Back to chromium PTS page

Accepted chromium 121.0.6167.85-1~deb12u1 (source) into proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted chromium 121.0.6167.85-1~deb12u1 (source) into proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sun, 28 Jan 2024 19:47:10 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: chromium_121.0.6167.85-1~deb12u1_source.changes
Debian-source: chromium
Debian-suite: proposed-updates
Debian-version: 121.0.6167.85-1~deb12u1
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=GpILrKJgdIAHUlP6RnA9y3PPidWubNdNNCPC7V8VbK8=; b=eyQxjbrc4IEHTGfJcTBSkdRPVg 6W3iBcluvA36GL2MK7P3SHj9s+5t4wUgfuzcOBveEThDRCgI6z+HJa3AaglinVIHGbXHGWZEQo1bz 877tPogy+013WoWdNwtI8qMyhAjxv+/ewRmJ0ReLuPF2FXw7mI5RWf8xup3JNGL4nSdKGg5lO3Sb6 hNVaKtTHJ5t4pzBaEgxfFpzfRX8k5G1fjjiUxjvXyFrOeEQZVv9wFt7arQhao86woVJ+XyBUfsgD5 e1ureP3HPllswAFIwDfVXvv/6jvhR1rIoPGpjJj1KjWj9wRs+spAjeePhtvt5kILiVWvNKDhigae0 AN7pWsgA==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1rUB7W-001rk3-Li@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 23 Jan 2024 17:59:49 -0500
Source: chromium
Architecture: source
Version: 121.0.6167.85-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (121.0.6167.85-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-0807: Use after free in WebAudio.
       Reported by Huang Xilin of Ant Group Light-Year Security Lab.
     - CVE-2024-0812: Inappropriate implementation in Accessibility.
       Reported by Anonymous.
     - CVE-2024-0808: Integer underflow in WebUI.
       Reported by Lyra Rebane (rebane2001).
     - CVE-2024-0810: Insufficient policy enforcement in DevTools.
       Reported by Shaheen Fazim.
     - CVE-2024-0814: Incorrect security UI in Payments.
       Reported by Muneaki Nishimura (nishimunea).
     - CVE-2024-0813: Use after free in Reading Mode. Reported by @retsew0x01.
     - CVE-2024-0806: Use after free in Passwords.
       Reported by 18楼梦想改造家.
     - CVE-2024-0805: Inappropriate implementation in Downloads.
       Reported by Om Apip.
     - CVE-2024-0804: Insufficient policy enforcement in iOS Security UI.
       Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
     - CVE-2024-0811: Inappropriate implementation in Extensions API.
       Reported by Jann Horn of Google Project Zero.
     - CVE-2024-0809: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
   * d/copyright: drop another eu-strip binary.
   * d/patches:
     - fixes/atspi.patch: drop, merged upstream.
     - fixes/gcc13-headers.patch: drop portions that were merged upstream.
     - upstream/nullptr_t.patch: drop, merged upstream.
     - upstream/string-include.patch: drop, merged upstream.
     - ungoogled/disable-web-environment-integrity.patch: remove, upstream
       wisely backed off and removed WEI.
     - disable/signin.patch: refresh for minor upstream changes.
     - disable/catapult.patch: refresh for minor upstream changes.
     - system/openjpeg.patch: refresh for minor upstream changes.
     - bookworm/clang16.patch: drop portion that was merged upstream.
     - upstream/vector.patch: missing header fix, pulled from upstream.
     - upstream/display-header.patch: missing header fix, pulled from upstream.
     - upstream/bitset.patch: missing header fix, pulled from upstream.
     - upstream/once_flag.patch: missing header fix, pulled from upstream.
     - bookworm/constexpr-equality.patch: add clang-16 workaround.
     - bookworm/nvt.patch: revert an upstream c++-20 change that confuses
       clang-16.
     - fixes/libxml-parseerr.patch: revert change from a newer libxml than
       debian's.
     - bookworm/undo-rust-req.patch: revert change that makes rust required
       to build (for now).
     - bookworm/eraseif-lamba.patch: revert changes switching to std::erase_if
       to work around libstdc++-12 bug.
 .
