Accepted chromium 117.0.5938.62-1~deb11u1 (source) into oldstable-proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted chromium 117.0.5938.62-1~deb11u1 (source) into oldstable-proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sat, 07 Oct 2023 21:17:32 +0000
Message-id: <[🔎] E1qpEg0-00Diqp-7P@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 14 Sep 2023 19:16:28 -0400
Source: chromium
Architecture: source
Version: 117.0.5938.62-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Closes: 1042111
Changes:
 chromium (117.0.5938.62-1~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon]
   * New upstream stable release.
     - CVE-2023-4900: Inappropriate implementation in Custom Tabs.
       Reported by Levit Nudi from Kenya.
     - CVE-2023-4901: Inappropriate implementation in Prompts.
       Reported by Kang Ali.
     - CVE-2023-4902: Inappropriate implementation in Input.
       Reported by Axel Chong.
     - CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs.
       Reported by Ahmed ElMasry.
     - CVE-2023-4904: Insufficient policy enforcement in Downloads.
       Reported by Tudor Enache @tudorhacks.
     - CVE-2023-4905: Inappropriate implementation in Prompts.
       Reported by Hafiizh.
     - CVE-2023-4906: Insufficient policy enforcement in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-4907: Inappropriate implementation in Intents.
       Reported by Mohit Raj (shadow2639) .
     - CVE-2023-4908: Inappropriate implementation in Picture in Picture.
       Reported by Axel Chong.
     - CVE-2023-4909: Inappropriate implementation in Interstitials.
       Reported by Axel Chong.
   * d/copyright: drop rust, llvm, siso, & cargo binaries.
   * d/patches:
     - fixes/size.patch: drop, merged upstream.
     - fixes/variant.patch: drop, merged upstream.
     - fixes/vector.patch: drop, merged upstream.
     - upstream/contains.patch: drop, merged upstream.
     - upstream/hvec.patch: drop, merged upstream.
     - upstream/limits.patch: drop, merged upstream.
     - upstream/statelessV4L2.patch: drop, merged upstream.
     - fixes/widevine-locations.patch: refresh for minor upstream changes.
     - disable/android.patch: drop half the patch.
     - disable/catapult.patch: refresh for minor upstream changes.
     - disable/tests.patch: refresh for minor upstream changes.
     - disable/unrar.patch: refresh for minor upstream changes.
     - fixes/material-utils.patch: build fix for clang w/ libstdc++.
     - rename fixes/null.patch to fixes/perfetto.patch.
     - upstream/memory.patch: build fix for missing header.
     - bookworm/struct-ctor.patch: add a bunch more build workarounds for
       clang-14.
     - bookworm/stringpiece3.patch: another clang-14 StringPiece to
       std::string explicit conversion.
     - bookworm/typename.patch: add more explicit typename declarations for
       clang-14.
     - bookworm/structured-binding-scope-bug.patch: add more clang-14 binding
       scope workarounds.
     - bookworm/initialize-const-ctor.patch: clang-14 workaround to init a
       const member inside a struct.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - disable/privacy-sandbox.patch: ensure Privacy Sandbox "features" are
       off by default.
     - bookworm/generate-ninja.patch: fix build failure w/ bullseye's older gn.
     - bullseye/default-equality-op.patch: refresh.
     - bullseye/lerp.patch: add a new build fix for libstdc++ 10.
     - bullseye/downgrade-typescript.patch: drop parts of patch that don't
       apply and simply update typescript node dependencies.
   * Switch to using bundled brotli, as the version in debian is too old.
