Daniel Richard G. ] * d/rules: Drop the clang-16 -I/-Wl,-rpath flags from CXXFLAGS/LDFLAGS as they are no longer needed. . [ Timothy Pearson ] * d/patches: - upstream/blink-fix-size-assertions.patch: Fix build on non-amd64 platforms - fixes/fix-assert-in-vnc-sessions.patch: Fix assertion and SIGTRAP when starting Chromium from within a VNC session * d/patches/ppc64le: - core/add-ppc64-pthread-stack-size.patch: Define correct pthread stack size on ppc64 systems - core/cargo-add-ppc64.diff - third_party/0001-Add-PPC64-support-for-boringssl.patch: Refresh for upstream changes - third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when- .patch: Refresh for upstream changes - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch: Refresh for upstream changes - third_party/skia-vsx-instructions.patch: Refresh for upstream changes - workarounds/HACK-debian-clang-disable-skia-musttail.patch: Refresh for upstream changes Checksums-Sha1: 52f10e2dbf9a8a51e60e896ec5451e1826f08fff 5429592 chromium-common-dbgsym_130.0.6723.58-1~deb12u1_arm64.deb 2702a6d611987b0de02e806dd4f73262b203cfda 13423728 chromium-common_130.0.6723.58-1~deb12u1_arm64.deb 81342882b19942111217e0ae0015df094685c7d8 34096044 chromium-dbgsym_130.0.6723.58-1~deb12u1_arm64.deb a7c10d58600135154e45618353b51d0ebe273723 5888036 chromium-driver_130.0.6723.58-1~deb12u1_arm64.deb 169a5d9acfbbdbff609c5a81332b7a8b2046dee0 14112 chromium-sandbox-dbgsym_130.0.6723.58-1~deb12u1_arm64.deb 08889a045a60f6e4f5714039cde9703e5987dec3 96740 chromium-sandbox_130.0.6723.58-1~deb12u1_arm64.deb 245c3ca876ff5b934771dff0c80ad01af1180151 28311780 chromium-shell-dbgsym_130.0.6723.58-1~deb12u1_arm64.deb d8cb84970b8067600f2c31be9f1469a0c951ee7a 46556332 chromium-shell_130.0.6723.58-1~deb12u1_arm64.deb 011eac00050951b1728e06668854fe79d8f9242c 24862 chromium_130.0.6723.58-1~deb12u1_arm64-buildd.buildinfo da59397e2324369fee957459f38605378241e567 75350556 chromium_130.0.6723.58-1~deb12u1_arm64.deb Checksums-Sha256: 34ec485cc21456fbcf68139b0d8032e15f18317e0c6ed65217524df060830d24 5429592 chromium-common-dbgsym_130.0.6723.58-1~deb12u1_arm64.deb b15a7c734798c2659c9f0d7ccbdcd8a60e19b9d9e79abcd17a8f27a5071e51e1 13423728 chromium-common_130.0.6723.58-1~deb12u1_arm64.deb c84f95a23fef1d5552d3b1fd4235b1d5db2d717c06b99abb03d4e3b908021d6a 34096044 chromium-dbgsym_130.0.6723.58-1~deb12u1_arm64.deb 35fc6c63adce097ee860dc3040d474190068644237a5c098c92abbbd600901bf 5888036 chromium-driver_130.0.6723.58-1~deb12u1_arm64.deb eba75dfac959efe981997a074cc66b93f5ec7547a70fb4e001719738bcd7f927 14112 