-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 10 Oct 2023 22:03:00 -0500
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: ppc64el
Version: 118.0.5993.70-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) <buildd_ppc64el-ppc64el-osuosl-02@buildd.debian.org>
Changed-By: Timothy Pearson <tpearson@raptorengineering.com>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (118.0.5993.70-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2023-5218: Use after free in Site Isolation.
       Reported by @18楼梦想改造家.
     - CVE-2023-5487: Inappropriate implementation in Fullscreen.
       Reported by Anonymous.
     - CVE-2023-5484: Inappropriate implementation in Navigation.
       Reported by Thomas Orlita.
     - CVE-2023-5475: Inappropriate implementation in DevTools.
       Reported by Axel Chong.
     - CVE-2023-5483: Inappropriate implementation in Intents.
       Reported by Axel Chong.
     - CVE-2023-5481: Inappropriate implementation in Downloads.
       Reported by Om Apip.
     - CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun.
     - CVE-2023-5474: Heap buffer overflow in PDF. Reported by [pwn2car].
     - CVE-2023-5479: Inappropriate implementation in Extensions API.
       Reported by Axel Chong.
     - CVE-2023-5485: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-5478: Inappropriate implementation in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-5477: Inappropriate implementation in Installer.
       Reported by Bahaa Naamneh of Crosspoint Labs.
     - CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh.
     - CVE-2023-5473: Use after free in Cast. Reported by DarkNavy.
   * d/patches/ppc64le:
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
        upstream changes
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
     - third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - database/0001-Properly-detect-little-endian-PPC64-systems.patch:
       refresh
     - ffmpeg/0001-Add-support-for-ppc64.patch: refresh
     - fixes/fix-breakpad-compile.patch: refresh
     - fixes/fix-unknown-warning-option-messages.diff: refresh
     - libaom/0001-Add-ppc64-target-to-libaom.patch: refresh
     - sandbox/0001-sandbox-linux-Update-IsSyscallAllowed-in-broker_proc.patch:
       refresh
     - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch:
       refresh
     - sandbox/0008-sandbox-fix-ppc64le-glibc234.patch: refresh
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
     - third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when-.patch:
       refresh
     - third_party/0001-third_party-libvpx-Properly-generate-gni-on-ppc64.patch:
       refresh
     - third_party/0002-third-party-boringssl-add-generated-files.patch: refresh
     - third_party/dawn-fix-ppc64le-detection.patch: refresh
     - third_party/dawn-fix-typos.patch: refresh
     - third_party/skia-vsx-instructions.patch: refresh
     - third_party/use-sysconf-page-size-on-ppc64.patch: refresh
     - workarounds/HACK-third_party-libvpx-use-generic-gnu.patch: refresh
 .
   [ Andres Salomon]
   * d/copyright:
     - blanket.js is gone, no need to remove it any more.
     - delete some khronos images marked executable.
   * d/patches:
     - upstream/memory.patch: drop, merged upstream.
     - upstream/sensor-reading.patch: add, gcc13 build fix from upstream.
     - upstream/lweight.patch: add, gcc13 build fix from upstream.
     - upstream/freetype.patch: add, fix freetype header inclusion FTBFS.
     - upstream/sizet.patch: add, libstdc++ build fix from upstream.
     - disable/unrar.patch: update for minor upstream changes.
     - bookworm/struct-ctor.patch: add various new workarounds for clang-14.
     - bookworm/structured-binding-scope-bug.patch: drop part of the patch.
     - bullseye/constexpr.patch: drop bullseye patch from bookworm.
     - ungoogled/.../disable-web-environment-integrity.patch: sync with
       ungoogled-chromium for upstream changes.
     - bookworm/i386-lock-free.patch: refresh.
Checksums-Sha1:
 783ab0baa39c82b1dae1b033748fa01f7494193d 871660 chromium-common-dbgsym_118.0.5993.70-1~deb12u1_ppc64el.deb
