-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 16 May 2024 18:55:41 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: armhf
Version: 125.0.6422.60-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-01) <buildd_arm64-arm-conova-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (125.0.6422.60-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-4947: Type Confusion in V8. Reported by Vasily
       Berdnikov (@vaber_b) and Boris Larin (@oct0xor) of Kaspersky.
     - CVE-2024-4948: Use after free in Dawn. Reported by wgslfuzz.
     - CVE-2024-4949: Use after free in V8.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2024-4950: Inappropriate implementation in Downloads.
       Reported by Shaheen Fazim.
   * d/copyright: fix instrumented_libs deletion; upstream renamed it.
   * d/scripts/unbundle: bundle new requirement absl_crc (which is
     unavailable in bookworm).
   * d/patches:
     - upstream/uint-includes.patch: drop,merged upstream.
     - upstream/fps-optional.patch: drop, merged upstream.
     - upstream/span-optional.patch: drop, merged upstream.
     - upstream/extractor-bitset.patch: drop, merged upstream.
     - upstream/atomic.patch: drop, merged upstream.
     - upstream/webgpu-optional.patch: drop, merged upstream.
     - disable/catapult.patch: refresh.
     - i386/angle-lockfree.patch: drop, I _think_ it's no longer needed.
     - upstream/ruy-include.patch: add header build fix.
     - upstream/vulkan-include.patch: add header build fix.
     - upstream/mojo-bindings-include.patch: add header build fix.
     - upstream/appservice-include.patch: add header build fix.
     - upstream/no-vector-consts.patch: add build fix; gnu libstdc++
       doesn't allow const types inside vectors.
     - upstream/lens-include.patch: add header build fix.
     - bookworm/nvt2.patch: drop (replace with a better non-revert patch).
     - bookworm/v8-wrappable.patch: add nvt2.patch build fix replacement
       that just defines a single struct member.
     - upstream/ninja.patch: add build fix for failure triggered by
       ninja-1.12.
     - fixes/bad-font-gc00000.patch: add formatting patch revert to make
       other patches easier to apply.
     - fixes/bad-font-gc2.patch: add a build failure fix & refresh.
     - fixes/bad-font-gc11.patch: add a build failure fix & refresh.
     - bookworm/bubble-contents.patch: refresh.
     - bookworm/omnibox-constexpr.patch: add constexpr -> const build fix.
     - upstream/tabstrip-include.patch: add header build fix.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: Modify for
       upstream changes
     - third_party/0002-Add-PPC64-generated-files-for-boringssl.patch: Add
       pregenerated configuration for ppc64el support in BoringSSL
     - third_party/0002-third-party-boringssl-add-generated-files.patch:
       Rename to third_party/0002-Add-PPC64-generated-files-for-boringssl.patch
     - workarounds/HACK-debian-clang-disable-skia-musttail.patch: Refresh
       for upstream changes
     - third_party/skia-vsx-instructions.patch: Refresh for upstream changes
     - ffmpeg/0001-Add-support-for-ppc64.patch: Refresh for upstream changes
Checksums-Sha1:
 642d48e979bcd36b7b8f9737e2887f8c3887918d 1310884 chromium-common-dbgsym_125.0.6422.60-1~deb12u1_armhf.deb
 c405a204a8942351f033cdf1b60544ec8fe3a070 4945184 chromium-common_125.0.6422.60-1~deb12u1_armhf.deb
 b81d3eda8f7fa1a3558189c3e1c4e82ee761efd4 35165760 chromium-dbgsym_125.0.6422.60-1~deb12u1_armhf.deb
 dde22550af78c129fad31f65dd4eb828bb54f65f 5920732 chromium-driver_125.0.6422.60-1~deb12u1_armhf.deb
 d13de2feaba8bd034fde0c41f6dec3ee4846fda8 12208 chromium-sandbox-dbgsym_125.0.6422.60-1~deb12u1_armhf.deb
