-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 14 Sep 2023 19:16:28 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: ppc64el
Version: 117.0.5938.62-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-01) <buildd_ppc64el-ppc64el-osuosl-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Closes: 1042111
Changes:
 chromium (117.0.5938.62-1~deb11u1) bullseye-security; urgency=high
 .
   [ Andres Salomon]
   * New upstream stable release.
     - CVE-2023-4900: Inappropriate implementation in Custom Tabs.
       Reported by Levit Nudi from Kenya.
     - CVE-2023-4901: Inappropriate implementation in Prompts.
       Reported by Kang Ali.
     - CVE-2023-4902: Inappropriate implementation in Input.
       Reported by Axel Chong.
     - CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs.
       Reported by Ahmed ElMasry.
     - CVE-2023-4904: Insufficient policy enforcement in Downloads.
       Reported by Tudor Enache @tudorhacks.
     - CVE-2023-4905: Inappropriate implementation in Prompts.
       Reported by Hafiizh.
     - CVE-2023-4906: Insufficient policy enforcement in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-4907: Inappropriate implementation in Intents.
       Reported by Mohit Raj (shadow2639) .
     - CVE-2023-4908: Inappropriate implementation in Picture in Picture.
       Reported by Axel Chong.
     - CVE-2023-4909: Inappropriate implementation in Interstitials.
       Reported by Axel Chong.
   * d/copyright: drop rust, llvm, siso, & cargo binaries.
   * d/patches:
     - fixes/size.patch: drop, merged upstream.
     - fixes/variant.patch: drop, merged upstream.
     - fixes/vector.patch: drop, merged upstream.
     - upstream/contains.patch: drop, merged upstream.
     - upstream/hvec.patch: drop, merged upstream.
     - upstream/limits.patch: drop, merged upstream.
     - upstream/statelessV4L2.patch: drop, merged upstream.
     - fixes/widevine-locations.patch: refresh for minor upstream changes.
     - disable/android.patch: drop half the patch.
     - disable/catapult.patch: refresh for minor upstream changes.
     - disable/tests.patch: refresh for minor upstream changes.
     - disable/unrar.patch: refresh for minor upstream changes.
     - fixes/material-utils.patch: build fix for clang w/ libstdc++.
     - rename fixes/null.patch to fixes/perfetto.patch.
     - upstream/memory.patch: build fix for missing header.
     - bookworm/struct-ctor.patch: add a bunch more build workarounds for
       clang-14.
     - bookworm/stringpiece3.patch: another clang-14 StringPiece to
       std::string explicit conversion.
     - bookworm/typename.patch: add more explicit typename declarations for
       clang-14.
     - bookworm/structured-binding-scope-bug.patch: add more clang-14 binding
       scope workarounds.
     - bookworm/initialize-const-ctor.patch: clang-14 workaround to init a
       const member inside a struct.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - disable/privacy-sandbox.patch: ensure Privacy Sandbox "features" are
       off by default.
     - bookworm/generate-ninja.patch: fix build failure w/ bullseye's older gn.
     - bullseye/default-equality-op.patch: refresh.
     - bullseye/lerp.patch: add a new build fix for libstdc++ 10.
     - bullseye/downgrade-typescript.patch: drop parts of patch that don't
       apply and simply update typescript node dependencies.
   * Switch to using bundled brotli, as the version in debian is too old.
     And so we can drop d/patches/bookworm/brotli.patch, too.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Implement-support-for-PPC64-on-Linux.patch: refresh for upstream
        changes
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - 0002-third-party-boringssl-add-generated-files.patch: refresh for
        upstream changes
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
        upstream changes
     - 0004-third_party-crashpad-port-curl-transport-ppc64.patch: refresh for
        upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
     - 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch: regenerate
     - 0001-third_party-boringssl-Properly-detect-ppc64le-in-BUI.patch: drop
   * d/patches/ungoogled:
     - core/ungoogled-chromium/disable-web-environment-integrity.patch: disable
