-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 18 Sep 2024 20:47:23 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: arm64
Version: 129.0.6668.58-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-02) <buildd_arm64-arm-conova-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (129.0.6668.58-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2024-8904: Type Confusion in V8. Reported by Popax21.
     - CVE-2024-8905: Inappropriate implementation in V8.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2024-8906: Incorrect security UI in Downloads.
       Reported by @retsew0x01.
     - CVE-2024-8907: Insufficient data validation in Omnibox.
       Reported by Muhammad Zaid Ghifari.
     - CVE-2024-8908: Inappropriate implementation in Autofill.
       Reported by Levit Nudi from Kenya.
     - CVE-2024-8909: Inappropriate implementation in UI.
       Reported by Shaheen Fazim.
   * d/patches:
     - debianization/sandbox.patch: refresh for upstream changes. Since we
       have some downstream users of this package, retain the Ubuntu wording.
     - disable/tests.patch: refresh.
     - disable/catapult.patch: refresh.
     - bookworm/clang16.patch: refresh, delete -Wno-dangling-assignment-gsl
     - ppc64le/crashpad/0001-Implement-support-for-PPC64-on-Linux.patch:
       refresh.
     - ppc64le/sandbox/Sandbox-linux-services-credentials.cc-PPC.patch:
       refresh.
     - ppc64le/third_party/dawn-fix-ppc64le-detection.patch: refresh.
     - bookworm/more-spaceships.patch: yet another clang-17 header
       backport for clang-16 inadequecies.
     - bookworm/signer-lambda.patch: clang-16 lambda bug workaround.
     - bookworm/bubble-contents.patch: refresh.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/dawn-fix-typos.patch: drop, applied upstream
     - third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
       refresh for upstream changes
     - libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: refresh
       for upstream changes
     - core/cargo-add-ppc64.diff: Add ppc64 to cargo architecture definitions
Checksums-Sha1:
 0591e8c1a0f730ce3ac4adf1f4b0c9b0e30c0e41 5442124 chromium-common-dbgsym_129.0.6668.58-1~deb12u1_arm64.deb
 4e6a4e2c4c772cc59cf1ac6570c09eedaf004155 13406920 chromium-common_129.0.6668.58-1~deb12u1_arm64.deb
 e2160b5fc66c7a94ea8218f823b4e18f1028a1a6 34567000 chromium-dbgsym_129.0.6668.58-1~deb12u1_arm64.deb
 8fd04d51d04cc5cfd13002cf2f01cbc0143e5d20 5878420 chromium-driver_129.0.6668.58-1~deb12u1_arm64.deb
 4a61b7e822ffba570b28b6c69b004ae702c52885 14108 chromium-sandbox-dbgsym_129.0.6668.58-1~deb12u1_arm64.deb
 5d14956fc8f61b7be298c0cdd4bed576ff38f89b 95416 chromium-sandbox_129.0.6668.58-1~deb12u1_arm64.deb
 4f6187b2afab6d9143e281b3db4178e77746662e 28405756 chromium-shell-dbgsym_129.0.6668.58-1~deb12u1_arm64.deb
 0e34ebf240b4670669278e3db8955c99b32d56bc 46314208 chromium-shell_129.0.6668.58-1~deb12u1_arm64.deb
 11812c64e34a7518b881ca1466a96950fde16332 24862 chromium_129.0.6668.58-1~deb12u1_arm64-buildd.buildinfo
