-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 16 May 2024 18:55:41 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: i386
Version: 125.0.6422.60-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (125.0.6422.60-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-4947: Type Confusion in V8. Reported by Vasily
       Berdnikov (@vaber_b) and Boris Larin (@oct0xor) of Kaspersky.
     - CVE-2024-4948: Use after free in Dawn. Reported by wgslfuzz.
     - CVE-2024-4949: Use after free in V8.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2024-4950: Inappropriate implementation in Downloads.
       Reported by Shaheen Fazim.
   * d/copyright: fix instrumented_libs deletion; upstream renamed it.
   * d/scripts/unbundle: bundle new requirement absl_crc (which is
     unavailable in bookworm).
   * d/patches:
     - upstream/uint-includes.patch: drop,merged upstream.
     - upstream/fps-optional.patch: drop, merged upstream.
     - upstream/span-optional.patch: drop, merged upstream.
     - upstream/extractor-bitset.patch: drop, merged upstream.
     - upstream/atomic.patch: drop, merged upstream.
     - upstream/webgpu-optional.patch: drop, merged upstream.
     - disable/catapult.patch: refresh.
     - i386/angle-lockfree.patch: drop, I _think_ it's no longer needed.
     - upstream/ruy-include.patch: add header build fix.
     - upstream/vulkan-include.patch: add header build fix.
     - upstream/mojo-bindings-include.patch: add header build fix.
     - upstream/appservice-include.patch: add header build fix.
     - upstream/no-vector-consts.patch: add build fix; gnu libstdc++
       doesn't allow const types inside vectors.
     - upstream/lens-include.patch: add header build fix.
     - bookworm/nvt2.patch: drop (replace with a better non-revert patch).
     - bookworm/v8-wrappable.patch: add nvt2.patch build fix replacement
       that just defines a single struct member.
     - upstream/ninja.patch: add build fix for failure triggered by
       ninja-1.12.
     - fixes/bad-font-gc00000.patch: add formatting patch revert to make
       other patches easier to apply.
     - fixes/bad-font-gc2.patch: add a build failure fix & refresh.
     - fixes/bad-font-gc11.patch: add a build failure fix & refresh.
     - bookworm/bubble-contents.patch: refresh.
     - bookworm/omnibox-constexpr.patch: add constexpr -> const build fix.
     - upstream/tabstrip-include.patch: add header build fix.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: Modify for
       upstream changes
     - third_party/0002-Add-PPC64-generated-files-for-boringssl.patch: Add
       pregenerated configuration for ppc64el support in BoringSSL
     - third_party/0002-third-party-boringssl-add-generated-files.patch:
       Rename to third_party/0002-Add-PPC64-generated-files-for-boringssl.patch
     - workarounds/HACK-debian-clang-disable-skia-musttail.patch: Refresh
       for upstream changes
     - third_party/skia-vsx-instructions.patch: Refresh for upstream changes
     - ffmpeg/0001-Add-support-for-ppc64.patch: Refresh for upstream changes
Checksums-Sha1:
 b62d304ff5ca61ff7ab507af19679fb65fdce37e 1182244 chromium-common-dbgsym_125.0.6422.60-1~deb12u1_i386.deb
 423e4da8eeab831a0df280613bb2a6f1e26afa09 5010924 chromium-common_125.0.6422.60-1~deb12u1_i386.deb
 567d7129c8fe7d0a21fbc84ef50bfa4828dcec3f 35602036 chromium-dbgsym_125.0.6422.60-1~deb12u1_i386.deb
 296a18018df89d2af4a4f52614b71e24aa4b0a14 6398568 chromium-driver_125.0.6422.60-1~deb12u1_i386.deb
 99be411345777a6749f074276df75a9d7709004e 13956 chromium-sandbox-dbgsym_125.0.6422.60-1~deb12u1_i386.deb
