-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 19 Oct 2024 01:12:11 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: amd64 Version: 130.0.6723.58-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: amd64 Build Daemon (x86-grnet-01) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (130.0.6723.58-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2024-9954: Use after free in AI. Reported by DarkNavy. - CVE-2024-9955: Use after free in Web Authentication. Reported by anonymous. - CVE-2024-9956: Inappropriate implementation in Web Authentication. Reported by mastersplinter. - CVE-2024-9957: Use after free in UI. Reported by lime(@limeSec_) and fmyy(@binary_fmyy) From TIANGONG Team of Legendsec at QI-ANXIN Group. - CVE-2024-9958: Inappropriate implementation in PictureInPicture. Reported by Lyra Rebane (rebane2001). - CVE-2024-9959: Use after free in DevTools. Reported by Sakana.S. - CVE-2024-9960: Use after free in Dawn. Reported by Anonymous. - CVE-2024-9961: Use after free in Parcel Tracking. Reported by lime(@limeSec_) and fmyy(@binary_fmyy) From TIANGONG Team of Legendsec at QI-ANXIN Group. - CVE-2024-9962: Inappropriate implementation in Permissions. Reported by Shaheen Fazim. - CVE-2024-9963: Insufficient data validation in Downloads. Reported by Anonymous. - CVE-2024-9964: Inappropriate implementation in Payments. Reported by Hafiizh. - CVE-2024-9965: Insufficient data validation in DevTools. Reported by Shaheen Fazim. - CVE-2024-9966: Inappropriate implementation in Navigations. Reported by Harry Chen. * d/copyright: rollup -> @rollup deletion. * d/patches: - debianization/sandbox.patch: refresh. - fixes/bindgen.patch: refresh. - disable/catapult.patch: refresh. - system/zlib.patch: drop. Upstream removed courgette, and its replacement (zucchini) doesn't appear to use zlib. - system/rollup.patch: update path due to upstream renaming; call ./rollup/.../rollup instead of ./@rollup/wasm-node/.../rollup. - system/event.patch: drop half of patch due to upstream deletions. - upstream/mojo-null.patch: merged into mojo.patch. - upstream/mojo.patch: update based on 130 test files. - bookworm/gn-absl.patch: refresh. - bookworm/gn-funcs.patch: refresh. - bookworm/cacheline.patch: add patch to revert usage of std::hardware_destructive_interference_size, which clang-16 lacks. - bookworm/constexpr2.patch: add around clang16 build failure workaround related to constexpr. - upstream/stack-header.patch: add missing include. . [ Daniel Richard G. ] * d/rules: Drop the clang-16 -I/-Wl,-rpath flags from CXXFLAGS/LDFLAGS as they are no longer needed. . [ Timothy Pearson ] * d/patches: - upstream/blink-fix-size-assertions.patch: Fix build on non-amd64 platforms - fixes/fix-assert-in-vnc-sessions.patch: Fix assertion and SIGTRAP when starting Chromium from within a VNC session * d/patches/ppc64le: - core/add-ppc64-pthread-stack-size.patch: Define correct pthread stack size on ppc64 systems - core/cargo-add-ppc64.diff - third_party/0001-Add-PPC64-support-for-boringssl.patch: Refresh for upstream changes - third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when- .patch: Refresh for upstream changes - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch: Refresh for upstream changes - third_party/skia-vsx-instructions.patch: Refresh for upstream changes - workarounds/HACK-debian-clang-disable-skia-musttail.patch: Refresh for upstream changes Checksums-Sha1: e10e68265817a77073136585b91c7504af953137 4764524 chromium-common-dbgsym_130.0.6723.58-1~deb12u1_amd64.deb 8f0e8d1731824bdd5a1b461cade1242774271c2b 10036152 chromium-common_130.0.6723.58-1~deb12u1_amd64.deb 6ac1d9e7ca420ae5c89204990e2e30907c41999f 33807032 chromium-dbgsym_130.0.6723.58-1~deb12u1_amd64.deb 793d9c71fe90a4187e42a8057b94a5bf49517b05 6497292 