-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 21 Feb 2024 19:56:32 -0500
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: arm64
Version: 122.0.6261.57-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-03) <buildd_arm64-arm-conova-03@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (122.0.6261.57-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-1669: Out of bounds memory access in Blink.
       Reported by Anonymous.
     - CVE-2024-1670: Use after free in Mojo.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2024-1671: Inappropriate implementation in Site Isolation.
       Reported by Harry Chen.
     - CVE-2024-1672: Inappropriate implementation in Content Security Policy.
       Reported by Georg Felber (TU Wien) & Marco Squarcina (TU Wien).
     - CVE-2024-1673: Use after free in Accessibility.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2024-1674: Inappropriate implementation in Navigation.
       Reported by David Erceg.
     - CVE-2024-1675: Insufficient policy enforcement in Download.
       Reported by Bartłomiej Wacko.
     - CVE-2024-1676: Inappropriate implementation in Navigation.
       Reported by Khalil Zhani.
   * d/patches:
     - fixes/v8-compressed-ptrs.patch: drop, merged upstream.
     - fixes/stdint.patch: drop, merged upstream.
     - upstream/vector.patch: drop, merged upstream.
     - upstream/display-header.patch: drop, merged upstream.
     - upstream/bitset.patch: drop, merged upstream.
     - upstream/once_flag.patch: drop, merged upstream.
     - fixes/std-to-address.patch: refresh.
     - disable/signin.patch: refresh.
     - disable/catapult.patch: refresh.
     - bookworm/clang16.patch: refresh, and change
       -Wno-c++11-narrowing-const-reference to -Wno-c++11-narrowing.
     - bookworm/nvt.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
     - bookworm/undo-internal-alloc.patch: revert a commit that confuses
       clang16 w/ libstdc++. We need a better workaround than this.
     - upstream/mojo.patch: update from git.
     - bookworm/constexpr-equality.patch: add a few more build fixes
       (constexpr removals).
     - upstream/uniqptr.patch: add missing include.
     - upstream/optional.patch: add missing include.
     - upstream/bookmarknode.patch: add comparison equality fix pulled from
       upstream.
     - fixes/optional.patch: add missing includes.
     - bookworm/nvt2.patch: revert another upstream c++-20 change for clang-16.
     - upstream/bitset.patch: add missing include.
     - ppc64le/v8/0002-Add-ppc64-trap-instructions.patch: refresh.
     - bookworm/eraseif0.patch: revert another commit; needed by
       eraseif-lambda.patch.
     - bookworm/eraseif-lamba.patch: refresh.
     - bookworm/undo-rust-req.patch: refresh.
     - bookworm/bubble-contents.patch: remove static_assert() that fails with
       libstdc++12.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Properly-detect-little-endian-PPC64-systems.patch: drop, upstream
       fix in GIT hash 25a6e6
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
       upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
Checksums-Sha1:
 24d976776650b35dc9864da6397f55c6c577b5f2 1270580 chromium-common-dbgsym_122.0.6261.57-1~deb12u1_arm64.deb
 16dd158d48463de5c6924989efc47f26eded3be3 4832824 chromium-common_122.0.6261.57-1~deb12u1_arm64.deb
 afd52bd80d6a6568338ee145377616795ce6c2a1 33312072 chromium-dbgsym_122.0.6261.57-1~deb12u1_arm64.deb
 ac62d82ecec35e050b7f8473f41ae994b6e73bc2 5461160 chromium-driver_122.0.6261.57-1~deb12u1_arm64.deb
 b65d77eadb78db0020e1decf9199264a53ad924c 14468 chromium-sandbox-dbgsym_122.0.6261.57-1~deb12u1_arm64.deb
