-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 14 Sep 2023 19:16:28 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: arm64
Version: 117.0.5938.62-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: arm Build Daemon (arm-arm-04) <buildd_arm64-arm-arm-04@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Closes: 1042111
Changes:
 chromium (117.0.5938.62-1~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon]
   * New upstream stable release.
     - CVE-2023-4900: Inappropriate implementation in Custom Tabs.
       Reported by Levit Nudi from Kenya.
     - CVE-2023-4901: Inappropriate implementation in Prompts.
       Reported by Kang Ali.
     - CVE-2023-4902: Inappropriate implementation in Input.
       Reported by Axel Chong.
     - CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs.
       Reported by Ahmed ElMasry.
     - CVE-2023-4904: Insufficient policy enforcement in Downloads.
       Reported by Tudor Enache @tudorhacks.
     - CVE-2023-4905: Inappropriate implementation in Prompts.
       Reported by Hafiizh.
     - CVE-2023-4906: Insufficient policy enforcement in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-4907: Inappropriate implementation in Intents.
       Reported by Mohit Raj (shadow2639) .
     - CVE-2023-4908: Inappropriate implementation in Picture in Picture.
       Reported by Axel Chong.
     - CVE-2023-4909: Inappropriate implementation in Interstitials.
       Reported by Axel Chong.
   * d/copyright: drop rust, llvm, siso, & cargo binaries.
   * d/patches:
     - fixes/size.patch: drop, merged upstream.
     - fixes/variant.patch: drop, merged upstream.
     - fixes/vector.patch: drop, merged upstream.
     - upstream/contains.patch: drop, merged upstream.
     - upstream/hvec.patch: drop, merged upstream.
     - upstream/limits.patch: drop, merged upstream.
     - upstream/statelessV4L2.patch: drop, merged upstream.
     - fixes/widevine-locations.patch: refresh for minor upstream changes.
     - disable/android.patch: drop half the patch.
     - disable/catapult.patch: refresh for minor upstream changes.
     - disable/tests.patch: refresh for minor upstream changes.
     - disable/unrar.patch: refresh for minor upstream changes.
     - fixes/material-utils.patch: build fix for clang w/ libstdc++.
     - rename fixes/null.patch to fixes/perfetto.patch.
     - upstream/memory.patch: build fix for missing header.
     - bookworm/struct-ctor.patch: add a bunch more build workarounds for
       clang-14.
     - bookworm/stringpiece3.patch: another clang-14 StringPiece to
       std::string explicit conversion.
     - bookworm/typename.patch: add more explicit typename declarations for
       clang-14.
     - bookworm/structured-binding-scope-bug.patch: add more clang-14 binding
       scope workarounds.
     - bookworm/initialize-const-ctor.patch: clang-14 workaround to init a
       const member inside a struct.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - disable/privacy-sandbox.patch: ensure Privacy Sandbox "features" are
       off by default.
     - bookworm/generate-ninja.patch: fix build failure w/ bullseye's older gn.
     - bullseye/default-equality-op.patch: refresh.
     - bullseye/lerp.patch: add a new build fix for libstdc++ 10.
     - bullseye/downgrade-typescript.patch: drop parts of patch that don't
       apply and simply update typescript node dependencies.
   * Switch to using bundled brotli, as the version in debian is too old.
     And so we can drop d/patches/bookworm/brotli.patch, too.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Implement-support-for-PPC64-on-Linux.patch: refresh for upstream
        changes
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - 0002-third-party-boringssl-add-generated-files.patch: refresh for
        upstream changes
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
        upstream changes
     - 0004-third_party-crashpad-port-curl-transport-ppc64.patch: refresh for
        upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
     - 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch: regenerate
     - 0001-third_party-boringssl-Properly-detect-ppc64le-in-BUI.patch: drop
   * d/patches/ungoogled:
     - core/ungoogled-chromium/disable-web-environment-integrity.patch: disable
