-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 28 Mar 2024 11:57:05 -0400 Source: chromium Architecture: source Version: 123.0.6312.86-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Debian Chromium Team <chromium@packages.debian.org> Changed-By: Timothy Pearson <tpearson@debian.org> Closes: 1066235 1066910 1067886 Changes: chromium (123.0.6312.86-1~deb12u1) bookworm-security; urgency=high . * New upstream stable release. - CVE-2024-2883: Use after free in ANGLE. Reported by Cassidy Kim(@cassidy6564). - CVE-2024-2885: Use after free in Dawn. Reported by wgslfuzz. - CVE-2024-2886: Use after free in WebCodecs. Reported by Seunghyun Lee (@0x10n) of KAIST Hacking Lab, via Pwn2Own 2024. - CVE-2024-2887: Type Confusion in WebAssembly. Reported by Manfred Paul, via Pwn2Own 2024. * d/patches/ppc64le: - fixes/fix-clang-selection.patch: select clang on ppc64 platforms - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: fix ARM builds. . [ Andres Salomon ] * d/patches: - fixes/bad-font-gc1.patch, fixes/bad-font-gc2.patch: revert a pair of upstream commits that result in blink's garbage collector frequently deadlocking and crashing (closes: #1067886). . chromium (123.0.6312.58-1~deb12u1) bookworm-security; urgency=high . * New upstream stable release. - CVE-2024-2625: Object lifecycle issue in V8. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team. - CVE-2024-2626: Out of bounds read in Swiftshader. Reported by Cassidy Kim(@cassidy6564). - CVE-2024-2627: Use after free in Canvas. Reported by Anonymous. - CVE-2024-2628: Inappropriate implementation in Downloads. Reported by Ath3r1s. - CVE-2024-2629: Incorrect security UI in iOS. Reported by Muneaki Nishimura (nishimunea). - CVE-2024-2630: Inappropriate implementation in iOS. Reported by James Lee (@Windowsrcer). - CVE-2024-2631: Inappropriate implementation in iOS. Reported by Ramit Gangwar. * d/patches: - upstream/bitset.patch: drop, merged upstream. - upstream/bookmarknode.patch: drop, merged upstream. - upstream/optional.patch: drop, merged upstream. - upstream/uniqptr.patch: drop, merged upstream. - fixes/gcc13-headers.patch: drop, merged upstream. - fixes/optional.patch: drop, merged upstream. - fixes/material-utils.patch: drop part that was merged upstream. - disable/catapult.patch: refresh. - bookworm/constexpr-equality.patch: include another similar fix. - bookworm/nvt.patch: refresh. - bookworm/undo-internal-alloc.patch: drop, as this was fixed upstream. - ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium. - disable/angle-perftests.patch: drop, replace with a gn build argument. - bookworm/rust-downgrade-osstr-users.patch: add new patch to downgrade clap-lex crate, as it's using 1.74 features and we only have 1.70. - fixes/strlcpy.patch: add strlcpy declaration (closes: #1066235). - fixes/optional2.patch: add another missing <optional> inclusion. - fixes/stats-collector.patch: add build fix for wrong header. - disable/screen-ai-blob.patch: add patch to not register the ScreenAI component. Previously, if you opened a PDF and clicked "open in reader mode", it would download a binary blob to ~/.config/chromium/screen_ai/, and do OCR stuff (and who knows what else) in that opaque blob