chromium-sandbox-dbgsym_130.0.6723.58-1~deb12u1_arm64.deb 2df8a6f44cee9c45e88d520bda8874cee56f0e76fc9fac3aaeeb0b1d05628499 96740 chromium-sandbox_130.0.6723.58-1~deb12u1_arm64.deb 1d7282cff9c7147be54ad7886abce0c3602b081b33c6e7acae0eb894e36109f3 28311780 chromium-shell-dbgsym_130.0.6723.58-1~deb12u1_arm64.deb cf9980bbe4c5170662b6ef3628511e6773808b4f1f03d3c33abf628727a9cff3 46556332 chromium-shell_130.0.6723.58-1~deb12u1_arm64.deb 78c73cfd9dbd94757a36707cab26fd46d56f1858a061a29f911c15ba5adfdfdb 24862 chromium_130.0.6723.58-1~deb12u1_arm64-buildd.buildinfo 6684885d481931bfe1be7e4a75223955fa00390a8df2e7d387f9e53d7403caaf 75350556 chromium_130.0.6723.58-1~deb12u1_arm64.deb Files: 07efd34172bbef15b3f6787721f07121 5429592 debug optional chromium-common-dbgsym_130.0.6723.58-1~deb12u1_arm64.deb 56d87b651def624ba46d6982b8a6c0d1 13423728 web optional chromium-common_130.0.6723.58-1~deb12u1_arm64.deb 7886b5293ce502513facecaa231892ef 34096044 debug optional chromium-dbgsym_130.0.6723.58-1~deb12u1_arm64.deb a07e6190393aa72c5ee59b10ef0fc2bd 5888036 web optional chromium-driver_130.0.6723.58-1~deb12u1_arm64.deb ec4222b4afc4dc78c434272daae2e6cf 14112 debug optional chromium-sandbox-dbgsym_130.0.6723.58-1~deb12u1_arm64.deb a8eb33e837ae0422a020bf641eb1b31d 96740 web optional chromium-sandbox_130.0.6723.58-1~deb12u1_arm64.deb c6ba52ba2967066a2d348842d318d3df 28311780 debug optional chromium-shell-dbgsym_130.0.6723.58-1~deb12u1_arm64.deb c7f772ba062b1c766f676b78ed87d84c 46556332 web optional chromium-shell_130.0.6723.58-1~deb12u1_arm64.deb 1a76c1c9e15bf203fb21c5a800a1e2dc 24862 web optional chromium_130.0.6723.58-1~deb12u1_arm64-buildd.buildinfo 1bfac3e8f0ffc337a1d217faa7bc2dea 75350556 web optional chromium_130.0.6723.58-1~deb12u1_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEH43oX1cK+BEEs9Pe/9j0ct/+ZwwFAmcW6cgACgkQ/9j0ct/+ ZwzPPw/+L24A9rrGji5N3eojJKHmUE4Dn7tiNKlYGgIl2Umnwqt+vLYlokd/Yath 9/gX36iXa2arFvmQ/XinyybOcTdrxzGh9JJ1fdrCydK+2HuwCM2bk2CWkaMn1REK X8K+LGE+thNIWG68g9obbE1WNgQU+keyDEMc0HKxdXqPxkCJYl2xRCr/pVhANiBw dRP0kr2b2XwWObNOXRSfD/hSsDHKOnjKhhhKPSzlOhjYd10yUPFiSZP6sCaG3ckB vnebqHfIsNb10GqsquCtgUdjPf3vD4CpSUEBE+xLtb3iU4oP0LsElxdtPVEL/2mV Oy97P1tnW2TH2G4OQnljVPEWyovpGkoBy57vL+9n63abntwpTjkoUcFTZ1vsUIUz 933825gF4jyu8hnTXJzr3b4IysA4gYfos83fPq9LlHK7ZsO1wxdP9XB2h4mwBsKx 9gIKGUK8UylTHEh4fCojtnIejtNI75rfEWfLARDZVV0MMSWhFqL61XP0qqE7Vw9a lRjiOvy12bBrhNl2+j/WR9dgc2h4LnwK2GpLOi2Y/+t2AUnwhgyxr2PdkOTVBhcB T/kYF9eAS/h5fT1WUa35h0SrjH4L8v7iPvOPtTBSQ66gc46Pn6DcFnYGEbdZEHhp Z2YxiF43xtgEQURhpiQ/Nr28PGnXMjGu0rFVWyMRGPAtwj9LDEk= =ZQr7 -----END PGP SIGNATURE-----