chromium-driver_130.0.6723.58-1~deb12u1_amd64.deb a824d8e48c550faca1930a791564785209193599 13744 chromium-sandbox-dbgsym_130.0.6723.58-1~deb12u1_amd64.deb 81e916bc3dd354028a297c251d491224ee50bf4a 96904 chromium-sandbox_130.0.6723.58-1~deb12u1_amd64.deb 2f9090ed22e5c16e5b619c8ed2e0d9148e0c71f1 27628660 chromium-shell-dbgsym_130.0.6723.58-1~deb12u1_amd64.deb a9866b766c01dd654d6b858d7d426673fafb6a27 52332224 chromium-shell_130.0.6723.58-1~deb12u1_amd64.deb cd4fcb31644cba82bd4210f38fd328b003d4107e 24896 chromium_130.0.6723.58-1~deb12u1_amd64-buildd.buildinfo c49474e534fc84a3b53e649266f087b101ef7155 85211624 chromium_130.0.6723.58-1~deb12u1_amd64.deb Checksums-Sha256: 9163fbe882355466e141c101a5a92de81dd980f03ec93014c6a88957b8202fa0 4764524 chromium-common-dbgsym_130.0.6723.58-1~deb12u1_amd64.deb 52430135cd488baa9a69aa6e8c0c9f8ecb5c9d1e92ede60c81d55e89ca8d421c 10036152 chromium-common_130.0.6723.58-1~deb12u1_amd64.deb c678a9ecbe03523ce107d52d7b3aa4d55e2218134fa332ee7b808a6c55dac7a2 33807032 chromium-dbgsym_130.0.6723.58-1~deb12u1_amd64.deb 4946a786f19d9265c4b58d6961ac7e10ae77c891f441b29c01fc01a146b93480 6497292 chromium-driver_130.0.6723.58-1~deb12u1_amd64.deb e44ccb61fd2eeb9d50bc9fff91dbe8dd0e10611bec66800b6dae760261abcef0 13744 chromium-sandbox-dbgsym_130.0.6723.58-1~deb12u1_amd64.deb b6d8c15009d31d624d0c5083f4e0396cb47f8683d8d8576f259fbc41d1970abf 96904 chromium-sandbox_130.0.6723.58-1~deb12u1_amd64.deb fd4e0d434adba7bd0f2a9ec0af87487778bea218d9a153f56870baa53d743ce0 27628660 chromium-shell-dbgsym_130.0.6723.58-1~deb12u1_amd64.deb ca8de22e38c7685ed7153e9245acc36af3350d3b05d471bed0a167ae93f39ddb 52332224 chromium-shell_130.0.6723.58-1~deb12u1_amd64.deb acd77fb2c18b95f2252b1d8e1892e803751f40d340d20c74892a4a9724a8f744 24896 chromium_130.0.6723.58-1~deb12u1_amd64-buildd.buildinfo f3382f02b62df0f18f4f5a4dd0ccc3dcb1a16a8123b8a9e4ac8e4d2932a61a51 85211624 chromium_130.0.6723.58-1~deb12u1_amd64.deb Files: 278c7eec583bcb86f449f8d22c7bbbc7 4764524 debug optional chromium-common-dbgsym_130.0.6723.58-1~deb12u1_amd64.deb bb6adcb4e84ddaffba8f4bc61e247ca7 10036152 web optional chromium-common_130.0.6723.58-1~deb12u1_amd64.deb 6eb92fdd68923beb680407aaab4d4d06 33807032 debug optional chromium-dbgsym_130.0.6723.58-1~deb12u1_amd64.deb 62e2c5eeae76d924c4c45c7c3d82254e 6497292 web optional chromium-driver_130.0.6723.58-1~deb12u1_amd64.deb e84325f116867c508729e2ad8471312e 13744 debug optional chromium-sandbox-dbgsym_130.0.6723.58-1~deb12u1_amd64.deb 79d620be18f5ae1f18ade74da20b45d9 96904 web optional chromium-sandbox_130.0.6723.58-1~deb12u1_amd64.deb b83c6d5384c8f6a200557f3d26687708 27628660 debug optional chromium-shell-dbgsym_130.0.6723.58-1~deb12u1_amd64.deb 7d3bdbdf1207cd028f3c898676ce31be 52332224 web optional chromium-shell_130.0.6723.58-1~deb12u1_amd64.deb 569179333f3570ee4523a9421172ac82 24896 web optional chromium_130.0.6723.58-1~deb12u1_amd64-buildd.buildinfo c33af2a3ea4dff335a1d785ef1d82731 85211624 web optional chromium_130.0.6723.58-1~deb12u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEyTfXx8sBpQ0Lh3cUU9a0/LcaTpMFAmcUgrUACgkQU9a0/Lca TpOVbg/9Fh3kMdHICEweuZfu7A6LoaD4qbXEGAtdhrc7vfjGlgait91nqqLOVdzZ XL9+gaXaiQGDNfnRlggloXzZtUoefSjQysjJlB+ytUEhXSzhzXdtQGOn7nu8m/vf uv/pJlpNKtmA8QgdAmFGF3/AXDNb+fTCUZHFc20APZfUyUb7LEQPHEfSDszR8RBh UeGpyn0DPv+S0gelarqudPxAdxoo42S4RaezZC+5Tm3P9F5fk/Bvskc2v4Ym94W5 BOld/hl7ZsjZXN3mHKeah/YuU2osNM3hNysN78JtQopyRqKi1ApVNJ7+J0ElXnCn kYCKQnurJxqIIg5C/domIRVh9LyjWQ9gBclSlE1qr/43juBtqC7zJmfTOKPpm5qz 67H21ZO6HjZWeYeoxVgGDiHOjdwZAt5Qe7V8sLkFw4lWdBYhdRAP2gJrOjOCSjSF Z5wra05OItRqkvrKUcCxGsUhz7qsCRFb/rqlBfGWHj8LkGQc0N96d4mHoAirgHcN J+sU7GdvjJAMm2WnKDdrjNbDOuUMLM4gyOZqEbM1jXcjb3SI7YvKpg21inI8zM90 eQqZyqo71cOpXEYd/IvBt5+B2qdbb0EH8K8kCsJv86jADy85QXpKYMNlHY/GCBea E6/Cz2qcLewIch4pb4Vd6IoV/smQqpCJ112WlnOsIuodu6ffGCo= =ZHB7 -----END PGP SIGNATURE-----