-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 19 Oct 2024 01:12:11 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: armhf Version: 130.0.6723.58-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-ubc-05) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (130.0.6723.58-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2024-9954: Use after free in AI. Reported by DarkNavy. - CVE-2024-9955: Use after free in Web Authentication. Reported by anonymous. - CVE-2024-9956: Inappropriate implementation in Web Authentication. Reported by mastersplinter. - CVE-2024-9957: Use after free in UI. Reported by lime(@limeSec_) and fmyy(@binary_fmyy) From TIANGONG Team of Legendsec at QI-ANXIN Group. - CVE-2024-9958: Inappropriate implementation in PictureInPicture. Reported by Lyra Rebane (rebane2001). - CVE-2024-9959: Use after free in DevTools. Reported by Sakana.S. - CVE-2024-9960: Use after free in Dawn. Reported by Anonymous. - CVE-2024-9961: Use after free in Parcel Tracking. Reported by lime(@limeSec_) and fmyy(@binary_fmyy) From TIANGONG Team of Legendsec at QI-ANXIN Group. - CVE-2024-9962: Inappropriate implementation in Permissions. Reported by Shaheen Fazim. - CVE-2024-9963: Insufficient data validation in Downloads. Reported by Anonymous. - CVE-2024-9964: Inappropriate implementation in Payments. Reported by Hafiizh. - CVE-2024-9965: Insufficient data validation in DevTools. Reported by Shaheen Fazim. - CVE-2024-9966: Inappropriate implementation in Navigations. Reported by Harry Chen. * d/copyright: rollup -> @rollup deletion. * d/patches: - debianization/sandbox.patch: refresh. - fixes/bindgen.patch: refresh. - disable/catapult.patch: refresh. - system/zlib.patch: drop. Upstream removed courgette, and its replacement (zucchini) doesn't appear to use zlib. - system/rollup.patch: update path due to upstream renaming; call ./rollup/.../rollup instead of ./@rollup/wasm-node/.../rollup. - system/event.patch: drop half of patch due to upstream deletions. - upstream/mojo-null.patch: merged into mojo.patch. - upstream/mojo.patch: update based on 130 test files. - bookworm/gn-absl.patch: refresh. - bookworm/gn-funcs.patch: refresh. - bookworm/cacheline.patch: add patch to revert usage of std::hardware_destructive_interference_size, which clang-16 lacks. - bookworm/constexpr2.patch: add around clang16 build failure workaround related to constexpr. - upstream/stack-header.patch: add missing include. . [ Daniel Richard G. ] * d/rules: Drop the clang-16 -I/-Wl,-rpath flags from CXXFLAGS/LDFLAGS as they are no longer needed. . [ Timothy Pearson ] * d/patches: - upstream/blink-fix-size-assertions.patch: Fix build on non-amd64 platforms - fixes/fix-assert-in-vnc-sessions.patch: Fix assertion and SIGTRAP when starting Chromium from within a VNC session * d/patches/ppc64le: - core/add-ppc64-pthread-stack-size.patch: Define correct pthread stack size on ppc64 systems - core/cargo-add-ppc64.diff - third_party/0001-Add-PPC64-support-for-boringssl.patch: Refresh for upstream changes - third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when- .patch: Refresh for upstream changes - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch: Refresh for upstream changes - third_party/skia-vsx-instructions.patch: Refresh for upstream changes - workarounds/HACK-debian-clang-disable-skia-musttail.patch: Refresh for upstream changes Checksums-Sha1: 48ab75d47858e2716924e774f94bc8b17069026c 5821028 chromium-common-dbgsym_130.0.6723.58-1~deb12u1_armhf.deb 0110d73f0e86eb5148c57d42e7e0af7bb5fcbf24 9780956 chromium-common_130.0.6723.58-1~deb12u1_armhf.deb ce4712b1123df22153bf2c26f417c0eb86a11745 33984952 chromium-dbgsym_130.0.6723.58-1~deb12u1_armhf.deb 808a98e07a8f908dac9a9f769c406da4766518a6 6240516 chromium-driver_130.0.6723.58-1~deb12u1_armhf.deb 