-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 07 Aug 2024 00:18:54 -0400
Source: chromium
Architecture: source
Version: 127.0.6533.99-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <
chromium@packages.debian.org>
Changed-By: Andres Salomon <
dilinger@debian.org>
Closes: 1033305
Changes:
chromium (127.0.6533.99-1~deb12u1) bookworm-security; urgency=high
.
[ Andres Salomon ]
* New upstream security release.
- CVE-2024-7532: Out of bounds memory access in ANGLE.
Reported by wgslfuzz.
- CVE-2024-7533: Use after free in Sharing. Reported by
lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group.
- CVE-2024-7550: Type Confusion in V8.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2024-7534: Heap buffer overflow in Layout.
Reported by Tashita Software Security.
- CVE-2024-7535: Inappropriate implementation in V8.
Reported by Tashita Software Security.
- CVE-2024-7536: Use after free in WebAudio.
Reported by Cassidy Kim(@cassidy6564).
.
[ Timothy Pearson ]
* d/patches/ppc64le:
- core/add-ppc64-architecture-to-extensions.diff: Fix runtime assertion
trap on ppc64el systems
.
[ Daniel Richard G. ]
* Enable ThinLTO (slower linking, faster runtime) on archs that can
support it (closes: #1033305).
* Avoid some hard-coded Debian references to simplify package builds for
other distributions, e.g. Ubuntu.
* d/patches:
- bookworm/constexpr.patch: Add no_destroy attributes to quash many
"declaration requires an exit-time destructor" warnings.
- fixes/highway-include-path.patch: New patch to fix highway.h path.
.
[ Grzegorz Szymaszek ]
* Use https instead of http in initial_bookmarks.html.
Checksums-Sha1:
6c3c9b4132afe85eefbbf5ad17e6d3cd05e17a4c 3789 chromium_127.0.6533.99-1~deb12u1.dsc
6ebd03993b83045f30a7ce8f6fc91f9b25ffec97 873165572 chromium_127.0.6533.99.orig.tar.xz
1a2f68a3c3ce3542a9577d9e7c8643452433d0f2 8494232 chromium_127.0.6533.99-1~deb12u1.debian.tar.xz
efa2d359e0f837c778b57f21bc9bc16f846571a7 22054 chromium_127.0.6533.99-1~deb12u1_source.buildinfo
Checksums-Sha256:
1cfdcd8b1f765106b35a79ba6d115c2a721edc48b89bc1cd92cf8e61befe8048 3789 chromium_127.0.6533.99-1~deb12u1.dsc
ae38ba6e6d79fa371a2d52d96671cae478f3ac5c1a1d08748f7d8fe6095afa81 873165572 chromium_127.0.6533.99.orig.tar.xz
1f2bb0953915857e3a93788d4d547eb07c3f4e7163a51d11abe745b4a506daf1 8494232 chromium_127.0.6533.99-1~deb12u1.debian.tar.xz
c1b83e0ec8fc431321c1b25bb780bdc34e3a5f1c42055e9343531c439adc2c94 22054 chromium_127.0.6533.99-1~deb12u1_source.buildinfo
Files:
bab3196268206d867ae855f3dc98373c 3789 web optional chromium_127.0.6533.99-1~deb12u1.dsc
d91f051b9e54c13f1c352be7da2d594e 873165572 web optional chromium_127.0.6533.99.orig.tar.xz
0fc4bd47b1a50370a6ae93457934dc87 8494232 web optional chromium_127.0.6533.99-1~deb12u1.debian.tar.xz
4b9e916cbfce84938a4bc872bcac2c76 22054 web optional chromium_127.0.6533.99-1~deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmazrpIUHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8NudjdRKBAAmIfLrw0uKx9Rw/s3qOjV9bvgOsR6 J6X9N0Cy+pfBJMLh8xSifte3Nrr0RUOrEq2im5sDpp41weV8PX6PL0SI6jaXwwt/ UQS4cmoww98DRUE72ZJTjaPUIkrvsBgSZ6FT6SCJHExAH2aJ7TSYEAhEdJ678oid 4PyQ1t59DesRjAaW5ZyPN3COSdjgoX4pddMX3o+357BGJ3h/7qXA1fk7MnfmH5gc 550ZUaUv8ci9X+2fp1PtVHlfA+yM1xuodIcSRDTzTrjFvinkRq/ARVqC0+i4RHUI 62vb0mUybYD1mA+kVEoqnLRhtrGF5tRuBopwPCi87nXZYl1qXCTFvQQnH7loZYZj h7TdRd6ZXa8ma51VyyQkKWR6qApnmJSbVIsW1nM+AmF30lqx/HJifdRZsjFBDhEl jQTZOZ+VLLtkJBuGyj03wpBToUYT4Rt4K+Qw1wRoQpBs+1eInSFswYtbi0lfvUee 328mZJUOS4awczP7QaIv9dBcyA05YXNubpG7wbFv34OCdtMjU0NLhmnGp1REokx/ UWeTYHRMcsRGGRsoXQ9AYUizkjjTKo0xUGmQk7Y/qNF3Oz2pHM4AoM+bElngS2eH 3+NElp+d6si900Y+73vzAejqbYrVXMnjVny55Dwjs9lzSXw2Veo2Vo8Qu/bsR8ap FVFR0sT3w1O/bZE=
=m5bL
-----END PGP SIGNATURE-----
--==============y46939263581919988=Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZsrsGAAKCRCb9qggYcy5 IfJgAP47YD4XDAs7+YdY/F8qOMpGbUBO+AZVTHwJ78G0GArzdAD+NWLqPs8eyNcb WOyjMwX3Lyhvm6iIs+VtI/c/sqdlGgU=PPZM
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)