-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 16 May 2024 18:55:41 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: amd64
Version: 125.0.6422.60-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-csail-01) <buildd_amd64-x86-csail-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (125.0.6422.60-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-4947: Type Confusion in V8. Reported by Vasily
       Berdnikov (@vaber_b) and Boris Larin (@oct0xor) of Kaspersky.
     - CVE-2024-4948: Use after free in Dawn. Reported by wgslfuzz.
     - CVE-2024-4949: Use after free in V8.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2024-4950: Inappropriate implementation in Downloads.
       Reported by Shaheen Fazim.
   * d/copyright: fix instrumented_libs deletion; upstream renamed it.
   * d/scripts/unbundle: bundle new requirement absl_crc (which is
     unavailable in bookworm).
   * d/patches:
     - upstream/uint-includes.patch: drop,merged upstream.
     - upstream/fps-optional.patch: drop, merged upstream.
     - upstream/span-optional.patch: drop, merged upstream.
     - upstream/extractor-bitset.patch: drop, merged upstream.
     - upstream/atomic.patch: drop, merged upstream.
     - upstream/webgpu-optional.patch: drop, merged upstream.
     - disable/catapult.patch: refresh.
     - i386/angle-lockfree.patch: drop, I _think_ it's no longer needed.
     - upstream/ruy-include.patch: add header build fix.
     - upstream/vulkan-include.patch: add header build fix.
     - upstream/mojo-bindings-include.patch: add header build fix.
     - upstream/appservice-include.patch: add header build fix.
     - upstream/no-vector-consts.patch: add build fix; gnu libstdc++
       doesn't allow const types inside vectors.
     - upstream/lens-include.patch: add header build fix.
     - bookworm/nvt2.patch: drop (replace with a better non-revert patch).
     - bookworm/v8-wrappable.patch: add nvt2.patch build fix replacement
       that just defines a single struct member.
     - upstream/ninja.patch: add build fix for failure triggered by
       ninja-1.12.
     - fixes/bad-font-gc00000.patch: add formatting patch revert to make
       other patches easier to apply.
     - fixes/bad-font-gc2.patch: add a build failure fix & refresh.
     - fixes/bad-font-gc11.patch: add a build failure fix & refresh.
     - bookworm/bubble-contents.patch: refresh.
     - bookworm/omnibox-constexpr.patch: add constexpr -> const build fix.
     - upstream/tabstrip-include.patch: add header build fix.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: Modify for
       upstream changes
     - third_party/0002-Add-PPC64-generated-files-for-boringssl.patch: Add
       pregenerated configuration for ppc64el support in BoringSSL
     - third_party/0002-third-party-boringssl-add-generated-files.patch:
       Rename to third_party/0002-Add-PPC64-generated-files-for-boringssl.patch
     - workarounds/HACK-debian-clang-disable-skia-musttail.patch: Refresh
       for upstream changes
     - third_party/skia-vsx-instructions.patch: Refresh for upstream changes
     - ffmpeg/0001-Add-support-for-ppc64.patch: Refresh for upstream changes
Checksums-Sha1:
 9eeb2c1bde5471979f7a9b75088d301bb1a35e78 1225928 chromium-common-dbgsym_125.0.6422.60-1~deb12u1_amd64.deb
 04df3ebdb78ec360f288239189de0b6554156889 5015272 chromium-common_125.0.6422.60-1~deb12u1_amd64.deb
 f75062cdc18d40a4177ebd3f000d1b0658b392e1 35474108 chromium-dbgsym_125.0.6422.60-1~deb12u1_amd64.deb
 1fe830597fe74a5c91b262a1c248d72dcf185af0 6204856 chromium-driver_125.0.6422.60-1~deb12u1_amd64.deb
 80e922c2b7eae1d0a971f88e282826b77439ab88 14116 chromium-sandbox-dbgsym_125.0.6422.60-1~deb12u1_amd64.deb