without warning you. We, uh, don't want that. (closes: #1066910). - bookworm/generate-ninja.patch: drop, merged upstream. - bookworm/bubble-contents.patch: update for renamed header. - bookworm/eraseif0.patch, eraseif-lambda.patch: drop, upstream merged a fix for g++-12 compilation. - bookworm/constexpr.patch: add yet another constexpr g++-12 fix. - bookworm/sizet.patch: another simple g++-12 build fix. * d/rules: add angle_build_tests=false build argument, which allows us to drop angle-perftests.patch. . [ Timothy Pearson ] * d/patches: - fixes/blink-fonts-shape-result.patch: pull in upstream patch for compilation failure in Blink SameSizeAsShapeResult class * d/patches/ppc64le: - ffmpeg/0001-Add-support-for-ppc64.patch: refresh for upstream changes - third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch: refresh for upstream changes - libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: refresh for upstream changes - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes - third_party/skia-vsx-instructions.patch: refresh & harden Skia against timing attacks. Checksums-Sha1: d6790873c1d46559362f30bdf1039491ce62771c 3735 chromium_123.0.6312.86-1~deb12u1.dsc 9f26e9673c8089e234536ef98322c9addbba18f1 835993120 chromium_123.0.6312.86.orig.tar.xz 91e33873454d880ad4793c140da1ec2a4baf7d77 409492 chromium_123.0.6312.86-1~deb12u1.debian.tar.xz 55b894aa9a63868087bb86e1767b47b59f6659b2 21670 chromium_123.0.6312.86-1~deb12u1_source.buildinfo Checksums-Sha256: 3c5c8390335a7ed0f9dc93357bd581ba42436ad4c1524f83edecb61a6ca35a04 3735 chromium_123.0.6312.86-1~deb12u1.dsc 3409f6dd160e5e1086a844e7193255f5587dbcf553adf2b71ac53fe7ff76a11b 835993120 chromium_123.0.6312.86.orig.tar.xz 740399a1080a46e6f235affcb2277964ed1c5eac6458bc8ab92ee2baa61c9c35 409492 chromium_123.0.6312.86-1~deb12u1.debian.tar.xz cf57c1bb9c06b7474369df55e2da46369e99bafe7bd400f1f9ca27a964ac37e4 21670 chromium_123.0.6312.86-1~deb12u1_source.buildinfo Files: ef307a81f912a20ae71270916f7326d7 3735 web optional chromium_123.0.6312.86-1~deb12u1.dsc 612349854138f819425af3d05084f2ac 835993120 web optional chromium_123.0.6312.86.orig.tar.xz 56628174cecdd5ec76d8c0faf9fb0e05 409492 web optional chromium_123.0.6312.86-1~deb12u1.debian.tar.xz 453b1cf8d36991fbd093646c700eef0f 21670 web optional chromium_123.0.6312.86-1~deb12u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmYFnBkUHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8NudjcCjw/+K1GdPgnEW0TCQsQhmBM8UVyae+ef 9ByudKoUP0wp6D+Qo5Ol5NDjMy9kRD95C5KhuPyz2K+lG6qZFEpirl4iQwZph7Hm TVXcxLePinL26apKQbBzhUByknuT8ofo6lZzgmcDso+y4IVLagL4IJJbEBuFWWYs vJywo+sLksZN3U4Cb283eiRGYvK/xIil8vHIBNK8jkGqBExe1hxUoZi9lz4aQSIb PnYdKrWvc51m4yrXNB3KZFI8KAHDILhanOoxlieCdYOjKOE8OT87/482gyVpf3jT 7snBt5sXWOI+uw3TqyYwUJSc5m4xKTdtg6tn/pbDcNqatvwP1vXHHCbQQ9ahAj4F +Rio8iJAQVQXFIkoZi3EeNtWq7XXruQD25fBLQ/SRBjlL24mrvW2MQpqeUNWKYMm dLRejrVd3rlYdmuBEP/WQdjrPsSuKaOoLv7pKOYQM+c8wbQJe6ALTfrFLaYQdpA+ 5cDNIAnbnoixb25I7bFm2VefQGMLkPj1TEq7qmPxzvYbDmDEIOSQ8lAvp29erGMS eZfjBTRH0HEfqLMK3sHPepGH1dPMdkaEUAZOQIoSkV4lLFICrI/sJPx9hVImu28U Wqa3JAkhyKwdXNbj30RNt5JR+UioUJbpjfU/4PsHY472CeoicxD/ok8SEw0tf0he c9mrcnby8HRkHtI= =IE6k -----END PGP SIGNATURE-----
Attachment:
pgp8C6xE1qrSx.pgp
Description: PGP signature