     And so we can drop d/patches/bookworm/brotli.patch, too.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Implement-support-for-PPC64-on-Linux.patch: refresh for upstream
        changes
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - 0002-third-party-boringssl-add-generated-files.patch: refresh for
        upstream changes
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
        upstream changes
     - 0004-third_party-crashpad-port-curl-transport-ppc64.patch: refresh for
        upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
     - 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch: regenerate
     - 0001-third_party-boringssl-Properly-detect-ppc64le-in-BUI.patch: drop
   * d/patches/ungoogled:
     - core/ungoogled-chromium/disable-web-environment-integrity.patch: disable
       "Web Environment Integrity" trial and remove from build (closes: #1042111)
Checksums-Sha1:
 b746449da714e196d7046376d62d38dc09be2c42 3762 chromium_117.0.5938.62-1~deb11u1.dsc
 698cf464e1b71908a8a38e47dce08ecffe3e5d8e 683897300 chromium_117.0.5938.62.orig.tar.xz
 487320c3c65cbbcbb121521f3921f3086a6709a5 1513876 chromium_117.0.5938.62-1~deb11u1.debian.tar.xz
 67dd7b0b2265b5354412174c29da2972a2072e33 22997 chromium_117.0.5938.62-1~deb11u1_source.buildinfo
Checksums-Sha256:
 bab0c23954740ec6ac83696256a7d85a4f0ffcb6557dc66ca32b856c7cbd4a39 3762 chromium_117.0.5938.62-1~deb11u1.dsc
 f14582a21c933cc5a3b9e3461c87fdb3ff6a41c01d599c44950e0580200d0050 683897300 chromium_117.0.5938.62.orig.tar.xz
 a7f38a60b30707c511c723cf527425411c91566eacf68ddcf2068ad99d2feac5 1513876 chromium_117.0.5938.62-1~deb11u1.debian.tar.xz
 01d82d38b690ef4b00dc1da7051525a4bf51b8f50738c1bddcbb0f83b04e7676 22997 chromium_117.0.5938.62-1~deb11u1_source.buildinfo
Files:
 ff0a73ff8a92fe0c848c7c719752a5d3 3762 web optional chromium_117.0.5938.62-1~deb11u1.dsc
 e9a68cf8d33b2be80b6a984602cf55b5 683897300 web optional chromium_117.0.5938.62.orig.tar.xz
 f11f3460b4d159359f9cbfde46db080a 1513876 web optional chromium_117.0.5938.62-1~deb11u1.debian.tar.xz
 786342732371472d57cdb08756f466ae 22997 web optional chromium_117.0.5938.62-1~deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmUDpaUUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudjdm8w//Wy7701Gaqj2lz4TDhEjbGJO37akR
tYaNSMX5Hd3K4hna2N9SHvGKBoLY39/sSWjsgVs9R80cd2jdO7ACUDk4+glgPI+v
XojMloe8z8XZ0dVaSIEiEEDF0roo9E+iqQ/8hQXbShhkuIniLXSRJOdZXAGr0nrI
b9cC3Ca9r2qSvd8Tigzr2GhRSRJ+OfckrVv1sW/tzZKCTQKcYxeknkPhB14nz0FO
yyCsC+M4nBTOy3EuaONh4urmn+CEN0x7DXY3aR3lOsjkFA6VCJzzl11xsMc7fyYg
HbLSMsIp7R50O2IxX8cExUula7oQsiLuk5o4tbvcDZgh/AgFNsjYFG7ol6z6ZVQ/
xlsneG3DiySJCo1rtIWyvcs8unoo61NzOmV5NbqnV1dxiG1SbxZdVJt0oZVB9XVa
YD9kNdClJCWi+cumJvRwK5KrdLSK3pBOC3nhoH+mC/8zaFB1Al4+oYuJlDo4NhUE
47Ojk0Jtb9QYWX2zKiYM6f7wITCrHRQm+L8saeOZDZePDo0WRns6oi8WEYEPSEOz
H18qTGkqVsRcdKr3UF6cSLhItnYjU3cF0J2N7FQW3/NlXt8ymQcaqc8Br1l0QRdk
PzauOin3Rr0iWMK1lOH6X1IleVgEkE5Pc5aa8LCHObQ11bzfjxHHgJPO8IMltcJ7
IeMKJeTI2UoQ5Gs=
=9oD9
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted arctica-greeter 0.99.3.0-1+deb12u2 (source) into proposed-updates
Next by Date: Accepted chromium 117.0.5938.132-1~deb11u1 (source) into oldstable-proposed-updates
Previous by thread: Accepted arctica-greeter 0.99.3.0-1+deb12u2 (source) into proposed-updates
Next by thread: Accepted chromium 117.0.5938.132-1~deb11u1 (source) into oldstable-proposed-updates
Index(es):
- Date
- Thread