-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 30 Apr 2024 17:53:52 -0400
Source: chromium
Architecture: source
Version: 124.0.6367.118-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
chromium (124.0.6367.118-1) unstable; urgency=high
.
* New upstream security release.
- CVE-2024-4331: Use after free in Picture In Picture.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2024-4368: Use after free in Dawn. Reported by wgslfuzz.
* Build-dep on libhwy-dev and delete the bundled third_party/highway.
* Build-dep on libharfbuzz-dev and delete the bundled harfbuzz-ng.
* Build-dep on libdav1d-dev and delete the bundled third_party/dav1d.
* d/patches:
- ppc64le/third_party/0001-Add-PPC64-support-for-libdav1d.patch,
ppc64le/third_party/0001-Fix-libdav1d-compilation-on-clang-ppc.patch,
ppc64le/third_party/0003-thirdparty-fix-dav1d-gn.patch,
fixes/arm64-ftbfs.patch: drop these 4 patches that are only needed
for bundled libdav1d.
- ppc64le/third_party/0001-Fix-highway-ppc-hwcap.patch,
ppc64le/third_party/0002-Highway-disable-128-bit-vsx.patch: drop
these two patches that were needed for bundled highway.
- upstream/ozone1.patch: drop, merged upstream.
- upstream/ozone2.patch: drop, merged upstream.
- fixes/bad-font-gc2.patch: refresh.
.
[ Timothy Pearson ]
* d/patches/ppc64le:
- third_party/0001-Add-PPC64-support-for-boringssl.patch: Fix inadvertent
breakage of i386 build
Checksums-Sha1:
fcc645d08aa3a747ae81f7e74d36345b7c1c97c1 3756 chromium_124.0.6367.118-1.dsc
bf147e70185544f73a8bb796737b46b51d733613 838274004 chromium_124.0.6367.118.orig.tar.xz
bf573e0d6addb31253d176bd4d6a88ddc93ec577 412960 chromium_124.0.6367.118-1.debian.tar.xz
f995e39a3dbeff9114d3e2f6972f9fcbe7b322a5 22227 chromium_124.0.6367.118-1_source.buildinfo
Checksums-Sha256:
86c02a254a080eb99a09c7dd5ad132faf03c9f647c48b827dc09b6d59235b525 3756 chromium_124.0.6367.118-1.dsc
818218960c0d362c8f95b6b56d868d1313cf18786276996856b598a63683ef33 838274004 chromium_124.0.6367.118.orig.tar.xz
2acea2416628adb83c785d3b491d59e58627d7cf569b056c0c6019f754387bbb 412960 chromium_124.0.6367.118-1.debian.tar.xz
b8ea57af4e171510765a50bc8c596d5024c148b6be8e9448fe2e9e7e68d3834e 22227 chromium_124.0.6367.118-1_source.buildinfo
Files:
80edf1d3fdf7fd9af351cde7f740107b 3756 web optional chromium_124.0.6367.118-1.dsc
f462cf405fa0b58c828b31e1da944114 838274004 web optional chromium_124.0.6367.118.orig.tar.xz
d906d1340e6901f6bbb8d0a62a848da7 412960 web optional chromium_124.0.6367.118-1.debian.tar.xz
0dd732db0bc77c2c634d04812b47e564 22227 web optional chromium_124.0.6367.118-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmYx9f4UHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudjck3g//alezRqYRPkUceTKAZeb/QU1jKySV
qJiGMcEeRAIvWZkAmfrN94ZQTQIqxhpoQTzaURL6j7IJIN0wOy+ywZVt2NQzwLZH
uzC5qVHs+Y5qcOzDxJ+JEmRNrmqzFe+nHfHxzazfI8Z7dnCdR6gr+Vz3GQ0ciz9c
+nw8fKfr/WE8lP7qxqK5/HAil3OkSTRf2cCcM9+rE4OPwJBl4bn6Owa6zVC6muyv
f8vp3+lCdKdIkevcIdjC3eFCSHc3kEf4ZOBwvqrUNntYCe/y+E17pLbIx10Dz3II
XN2onj6BD+H47OvukZZfoD3SepCPXDtsV+vLp/3tHcM6L2kYY2TX5Y4TBpCx78oj
vSkBU1e8GY+gB7tS0Jr/rgdsT0KNcRxVXKi1gONwSl6DTDhkV0byCFsyZDSurztm
5fS3O+w0PGMHI1IhLSM47AmyrX8YIzPIxo/Qm8xDvDJO0m3Kp17GvYcCR8Fm4by/
R+wg/J7iTdDPnEeEFvhyPJCHDxoXo9HvJjRBYtRtlnYT9Ars3ry/AXoblH50dd4z
ASQ37WWKjEp+mc4zsFqOqXWmpxj02Ht/SsgIINle508H3Z5yzOt6SyXCxJewgQzg
iniy1vExESPhEwWUV2cXb0k/lSA1/GQLCYBKYWHxoQcwGkEQ2z4VVulXG+hj/zJ1
Tw/utcNG4f+9teI=
=3m/M
-----END PGP SIGNATURE-----
Attachment:
pgpMmtCkXxVfR.pgp
Description: PGP signature