-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 28 Sep 2023 00:41:20 -0400
Source: chromium
Binary: chromium-l10n
Architecture: all
Version: 117.0.5938.132-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium-l10n - web browser - language packs
Closes: 1053142
Changes:
 chromium (117.0.5938.132-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream security release.
     - CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx.
       Reported by Clément Lecigne of Google's Threat Analysis Group.
     - CVE-2023-5186: Use after free in Passwords. Reported by [pwn2car].
     - CVE-2023-5187: Use after free in Extensions. Reported by Thomas Orlita.
   * d/patches:
     - bookworm/i386-lock-free.patch: add to fix i386 build failure.
     - bookworm/freetype-COLRV1.patch: disable using freetype's COLRV1
       (closes: #1053142).
Checksums-Sha1:
 4a840cce38b8f1428382b2fc90d7d2c771ff53d8 6615096 chromium-l10n_117.0.5938.132-1~deb12u1_all.deb
 2b56c1a914bc6960e2862ce0a76e83595871710c 21312 chromium_117.0.5938.132-1~deb12u1_all-buildd.buildinfo
Checksums-Sha256:
 f0cd82c04ab12e6469033668d8bab7b4c10aea86d8e704cf28ee9331844ff86b 6615096 chromium-l10n_117.0.5938.132-1~deb12u1_all.deb
 19e0bdfd2f54754d3bc0454003d1e4a5ceea2870afb93ed91a352c39f7e95281 21312 chromium_117.0.5938.132-1~deb12u1_all-buildd.buildinfo
Files:
 7e502d52022ac8ba14061b2c1cb7bc2a 6615096 localization optional chromium-l10n_117.0.5938.132-1~deb12u1_all.deb
 36afb378a32d42a5a63b47fac6103c45 21312 web optional chromium_117.0.5938.132-1~deb12u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEi/TVpVg0yb7dq8QfDZWW6X29YdoFAmUV97EACgkQDZWW6X29
YdqrkRAAsZ2o16IF90tq+sBBZ8rnbKAVxWSZEQdBSJNkm2JtJGIihVXyOgyjoVIh
ukdzv89CjSCJtlWU16ZKyptrCPV/Mjozi85g92cRHSiBeIffBoL7xniOEGIv+iC8
sk+0utBFcLQW4Ligy2Y2RaR7iaOPDxnkJXAmA9lWrZLW+oeAdo7da4rCT5Nq38e9
rUo9rl2vXwrA+N8pXD2qZY8xKwQ2OeF6V9pLxU1fRu/fh8yo2k3IBSLb9awRVr4H
XqZ5QrCMCj+6Y191MCJlTFC2uqsNrVcy9d5dcMEifLMEQpjXVijqGpYdi1udin8a
0RiXs7wCqObMR3EJqaBs+ImWv34xNd3ePkfP9Gdu7VySmMJwMW7R9HOpPad90DxR
6AbQF6DGYTzaqxPn+B4KOiEvs+pLKqRt/OSe/eeTTenVI9DLkhNvZ3fzVJDkOoRP
Puw2tEc8gtodNWqjZ0OnstfnjfT9Y5ChDKNTQ5R7W5SzBh5ZdS2jAX+nq0deEB4Q
cM2LJnnpdCURtU9s1UsNefNQgJ3NkPe62X2p/m+mrbS31LQNIjAOa/jqTT4gJTCD
h+Leh4KJogIQqq3sPLYXpgZinKyPRz0FYb44VMbruqjkzHfY2NtBRvXCf2aaQDCJ
7tu3y8TDDJ81CWj5e+K8j4AKFy+soB1Q01NFR9deEzUlsPbUxG0=
=RiVZ
-----END PGP SIGNATURE-----