   [ Timothy Pearson ]
   * d/patches:
     - fixes/std-to-address.patch: work around incorrect template selection
       in Mojo ConvertTo()
     - fixes/stdint.patch: add missing stdint include to performance manager
   * d/patches/ppc64le:
     - fixes/fix-rust-linking.patch: allow linking C and Rust libraries in full
       archive mode
     - libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: refresh
       for upstream changes
     - third_party/skia-vsx-instructions.patch: refresh for upstream changes
     - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       refresh for upstream changes
Checksums-Sha1:
 581e891c11457ff68528e0022b5190138518d615 3731 chromium_121.0.6167.85-1~deb12u1.dsc
 1b2ef2a40e8dd32bb84604087e90ae343872ffe6 826644536 chromium_121.0.6167.85.orig.tar.xz
 b4b2d5f75c9f5e6b4a41d5dbaa88a8acf60f137a 375416 chromium_121.0.6167.85-1~deb12u1.debian.tar.xz
 361b8721f97f29855dd3d50f6f02ffccd6e5d5d4 21628 chromium_121.0.6167.85-1~deb12u1_source.buildinfo
Checksums-Sha256:
 b872cabe965ae00babde3a5b0eec1a41393f97b6897eb1485f4fce108ad0dc98 3731 chromium_121.0.6167.85-1~deb12u1.dsc
 19f1a21a066495a1a9740f87ad36dfd877758f500fbb3b816fdec0ff3d2d1275 826644536 chromium_121.0.6167.85.orig.tar.xz
 d565de8a7c71ce9dea630e65dd2f2fe41112eb755a3d0c823316674a264c42a8 375416 chromium_121.0.6167.85-1~deb12u1.debian.tar.xz
 dc22f424d4000071702df3522ef8b1c300df7d18cd01f5f2bbf9263d254ddda1 21628 chromium_121.0.6167.85-1~deb12u1_source.buildinfo
Files:
 c5a08447a2e09101314ab410d2947284 3731 web optional chromium_121.0.6167.85-1~deb12u1.dsc
 f0f0bd74b1394c501296c165223c1bb6 826644536 web optional chromium_121.0.6167.85.orig.tar.xz
 329dff4f66a8b6bef3326f010b9a4e23 375416 web optional chromium_121.0.6167.85-1~deb12u1.debian.tar.xz
 365bb9eb687b1f1b69731a324051d0af 21628 web optional chromium_121.0.6167.85-1~deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmWw01kUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjfkDA/9EGqc9u72QIIkDV9HajnHFfjpEK/y
FwwI8x9IeAd/vcN2eA+bkppSoAwuTY83xclKH90sVTzGuBcaIMVVMDEYrWKjfW7y
YFkXH7iYGT2vHB4y8WpgLyBMTBnsEixjWnltL/Z/hso1pfJ9gYlO5vDqOVQHjChw
fueVPEWyibnW1YsL4omQcnb2ANKjipL9jZKbQqhebkeEGa/0bsYLP9P8xK4OSFIv
cABaS5+I2oXF36ACWlz2Rrq89zDp2DABckqg/i4hTb0VVyBNDQYvksxlmkSUxTVo
u9H1w2PMeDuSgJvZy4D7mt/b9f7dfWXgXRafbBoPvhNw5UM+WWSupVgHnvZKKrso
ev1omwdShBzq248XE58pOqSpwGoXXk5u9y4PN88YTajs95cSvkwLtNnrouk8swK+
IMoC4MEQtWo2jG2IVYRqnpSXGwwDqHBCsUOKYXxMG9Nq0homh8PT+axYOJjOq33U
nrzgkQ8v1f4yAI+/0v9ybRgu+qYvydmich2y/zfwk2/+FuRs5jxbrujYqIBpRR3T
LnFvFir2Irvg7QjbJAy/BcEZD8MMQJPyxY9+zZy04gQCn1WIQPqVbHoqa2NzXhQm
4Zhmve4yu/xS/u2KH+58loOkqrd5dtFO9KiHcyVEza88NL7sEBytKNOYwxoha/m8
Lk4ftL55psvV3qE=
=m9KQ
-----END PGP SIGNATURE-----