1. Forum
  2. Usenet
  3. LINUX.DEBIAN.SECURITY

  • Re: [DSA 5824-1] chromium security update

    From =?utf-8?Q?Bj=C3=B8rn_Mork?=@21:1/5 to Andres Salomon on Sat Dec 7 13:10:01 2024
    Andres Salomon <dilinger@debian.org> writes:

    For the stable distribution (bookworm), this problem has been fixed in version 131.0.6778.108-1~deb12u1.

    What am I missing here?

    root@miraculix:/tmp# apt install chromium
    Reading package lists... Done
    Building dependency tree... Done
    Reading state information... Done
    Some packages could not be installed. This may mean that you have
    requested an impossible situation or if you are using the unstable
    distribution that some required packages have not yet been created
    or been moved out of Incoming.
    The following information may help to resolve the situation:

    The following packages have unmet dependencies:
    chromium : Depends: libc++1-19 (>= 1:19.1.4) but it is not installable
    Depends: libc++abi1-19 (>= 1:19.1.4) but it is not installable
    Depends: libunwind-19 (>= 1:19.1.4) but it is not installable
    Depends: chromium-common (= 131.0.6778.108-1~deb12u1) but 131.0.6778.85-1~deb12u1 is to be installed
    E: Unable to correct problems, you have held broken packages.

    root@miraculix:/tmp# apt-cache policy 'libunwind-..$'
    libunwind-13:
    Installed: (none)
    Candidate: 1:13.0.1-11+b2
    Version table:
    1:13.0.1-11+b2 700
    700 http://deb.debian.org/debian bookworm/main amd64 Packages libunwind-14:
    Installed: (none)
    Candidate: 1:14.0.6-12
    Version table:
    1:14.0.6-12 700
    700 http://deb.debian.org/debian bookworm/main amd64 Packages libunwind-15:
    Installed: (none)
    Candidate: 1:15.0.6-4+b1
    Version table:
    1:15.0.6-4+b1 700
    700 http://deb.debian.org/debian bookworm/main amd64 Packages libunwind-16:
    Installed: 1:16.0.6-15~deb12u1
    Candidate: 1:16.0.6-15~deb12u1
    Version table:
    *** 1:16.0.6-15~deb12u1 700
    700 http://deb.debian.org/debian bookworm/main amd64 Packages
    100 /var/lib/dpkg/status
    libunwind-19:
    Installed: (none)
    Candidate: (none)
    Version table:


    root@miraculix:/tmp# egrep -v '^(#|\s*$)' /etc/apt/sources.list
    deb http://deb.debian.org/debian/ bookworm main contrib non-free non-free-firmware
    deb http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
    deb http://deb.debian.org/debian/ sid non-free-firmware



    The switch seems intentional, looking at the salsa commit log:

    commit 1e8c9f1decd28b51c2957463326618e458b911fb (tag: debian/131.0.6778.108-1_deb12u1, origin/bookworm)
    Merge: f3391b0b1aa6 6e6c651fd98e
    Author: Andres Salomon <dilinger@queued.net>
    Date: Thu Dec 5 12:34:17 2024 -0500

    release 131.0.6778.108-1~deb12u1

    commit f3391b0b1aa6e8918ef24e10fc9bfe4ccbc0ce50
    Author: Andres Salomon <dilinger@queued.net>
    Date: Thu Dec 5 12:27:39 2024 -0500

    switch from clang-16 to clang-19

    debian/changelog | 6 ++++++
    debian/control | 12 ++++++------
    debian/patches/bookworm/clang16.patch | 59 -----------------------------------------------------------
    debian/patches/debianization/clang-version.patch | 2 +-
    debian/patches/series | 15 ---------------
    debian/rules | 4 ++--
    6 files changed, 15 insertions(+), 83 deletions(-)




    But shouldn't those clang packages alsoe be avaiable from
    bookworm-security then?



    Bjørn

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Santiago Vila@21:1/5 to All on Sat Dec 7 13:30:01 2024
    El 7/12/24 a las 12:31, Bjørn Mork escribió:
    But shouldn't those clang packages alsoe be avaiable from
    bookworm-security then?

    Yes, they should.

    Don't worry, this is known and I'm sure that Andres and the security team
    are already working on it:

    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089181

    Thanks.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)