-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 30 Jul 2024 23:50:29 -0400
Source: chromium
Architecture: source
Version: 127.0.6533.88-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
chromium (127.0.6533.88-1) unstable; urgency=high
.
[ Andres Salomon ]
* New upstream stable release.
- CVE-2024-6988: Use after free in Downloads. Reported by
lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group.
- CVE-2024-6989: Use after free in Loader. Reported by Anonymous.
- CVE-2024-6991: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-6992: Out of bounds memory access in ANGLE.
Reported by Xiantong Hou of Wuheng Lab and Pisanbao.
- CVE-2024-6993: Inappropriate implementation in Canvas.
Reported by Anonymous.
- CVE-2024-6994: Heap buffer overflow in Layout.
Reported by Huang Xilin of Ant Group Light-Year Security Lab.
- CVE-2024-6995: Inappropriate implementation in Fullscreen.
Reported by Alesandro Ortiz.
- CVE-2024-6996: Race in Frames.
Reported by Louis Jannett (Ruhr University Bochum).
- CVE-2024-6997: Use after free in Tabs.
Reported by Sven Dysthe (@svn-dys).
- CVE-2024-6998: Use after free in User Education.
Reported by Sven Dysthe (@svn-dys).
- CVE-2024-6999: Inappropriate implementation in FedCM.
Reported by Alesandro Ortiz.
- CVE-2024-7000: Use after free in CSS. Reported by Anonymous.
- CVE-2024-7001: Inappropriate implementation in HTML.
Reported by Jake Archibald.
- CVE-2024-7003: Inappropriate implementation in FedCM.
Reported by Alesandro Ortiz.
- CVE-2024-7004: Insufficient validation of untrusted input in Safe
Browsing. Reported by Anonymous.
- CVE-2024-7005: Insufficient validation of untrusted input in Safe
Browsing. Reported by Umar Farooq.
- CVE-2024-6990: Uninitialized Use in Dawn. Reported by gelatin dessert.
- CVE-2024-7255: Out of bounds read in WebTransport.
Reported by Marten Richter.
- CVE-2024-7256: Insufficient data validation in Dawn.
Reported by gelatin dessert.
* Switch from building against (gcc's) libstdc++ to (clang's) libc++.
Upstream is playing fast and loose with memory in ways that results
in crashes with gcc's stricter libstdc++, but not with clang's libc++
(which allows accessing deleting memory apparently). We can't maintain
workarounds any more, and upstream really doesn't care (see, for
example, https://crbug.com/346174906 , where they add workarounds only
for their ASAN memory checker).
* d/copyright:
- delete new rust, cargo, llvm, and node binaries.
- delete third_party/zstd so we can link against system zstd.
- stop deleting the bundled woff, snappy, and jsoncpp; those can't be
dynamically linked against with clang's libc++.
* d/control:
- build-dep against libzstd-dev and bindgen.
- drop build-dep on libwoff-dev, libsnappy-dev, libjsoncpp-dev, and
add build-deps on libc++-16-dev / libc++abi-16-dev.
* d/rules:
- drop use_goma=false (upstream switched to rbe).
- set rust_bindgen_root.
- rework get-orig-source to not use mk-origtargz, which is
incredibly slow (total run 45 mins for the current 6.2G upstream
release). Instead, use d/scripts/get-exludes.pl and tar's
--exclude-from to drastically speed things up (total run now takes
8 mins).
* d/patches:
- upstream/tabstrip-include.patch: drop, merged upstream.
- upstream/quiche-deque.patch: drop, merged upstream.
- upstream/gpu-header.patch: drop, merged upstream.
- upstream/blink-header.patch: drop, merged upstream.
- upstream/blink-header2.patch: drop, merged upstream.
- upstream/blink-header3.patch: drop, merged upstream.
- upstream/realtime-reporting.patch: drop, merged upstream.
- upstream/urlvisit-header.patch: drop, merged upstream.
- upstream/accessibility-format.patch: drop, merged upstream.
- upstream/observer.patch: drop, merged upstream.
- bookworm/clang16.patch: refresh.
- bookworm/rust-downgrade-osstr-users.patch: refresh w/ minor changes.
- ungoogled/disable-privacy-sandbox.patch: refresh.
- disable/signin.patch: upstream dropped prefs::kAutologinEnabled.
- upstream/crabbyav1f.patch: add build fix pulled from upstream.
- upstream/lock-impl.patch: add build fix pulled from upstream.
- upstream/containers-header.patch: add build fix pulled from upstream.
- upstream/paint-layer-header.patch: add build fix pulled from upstream
- fixes/bindgen.patch: work around bindgen-related things (hopefully
correctly?)
