Back to chromium PTS page

Accepted chromium 125.0.6422.60-1~deb12u1 (source) into proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted chromium 125.0.6422.60-1~deb12u1 (source) into proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Mon, 20 May 2024 20:33:51 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: chromium_125.0.6422.60-1~deb12u1_source.changes
Debian-source: chromium
Debian-suite: proposed-updates
Debian-version: 125.0.6422.60-1~deb12u1
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Content-Type: Subject:MIME-Version:To:Reply-To:From:Cc:Content-Transfer-Encoding:Content-ID :Content-Description:In-Reply-To:References; bh=zJ4deadTCgjIlZeIsSWUJ6AwO1jKPim4DJBnUjPnOsc=; b=cdBrA2TNp6mx85mAn2KAw8C94d 43qg/s6AsgLbe0rwbSxSsyALKXBz4eMqCzS+1lE6cjXcU+3LQMaARWaIeFegtigYsQA6UWqnqqq/b SzU2kwoWj371FfB5uPbP9uB3AAFyR6Et2bGpvNLjMjByViuJxS9Cny39HLjrjJn97AtxN1guB8nqt ydgLZrVCBn3lvy91E7X7ZECSj/xff0f5LTDCcAIwjMVwAZOL9uRWBnN6ylw4uWd4dZkLV0APpgYS/ B1Gctc7TeaypMMKnMR7NPwfJb0YuGP+YOltrXx5CSi7eXjG+fDfS8nogsdsmZ1fmW8PfQrE44yN2y MqiDliIQ==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1s99hf-005cwY-Fd@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 16 May 2024 18:55:41 -0400
Source: chromium
Architecture: source
Version: 125.0.6422.60-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (125.0.6422.60-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-4947: Type Confusion in V8. Reported by Vasily
       Berdnikov (@vaber_b) and Boris Larin (@oct0xor) of Kaspersky.
     - CVE-2024-4948: Use after free in Dawn. Reported by wgslfuzz.
     - CVE-2024-4949: Use after free in V8.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2024-4950: Inappropriate implementation in Downloads.
       Reported by Shaheen Fazim.
   * d/copyright: fix instrumented_libs deletion; upstream renamed it.
   * d/scripts/unbundle: bundle new requirement absl_crc (which is
     unavailable in bookworm).
   * d/patches:
     - upstream/uint-includes.patch: drop,merged upstream.
     - upstream/fps-optional.patch: drop, merged upstream.
     - upstream/span-optional.patch: drop, merged upstream.
     - upstream/extractor-bitset.patch: drop, merged upstream.
     - upstream/atomic.patch: drop, merged upstream.
     - upstream/webgpu-optional.patch: drop, merged upstream.
     - disable/catapult.patch: refresh.
     - i386/angle-lockfree.patch: drop, I _think_ it's no longer needed.
     - upstream/ruy-include.patch: add header build fix.
     - upstream/vulkan-include.patch: add header build fix.
     - upstream/mojo-bindings-include.patch: add header build fix.
     - upstream/appservice-include.patch: add header build fix.
     - upstream/no-vector-consts.patch: add build fix; gnu libstdc++
       doesn't allow const types inside vectors.
     - upstream/lens-include.patch: add header build fix.
     - bookworm/nvt2.patch: drop (replace with a better non-revert patch).
     - bookworm/v8-wrappable.patch: add nvt2.patch build fix replacement
       that just defines a single struct member.
     - upstream/ninja.patch: add build fix for failure triggered by
       ninja-1.12.
     - fixes/bad-font-gc00000.patch: add formatting patch revert to make
       other patches easier to apply.
     - fixes/bad-font-gc2.patch: add a build failure fix & refresh.
     - fixes/bad-font-gc11.patch: add a build failure fix & refresh.
     - bookworm/bubble-contents.patch: refresh.
     - bookworm/omnibox-constexpr.patch: add constexpr -> const build fix.