 b4f35e0814036ab4e88b1baa7120eb26739d8129 86448 chromium-sandbox_122.0.6261.57-1~deb12u1_arm64.deb
 35e003d512b9929a55a1ee7eccf1bf1f4d231eca 27663220 chromium-shell-dbgsym_122.0.6261.57-1~deb12u1_arm64.deb
 3ce94b6aa3686dd1352329d4fedfb8b84aaaa0fd 45098980 chromium-shell_122.0.6261.57-1~deb12u1_arm64.deb
 754a956e1f9bb2809ea15c327e0fb580b66ead90 24410 chromium_122.0.6261.57-1~deb12u1_arm64-buildd.buildinfo
 f84fe8510785869d23de220d3a2dbcf7f0bf7447 65347800 chromium_122.0.6261.57-1~deb12u1_arm64.deb
Checksums-Sha256:
 3198664d2c2e9c998588af9e151b26cd5d0c948137e1618b3340ca40bac717a3 1270580 chromium-common-dbgsym_122.0.6261.57-1~deb12u1_arm64.deb
 639ad2e09e5e5a30b25f5ab5dc8343fbceacf056902588574752e6348ee84215 4832824 chromium-common_122.0.6261.57-1~deb12u1_arm64.deb
 24963814804911609bee15db364d2448a355eeaaf520b5d0e31c730ff6114d42 33312072 chromium-dbgsym_122.0.6261.57-1~deb12u1_arm64.deb
 8fe90f24e9454f6dad41951b63d42b2c616ccf04a5189bf0229832a5996f89d9 5461160 chromium-driver_122.0.6261.57-1~deb12u1_arm64.deb
 653f76d5bdc1de40a5117d4ee13acce7b29ade01db5f8781e4a5405636142469 14468 chromium-sandbox-dbgsym_122.0.6261.57-1~deb12u1_arm64.deb
 9d552e15b17075a0b55c347e03510426ffc00e2c89d1c5c94cc6d5383a9d28ee 86448 chromium-sandbox_122.0.6261.57-1~deb12u1_arm64.deb
 5dd2b4e90188442a3681f525a2ef4abb88b94a827a6f9a1c8cc35eb1c9a0a536 27663220 chromium-shell-dbgsym_122.0.6261.57-1~deb12u1_arm64.deb
 598b5238f40861670d9c63f33b0b78306917b808e3ea005c3645fdaebc8d7de7 45098980 chromium-shell_122.0.6261.57-1~deb12u1_arm64.deb
 530cd4bf9b5cc830d54b18617ee86945fb37d1e9aace5e0d5a7979a0edab2e09 24410 chromium_122.0.6261.57-1~deb12u1_arm64-buildd.buildinfo
 25f491994a0eac28a4fbd6ae74e48d9a6d2da960e145012e02bf9091ab3768ab 65347800 chromium_122.0.6261.57-1~deb12u1_arm64.deb
Files:
 01ffd38741a4036eb119199edd3281f9 1270580 debug optional chromium-common-dbgsym_122.0.6261.57-1~deb12u1_arm64.deb
 4a72892dede70d75dd7b3a1f6dc3e8b7 4832824 web optional chromium-common_122.0.6261.57-1~deb12u1_arm64.deb
 96ac32e12634f19d5f14b5b8ef866c43 33312072 debug optional chromium-dbgsym_122.0.6261.57-1~deb12u1_arm64.deb
 348b33e64c7982a025fe408fbead5e46 5461160 web optional chromium-driver_122.0.6261.57-1~deb12u1_arm64.deb
 60fc9acc54bc2670f70fc043fa548f8e 14468 debug optional chromium-sandbox-dbgsym_122.0.6261.57-1~deb12u1_arm64.deb
 623c46f1439c33acada619ea8c56c49e 86448 web optional chromium-sandbox_122.0.6261.57-1~deb12u1_arm64.deb
 cdf98a4b433dbe02b31621c4bc21df19 27663220 debug optional chromium-shell-dbgsym_122.0.6261.57-1~deb12u1_arm64.deb
 a6b0e03c5d604681317c301822f02015 45098980 web optional chromium-shell_122.0.6261.57-1~deb12u1_arm64.deb
 03fd75b06195ec9954350326ff717e90 24410 web optional chromium_122.0.6261.57-1~deb12u1_arm64-buildd.buildinfo
 6e86f1f241651dbcfd34f7f5333e9419 65347800 web optional chromium_122.0.6261.57-1~deb12u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEU81tY/BC8e+eAeWhLffeOnPnbLUFAmXYDOoACgkQLffeOnPn
bLU3Vw/9EoI8rKcH2QDGizIOtAHgOdgMMvDVClbQr3OdD8yljNmirymFHzlHd4p3
JeXnqoh2mMBxHfbJpyPrtGd+HvVX5V6VKz9XlGt5cF7raw9JyDf1MWLnKfDK7U5D
De2W03o6vED/49yywDGALetD8OCmBIc4VYFSgyldcDtGE70q+Fcl2zsqVsLC1Z3n
v+3kTXFfdpLgSEB7h1BSl4C2VPTY9yqu3y5xweTRJFv4ThGW0rNqQIXgoWaionIV
23czu4myKHc5DMxPQaHu1ICZjRwOAfInSXJ3FaPqWNMjTe5/IkLfSTIPX4QjFqMI
kaVu663ek1kCIYaE9QP+F9bFAvMfg8TOfKtG/0M7TgNjUoRIIuCT/eUaKFQ3HltH
Y1LDA58SfvsTwCIHpLTdrxb6sBoohilflpkBvFk0w4A5dkerWWFTSGsQZDEHeQY8
4gVRiQhEPQferrAbC+BLtzWjDguPb2jfMTNg6S+NrHVity9M+7U+FMAPp45o9d4b
GxOxrjVq1dWW3tSEF3uRFOvKS9+MFlgXIwOxeGTEqwEpIvCz6RzaTXSRvYVjElKB
jGEzZQXduTmbB9jX9Sjjt6cDeCyG0x1HeTXrNjj9siOJLa61oWtZYHf35Acpf2aH
Eda3IkgRldu8qsWV6cIx5BtEd4JYHI3ydg0MUtPxv+xITDmmtAQ=
=aB1A
-----END PGP SIGNATURE-----