-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 13 Sep 2023 22:26:10 -0400
Source: chromium
Binary: chromium-l10n
Architecture: all
Version: 117.0.5938.62-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium-l10n - web browser - language packs
Closes: 1042111
Changes:
 chromium (117.0.5938.62-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon]
   * New upstream stable release.
     - CVE-2023-4900: Inappropriate implementation in Custom Tabs.
       Reported by Levit Nudi from Kenya.
     - CVE-2023-4901: Inappropriate implementation in Prompts.
       Reported by Kang Ali.
     - CVE-2023-4902: Inappropriate implementation in Input.
       Reported by Axel Chong.
     - CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs.
       Reported by Ahmed ElMasry.
     - CVE-2023-4904: Insufficient policy enforcement in Downloads.
       Reported by Tudor Enache @tudorhacks.
     - CVE-2023-4905: Inappropriate implementation in Prompts.
       Reported by Hafiizh.
     - CVE-2023-4906: Insufficient policy enforcement in Autofill.
       Reported by Ahmed ElMasry.
     - CVE-2023-4907: Inappropriate implementation in Intents.
       Reported by Mohit Raj (shadow2639) .
     - CVE-2023-4908: Inappropriate implementation in Picture in Picture.
       Reported by Axel Chong.
     - CVE-2023-4909: Inappropriate implementation in Interstitials.
       Reported by Axel Chong.
   * d/copyright: drop rust, llvm, siso, & cargo binaries.
   * d/patches:
     - fixes/size.patch: drop, merged upstream.
     - fixes/variant.patch: drop, merged upstream.
     - fixes/vector.patch: drop, merged upstream.
     - upstream/contains.patch: drop, merged upstream.
     - upstream/hvec.patch: drop, merged upstream.
     - upstream/limits.patch: drop, merged upstream.
     - upstream/statelessV4L2.patch: drop, merged upstream.
     - fixes/widevine-locations.patch: refresh for minor upstream changes.
     - disable/android.patch: drop half the patch.
     - disable/catapult.patch: refresh for minor upstream changes.
     - disable/tests.patch: refresh for minor upstream changes.
     - disable/unrar.patch: refresh for minor upstream changes.
     - fixes/material-utils.patch: build fix for clang w/ libstdc++.
     - rename fixes/null.patch to fixes/perfetto.patch.
     - upstream/memory.patch: build fix for missing header.
     - bookworm/struct-ctor.patch: add a bunch more build workarounds for
       clang-14.
     - bookworm/stringpiece3.patch: another clang-14 StringPiece to
       std::string explicit conversion.
     - bookworm/typename.patch: add more explicit typename declarations for
       clang-14.
     - bookworm/structured-binding-scope-bug.patch: add more clang-14 binding
       scope workarounds.
     - bookworm/initialize-const-ctor.patch: clang-14 workaround to init a
       const member inside a struct.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - disable/privacy-sandbox.patch: ensure Privacy Sandbox "features" are
       off by default.
     - bookworm/generate-ninja.patch: fix build failure w/ bookworm's older gn.
   * Switch to using bundled brotli, as the version in debian is too old.
     And so we can drop d/patches/bookworm/brotli.patch, too.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Implement-support-for-PPC64-on-Linux.patch: refresh for upstream
        changes
     - 0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes
     - 0002-third-party-boringssl-add-generated-files.patch: refresh for
        upstream changes
     - 0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for
        upstream changes
     - 0004-third_party-crashpad-port-curl-transport-ppc64.patch: refresh for
        upstream changes
     - skia-vsx-instructions.patch: refresh for upstream changes
     - 0003-third_party-ffmpeg-Add-ppc64-generated-config.patch: regenerate
     - 0001-third_party-boringssl-Properly-detect-ppc64le-in-BUI.patch: drop
   * d/patches/ungoogled:
     - core/ungoogled-chromium/disable-web-environment-integrity.patch: disable
       "Web Environment Integrity" trial and remove from build (closes: #1042111)
Checksums-Sha1:
 029fea2fc3c1f76cd1284087891378ab10a7ffb2 6610920 chromium-l10n_117.0.5938.62-1~deb12u1_all.deb
 eb1a3fe7d5309c68a7e4a95ebaf5570a31047ec0 21203 chromium_117.0.5938.62-1~deb12u1_all-buildd.buildinfo
Checksums-Sha256:
 020460ef8ad431bcca2cddb5c46880deb23bd3b04c037a21c05c6380bfd13135 6610920 chromium-l10n_117.0.5938.62-1~deb12u1_all.deb
 19b7a46b975a014e0417dc56831819414d6bdd3d3acee44168cd10380f1b6650 21203 chromium_117.0.5938.62-1~deb12u1_all-buildd.buildinfo
Files:
 923e997aa0fde4f7af697e2b34e0ea85 6610920 localization optional chromium-l10n_117.0.5938.62-1~deb12u1_all.deb
 45ebf1de2c0e17a336dc342b4aff5059 21203 web optional chromium_117.0.5938.62-1~deb12u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEi/TVpVg0yb7dq8QfDZWW6X29YdoFAmUDb/AACgkQDZWW6X29
YdrNNg//ZH2ueAil9b9JcA8zArlsk+REv/xTUiIsPlGNXWnAJRWF2ORP8ZOMpzSP
O2mupmbuOM2P4x5cZW7tyhu9VrCI7yc3MzIi4S68hiFAFy2Vyupy5scNQJ8g2ZeP
S1EU6owncZnkfTt2JTnjg45pWtGzvEOqDfLKG7oozhBi12+fP4AJAUFuhLIDcw/v
E1OWNmJcjwQpeXZ0r+CC63pJo06+5llpSvTx7jFwkUQWLcIqPISNf+ICjrhlsCrP
SG1P0zz64QPrBTE1Xe+KDGwbgyJTgbAbtFLDZLzNTqpJ5Fuyk6ZUinEbn8ljTtAp
x/Xj68PJxq00fb6QLciQhxZ2meQlMSl4q51ICkJZ6OHJX7/e6fH2W47FbiAQOeCv
J6F8BvyRs99VOTvubIJEy4zcds/b7VMQGxgyei9RE41PjRkC0ebzNWWe1pfFl8is
XFjfbhtoHMgEIgmqfVJ2pTQVvXRqWozYyiZztWKxYiOpSLty8UBg1Q/CZ8ffV5GT
1AOn1VpCKDkMY7rz+0lgv6tVdEkVd1PB8UCOWSNqjC/No5ep+wPM5j3vcY8a1dtt
levbzpMnFhzXklWFHHcrjazbGhU4xsqbt9lR/klRDw/VGHOTCyMvHnO57x5AsNUD
4i6UCcWzdRmDZVEOHAUyw+E/R8ZT0MEulrWKjSCbEjMJTxV9Ozs=
=0BHE
-----END PGP SIGNATURE-----