     - upstream/tabstrip-include.patch: add header build fix.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: Modify for
       upstream changes
     - third_party/0002-Add-PPC64-generated-files-for-boringssl.patch: Add
       pregenerated configuration for ppc64el support in BoringSSL
     - third_party/0002-third-party-boringssl-add-generated-files.patch:
       Rename to third_party/0002-Add-PPC64-generated-files-for-boringssl.patch
     - workarounds/HACK-debian-clang-disable-skia-musttail.patch: Refresh
       for upstream changes
     - third_party/skia-vsx-instructions.patch: Refresh for upstream changes
     - ffmpeg/0001-Add-support-for-ppc64.patch: Refresh for upstream changes
Checksums-Sha1:
 8eb05b1469084efbb95b804ab515231cc63fa979 3765 chromium_125.0.6422.60-1~deb12u1.dsc
 9665789268e56bf1bc48bcd9c93344b6b9dd2f64 843547668 chromium_125.0.6422.60.orig.tar.xz
 ff9e1379c9b85a9a6f9618e6a0be932aebe980d0 432452 chromium_125.0.6422.60-1~deb12u1.debian.tar.xz
 63162cd49eb31c3a7cff59dd059e99c9dd125db7 21784 chromium_125.0.6422.60-1~deb12u1_source.buildinfo
Checksums-Sha256:
 cad98e5607a1b66861b78d931a7fcbb89a5bdb67dc613b4c25a19ed58c1b7857 3765 chromium_125.0.6422.60-1~deb12u1.dsc
 6786fb606a7c6555de98fa642f722c9de9b740cf1d9e1a3beed4cdcfacb12bc3 843547668 chromium_125.0.6422.60.orig.tar.xz
 d800aee622975939035ebbfcbc4d43c30105b4cd12ed5e155b88fd1061e336f6 432452 chromium_125.0.6422.60-1~deb12u1.debian.tar.xz
 77ae1b2f83159ddb7c86275e48f67adb0c7646ad3bdd1b34f28cd3572227111d 21784 chromium_125.0.6422.60-1~deb12u1_source.buildinfo
Files:
 5bc908f0fe75d50975018c292774a953 3765 web optional chromium_125.0.6422.60-1~deb12u1.dsc
 d078db15b361e09ba4fe78e61712256f 843547668 web optional chromium_125.0.6422.60.orig.tar.xz
 e90110f278cd051c64eaea142b374ba5 432452 web optional chromium_125.0.6422.60-1~deb12u1.debian.tar.xz
 b00d0b49614b8ed760f692eeb3c145e4 21784 web optional chromium_125.0.6422.60-1~deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmZG+68UHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjeWAhAAg9DDiCaZpOOPaMtU72VyNuoVqwGJ
29AfG4mmf4a7rhHp4fzSB8rbIgLD2Gv+fX9YH5TGIBxYH6CU2ia8VG5NljMb132P
aEUdAN0rNnG6EN9/1BesMk9RzZtGxnecnZfnkA4dZBCu4z3d57woXwVJ6vclbSIu
TR/RFAl3OaMQK81udbevaYGUCdHSNeJM6XnZPDZpDH1sXArkv7orA59xvB+HCmX7
NLPerxSYgnNMODMRRHdd5XpK0h9ALWkOEaEpSfdXKsp4ZGKoWVc+zdnb9sC6HnUe
dzJpnUMAKcTbAph9TKo7jKs2SXwUfn1kvKvUhTlHbynZq2mHsg4ZuHujKgWt3ZGe
81Bu1jjYh9hJ/kptJj0M3Ub6GZX+/555JIHqJF78F9qbI76O+9MM1oZVXiOhMSLr
m7cFmpSRbygP5dIL8vVpIfLNdUmeBWwIjxLlYNZr+SKN6ApZYP4ISkijYGhV2Uyv
pvl1U8jJ3fLQC2rh1uqX5SLMKK1rPGI1tnTlXB2E+ZhqrUoJs9NxUiL4l8uH1P3w
C63Z709d8jDRKarNa2D776OZcxMe+bAU01i6+PUMijsk+eUDqFkkhGi6okeCSPrC
zyk1TPIUKB+R+Od8vTJCujUu5I/AXEhptaAnsfITOQ3dMxldTtb4WOIpS0L5cGGZ
IRGrDVpjHPUYexc=
=mPo1
-----END PGP SIGNATURE-----

Attachment: pgpVpZKpgem86.pgp
Description: PGP signature