-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 21 Feb 2024 19:56:32 -0500
Source: chromium
Binary: chromium-l10n
Architecture: all
Version: 122.0.6261.57-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all Build Daemon (x86-csail-02) <buildd_all-x86-csail-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium-l10n - web browser - language packs
Changes:
 chromium (122.0.6261.57-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2024-1669: Out of bounds memory access in Blink.
       Reported by Anonymous.
     - CVE-2024-1670: Use after free in Mojo.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2024-1671: Inappropriate implementation in Site Isolation.
       Reported by Harry Chen.
     - CVE-2024-1672: Inappropriate implementation in Content Security Policy.
       Reported by Georg Felber (TU Wien) & Marco Squarcina (TU Wien).
     - CVE-2024-1673: Use after free in Accessibility.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2024-1674: Inappropriate implementation in Navigation.
       Reported by David Erceg.
     - CVE-2024-1675: Insufficient policy enforcement in Download.
       Reported by Bartłomiej Wacko.
     - CVE-2024-1676: Inappropriate implementation in Navigation.
       Reported by Khalil Zhani.
   * d/patches:
     - fixes/v8-compressed-ptrs.patch: drop, merged upstream.
     - fixes/stdint.patch: drop, merged upstream.
     - upstream/vector.patch: drop, merged upstream.
     - upstream/display-header.patch: drop, merged upstream.
     - upstream/bitset.patch: drop, merged upstream.
     - upstream/once_flag.patch: drop, merged upstream.
     - fixes/std-to-address.patch: refresh.
     - disable/signin.patch: refresh.
     - disable/catapult.patch: refresh.
     - bookworm/clang16.patch: refresh, and change
       -Wno-c++11-narrowing-const-reference to -Wno-c++11-narrowing.
     - bookworm/nvt.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: update from ungoogled-chromium.
     - bookworm/undo-internal-alloc.patch: revert a commit that confuses
       clang16 w/ libstdc++. We need a better workaround than this.
     - upstream/mojo.patch: update from git.
     - bookworm/constexpr-equality.patch: add a few more build fixes
       (constexpr removals).
     - upstream/uniqptr.patch: add missing include.
     - upstream/optional.patch: add missing include.
     - upstream/bookmarknode.patch: add comparison equality fix pulled from
       upstream.
     - fixes/optional.patch: add missing includes.
     - bookworm/nvt2.patch: revert another upstream c++-20 change for clang-16.
     - upstream/bitset.patch: add missing include.
     - ppc64le/v8/0002-Add-ppc64-trap-instructions.patch: refresh.
     - bookworm/eraseif0.patch: revert another commit; needed by
       eraseif-lambda.patch.
     - bookworm/eraseif-lamba.patch: refresh.
     - bookworm/undo-rust-req.patch: refresh.
     - bookworm/bubble-contents.patch: remove static_assert() that fails with
       libstdc++12.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Properly-detect-little-endian-PPC64-systems.patch: drop, upstream
       fix in GIT hash 25a6e6
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
       upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
Checksums-Sha1:
 743f3246f2e1d4c18ec43a0087095802f24017bd 7088008 chromium-l10n_122.0.6261.57-1~deb12u1_all.deb
 963c5d29bd25828a2fe0fae88bd6e17f6f5bbfa9 21700 chromium_122.0.6261.57-1~deb12u1_all-buildd.buildinfo
Checksums-Sha256:
 ac3310594d541722a901b21669ea4422fca8a90bb7321d0a53940276ead62506 7088008 chromium-l10n_122.0.6261.57-1~deb12u1_all.deb
 ee1bd95069548b96c50f046574ab2b762b6341863303d2314a839ba8f3198fd9 21700 chromium_122.0.6261.57-1~deb12u1_all-buildd.buildinfo
Files:
 f9b7fd602aa55c29a923622b929973d8 7088008 localization optional chromium-l10n_122.0.6261.57-1~deb12u1_all.deb
 ec62444c4a4ca136e3261df25570d47b 21700 web optional chromium_122.0.6261.57-1~deb12u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtzb3SVunlrB0F8t8ExOkVqF4GXMFAmXX/tMACgkQExOkVqF4
GXMrrA/9HG542RKHfurX4R5HjAFPP/FvR/VMYV57RXdJFmuyxEUXgEK/ma7IQ+Ep
L9lzhJxyooeu2E0IAoE3rHJG5B0b1Sx9qhha2B6ciZhqDWRwDYhugv9meqZMcyuv
a2MrU/gLxgxjT+XyT4ahqBEDnSFAkH32BFrDY6CezJvYm1iRK/dwBAcCy2VPfs9w
ygIqT+HmLpuEj91sVkrr7+Mq1SOdq/SEhmEXMt4LYjVgPmE3WzEl55m4K6EzXYxA
JMC6Nm4oZz0kdT5GtxvWgy3KbN5ULtomstN65fvLGEmVXiW0hkE8RHaOWMG1I2j9
ib1FdAvs5dArYU0PzV0p1c/YmNiCTUVeV6D67LdmR1Nqh33tjU101Wo+RWzoJtLZ
bnseXLnZad+C5KesBmsCk54sSTTcpY8HFNhaRvIiBSsgNG2FWEmUsH8lYVgUA0Pv
sULwtDmx9PKQ1jW1/3KdKXXF78grjkOA7cQtZ4ZvzOZgOj1oA4Q3DtrVuZXnrlGZ
qO+87NGK87t4Cd8h8bdijW0IQk4iFQHhzUyxUEJYbmip/uzz3+QNOQAD3Pa7NTUA
A6SVaoxi1T4ft4UA8n7WsEzICsTGd1Z3Wj3M5OrkxhXrUu3ZA5+loW7vzk7Do1bG
cA0NPS1GyejlZUxhfOwp4GO4jBB3qBAMkiHrv/2AsJK69WceXNs=
=S/HH
-----END PGP SIGNATURE-----