 018047a418efb42410f09ff9d1714727b141fe56 90228 chromium-sandbox_125.0.6422.60-1~deb12u1_amd64.deb
 c0bbc510f287752240d701a36a3d197ef3b40cf0 30843520 chromium-shell-dbgsym_125.0.6422.60-1~deb12u1_amd64.deb
 541cb9e55c84eb80bf7112e541b4466af07f5b3e 52188264 chromium-shell_125.0.6422.60-1~deb12u1_amd64.deb
 a8585db016063f6e8c1d504990255be61e9128ba 24719 chromium_125.0.6422.60-1~deb12u1_amd64-buildd.buildinfo
 28e098f36c136262a808588fbb47664d29a9a079 74471952 chromium_125.0.6422.60-1~deb12u1_amd64.deb
Checksums-Sha256:
 1c6d213ba147ce0f909da4e13909a4bcce75afc67ca8109a303eb41c8df5e37d 1225928 chromium-common-dbgsym_125.0.6422.60-1~deb12u1_amd64.deb
 8af34386df6f50f2d216e848246362f14ed651ac15459bff813d6f9d2eda89d5 5015272 chromium-common_125.0.6422.60-1~deb12u1_amd64.deb
 9108504061534eac37e85b1e5d48bc8e98529a5acd9b85e23bb228d79a179078 35474108 chromium-dbgsym_125.0.6422.60-1~deb12u1_amd64.deb
 989af29c136ac5be37d41e1c165229ef145c690420074fdf4b51aa9651e28bcc 6204856 chromium-driver_125.0.6422.60-1~deb12u1_amd64.deb
 6cf7da5100348009f31beca137d299c29d84ece83d4f787e5324d0676bb935e1 14116 chromium-sandbox-dbgsym_125.0.6422.60-1~deb12u1_amd64.deb
 404cd16111fcd17dfbfa66d4655aec000ec96b01151eccfba8b166ee04fbc5d3 90228 chromium-sandbox_125.0.6422.60-1~deb12u1_amd64.deb
 3b2fce95df2344c65c7717466ff8f4f2010ee5ce31e3f8e7a3f65d03ac9d95ec 30843520 chromium-shell-dbgsym_125.0.6422.60-1~deb12u1_amd64.deb
 86e71795ed31825b6b12344075fdf83d57ae8e8cb1a4b5f643746977c26cfa9b 52188264 chromium-shell_125.0.6422.60-1~deb12u1_amd64.deb
 878130baad8f78f2372bc647ebd5b63beb28ba850efbcb5b81954eb3dd39f75a 24719 chromium_125.0.6422.60-1~deb12u1_amd64-buildd.buildinfo
 c51ba96d5c8861b6ca4e4509922afea59fd60c0d398ffcf3acbf4d9e9b326a55 74471952 chromium_125.0.6422.60-1~deb12u1_amd64.deb
Files:
 ffacca6a573b39e050c7de837b8dbfa4 1225928 debug optional chromium-common-dbgsym_125.0.6422.60-1~deb12u1_amd64.deb
 8e49fa4ddefae308152020d52e961297 5015272 web optional chromium-common_125.0.6422.60-1~deb12u1_amd64.deb
 5fd5734de82f4a506f1b8b6611646c60 35474108 debug optional chromium-dbgsym_125.0.6422.60-1~deb12u1_amd64.deb
 7efae9db0632832f6a96d623589ff5a3 6204856 web optional chromium-driver_125.0.6422.60-1~deb12u1_amd64.deb
 87ab6a7391388c05a0bf9ec0db098958 14116 debug optional chromium-sandbox-dbgsym_125.0.6422.60-1~deb12u1_amd64.deb
 f281f870149ddb0833700f83d090b793 90228 web optional chromium-sandbox_125.0.6422.60-1~deb12u1_amd64.deb
 c1332d03a60f860c5ff8053b3c6b6e21 30843520 debug optional chromium-shell-dbgsym_125.0.6422.60-1~deb12u1_amd64.deb
 705c4a0e0f140119d42689b8a56b01e3 52188264 web optional chromium-shell_125.0.6422.60-1~deb12u1_amd64.deb
 34cad64fcd2c42caff0cbfd57c3c18a9 24719 web optional chromium_125.0.6422.60-1~deb12u1_amd64-buildd.buildinfo
 22da55e0392db3fc9cb5e3cac96596f1 74471952 web optional chromium_125.0.6422.60-1~deb12u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEvy6d65NNYPbL6IQIEQ1nooK/IAQFAmZHg4EACgkQEQ1nooK/
IATTIw//bH8ZTq2UNce9yk0LHD9ZjGO0b+wPJ7fz6BirnmNOsr8CVu3tU5KnJYPY
9W681+XoxFYktYLBdqPVEF/7UCYcMtgFz0ueQOcv7/NQA9p/GZS0dHS58Bj5Gq+W
wH91F8VTrUkOtL3EOljVcnbfLHWSvd2nqFVXpbREO2K4EFBvxP0Ni4Tabm0ngdJ4
y6PDLmBVyNMApgVWD+x7wEjwf/l00SIlR794nFemuydWDhaIBdygytYlLigPWNMa
HPvUonsrKoxfm7UIcLpGp/YPejfNfqlh8vCG/WGIUnreioMe1D4uHSAKiOm1jNq8
HG1SaFwPRw065BK4qCY/6YBcTCXERDz7ojPmnCQSmBGaJnihVN98oz/vE6MzhZY9
7PEuA03qPJAS3WxdOMkV9kY3pXqSHgrfuwOWOS51LYbCfEWsavrJafPUDQmXIfm1
hXz4uBpQrG3kt4axTUWEjUvMWtGoBcVNtb1psx+TGpvLx/9SDHp7ad0hLzy80MjX
SYm2+FpxidomEo97Q29jdc3truk5s39BbtaBNOQcsMP2QqYWqsoouekFr71qKtoT
rZzu+mn0gf/XAZSH8ZtO9LSv/1lspLbetjz19/s6kyV6eelsHuZHezzE7yfDyV5f
qDYcReWLPvz74kSZ/5VjvhNQlaV5qaSRHcHjMqVTjJ2UtOdeJzM=
=c4Z9
-----END PGP SIGNATURE-----