 e26c5937a339570b0fc906e7eaf60b4591a1cf87 5189288 chromium-common_118.0.5993.70-1~deb12u1_ppc64el.deb
 a0403fa6f233d3c567245eedf54aa9b39d92e3ef 31452976 chromium-dbgsym_118.0.5993.70-1~deb12u1_ppc64el.deb
 f8f8922aedc26c3f87c62f0a07b9f787a1378fcb 5943424 chromium-driver_118.0.5993.70-1~deb12u1_ppc64el.deb
 99b28c169bd9536378ca30f51ad3d789db63cf5d 13072 chromium-sandbox-dbgsym_118.0.5993.70-1~deb12u1_ppc64el.deb
 a2b8c01eef5fcd51acfdb89f22201051052e3ac0 83240 chromium-sandbox_118.0.5993.70-1~deb12u1_ppc64el.deb
 fb61058f95616deec9caf2c18aee0d0bec172fce 24262732 chromium-shell-dbgsym_118.0.5993.70-1~deb12u1_ppc64el.deb
 c7f1bf270b1b5399442f800c691dfeefc41b995a 51491032 chromium-shell_118.0.5993.70-1~deb12u1_ppc64el.deb
 a701c6e8d5475e8578825cfcc836062a8c6e0c61 24071 chromium_118.0.5993.70-1~deb12u1_ppc64el-buildd.buildinfo
 4dc6e86757f3a4a45cae775f19828240b24c7fb6 74019840 chromium_118.0.5993.70-1~deb12u1_ppc64el.deb
Checksums-Sha256:
 dbbe6f185c70725c6198ae0eb951414800ad507ae21bb7b6b33578a7624c4468 871660 chromium-common-dbgsym_118.0.5993.70-1~deb12u1_ppc64el.deb
 b19010c4ba97e17f190548588b6e1e5120e178085682a542a6867246d52ac79e 5189288 chromium-common_118.0.5993.70-1~deb12u1_ppc64el.deb
 8092502dd27187a0818815f144123f7eaff889cbe10f1c0160b87dcb93dc8106 31452976 chromium-dbgsym_118.0.5993.70-1~deb12u1_ppc64el.deb
 334b4f2769702c33ba668ef7c4e439d30751516c55fe342cfea2e49113846ab1 5943424 chromium-driver_118.0.5993.70-1~deb12u1_ppc64el.deb
 c4df518ac0f640de87f65142d54197fb205e2f1abdcbf7c48a5b8eac36bd9aa1 13072 chromium-sandbox-dbgsym_118.0.5993.70-1~deb12u1_ppc64el.deb
 3a9b4dc2df154dc97a692f8704bed56beead8f5eed7cb0588d9948777a477364 83240 chromium-sandbox_118.0.5993.70-1~deb12u1_ppc64el.deb
 baf82dbc4df7d05d62ab50f0043b138eebd91bff996fd0e9f89926c149f14add 24262732 chromium-shell-dbgsym_118.0.5993.70-1~deb12u1_ppc64el.deb
 d14112dcbc9df6c778e55279cae5e45c8a3bdaf30a533089efcca96e0c2ea0c5 51491032 chromium-shell_118.0.5993.70-1~deb12u1_ppc64el.deb
 cbf2f374cbee039e51a3d50351f8c99ff1f63467df0a1e449238f5c61327d0ba 24071 chromium_118.0.5993.70-1~deb12u1_ppc64el-buildd.buildinfo
 b910f57e42d02182ebdc09161e055652d8ea45ec911be24f124131534ca10828 74019840 chromium_118.0.5993.70-1~deb12u1_ppc64el.deb
Files:
 fda7f3cedd04214956ea03e06759951e 871660 debug optional chromium-common-dbgsym_118.0.5993.70-1~deb12u1_ppc64el.deb
 722345c8116970be1959137f29891a2c 5189288 web optional chromium-common_118.0.5993.70-1~deb12u1_ppc64el.deb
 c3e5cea144454ce87ddc90d9c76a174a 31452976 debug optional chromium-dbgsym_118.0.5993.70-1~deb12u1_ppc64el.deb
 f43c3555c437e9d4a18d6137488fade7 5943424 web optional chromium-driver_118.0.5993.70-1~deb12u1_ppc64el.deb
 54ca6094ad4c01272125d95a082a6a61 13072 debug optional chromium-sandbox-dbgsym_118.0.5993.70-1~deb12u1_ppc64el.deb
 609ef86f5af48933ff33454013a45836 83240 web optional chromium-sandbox_118.0.5993.70-1~deb12u1_ppc64el.deb
 d4924e998b176f0f4edeffaa4540888d 24262732 debug optional chromium-shell-dbgsym_118.0.5993.70-1~deb12u1_ppc64el.deb
 11a064ec448673dcadea8d9c619f6bf9 51491032 web optional chromium-shell_118.0.5993.70-1~deb12u1_ppc64el.deb
 6e3ee2178b90f2b50ee417de02df2c89 24071 web optional chromium_118.0.5993.70-1~deb12u1_ppc64el-buildd.buildinfo
 7e6ff153e21c70cd1c6d5fc3fe8cd0a7 74019840 web optional chromium_118.0.5993.70-1~deb12u1_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEHDNCkvGgp2XShfnByW8ECaj2byoFAmUnUhkACgkQyW8ECaj2
byqxghAAiv9iTIAZwNawutM6XZ+YqE9cati4qJhUGSn6Wx8sS0ygIpMeeh9GG7v1
8uBpAi5YAuiFI/QNNXz/o1uMC3+5UayBAuBa9kNWc5Nrgo+uGfVdtyV22gQJ6TxU
8/5NFsatqSFivCpGQo34I9vFHUDhIleSzXPu37Oh4sl4CeGGsN1awFBuAmnzq8Ip
pM7TAizQjPED6binBGMDh7q36BgW23L89ztL9jRoWUQL9iCTeiqJjsXL1jU7PN3n
GfleU6ziSs9WA2xywoIoJdu5qm7R8Q4t2pyhoV11d14bUrDPRQuFkb8rgwjpLcwQ
tnK4DCv3AhiuEV5KuQ2u9YFwY53Vislo+020wUdsMTA/5IFHCPHtbPE/xLbUMtfk
Gw/lpjkfqQwV2mSQETQBf5bqWZKMfSbLnyeG1tojivZqksuMfge3TEWKeaG7X1wo
A6/50nO8cF3cu0NowhBAlLIqaLjnC5zdcGzILmD2kQHhkdvkMIYXron1Cfyi9/w6
phGM8KXTqcuJCE9bRl4ojc638ZII70VJkFLdaVXWn4oMj4JHJHkT6VA2X23UvCTd
QalHGnpPD+1la4f1kMCJSBpe2vywE2GArfxsDeJoThKU4maNIbaiZEnfTSqGPpNz
4i03fQg00H6hDwGJEhs8WgEI2gzBtvY7KPALveeKt/mIvVgBdNU=
=tWCB
-----END PGP SIGNATURE-----