       "Web Environment Integrity" trial and remove from build (closes: #1042111)
Checksums-Sha1:
 608d510119dc0b8629daf8e25f53b61049153e10 821256 chromium-common-dbgsym_117.0.5938.62-1~deb11u1_ppc64el.deb
 990d199f8987094ae1e245b7ac77d8471833b995 5244956 chromium-common_117.0.5938.62-1~deb11u1_ppc64el.deb
 429cbe091595350811b0acdbbb3c8fcfb97d8cf7 31055780 chromium-dbgsym_117.0.5938.62-1~deb11u1_ppc64el.deb
 825c8c0a0566cc19f2fd6ccba4cce75775908cab 6016612 chromium-driver_117.0.5938.62-1~deb11u1_ppc64el.deb
 b9dd73533b2567a18c29595455a12da8c1be72ae 12236 chromium-sandbox-dbgsym_117.0.5938.62-1~deb11u1_ppc64el.deb
 13f7523ad192b7c2921d1bd7758771321197c3b5 137384 chromium-sandbox_117.0.5938.62-1~deb11u1_ppc64el.deb
 2509caf29f3f2996e60e7136b001817e2625a86b 24080432 chromium-shell-dbgsym_117.0.5938.62-1~deb11u1_ppc64el.deb
 98f1625541b7e9712db9aa4983f677a82bdbb50b 51115012 chromium-shell_117.0.5938.62-1~deb11u1_ppc64el.deb
 ea980b14743fcb0079151d2be07d84b36587c562 25690 chromium_117.0.5938.62-1~deb11u1_ppc64el-buildd.buildinfo
 37c3dd7e2089784a246fa7dfbaa1c2f5af84e3da 73267168 chromium_117.0.5938.62-1~deb11u1_ppc64el.deb
Checksums-Sha256:
 b66bdf37bbbd339bf6eba97d6751ce8ee080f6e1729e1695ac371b8967837a31 821256 chromium-common-dbgsym_117.0.5938.62-1~deb11u1_ppc64el.deb
 569611f9f77ad74e20619c8387dd2fc17ed67ff2311066b37b7c6ab5c2961241 5244956 chromium-common_117.0.5938.62-1~deb11u1_ppc64el.deb
 54fd676b3ce8410f3b421177bf718844ac4f8ab993b98aa9355c41c842b7a406 31055780 chromium-dbgsym_117.0.5938.62-1~deb11u1_ppc64el.deb
 de53525dad9beb086901ab7fdab9ceb90c3a29149d432d9b8c104bba84fd8f29 6016612 chromium-driver_117.0.5938.62-1~deb11u1_ppc64el.deb
 0b1f8621ac10a1b65e051132cf1d9b1ed8714ee92bc16a0a54bb26fb01434f82 12236 chromium-sandbox-dbgsym_117.0.5938.62-1~deb11u1_ppc64el.deb
 9842609a70f1f07b8a143d5d7d904b0059a06e164789172dda2ca1fb5d1177cc 137384 chromium-sandbox_117.0.5938.62-1~deb11u1_ppc64el.deb
 f8f47ee16848cbeec8d274ff2ebf40394650b695c0ddc9fd5cf4d09d3bd2b609 24080432 chromium-shell-dbgsym_117.0.5938.62-1~deb11u1_ppc64el.deb
 3f924bde5014e9144593513030a5a1932fbb8006d96cb127c9862fb3fbb49671 51115012 chromium-shell_117.0.5938.62-1~deb11u1_ppc64el.deb
 ecd63792ea5f9295e455fe239078639b22c266348f19d185d6c1640fcb80c575 25690 chromium_117.0.5938.62-1~deb11u1_ppc64el-buildd.buildinfo
 328e07c6de996217f55b76079070384c510743a84b7dafbd9cf77f0908f5b833 73267168 chromium_117.0.5938.62-1~deb11u1_ppc64el.deb
Files:
 3cb13b07626bcb6c1639c73324fba1ed 821256 debug optional chromium-common-dbgsym_117.0.5938.62-1~deb11u1_ppc64el.deb
 6efaea3c82d7a7547ed74be00d89aa80 5244956 web optional chromium-common_117.0.5938.62-1~deb11u1_ppc64el.deb
 43a2c7b3ea3e591b798c32b355283f29 31055780 debug optional chromium-dbgsym_117.0.5938.62-1~deb11u1_ppc64el.deb
 eeb77b05afea7d150a7394706adeb209 6016612 web optional chromium-driver_117.0.5938.62-1~deb11u1_ppc64el.deb
 f8bf1db009a7279237b6194686e58033 12236 debug optional chromium-sandbox-dbgsym_117.0.5938.62-1~deb11u1_ppc64el.deb
 1f0c819de4d8dc7cac6209614ae71d58 137384 web optional chromium-sandbox_117.0.5938.62-1~deb11u1_ppc64el.deb
 1777b55ddad7df20c4a340addc7a5c9f 24080432 debug optional chromium-shell-dbgsym_117.0.5938.62-1~deb11u1_ppc64el.deb
 8bb3545674d000b9a8d6282381b770ef 51115012 web optional chromium-shell_117.0.5938.62-1~deb11u1_ppc64el.deb
 1e3a477480c7c48e37a64e8a0b1a49e9 25690 web optional chromium_117.0.5938.62-1~deb11u1_ppc64el-buildd.buildinfo
 988ceca65de432e0cb2a6eee383456e5 73267168 web optional chromium_117.0.5938.62-1~deb11u1_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE5hbnFkJlczvLwwS0Y7DdE4sWZ/UFAmUEHAoACgkQY7DdE4sW
Z/U12w/9FCzXOgOqOVB8iGEsYGyrI/rM0OnV7OcXE6T/xhj4HThpKyIftF47xxiv
nqDLvMWphTLdIO9SYxtLBiCYa/CWZLkDVuasn8eo0QfYMKIYw6d8D4TRk/qq0o2E
m4j6M3/S/MguN0d+UKpmIFI0tk6W+7yHK9x9RL+FslBRsp93iQUiilCxSjXFF6VX
GwV1DyGJlNvykZajLIua1dYbgGrCOmHSfRp3NJ5lcKzdl01gWiSfYHczeUtUlEL/
REVyFh6veZCnaUXPGJfZ3nFjhlyXCkGq3zZ+2b9wFc8ZGEGPYNot5A+HsMXk/WUQ
XpMF+fTgPmr2qndDneuqRwP4yfAyYva/LKXbFAWagpRJLWigOBC9TOVtOiOJo4HP
8kfImRHym436KzrTzTCNc10PLVEe5n1sC1UmmCsqeI1bU3WCbbH7Tfkp7Vxux69n
/pjX96jevT2WYx71RrU7sdwfG8XY1Igf3MNN7kT5dqX7x20yIiNLfXkCwQCat3uJ
kkr3Qvh0va0TyhzzxL9S02tjqq7SDY/U0ORl/P9omiXCxZddBQYbWnsy5uiY8Xif
KA2BKtque8P+TbmoyGcMWz3g63E7eRVj5YvqbMpGeb+wvwkHmXXKV6E4NEooovi6
4AKT3HDNcYGbsja0d/CkCWqjg9TqmkaBakQBquxMBNWBr0Gr2ig=
=etP0
-----END PGP SIGNATURE-----