Back to chromium PTS page

Accepted chromium 123.0.6312.86-1~deb12u1 (source) into proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 28 Mar 2024 11:57:05 -0400
Source: chromium
Architecture: source
Version: 123.0.6312.86-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Timothy Pearson <tpearson@debian.org>
Closes: 1066235 1066910 1067886
Changes:
 chromium (123.0.6312.86-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-2883: Use after free in ANGLE.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2024-2885: Use after free in Dawn. Reported by wgslfuzz.
     - CVE-2024-2886: Use after free in WebCodecs. Reported by
       Seunghyun Lee (@0x10n) of KAIST Hacking Lab, via Pwn2Own 2024.
     - CVE-2024-2887: Type Confusion in WebAssembly.
       Reported by Manfred Paul, via Pwn2Own 2024.
   * d/patches/ppc64le:
     - fixes/fix-clang-selection.patch: select clang on ppc64 platforms
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: fix
       ARM builds.
 .
   [ Andres Salomon ]
   * d/patches:
     - fixes/bad-font-gc1.patch, fixes/bad-font-gc2.patch: revert a pair of
       upstream commits that result in blink's garbage collector frequently
       deadlocking and crashing (closes: #1067886).
 .
 chromium (123.0.6312.58-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-2625: Object lifecycle issue in V8.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2024-2626: Out of bounds read in Swiftshader.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2024-2627: Use after free in Canvas. Reported by Anonymous.
     - CVE-2024-2628: Inappropriate implementation in Downloads.
       Reported by Ath3r1s.
     - CVE-2024-2629: Incorrect security UI in iOS.
       Reported by Muneaki Nishimura (nishimunea).
     - CVE-2024-2630: Inappropriate implementation in iOS.
       Reported by James Lee (@Windowsrcer).
     - CVE-2024-2631: Inappropriate implementation in iOS.
       Reported by Ramit Gangwar.
   * d/patches:
     - upstream/bitset.patch: drop, merged upstream.
     - upstream/bookmarknode.patch: drop, merged upstream.
     - upstream/optional.patch: drop, merged upstream.
     - upstream/uniqptr.patch: drop, merged upstream.
     - fixes/gcc13-headers.patch: drop, merged upstream.
     - fixes/optional.patch: drop, merged upstream.
     - fixes/material-utils.patch: drop part that was merged upstream.
     - disable/catapult.patch: refresh.
     - bookworm/constexpr-equality.patch: include another similar fix.
     - bookworm/nvt.patch: refresh.
     - bookworm/undo-internal-alloc.patch: drop, as this was fixed upstream.
     - ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
     - disable/angle-perftests.patch: drop, replace with a gn build argument.
     - bookworm/rust-downgrade-osstr-users.patch: add new patch to downgrade
       clap-lex crate, as it's using 1.74 features and we only have 1.70.
     - fixes/strlcpy.patch: add strlcpy declaration (closes: #1066235).
     - fixes/optional2.patch: add another missing <optional> inclusion.
     - fixes/stats-collector.patch: add build fix for wrong header.
     - disable/screen-ai-blob.patch: add patch to not register the
       ScreenAI component. Previously, if you opened a PDF and clicked
       "open in reader mode", it would download a binary blob to
       ~/.config/chromium/screen_ai/, and do OCR stuff (and who knows
       what else) in that opaque blob without warning you. We, uh, don't
       want that. (closes: #1066910).
     - bookworm/generate-ninja.patch: drop, merged upstream.
     - bookworm/bubble-contents.patch: update for renamed header.
     - bookworm/eraseif0.patch, eraseif-lambda.patch: drop, upstream merged
       a fix for g++-12 compilation.
     - bookworm/constexpr.patch: add yet another constexpr g++-12 fix.
     - bookworm/sizet.patch: another simple g++-12 build fix.
   * d/rules: add angle_build_tests=false build argument, which allows us to
     drop angle-perftests.patch.
 .
