Accepted chromium 117.0.5938.132-1~deb12u1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted chromium 117.0.5938.132-1~deb12u1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 07 Oct 2023 17:47:21 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: chromium_117.0.5938.132-1~deb12u1_source.changes
- Debian-source: chromium
- Debian-suite: proposed-updates
- Debian-version: 117.0.5938.132-1~deb12u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=Vr0z1sqlxE/0Xf2I9kYSWHX7Ig2cTSQahAZ43gLRpOU=; b=hm53Tb3rJg18GK12nUNkC8VmxH Ka/heOhn3ymFZTx0W8FjcBZbDstNdP+VJD3LQKCHsHOC8yk6DunojLLq+ZnVR4Ji8ibNnAhKYeN7I Bls34P5+eOmdSMAq8iqXgT38/mx162SkgGpyR4gWAXOxd641/AFldayrzrURTBdRvVwTZ8rTvK4WX k6A66oy+PxCqvPFHW/fSLQZdoaqlISNXOnvLC3dCJib4AngahR1nWQ7G67qXxG9a1uzRDrAzyQqwx Ic4oWygk7MBZPrTHTWsPdP5SMJjG3RJFLKB8FKJUVuOjM192S/Fis6QgQGMgSGEdoenzPCe/wOsRP tlVOipUQ==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1qpBOb-00CmyA-G1@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 28 Sep 2023 00:41:20 -0400
Source: chromium
Architecture: source
Version: 117.0.5938.132-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Closes: 1053142
Changes:
chromium (117.0.5938.132-1~deb12u1) bookworm-security; urgency=high
.
* New upstream security release.
- CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx.
Reported by Clément Lecigne of Google's Threat Analysis Group.
- CVE-2023-5186: Use after free in Passwords. Reported by [pwn2car].
- CVE-2023-5187: Use after free in Extensions. Reported by Thomas Orlita.
* d/patches:
- bookworm/i386-lock-free.patch: add to fix i386 build failure.
- bookworm/freetype-COLRV1.patch: disable using freetype's COLRV1
(closes: #1053142).
.
chromium (117.0.5938.92-1) unstable; urgency=high
.
* New upstream stable release.
* Enable NEON on armhf. See
<https://lists.debian.org/debian-devel/2023/09/msg00175.html>.
* Add check in d/rules & chromium wrapper to ensure we don't build or
run on non-NEON armhf machines.
Checksums-Sha1:
0e26ec4985ae6e75f3c962fb1899f55783138c7a 3707 chromium_117.0.5938.132-1~deb12u1.dsc
a7a5223a74bb06881cfbd73f589734f927174235 683178832 chromium_117.0.5938.132.orig.tar.xz
a53d410763a42cd12abd6e6be97e5c7ef79e304c 386784 chromium_117.0.5938.132-1~deb12u1.debian.tar.xz
dd3c03bfb4fde057987be1284f419a6b83908667 21263 chromium_117.0.5938.132-1~deb12u1_source.buildinfo
Checksums-Sha256:
a016611362754a58486afb478b3a5998ee126603ee2411ee4b01f2639788cbde 3707 chromium_117.0.5938.132-1~deb12u1.dsc
f228b6a8abfbe134cd1cc03dd6057645851eb734fd17f38144c17996bd111fe2 683178832 chromium_117.0.5938.132.orig.tar.xz
71ba8e09734567d7e850964a325ca390557abc701793b03f22d1a85f60a0db31 386784 chromium_117.0.5938.132-1~deb12u1.debian.tar.xz
c88cae34251472c9b3b04a8b43a86b7dfc4f60240cf4c70bd6b1cfe4beba28df 21263 chromium_117.0.5938.132-1~deb12u1_source.buildinfo
Files:
c2dbf86e0b3f0d5d309d73b19a4e6609 3707 web optional chromium_117.0.5938.132-1~deb12u1.dsc
97cedd66275ca38733a33ffd4233936c 683178832 web optional chromium_117.0.5938.132.orig.tar.xz
38dd47cf92e874d2e86f2db29324fbd8 386784 web optional chromium_117.0.5938.132-1~deb12u1.debian.tar.xz
19b3909c16a257615dec37622cd4eccb 21263 web optional chromium_117.0.5938.132-1~deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmUVosIUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjdiWBAArjoXvrlrTdZWoQu/D1n82GHGSnpV
PnYeIlm1dFbOPai6BykzwGtYNqRKrurdq+D9JNUx1cfYWaPH+7ED6+HpVC01NkA8
6gzVOk+vHjigec/TQnV6eME3fHTOkLLXk3mjvWA3sEdDu2Sxwv3187dqhxZK51KZ
sWaWCQfzf7YRbk3azszynJaMw5CGer4mgHrp/UnM9SLJbVjPimRXTGfBhvne8oCm
rvLLYvOQIEWwI7pymO95QThBc3tuepE2QskEEDceqmBmR/T+q3CJmmNJRArkWUUI
yqotL9Bhe2gKNnyOQB9npCb1+Gql0p/F1C4kPrViE7ykiD7GkQAyyzoXcDDi9MMQ
n3q5FZ0Hg5Mc57qdGSFtEKc1tPiDdXin94iK6gkIS9g9gEA0am3fJheRKntjVwPx
Kyfr5O704nlOJoT12EwSKYGRcKtlNOzn1G5mAiHxCe95laKsM9BQfg7ZoyVHHZ1w
pSx0Xk2qzVjWLSyLiGHW1jEEs6qv3LLkyoBROt5jL0wFMAQJ0d7wKwckYeeXSeRc
Fk7Ki+d2KyBN6mH7UvNvpWQic8RQc/e6UZiaSN+fLwwsX2MVc9wD0fdGhtfO4fuI
OY3FaES3albUw0Oe+kVrqtrrSQqEkgrgw6yWb/VQobEV1xN1vo1xK9w5MsZQfjwc
Y+KHVV3+7MhbYRY=
=xOwl
-----END PGP SIGNATURE-----