       "Web Environment Integrity" trial and remove from build (closes: #1042111)
Checksums-Sha1:
 0d91be88176ee325e8d97aab46b951eae18ad240 1131576 chromium-common-dbgsym_117.0.5938.62-1~deb11u1_arm64.deb
 8886ce36f41a6ce784d53f5727558747a428f811 4862368 chromium-common_117.0.5938.62-1~deb11u1_arm64.deb
 40549a4e1d87fc57b978399f91bd0e3a538e0acd 28640192 chromium-dbgsym_117.0.5938.62-1~deb11u1_arm64.deb
 184d0c03b48b082dd2f68d0b8cc742cebbe169c4 4874800 chromium-driver_117.0.5938.62-1~deb11u1_arm64.deb
 b9625eb349667732fd9ea4d4970712e9b49bf1e5 12364 chromium-sandbox-dbgsym_117.0.5938.62-1~deb11u1_arm64.deb
 e480f9b0f9f7e9d3408f97af69f03b772ca9c858 136956 chromium-sandbox_117.0.5938.62-1~deb11u1_arm64.deb
 63b11f4080ff6b5b2755d639ddc88347ecee3926 23399236 chromium-shell-dbgsym_117.0.5938.62-1~deb11u1_arm64.deb
 ca2bbc2e7ed90851d549ca5efee6f9ca44958a2f 43519340 chromium-shell_117.0.5938.62-1~deb11u1_arm64.deb
 5f04dc4d55db747b10398048f244454ec3b69b0e 25699 chromium_117.0.5938.62-1~deb11u1_arm64-buildd.buildinfo
 d15e03d47d5c081be59bb626ba72988f15260d40 62562256 chromium_117.0.5938.62-1~deb11u1_arm64.deb
Checksums-Sha256:
 217a40d4f279cdb4a9f3e0edda05bbac12eb331b000a6a6a0be6b47342188fcc 1131576 chromium-common-dbgsym_117.0.5938.62-1~deb11u1_arm64.deb
 7978b4239a5b1ce23580e26c1fd71b74e6d6519eb8f58ee8794f47fa7da7c159 4862368 chromium-common_117.0.5938.62-1~deb11u1_arm64.deb
 90329eea98335a95de38b2c1178f89a40e0d1ac6d26cacef7faf0ae2c8ef39d9 28640192 chromium-dbgsym_117.0.5938.62-1~deb11u1_arm64.deb
 84bd08a679881a57274834dade5c06412290eec3dda320294433e42f7325ce59 4874800 chromium-driver_117.0.5938.62-1~deb11u1_arm64.deb
 9031f6c2c80798fb58205342965a7c9dd1cdf43c8a7a887e1149987b866eb1c6 12364 chromium-sandbox-dbgsym_117.0.5938.62-1~deb11u1_arm64.deb
 c1a1d87cf58384907fb32ce7697c0943be7aee0239fd02d1291b1c3b9c9210f6 136956 chromium-sandbox_117.0.5938.62-1~deb11u1_arm64.deb
 f5e7a40f731cd8bc510377dc1fd6c63e3eeb159037411371cdbb03aa7c818164 23399236 chromium-shell-dbgsym_117.0.5938.62-1~deb11u1_arm64.deb
 0478a6e2ad4f192019614a326a749738bc22f543f937cc39a730c1e42a671ffe 43519340 chromium-shell_117.0.5938.62-1~deb11u1_arm64.deb
 456449762a1765dcf04b3d2badd1f1f630575a03a20b0a83ed3c9720309ff396 25699 chromium_117.0.5938.62-1~deb11u1_arm64-buildd.buildinfo
 edd789a7cca39a6937db74941e084e99a65948dfd162edb276c2ecccc31c8dbd 62562256 chromium_117.0.5938.62-1~deb11u1_arm64.deb
Files:
 cb011d2a3b453384cbb41f3616f731ce 1131576 debug optional chromium-common-dbgsym_117.0.5938.62-1~deb11u1_arm64.deb
 72acf7a06182847aa613b1e72db97580 4862368 web optional chromium-common_117.0.5938.62-1~deb11u1_arm64.deb
 4572b7ec5f7a26052e55c201edfb8285 28640192 debug optional chromium-dbgsym_117.0.5938.62-1~deb11u1_arm64.deb
 8e6b98950875a0c11f29a737bb86af80 4874800 web optional chromium-driver_117.0.5938.62-1~deb11u1_arm64.deb
 f0c938a86cea1470ad538252f4265f8f 12364 debug optional chromium-sandbox-dbgsym_117.0.5938.62-1~deb11u1_arm64.deb
 e0e93077f77d1bf6295f6fbf72dd7261 136956 web optional chromium-sandbox_117.0.5938.62-1~deb11u1_arm64.deb
 1636540e1d4fbe7eef39dcb66e2205e9 23399236 debug optional chromium-shell-dbgsym_117.0.5938.62-1~deb11u1_arm64.deb
 0d17b201778f7d68dd5745a92a10d531 43519340 web optional chromium-shell_117.0.5938.62-1~deb11u1_arm64.deb
 3293e9bbe7fb68e99b22fdfbc5ad5dd8 25699 web optional chromium_117.0.5938.62-1~deb11u1_arm64-buildd.buildinfo
 fb7686356c8f5b9a1de94c8ed47e08ff 62562256 web optional chromium_117.0.5938.62-1~deb11u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmUDOxnfDwdc47jJKqoc2e3yvTA0FAmUErRAACgkQqoc2e3yv
TA1OHQ//Y0uKPg952uxVcYHvWgJjuMRYdZKujCPX74L8m5bupi6Ie+EL0GgUe00W
rAL5XfSxYHk9s26EzuYQMAXrGudH6Cp9sdF0bbi+zRoBpX3VIMWXO+ddT4q0ZkzE
FVn9IQ80KqbAwREJ5jPZWLLh02DiHjz8M6FWU38ELecC1YVKwcMgsqNGWBO3djA7
zRirXa82yBdKKIbIh1aWFs022dirzJ9MeyEA7E9ihNVkqOEpAmhE+S40OFkB1ZCG
9+pU06yVWXLHbbuAnCijzj1RqlXqXB3Oq24iIXB/Lp0fCWqFASUzoYCAWUjjBnuX
6B8LoXMLGSpWD2Fgk14tdnDblirumXxPpbuhneAog345cvA9HS8dyzb81dRvqhC0
zBe/bIDQZ4jC99hXufNYNIrhuV2IXdQhBIYVeXuQpU6loTPjA4NnEeaav6LYsLPh
HRgkSAzk5gdeEpabxnN6YpOKcbvvK/ouFo7SuOSh358w5OJMbUA+DJhxOcpBC1lh
Nd5ABJRoY8x8mfPhdv1RIJuib87tE5tpXA0Dqvzbx7gXG+2H818WusjMOKCZSYne
Dak1lrnEQf4biDuyeiHVGRuGoANSUVdZYeGi0Voi5chAG310fuj0m0DJcKz1Xvjj
ljxzJdf/znJR5y9pZsNSdyJ5Amy+wyFsnw1AOjQVsA6miWcPYc8=
=te8r
-----END PGP SIGNATURE-----