-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 14 Sep 2023 19:16:28 -0400 Source: chromium Binary: chromium-l10n Architecture: all Version: 117.0.5938.62-1~deb11u1 Distribution: bullseye-security Urgency: high Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Andres Salomon Description: chromium-l10n - web browser - language packs Closes: 1042111 Changes: chromium (117.0.5938.62-1~deb11u1) bullseye-security; urgency=high . [ Andres Salomon] * New upstream stable release. - CVE-2023-4900: Inappropriate implementation in Custom Tabs. Reported by Levit Nudi from Kenya. - CVE-2023-4901: Inappropriate implementation in Prompts. Reported by Kang Ali. - CVE-2023-4902: Inappropriate implementation in Input. Reported by Axel Chong. - CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs. Reported by Ahmed ElMasry. - CVE-2023-4904: Insufficient policy enforcement in Downloads. Reported by Tudor Enache @tudorhacks. - CVE-2023-4905: Inappropriate implementation in Prompts. Reported by Hafiizh. - CVE-2023-4906: Insufficient policy enforcement in Autofill. Reported by Ahmed ElMasry. - CVE-2023-4907: Inappropriate implementation in Intents. Reported by Mohit Raj (shadow2639) . - CVE-2023-4908: Inappropriate implementation in Picture in Picture. Reported by Axel Chong. - CVE-2023-4909: Inappropriate implementation in Interstitials. Reported by Axel Chong. * d/copyright: drop rust, llvm, siso, & cargo binaries. * d/patches: - fixes/size.patch: drop, merged upstream. - fixes/variant.patch: drop, merged upstream. - fixes/vector.patch: drop, merged upstream. - upstream/contains.patch: drop, merged upstream. - upstream/hvec.patch: drop, merged upstream. - upstream/limits.patch: drop, merged upstream. - upstream/statelessV4L2.patch: drop, merged upstream. - fixes/widevine-locations.patch: refresh for minor upstream changes. - disable/android.patch: drop half the patch. - disable/catapult.patch: refresh for minor upstream changes. - disable/tests.patch: refresh for minor upstream changes. - disable/unrar.patch: refresh for minor upstream changes. - fixes/material-utils.patch: build fix for clang w/ libstdc++. - rename fixes/null.patch to fixes/perfetto.patch. - upstream/memory.patch: build fix for missing header. - bookworm/struct-ctor.patch: add a bunch more build workarounds for clang-14. - bookworm/stringpiece3.patch: another clang-14 StringPiece to std::string explicit conversion. - bookworm/typename.patch: add more explicit typename declarations for clang-14. - bookworm/structured-binding-scope-bug.patch: add more clang-14 binding scope workarounds. - bookworm/initialize-const-ctor.patch: clang-14 workaround to init a const member inside a struct. - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh. - disable/privacy-sandbox.patch: ensure Privacy Sandbox "features" are off by default. - bookworm/generate-ninja.patch: fix build failure w/ bullseye's older gn. - bullseye/default-equality-op.patch: refresh. - bullseye/lerp.patch: add a new build fix for libstdc++ 10. - bullseye/downgrade-typescript.patch: drop parts of patch that don't apply and simply update typescript node dependencies. * Switch to using bundled brotli, as the version in debian is too old. And so we can drop d/patches/bookworm/brotli.patch, too. . [ Timothy Pearson ] * d/patches/ppc64le: - 0001-Implement-support-for-PPC64-on-Linux.patch: refresh for upstream changes - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes - 0002-third-party-boringssl-add-generated-files.patch: refresh for upstream changes - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for upstream changes - 0004-third_party-crashpad-port-curl-transport-ppc64.patch: refresh for upstream changes - skia-vsx-instructions.patch: refresh for upstream changes - 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch: regenerate - 0001-third_party-boringssl-Properly-detect-ppc64le-in-BUI.patch: drop * d/patches/ungoogled: - core/ungoogled-chromium/disable-web-environment-integrity.patch: disable "Web Environment Integrity" trial and remove from build (closes: #1042111) Checksums-Sha1: 79ca67a807f40df743a10f54d471213e34e064ca 6691164 chromium-l10n_117.0.5938.62-1~deb11u1_all.deb 4c5f26826e5d193d67d6d656469db168e6462d7e 23063 chromium_117.0.5938.62-1~deb11u1_all-buildd.buildinfo Checksums-Sha256: 5d9e7a3d7cce42b4da36d72ae85bfa4badad0634a6ef40c79090c82fdee3df5d 6691164 chromium-l10n_117.0.5938.62-1~deb11u1_all.deb 4aa0ca4849e2906e9a7defa64396ebbed429224f4986b706fc73ad07f9f1a263 23063 chromium_117.0.5938.62-1~deb11u1_all-buildd.buildinfo Files: 3e6be9856ce8978b176bc04e92f2a418 6691164 localization optional chromium-l10n_117.0.5938.62-1~deb11u1_all.deb a77c3e77eb90f623a8085d241e26682a 23063 web optional chromium_117.0.5938.62-1~deb11u1_all-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEzW1K1578DQd6MDTQEbLkkg2OS0oFAmUD96oACgkQEbLkkg2O S0qTTA//cV3g9Oaw4nbokK8JZtTypf71yJQndvi+XGotzxx/Y8JkUodtxfbTN0Uj 4n9fOfe43KgVvYGxmWPOX3N7AhmHB4FKX3FFUikRzaNLplVv94iP0fRb/WIPfA2F 7HSqLFUzQyQ5k/ecKGR+VxxHRZBGvd2TPElvYqjQiZsgloumXWTDv1Zv00wGiVG3 UWkCHj52lJiCVKWbKbAxne2LTE9CmR+vS2/9kLhaF5R+Ra2Wrm3OaFvZRSkER1Eb Wr7IA2mU/k0V4Tv1IdkeaTmpccLj3dQVvA+cMCwldszZXR52Ztgi29dFy2FFllep emnighnxwjCN4MvzO4RoHpx6VQrUN1PoZhtR6lCBkDosWvJyjzJzpozZ77RczLd9 Qb/D6c0EGCnM7utDkps8yHiAb1G0u/aaJ2o0lg6Oh2hpkOlpsco2AIvSYCsYhqbG 7EmLEW/NP9QoqXSBYL0lPYt+vYq1O/6SWYAgmtH1RL7p7dezHQP97fn0/SZUrR5R xIS+Z0nYWA71G5g4qko27cuwk6PnvzKfpVIKTZVHOofNniXRXdbJu3GoV8AENRFi 6HxgoqKzgO3nncLun//gpCLPVSrydMqSNcPbmPIS3N4vsJivCCmzNbgm8OhpNSJD swiJHFBlGLSzAbEKhJVivpDbmyHlxa/XGDU0epC4NJzN/OsdXI0= =JBDH -----END PGP SIGNATURE-----