   [ Timothy Pearson ]
   * d/patches:
     - fixes/blink-fonts-shape-result.patch: pull in upstream patch for
       compilation failure in Blink SameSizeAsShapeResult class
   * d/patches/ppc64le:
     - ffmpeg/0001-Add-support-for-ppc64.patch: refresh for upstream changes
     - third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
       refresh for upstream changes
     - libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: refresh
       for upstream changes
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh for
       upstream changes
     - third_party/skia-vsx-instructions.patch: refresh & harden Skia against
       timing attacks.
Checksums-Sha1:
 d6790873c1d46559362f30bdf1039491ce62771c 3735 chromium_123.0.6312.86-1~deb12u1.dsc
 9f26e9673c8089e234536ef98322c9addbba18f1 835993120 chromium_123.0.6312.86.orig.tar.xz
 91e33873454d880ad4793c140da1ec2a4baf7d77 409492 chromium_123.0.6312.86-1~deb12u1.debian.tar.xz
 55b894aa9a63868087bb86e1767b47b59f6659b2 21670 chromium_123.0.6312.86-1~deb12u1_source.buildinfo
Checksums-Sha256:
 3c5c8390335a7ed0f9dc93357bd581ba42436ad4c1524f83edecb61a6ca35a04 3735 chromium_123.0.6312.86-1~deb12u1.dsc
 3409f6dd160e5e1086a844e7193255f5587dbcf553adf2b71ac53fe7ff76a11b 835993120 chromium_123.0.6312.86.orig.tar.xz
 740399a1080a46e6f235affcb2277964ed1c5eac6458bc8ab92ee2baa61c9c35 409492 chromium_123.0.6312.86-1~deb12u1.debian.tar.xz
 cf57c1bb9c06b7474369df55e2da46369e99bafe7bd400f1f9ca27a964ac37e4 21670 chromium_123.0.6312.86-1~deb12u1_source.buildinfo
Files:
 ef307a81f912a20ae71270916f7326d7 3735 web optional chromium_123.0.6312.86-1~deb12u1.dsc
 612349854138f819425af3d05084f2ac 835993120 web optional chromium_123.0.6312.86.orig.tar.xz
 56628174cecdd5ec76d8c0faf9fb0e05 409492 web optional chromium_123.0.6312.86-1~deb12u1.debian.tar.xz
 453b1cf8d36991fbd093646c700eef0f 21670 web optional chromium_123.0.6312.86-1~deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmYFnBkUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjcCjw/+K1GdPgnEW0TCQsQhmBM8UVyae+ef
9ByudKoUP0wp6D+Qo5Ol5NDjMy9kRD95C5KhuPyz2K+lG6qZFEpirl4iQwZph7Hm
TVXcxLePinL26apKQbBzhUByknuT8ofo6lZzgmcDso+y4IVLagL4IJJbEBuFWWYs
vJywo+sLksZN3U4Cb283eiRGYvK/xIil8vHIBNK8jkGqBExe1hxUoZi9lz4aQSIb
PnYdKrWvc51m4yrXNB3KZFI8KAHDILhanOoxlieCdYOjKOE8OT87/482gyVpf3jT
7snBt5sXWOI+uw3TqyYwUJSc5m4xKTdtg6tn/pbDcNqatvwP1vXHHCbQQ9ahAj4F
+Rio8iJAQVQXFIkoZi3EeNtWq7XXruQD25fBLQ/SRBjlL24mrvW2MQpqeUNWKYMm
dLRejrVd3rlYdmuBEP/WQdjrPsSuKaOoLv7pKOYQM+c8wbQJe6ALTfrFLaYQdpA+
5cDNIAnbnoixb25I7bFm2VefQGMLkPj1TEq7qmPxzvYbDmDEIOSQ8lAvp29erGMS
eZfjBTRH0HEfqLMK3sHPepGH1dPMdkaEUAZOQIoSkV4lLFICrI/sJPx9hVImu28U
Wqa3JAkhyKwdXNbj30RNt5JR+UioUJbpjfU/4PsHY472CeoicxD/ok8SEw0tf0he
c9mrcnby8HRkHtI=
=IE6k
-----END PGP SIGNATURE-----

Attachment: pgp8C6xE1qrSx.pgp
Description: PGP signature