-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 25 Apr 2024 19:07:35 -0400 Source: chromium Architecture: source Version: 124.0.6367.78-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Debian Chromium Team <chromium@packages.debian.org> Changed-By: Andres Salomon <dilinger@debian.org> Closes: 1069586 Changes: chromium (124.0.6367.78-1~deb12u1) bookworm-security; urgency=high . * New upstream security release. - CVE-2024-4058: Type Confusion in ANGLE. Reported by Toan (suto) Pham and Bao (zx) Pham of Qrious Secure. - CVE-2024-4059: Out of bounds read in V8 API. Reported by Eirik. - CVE-2024-4060: Use after free in Dawn. Reported by wgslfuzz. . chromium (124.0.6367.60-2~deb12u1) bookworm-security; urgency=high . * d/patches/ppc64le: - third_party/0001-Add-PPC64-support-for-boringssl.patch: update for upstream boringssl changes and reenable - third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch: regenerate from new ffmpeg source tree - third_party/skia-vsx-instructions.patch: update for upstream changes . [ Andres Salomon ] * d/patches: - fixes/arm64-ftbfs.patch: add arm64-specific ftbfs fix for libdav1d. - upstream/ozone1.patch, upstream/ozone2.patch: backport fixes for broken wayland support (closes: #1069586). Checksums-Sha1: 203ade13c5ac6e96012acc54fd621444af7aab95 3722 chromium_124.0.6367.78-1~deb12u1.dsc 5f5853205ae35cfddfbdaf827223d2c588453796 848031104 chromium_124.0.6367.78.orig.tar.xz d06256f779f99a25a36667912bc9ae98474cacf3 418756 chromium_124.0.6367.78-1~deb12u1.debian.tar.xz a2b3033cbbe407f9fe77d11a3ff5abc95616b88e 21670 chromium_124.0.6367.78-1~deb12u1_source.buildinfo Checksums-Sha256: 70279f08ce9d9b96fa735f6bf0ed54fdc8ce07bc92121107989fd165982d742d 3722 chromium_124.0.6367.78-1~deb12u1.dsc 2a29c4c8904c24633254fb219b06faa4f4caa5e39e9d9b396f0e9b5f5771607a 848031104 chromium_124.0.6367.78.orig.tar.xz dc8b7c91e42f621f19d6b7a9a3d8d5dbef96b7d2c84f519a832d904e7e873258 418756 chromium_124.0.6367.78-1~deb12u1.debian.tar.xz b368f867827c26907bb3289663498d2eaddd72cae359a0bf74f2c357c5992bd4 21670 chromium_124.0.6367.78-1~deb12u1_source.buildinfo Files: 8c5bcd97f51eb354ae636370efd4de9e 3722 web optional chromium_124.0.6367.78-1~deb12u1.dsc bee1189de5fa76a318f3ea2bd13bdf28 848031104 web optional chromium_124.0.6367.78.orig.tar.xz 952a5c6348750db95f50159dbdbb7690 418756 web optional chromium_124.0.6367.78-1~deb12u1.debian.tar.xz d10164358efbd9d864746f8d0903aa8d 21670 web optional chromium_124.0.6367.78-1~deb12u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmYrMFQUHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8NudjcI9RAAuskG5DNCfDMNHVb4Ox2/KA/OH9bS dk/2BqJFUyZNM3Z5riZz7XRjOB+8w0OH8lIY0J/ritumzxV41mbGfi+3LDxhrPEE R1wnAgoluNMzapRMAJi/dWkTlEqC27JJt5i4QRodvRc9RAwURZsID4XhR+w+r+qJ 3GWbYA/fYmMLBuYLzJgUHmHtqgMprNBXIHcmaURQGO/JQ8l9D9JqG9SA7n7H5m5T qQ2e6PXBvfOoVgM8wX2SJx3f5vsraVuBW/mYRPD7uDaZ86bop8uQxbaczX8kcsiN RjmZVmHrt7S7nEttjm1gs4Zth/e4tdB+EZ2BOeL310Ym98jKbq+9Ey79G6dHge2L EDfBi+ILVF0TnoH3NC8rTCdxcT/+Y16poDr7WDTam4CnzuopJsqwuxJJJyb6s1Lq 8jNYCRygGuZyvWahJPmHTGAnMa8jAJRCEWKziND0ZFq3h3n/d7ihDI2y8YszRQQC R1C2NfMXWQ4m5cWUV4yK+cv2o1Vryi62he66O2VD8p20gfYHtwMLZEYuyI4UBebD 0zroh6rZzmZJ2mLOL8REC2wLtgJhIXKWHKvsvI77l/TWNrZSyp2htN1gGTJ0K38p 4IefxNbath+8O9Rp8/oKU0shwPh8oTWFcftxIy0uckUxLxegvyoePq33wTTSQA+8 PpT8cosUYUFpkE0= =0Yyq -----END PGP SIGNATURE-----
Attachment:
pgpEIS_x6vI40.pgp
Description: PGP signature