-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 19 Apr 2024 12:33:38 -0400
Source: chromium
Architecture: source
Version: 124.0.6367.60-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
chromium (124.0.6367.60-1~deb12u1) bookworm-security; urgency=high
.
* New upstream stable release.
- CVE-2024-3832: Object corruption in V8.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2024-3833: Object corruption in WebAssembly.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2024-3834: Use after free in Downloads. Reported by ChaobinZhang
- CVE-2024-3837: Use after free in QUIC.
Reported by {rotiple, dch3ck} of CW Research Inc.
- CVE-2024-3838: Inappropriate implementation in Autofill.
Reported by Ardyan Vicky Ramadhan.
- CVE-2024-3839: Out of bounds read in Fonts.
Reported by Ronald Crane (Zippenhop LLC).
- CVE-2024-3840: Insufficient policy enforcement in Site Isolation.
Reported by Ahmed ElMasry.
- CVE-2024-3841: Insufficient data validation in Browser Switcher.
Reported by Oleg.
- CVE-2024-3843: Insufficient data validation in Downloads.
Reported by Azur.
- CVE-2024-3844: Inappropriate implementation in Extensions.
Reported by Alesandro Ortiz.
- CVE-2024-3845: Inappropriate implementation in Network.
Reported by Daniel Baulig.
- CVE-2024-3846: Inappropriate implementation in Prompts.
Reported by Ahmed ElMasry.
- CVE-2024-3847: Insufficient policy enforcement in WebUI.
Reported by Yan Zhu.
* d/copyright:
- delete __pycache__ directories to shut up dpkg warnings.
- stop deleting bundled libwebp directory.
* Drop build-dep on libwebp-dev and start building against the bundled
libwebp. We need to do this because chromium uses features of libavif
that require libsharpyuv-dev; but that's only available in sid/trixie.
* d/patches:
- upstream/std-to-address.patch: drop, merged upstream.
- fixes/optional2.patch: drop, merged upstream.
- fixes/blink-fonts-shape-result.patch: drop, merged upstream.
- bookworm/constexpr-equality.patch: drop, merged upstream.
- disable/catapult.patch: refresh.
- disable/google-api-warning.patch: rework to be a smaller patch.
- bookworm/clang16.patch: refresh.
- ungoogled/disable-privacy-sandbox.patch: drop hunk related to deprecated
preference.
- upstream/mojo-null.patch: pull a (typescript) build fix from upstream.
- upstream/uint-includes.patch: simple header build fix from upstream.
- upstream/fps-optional.patch: add header build fix.
- upstream/span-optional.patch: add header build fix.
- upstream/extractor-bitset.patch: add header build fix.
- upstream/atomic.patch: add header build fix.
- upstream/webgpu-optional.patch: add header build fix.
- fixes/absl-optional.patch: comment out assert() that caused crash.
This could be another clang16/libstdc++ miscompilation issue, but
needs further investigation.
- fixes/bad-font-gc2.patch: drop a bunch of test-related pieces.
- fixes/bad-font-gc0000.patch, fixes/bad-font-gc000.patch,
fixes/bad-font-gc00.patch, fixes/bad-font-gc0.patch,
fixes/bad-font-gc11.patch, fixes/bad-font-gc3.patch: revert a bunch
more (new) upstream commits related to bad-font-gc2.patch. When the
use-after-free bug gets fixed, all this can be dropped.
* d/patches/ppc64le:
- third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch,
third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch,
workarounds/HACK-third_party-libvpx-use-generic-gnu.patch,
breakpad/0001-Implement-support-for-ppc64-on-Linux.patch,
ffmpeg/0001-Add-support-for-ppc64.patch,
third_party/dawn-fix-typos.patch,
third_party/use-sysconf-page-size-on-ppc64.patch: refresh.
- third_party/skia-vsx-instructions.patch: refresh & update for header
renaming.