 79d9a9ebefb27f0a409395859f1ad626daf24cfd 90064 chromium-sandbox_125.0.6422.60-1~deb12u1_i386.deb
 512ceb700259255855f6958bba532a4bc0e52468 30948008 chromium-shell-dbgsym_125.0.6422.60-1~deb12u1_i386.deb
 7bb108e8f311bbac131f730e4fcdf92f68cc3a21 53290132 chromium-shell_125.0.6422.60-1~deb12u1_i386.deb
 5f1c83423aa1755d4d8bf4bb6a7abab79eb20978 24715 chromium_125.0.6422.60-1~deb12u1_i386-buildd.buildinfo
 0788b02014b50c585c021ba8c0ac9be8ac4d2aad 76221980 chromium_125.0.6422.60-1~deb12u1_i386.deb
Checksums-Sha256:
 2617e9aa2015f8e339da47ee340bc2ab647eed8641694d7a33a7fa509a71897b 1182244 chromium-common-dbgsym_125.0.6422.60-1~deb12u1_i386.deb
 1d0cbd9c0bf5f95ffab1bc710d72f27ee9b91fa9df4404495d3ae6e1b64c89d0 5010924 chromium-common_125.0.6422.60-1~deb12u1_i386.deb
 25dc7f3d622448c337c530b7307d0955377758e60925415f33c355fd03a77e4b 35602036 chromium-dbgsym_125.0.6422.60-1~deb12u1_i386.deb
 47afa9a80248b1d15bd5b9a49669ff229094ca058cfa532eec3e1ce70090cb5b 6398568 chromium-driver_125.0.6422.60-1~deb12u1_i386.deb
 0c31fbbdb40b56dba757b90581e7925096407b09dc4f0e8492a92546dd7a1529 13956 chromium-sandbox-dbgsym_125.0.6422.60-1~deb12u1_i386.deb
 42df18dabbdb33ed8592717ce7c703c35ea62fefa2f48e0c6dbb5b0e13fea73e 90064 chromium-sandbox_125.0.6422.60-1~deb12u1_i386.deb
 f730ccfd74529fa8408a66fda5c1a8f62c31ae14846dcfcbec0987e479673db7 30948008 chromium-shell-dbgsym_125.0.6422.60-1~deb12u1_i386.deb
 e2b37770268ef4aaea8528ee845dd21196e08b7cacb2a251b138fa29cc5812dc 53290132 chromium-shell_125.0.6422.60-1~deb12u1_i386.deb
 b7d3849cb73c5b855a45db414f96dfa89a574cf72466b98ff6244d773653e640 24715 chromium_125.0.6422.60-1~deb12u1_i386-buildd.buildinfo
 624fac0ff521efc70fc3f9586efd26f46ba60256d99867e017a2890cd2ac089f 76221980 chromium_125.0.6422.60-1~deb12u1_i386.deb
Files:
 376316bcfd524817657b418caa093030 1182244 debug optional chromium-common-dbgsym_125.0.6422.60-1~deb12u1_i386.deb
 d70aa558d480bdb7843c6ab011d8c489 5010924 web optional chromium-common_125.0.6422.60-1~deb12u1_i386.deb
 42d5dad15231dfe98d1d6b0744247788 35602036 debug optional chromium-dbgsym_125.0.6422.60-1~deb12u1_i386.deb
 f2b6be0ef864eee4d38f47c5c9975a3f 6398568 web optional chromium-driver_125.0.6422.60-1~deb12u1_i386.deb
 ede27b25f0963d6413ec620876003b37 13956 debug optional chromium-sandbox-dbgsym_125.0.6422.60-1~deb12u1_i386.deb
 a2f4ea34450e3984bce8bb50855e0827 90064 web optional chromium-sandbox_125.0.6422.60-1~deb12u1_i386.deb
 6b3dfc8342ff63811065ad44896b5cde 30948008 debug optional chromium-shell-dbgsym_125.0.6422.60-1~deb12u1_i386.deb
 de24ad58187e6e1df31f8a370ce5af80 53290132 web optional chromium-shell_125.0.6422.60-1~deb12u1_i386.deb
 1d88a1bbb0b2727822f1bafd27313c84 24715 web optional chromium_125.0.6422.60-1~deb12u1_i386-buildd.buildinfo
 11c3cf3f7f4f44a1a7da05dd7f271b3d 76221980 web optional chromium_125.0.6422.60-1~deb12u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgdRoRGwEM09wlaMzOni7ZmUpKEcFAmZHk/oACgkQOni7ZmUp
KEeODw//UDTu9VymSI+QIXYtrmG7fjMQsiyxrl0E75juJ8LzGxhcIX/AwpNm7zkR
xlmYv5tMBnKX+4pHx8vq6XrKJfhVHyR8J01+W3Dkn/mJzRjOg+XVGyyjsD8rf8bV
mfmdjkicka8/z0WYMLekuIuLjvk3eGs8sr85/tXfe4PwFi6cy2uMJQHZC/vOHlVU
rSsC2QM1cjvfLTTy36sTkDv5KCUxYnBEOgZDDWMjnn0Ie0dEbRVJUfUEkoFDPFkI
2sGFm/Av03IaimsnoBiNR6Px7xXgDru5N7jjqyn8kXNBJAFT/f2xV4hnzfRuE0ws
qSpYQFEBz0Cm6gVbhJ7xQ3vQHjc30FvNoWHT0+NR3RWsLlpIxz0CZxqzfWKbnBex
+Z4e8FoJcuHCY7+a2PDwcCHXnm5eWSzPudA+ri8YP3p30Tq3JW6PFVJLi1P2OrBB
ebLiyiwS8EmIvNtAYRPu3utlkq8AgtAhb+i+I8/B59roSapUd8oO3nDLFv+P7eVs
8NkgNuN02nSGFrG4UeSpbCNN65eFVM/zax6eF0z085A4OXBxrS6/JkrICib0LPE4
lDUn8njLt+/C8OYadXU1ImDKNW6PRYJboE0IXiWp3ZYcqLeIUBcHaIqW7cznDGA7
EtOHA0yTm3zZeK3Mf3YDl4mJ3wbz/GQy18rTNoAeY1H3O5Fkelo=
=lAeu
-----END PGP SIGNATURE-----