4ff5e254c9c797374267f93217b6014c64a0ed6d 12288 chromium-sandbox-dbgsym_130.0.6723.58-1~deb12u1_armhf.deb 4eef6d6bad6f9f03b7a8c0da82896262a4c90329 96468 chromium-sandbox_130.0.6723.58-1~deb12u1_armhf.deb 358526f1fc56ad4ffba10dd6bf3de901bee694ca 28185300 chromium-shell-dbgsym_130.0.6723.58-1~deb12u1_armhf.deb b8658b0ad873885db53c02bbbea0795285eecac9 48866552 chromium-shell_130.0.6723.58-1~deb12u1_armhf.deb 231a460d914aef32ce6d42c5c5eb87b2a140cf1e 24801 chromium_130.0.6723.58-1~deb12u1_armhf-buildd.buildinfo bebc20778049aa1c63d68b063551c21c62901965 69844764 chromium_130.0.6723.58-1~deb12u1_armhf.deb Checksums-Sha256: f78a2b7f81db2645bb1dbe76e58875e2d33ccf9eeb7ca6a114aabb3936b574fd 5821028 chromium-common-dbgsym_130.0.6723.58-1~deb12u1_armhf.deb 34268212887b5900a06d8be2db942e49bbe11e46fbb5fb09cbd53191c11c4b62 9780956 chromium-common_130.0.6723.58-1~deb12u1_armhf.deb d77033fecc5ae00eebf75b1ac7756a5fababc548829be2e4656abb243e746492 33984952 chromium-dbgsym_130.0.6723.58-1~deb12u1_armhf.deb 20a393f4e5d396a361156a5a84cc037696b0abb8beb085f5438180aa6aff8cd5 6240516 chromium-driver_130.0.6723.58-1~deb12u1_armhf.deb 516172ad4fe85da8a615dadbefc091f6055457b3f9fdc1fb6b2991c4ddbda820 12288 chromium-sandbox-dbgsym_130.0.6723.58-1~deb12u1_armhf.deb 250e54d753892501286ecf01284256fab6472275f1ee04c5c096d6069f3135c4 96468 chromium-sandbox_130.0.6723.58-1~deb12u1_armhf.deb dd868bb49f9a00a02ab6df90c8cd61d87aff11a80243f67a90e0d45440c82667 28185300 chromium-shell-dbgsym_130.0.6723.58-1~deb12u1_armhf.deb 7229bb6d8abe933b49db20a32cfc168a402734b9b544ed4b226a5ad5e7fd9988 48866552 chromium-shell_130.0.6723.58-1~deb12u1_armhf.deb e0e49277dcfc1c5b5e6fbbe39036303fe089dcf6456772d186271befb75fab17 24801 chromium_130.0.6723.58-1~deb12u1_armhf-buildd.buildinfo 46438db5273aed7fbd46a12629cadc54522085217e44e01a4a935b0ee1871510 69844764 chromium_130.0.6723.58-1~deb12u1_armhf.deb Files: 63dc48398f44c2ae010fa21428601776 5821028 debug optional chromium-common-dbgsym_130.0.6723.58-1~deb12u1_armhf.deb 829c321b9b56f21c893eee007a0a5018 9780956 web optional chromium-common_130.0.6723.58-1~deb12u1_armhf.deb a325b0ded9d30b33c1a1c6a38a916390 33984952 debug optional chromium-dbgsym_130.0.6723.58-1~deb12u1_armhf.deb f17646547ceef1769eca5415c3a47bdf 6240516 web optional chromium-driver_130.0.6723.58-1~deb12u1_armhf.deb fb233e0cf6612931b0e1dbf787b8e584 12288 debug optional chromium-sandbox-dbgsym_130.0.6723.58-1~deb12u1_armhf.deb 0ba53b621bf5eb9d6778b6eafe9bf957 96468 web optional chromium-sandbox_130.0.6723.58-1~deb12u1_armhf.deb fb0e7cb889d2ad188b34a8e24a1ddac9 28185300 debug optional chromium-shell-dbgsym_130.0.6723.58-1~deb12u1_armhf.deb c029bef9cd2872e99ca6dc61ef5bd26b 48866552 web optional chromium-shell_130.0.6723.58-1~deb12u1_armhf.deb 27d758172681935c3987209eab078dc9 24801 web optional chromium_130.0.6723.58-1~deb12u1_armhf-buildd.buildinfo f4833ccaf54320a3d2d3d5e9608e4910 69844764 web optional chromium_130.0.6723.58-1~deb12u1_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEmbvtGd+QaAE2Bi5fsFgOvjtRcdMFAmcW4QAACgkQsFgOvjtR cdPn3A//TaAVs4uJpEGY5ThgsQan45jsCkOQQ4Bvq4k4LvnKfih7l4HtknlLmaKR L74+iDM1CZ1asnJNvM9sSyyAoPFnR+6i69Z0YN0+3UT6vcgU/SXWMACb2aecpOqq YgOjcrwfxGfnjkYa1WeoY2g1FCfCNVfGV0uRRHZMI5F1qqq9IOL6OFR2v/oDj/Hx 02y5ruxn3h1ta5PyzFwHJixXdezsgbM0PtPIvwrtq3TQ+L8w4/5YOXaeRRVVEKvZ JbxPcvNYLjjeUGjR0Bw2BX9XIle5MMjN7GQf+b9P/BWSvuPVbc3BaQg4UiKG+FVt h9x0I6GNUvsWmruJMD4CkYam5YKdlGJ5I+ONWBNQfG5XfXIKSfaokMV/HogO6kIb QWGYHyFGzD64LlgMzdyO0bm56cqJAz1dEFfJxt/xp1ylP7a/k4O9gaADa9613HNp 1H3wWGFfHu3Gs3o9l9q8sGsLWRt0plBEO1gMZlOobRZSHUWmWxsuZnpCiUGKkGJ6 ArBoW1S987cxax2kh4DOAK1nKoPwmjU/iUVevetHL8vDhxlL1O4R+dxocOsSVO5T O1Mk+iIoZioocezCyCZ2KquHLdTJIi/eT3fiVLXBYqZlAA7t4obioZzDfcE1daK8 IIvVTqGSt492rPcFGwhI8fWKf4kXJ6GJGIFJWee1ASrLZFRiyu4= =afeH -----END PGP SIGNATURE-----