Back to chromium PTS page

Accepted chromium 121.0.6167.85-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted chromium 121.0.6167.85-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 24 Jan 2024 02:30:39 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: chromium_121.0.6167.85-1_source.changes
Debian-source: chromium
Debian-suite: unstable
Debian-version: 121.0.6167.85-1
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=mrG5H1P4IaYdgJfsz5FUOGrj9knZV+SP/vC5ZSJfWXs=; b=O3/6TTH1GYS9ltpz66wo3nZBVB WHAd9k9QNRGH5NNkl/y4AS5oUJyvFG43Immh5iXiRzU6YDLUMITWZvtQQavCEDCot3vznq7Uu2a+A UoTV6EX+0a/H4rmQ0QkV3Lpd7P1uSCbguRPBVPfj5eZh/YnQwqiuEYjuvnFr9NcTMk2n6236nNOtL F0YEpfukNajCnoU5kF9yExEGnXcArGWtRFGSi7s7TozkCGpMXzwiF/pquRPOi3ea3CMhpE0VsdNkj ZuG9A2paUfENlWKeHsFVKqchKzhSPifalCQL3Eix1BDTQDvI9r7Fuz60KwXqYWPMFubhTCmxdC40d BdTRj2Fg==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1rST2F-00DloK-Fv@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 23 Jan 2024 17:59:49 -0500
Source: chromium
Architecture: source
Version: 121.0.6167.85-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (121.0.6167.85-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-0807: Use after free in WebAudio.
       Reported by Huang Xilin of Ant Group Light-Year Security Lab.
     - CVE-2024-0812: Inappropriate implementation in Accessibility.
       Reported by Anonymous.
     - CVE-2024-0808: Integer underflow in WebUI.
       Reported by Lyra Rebane (rebane2001).
     - CVE-2024-0810: Insufficient policy enforcement in DevTools.
       Reported by Shaheen Fazim.
     - CVE-2024-0814: Incorrect security UI in Payments.
       Reported by Muneaki Nishimura (nishimunea).
     - CVE-2024-0813: Use after free in Reading Mode. Reported by @retsew0x01.
     - CVE-2024-0806: Use after free in Passwords.
       Reported by 18楼梦想改造家.
     - CVE-2024-0805: Inappropriate implementation in Downloads.
       Reported by Om Apip.
     - CVE-2024-0804: Insufficient policy enforcement in iOS Security UI.
       Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
     - CVE-2024-0811: Inappropriate implementation in Extensions API.
       Reported by Jann Horn of Google Project Zero.
     - CVE-2024-0809: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
   * d/copyright: drop another eu-strip binary.
   * d/patches:
     - fixes/atspi.patch: drop, merged upstream.
     - fixes/gcc13-headers.patch: drop portions that were merged upstream.
     - upstream/nullptr_t.patch: drop, merged upstream.
     - upstream/string-include.patch: drop, merged upstream.
     - ungoogled/disable-web-environment-integrity.patch: remove, upstream
       wisely backed off and removed WEI.
     - disable/signin.patch: refresh for minor upstream changes.
     - disable/catapult.patch: refresh for minor upstream changes.
     - system/openjpeg.patch: refresh for minor upstream changes.
     - bookworm/clang16.patch: drop portion that was merged upstream.
     - upstream/vector.patch: missing header fix, pulled from upstream.
     - upstream/display-header.patch: missing header fix, pulled from upstream.
     - upstream/bitset.patch: missing header fix, pulled from upstream.
     - upstream/once_flag.patch: missing header fix, pulled from upstream.
     - bookworm/constexpr-equality.patch: add clang-16 workaround.
     - bookworm/nvt.patch: revert an upstream c++-20 change that confuses
       clang-16.
     - fixes/libxml-parseerr.patch: revert change from a newer libxml than
       debian's.
 .