 13428be9dbac00c514c83fff4c1cc215b9cca0fc 89828 chromium-sandbox_125.0.6422.60-1~deb12u1_armhf.deb
 0819c2d3422067ce03141823eea7f2343a51afe0 29166388 chromium-shell-dbgsym_125.0.6422.60-1~deb12u1_armhf.deb
 922a17ca927364ff361d9f25084a244dc2afb7a2 48275636 chromium-shell_125.0.6422.60-1~deb12u1_armhf.deb
 c45457846d6bcf06b1c7ed6e2f6fa1e67a4543d8 24643 chromium_125.0.6422.60-1~deb12u1_armhf-buildd.buildinfo
 1e61340f38cd941dae442c954a37694974bc890b 69433352 chromium_125.0.6422.60-1~deb12u1_armhf.deb
Checksums-Sha256:
 0ba1cd015f320c093b978a34005695f55cf1e5ef171aff19ba6a93add8c99c64 1310884 chromium-common-dbgsym_125.0.6422.60-1~deb12u1_armhf.deb
 146c8ca1f9a3d87602b96024d61a83b4a87b472b3da4bcaf3ba7f63a3fbbc59c 4945184 chromium-common_125.0.6422.60-1~deb12u1_armhf.deb
 0db5d95c2a1fb42c7500d404fb6af16e3183adf27c9c8804c80ed7656ad4ed5a 35165760 chromium-dbgsym_125.0.6422.60-1~deb12u1_armhf.deb
 12252e3bd4b81df32fd0415eba5613bed5bb212754585f55df725788e45c5fd1 5920732 chromium-driver_125.0.6422.60-1~deb12u1_armhf.deb
 083ec97b0a6abbf2e46701c6af8140f647cee16950e644ec5ea260d931f9a35c 12208 chromium-sandbox-dbgsym_125.0.6422.60-1~deb12u1_armhf.deb
 5c2cbd7992c17c3c70026299a597e5999191d4122cb18b55cca4a14238ff758a 89828 chromium-sandbox_125.0.6422.60-1~deb12u1_armhf.deb
 d0c7cb501557ea36e35ad386d8f29b301de4bff3cc09948519770ee08f3a8f92 29166388 chromium-shell-dbgsym_125.0.6422.60-1~deb12u1_armhf.deb
 ac8deee603196dfa34d01971e43ae249ebccc80bb728cb74023a2cf44aac28ef 48275636 chromium-shell_125.0.6422.60-1~deb12u1_armhf.deb
 5427cdcd7c008bc466a5caa4fcff09df5c8e2c505108f18bb2bffc2024a99666 24643 chromium_125.0.6422.60-1~deb12u1_armhf-buildd.buildinfo
 f5a774d7a699e4c02ddbabf6118bc2285295096d4731f67b1a0daa9f08376b15 69433352 chromium_125.0.6422.60-1~deb12u1_armhf.deb
Files:
 914f92f59362e9ba0bd84e1d2768ec27 1310884 debug optional chromium-common-dbgsym_125.0.6422.60-1~deb12u1_armhf.deb
 39718f1a49622eb47c47427389072887 4945184 web optional chromium-common_125.0.6422.60-1~deb12u1_armhf.deb
 16f393ce5087ac657e3d98942c065ac7 35165760 debug optional chromium-dbgsym_125.0.6422.60-1~deb12u1_armhf.deb
 02fef77b7fcabfbcfe0f1b641bc626bb 5920732 web optional chromium-driver_125.0.6422.60-1~deb12u1_armhf.deb
 e7dfee2ff886fce93bdf8f9f912e50df 12208 debug optional chromium-sandbox-dbgsym_125.0.6422.60-1~deb12u1_armhf.deb
 35c5291c990aa0827d1f94dc029970ab 89828 web optional chromium-sandbox_125.0.6422.60-1~deb12u1_armhf.deb
 5b508b24063bd430b021762d0e869028 29166388 debug optional chromium-shell-dbgsym_125.0.6422.60-1~deb12u1_armhf.deb
 82e988d7033a19e20aae7df3569c8bb9 48275636 web optional chromium-shell_125.0.6422.60-1~deb12u1_armhf.deb
 7e541fdb17a539557532b165ad1a7c85 24643 web optional chromium_125.0.6422.60-1~deb12u1_armhf-buildd.buildinfo
 1b4f531b4d8d44bbb4bbb3e2479787ec 69433352 web optional chromium_125.0.6422.60-1~deb12u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEw2TRpv7HYIvK+TsIbEMdCP/rlD8FAmZHh8sACgkQbEMdCP/r
lD+0khAA9JxAluR74DEVsoeHsSQLXbcdu9NKafS6EC5E1eznewOYmb8TvjiIpkSZ
XkZgBb57LY5jTjfBU1j9kgGbxJe9Vfaik5J5nMR25kd2vNlFYcNSIbMgTzmY7LzG
+wSeg2oPf3ssifsMij5Wm4SawzoO5RJws7QNsgmsG2qOO9HVtmxyQXEt+KYXYcjH
OIFcQTGk5bOzBjgio4qj7r+IpT5vWTlrrEABi4DCjko4Bc6m1Hn5Rqi3rdtM6GmM
gNJXJbv3sSMNZm3DVAxH0Ed1JgV16qAryJzFMK4jtjkfG57MMGdamkrVSn/Zegjf
OrjUexgQI2PSRb1lbjzPkCoLsSDOpx0yPjWa3VIUbb2cqu8IRwgVJ4sB3IaUGGNz
7YUuGijz3YrVc6t8ty3znZkDBLPcLB1qcflC8yFBJkcUT4S77wcXjobjOJtV3heM
bSHuyi4AWA7qeyIaLn5jKG6AACZCcBwLl8OfHOqmJxr5t2mNKJGpfkrM6YBEOFAH
9Imdzxvs4HlvU+wC/eSCNRuqKiFKxSQmwV+B+v6E9YiAzCR7SzZEJXuIgj4TvJDk
BmMHPnECzBY8vhOp3rkAqiJZ7+mUF4uLTnO50pp3WCBHfPdhQOPYGeRgsqh4NX3Y
Qde6JcLRFXyG+vDlZSwsg1id5cUumMp/QgvE8nU9eFfLbKZOU1M=
=P0+5
-----END PGP SIGNATURE-----