- bookworm/lex-3way.patch: add patch to support
std::lexicographical_compare_three_way, which was added in clang-17.
- bookworm/traitors.patch: another clang-16 hack; backport
pointer_traits.h from libc++-18-dev to work around clang
std::to_address() issue.
- bookworm/constexpr.patch: add more of the usual constexpr
workarounds; only needed for clang-16.
- fixes/absl-optional.patch: drop, only needed for libstdc++-dev.
- fixes/bad-font-gc*: drop, only needed for libstdc++-dev.
- fixes/chromium-browser-ui-missing-deps.patch: add a bunch of
mojo-related dependency build fixes.
.
[ Timothy Pearson ]
* d/patches:
- fixes/fixes/memory-allocator-dcheck-assert-fix.patch: Fix assert on
64k page systems such as aarch64 and ppc64el
* d/patches/ppc64le:
- ffmpeg/0001-Add-support-for-ppc64.patch: Drop, no longer needed
- third_party/use-sysconf-page-size-on-ppc64.patch: Refresh for upstream
changes
Checksums-Sha1:
2c18463d16bd66996a78804e29c9de0e15ccad38 3770 chromium_127.0.6533.88-1.dsc
a81a33c056af65fb74b4ce6dd855eef511185aef 873345564 chromium_127.0.6533.88.orig.tar.xz
8d460352235b92350e06543e8944b651634fb810 413552 chromium_127.0.6533.88-1.debian.tar.xz
f0909fd10d192a15665c01f78d3a6527e3b2f232 22182 chromium_127.0.6533.88-1_source.buildinfo
Checksums-Sha256:
c34fa4689620ec33a95a0ec9b53f3d95f06cd40009fe33f91010729ed74eb48a 3770 chromium_127.0.6533.88-1.dsc
54f1a7f7ccebdbe62654751c9939f9c3ee6d25ebd3a7f823f944764d8fb84aa4 873345564 chromium_127.0.6533.88.orig.tar.xz
117987755b43ef614ec728572b062e14f2a6627bb67290953d1eadcb8f6d86ef 413552 chromium_127.0.6533.88-1.debian.tar.xz
9d29ec5456a547ed0b187c6800a8ab8754bc4f05b1c576fd32931e656ec908e6 22182 chromium_127.0.6533.88-1_source.buildinfo
Files:
811270cc5c123cebd1202d565ae6d35a 3770 web optional chromium_127.0.6533.88-1.dsc
5ce7abbb21378ea5e2d567a93ba12808 873345564 web optional chromium_127.0.6533.88.orig.tar.xz
ce75950b4ef590796151337e07ada4ff 413552 web optional chromium_127.0.6533.88-1.debian.tar.xz
14998527ea0ffb8879a424d4b4092b2e 22182 web optional chromium_127.0.6533.88-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmapvuEUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudjephg//fSRB+FPd93QVA8vXRUiv9oSSzEWV
G1mXkZkEhE055PiBYurnTywWzSpqVx2woOx5QQCHrBWB7pVKCoHhTjJJ4lfa2S4d
CxetSG6qFCRcuKc7nMsjW7pGcIOWPlqed9mJxfitrx07ExqxwgRXayoLzdOIPTSr
oTQgnj/cqDCkJ68S9lyHBhsbYGvzPbmg8vfUIx4kAAtWxvMAHL9rHgWXTIJNQe3m
fMhSI8ZICqdX0nwmKdqT25IeKnkCcw+cvwtmxzRyTp/DTKE2qqIoEdvnTj4T0gcE
7BHEBq6XOgPaRszKWeWTouYvd4hZBWky/JK0/3iork3+JcvBuUtkYeBI4KDKqpOz
3lo9YVDF6MeI8BfqZOXE2QCcuETM3Fac3b4U0av92AfQ7aou4+0fXGT9qJFiyKya
pOBNq4EVK8yau9dX61nYjiD/sV66oG/m/GaUxuyCO0PUX4WtskKcjSGdHU6la2Fu
iy3ScrpN5mUiYq8GVqAvAyOInZ/OmQectuN+Ox+IXNTiG2mYsCUS/db7vgYMlnIb
D3rkjlxZ0R5ju7iOTdspU6XMPM7dTu3k6WaIu4RgK4AGn+/a28GLtQ35kxGmGFyE
fOCHVoaD6iCMssVPKqc1/X3T7LmroOEHr12AMR451CJbiqX5JBlVjSN048k/L399
iGMrKDtYpCZEvrA=
=g+RH
-----END PGP SIGNATURE-----
Attachment:
pgpgla3ThU0Ro.pgp
Description: PGP signature