   [ Timothy Pearson ]
   * d/patches:
     - fixes/std-to-address.patch: work around incorrect template selection
       in Mojo ConvertTo()
     - fixes/stdint.patch: add missing stdint include to performance manager
   * d/patches/ppc64le:
     - fixes/fix-rust-linking.patch: allow linking C and Rust libraries in full
       archive mode
     - libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: refresh
       for upstream changes
     - third_party/skia-vsx-instructions.patch: refresh for upstream changes
     - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       refresh for upstream changes
Checksums-Sha1:
 c35b357ecd80c9e78fb465dd5a56f5e675abad8b 3719 chromium_121.0.6167.85-1.dsc
 1b2ef2a40e8dd32bb84604087e90ae343872ffe6 826644536 chromium_121.0.6167.85.orig.tar.xz
 c6dd4962eb974760b83ce5da4f14d138c4e645f0 372528 chromium_121.0.6167.85-1.debian.tar.xz
 8e2e5af4a3b1f3d8b20a4a075476e10224da33f1 21647 chromium_121.0.6167.85-1_source.buildinfo
Checksums-Sha256:
 9c89a19e14e91308f76432268688a1df970ebe2c61143cde8d1786a67bcf2319 3719 chromium_121.0.6167.85-1.dsc
 19f1a21a066495a1a9740f87ad36dfd877758f500fbb3b816fdec0ff3d2d1275 826644536 chromium_121.0.6167.85.orig.tar.xz
 bbd2712811e27ad07b3ee9fefc499bfef524a0fa5694bc6759236ad2be63c193 372528 chromium_121.0.6167.85-1.debian.tar.xz
 5b842744e960b09e46fa52283ed9029e41169e8f57aca36b6c297bb21863165f 21647 chromium_121.0.6167.85-1_source.buildinfo
Files:
 5e241df3f3a87803b374ebc5e4066df6 3719 web optional chromium_121.0.6167.85-1.dsc
 f0f0bd74b1394c501296c165223c1bb6 826644536 web optional chromium_121.0.6167.85.orig.tar.xz
 9919bd8fd72c4f6b6bbcf925f276e669 372528 web optional chromium_121.0.6167.85-1.debian.tar.xz
 48e70c74ffa5d66af368493314f65f18 21647 web optional chromium_121.0.6167.85-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmWwZr4UHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudjfshw//Vwib4K8ow+t1XxP0O5mfhaCRkrsM
/e+RPwOyf9y8XsIdu2Gp7FIqhCfrwCN2HYYbfdOr3EFHBLDcAp4TP8uFOfAPAVgw
pXuho1VBtFVnUhLkj/hy1iD8tfLR179N78qWqvADn0Ab64MpcPOSbbPsYgEKB8O5
hN+X+6Le+noClwCZFx/lFuMtYjvJhkJOhyc2xu7i7t/LCX0Xs6qtssXlF+8gLlrg
2vyFFHd+cqf+1xQ65JW5L3113uWa/iG9lScELfXyrgvFl5cPUcbnyLvuGJ4FOoEM
Z0TtxrC8ANJtY5P2PbszlxM5DBE3Za7pIahiHBCKgJdOKgJNrZeIRV/cCS7ZI+aM
R0BV1IssQ1umxMyzCxKUJybeaBItYcNBZ0IiqBjcSCViOTeQ2v5WvfyT2lR8r5TT
qTBRvj9CaCrfKIM1WS9pEJwSGnuuP/LMHWgpaZtiqQCf+2gFGD4c6DhZ+tUnFQ13
kZGrh/73tjNRvSXWc1/LpR8ayCVAbM9MEz1muos2BHqtK13leJIfk/wQ1U9R3zYX
5TtF4OdpBAWf0Z/OZkhK44IbDI8sEl3uN8BtSY5AMmRabbZauPgwj3zoxRouy0J1
JCU3svna2Tcz1MKZBdVxi8mu/UL484E31/eFb99vYKErlJxWMqFWyOldthgTMV/D
0HSpqye2gHBdxl8=
=B1pR
-----END PGP SIGNATURE-----