- third_party/0001-Add-PPC64-support-for-boringssl.patch,
third_party/0002-third-party-boringssl-add-generated-files.patch:
disable these two until Tim has a chance to look at them.
Checksums-Sha1:
00d2de3fd82661a01e6545cc20e6b6f8383c4161 3722 chromium_124.0.6367.60-1~deb12u1.dsc
2cc0dded258c8f3c623e10e330195e1e3f9c40a5 847907384 chromium_124.0.6367.60.orig.tar.xz
d0f4b7cfcdc8442b755d6e57ddf2477a6ee4cf22 415296 chromium_124.0.6367.60-1~deb12u1.debian.tar.xz
e2fd8f7f2accb32bca7b5a6c3bbc39c6b8a6cdb9 21670 chromium_124.0.6367.60-1~deb12u1_source.buildinfo
Checksums-Sha256:
08dd3f6e805116641e18cb9ff47c2aae257cefa07ae9cf4bd25d0d9373c9ae7b 3722 chromium_124.0.6367.60-1~deb12u1.dsc
b382eaade5057c56ca257bdf6a78c2c59116b56ce6c1ab166220cea1f5d950d2 847907384 chromium_124.0.6367.60.orig.tar.xz
aa09bace3a2dcecf48483e3accd10407dc25348c5cf3150a54d9f9270b86f358 415296 chromium_124.0.6367.60-1~deb12u1.debian.tar.xz
3820016cc124945b7ae9d7477dfc3fd8190bd51de7754bae042a1aa02d45977f 21670 chromium_124.0.6367.60-1~deb12u1_source.buildinfo
Files:
2c846c3d959b3d5fbb420b4ff58fde40 3722 web optional chromium_124.0.6367.60-1~deb12u1.dsc
c229f60fab61eb4d55c385e2131236e5 847907384 web optional chromium_124.0.6367.60.orig.tar.xz
c373e959b3b3a0ee3691b6d3fcbdc481 415296 web optional chromium_124.0.6367.60-1~deb12u1.debian.tar.xz
5d33d7252d269933ef0f8341d0b6429e 21670 web optional chromium_124.0.6367.60-1~deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmYjAVwUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudjc7RxAAmYDhjIZM39b1M93g2d5RfxUzI6vV
gpB19mAMPgMlq4ilhIRYk4bUNR8Nytj4Pbi/wa+m5157orkbU7arM7Ke1IcCmEef
2Cbl9rXTYD4sdvZJYeExpxlhUzMp2h07bFkSq4fu25z3UtSdOgjAFHJW39tsAqfB
w5mHqxGbfdVkhJvZXeZ2rbK/8xrHpwvqzx42eZ+APS0halZgnUmsKDhcR4Vn8CPq
VRbrK7E5zHlscBEF2/r4c/ZG/8RG87+1Rszwqf7NluauMfw2mh9QBP4NjJ9VrhI5
zPTLYWcFgXWw8Iafm9yvDc+NFL2vmkcrpHdnBMdYBNWNEW4CVOVe+yrmiktAZODf
oh/zWfaen9M5XVB4AXo9vXsJ8I/IhPzKw03XxYr46qyXIeD/02UfjPaIYsk0lq+u
EizwciZu4em07TPBRomm+hrCeblGEYvouo6s4A2tBF5rP40rkXZFU5pSA2zIgVje
vI5sFBEnvs/cH7Rkd38h0T8j3EWZ3LIwq5lfZFCBwTfv6suI6UyFgQVQ01aCufy3
umA/XjTwbkoLaekOoYgIzbCktP7kOb/CNH/cJG3RLzDNbGxVW2hpFvccT+PbNNX+
GOZVuJgQRBaxcS+BzcgBrJ5wa/d8FyKdaxzsTT0wiAkxWCCO+HRRgo/Op/01rWYt
8p5tMZUvKyvgqlE=
=JUoy
-----END PGP SIGNATURE-----
Attachment:
pgp_tQ77t9Cis.pgp
Description: PGP signature