 04539a79a21b40a215be1bd236380d4b0ba208fb 75012236 chromium_129.0.6668.58-1~deb12u1_arm64.deb
Checksums-Sha256:
 683a1d1a994d1a7be52296d506ebdc9c7cff618388fd76f6d0a35dcc87100c38 5442124 chromium-common-dbgsym_129.0.6668.58-1~deb12u1_arm64.deb
 14c8a6f62f6fb9d1bd68a2f964af3cb192e7651c64a03326f84926cc9c3482bc 13406920 chromium-common_129.0.6668.58-1~deb12u1_arm64.deb
 9dbc579f5ed9b934086ad9fbc4616348af7f89b13d79cd7dd5b4ae32141a5688 34567000 chromium-dbgsym_129.0.6668.58-1~deb12u1_arm64.deb
 0301c5ae586682d31228fa98d5121ec06510d374c61d6d87e6592324642df410 5878420 chromium-driver_129.0.6668.58-1~deb12u1_arm64.deb
 8bd293acc47f1a8c90b013c3bcc5f2d1c6847d0a4d5de11044ea00f1d18d7cde 14108 chromium-sandbox-dbgsym_129.0.6668.58-1~deb12u1_arm64.deb
 2d60d73854c0d1df8ecd5dec9e7349d3ef5e56c0ffc1478a27876a23446084e2 95416 chromium-sandbox_129.0.6668.58-1~deb12u1_arm64.deb
 1831d9c71394d67560731e7f2d8b86de548365291707ef9c022436002484ab4d 28405756 chromium-shell-dbgsym_129.0.6668.58-1~deb12u1_arm64.deb
 c9ff06f8115533ca4ca7f579504638314a29b8cc2f5bbb20634856f70699c8b5 46314208 chromium-shell_129.0.6668.58-1~deb12u1_arm64.deb
 14254205563ef4606f76ae48768a0c1a418bd4d74324d973d0b35485507ca77c 24862 chromium_129.0.6668.58-1~deb12u1_arm64-buildd.buildinfo
 79fadfb2e5ca5c693fda67e7ce0736b04cdbf01599cc579700d854649e00a636 75012236 chromium_129.0.6668.58-1~deb12u1_arm64.deb
Files:
 6ce760a692cea4b80ed26c99b46f4249 5442124 debug optional chromium-common-dbgsym_129.0.6668.58-1~deb12u1_arm64.deb
 6cef76cc9f9c3a4b768ea9a55184e0c2 13406920 web optional chromium-common_129.0.6668.58-1~deb12u1_arm64.deb
 00d02cf51ae054806ca4fa75d41b7348 34567000 debug optional chromium-dbgsym_129.0.6668.58-1~deb12u1_arm64.deb
 8a8622df1fee08b261431d3a403a56ca 5878420 web optional chromium-driver_129.0.6668.58-1~deb12u1_arm64.deb
 97590defc0bfc2dd024483cded360938 14108 debug optional chromium-sandbox-dbgsym_129.0.6668.58-1~deb12u1_arm64.deb
 a20e6c7f44ba903120a7fe2dc85ab46b 95416 web optional chromium-sandbox_129.0.6668.58-1~deb12u1_arm64.deb
 76918f5e1d48304fb6b6d717fb87906c 28405756 debug optional chromium-shell-dbgsym_129.0.6668.58-1~deb12u1_arm64.deb
 cd65ff8b02eed4fb3beba0e8ee247dc9 46314208 web optional chromium-shell_129.0.6668.58-1~deb12u1_arm64.deb
 e70d500c380101b17d260b0383081262 24862 web optional chromium_129.0.6668.58-1~deb12u1_arm64-buildd.buildinfo
 efce16df46bd5ba62d1f60505e0964f7 75012236 web optional chromium_129.0.6668.58-1~deb12u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEKAzExpjGvTI78ZO8LARVyvnD3xkFAmbsMkgACgkQLARVyvnD
3xmiThAAye39p6fbYoknxqBpxm9tPyenecbyJey2ze67aWd4xpa8d56rz5/pRwHe
FZhb1lyQjomG1tcaAsRTgjItF5AHtus8xtcJD53MNFtqR+eYV8YWGnyYzhp6OOte
/KW9cZWrYdURoFbXqgCGJiAUOhgjvB+lgZeVeBYTByMB/4OXekARd5396crWR2h4
qHMEiHPdao0zD9AeDit2V0YF6E4a/h6OvJ2PaPSAVrwp6FPmT4qmHhAVUyqGFPeK
oPd24gCcb9lwwk6dJBmhDXdUok7TwLeTUyBZkVeaRla+kPEZav/YMY7QnKUTFAo8
14na/8uX0LQpd7hCv47KjsJ1PVCubJL6Lau6J7gsI5sm9WA3HBJvAQVvor7RivSj
XD3nO2bguFxQphmmGuZI4bu80W/Kv0dRwzMDqiXmo926p1tMXeADd8wE9lpQUVSQ
6FMU/5vUaeEGED37/8Xal9Iz+crT48bp8njlcJ1gXzgizxt8RygjQnEC1XJIENks
pUIivrWDO3sl8ZFlLqWnNQTIRiVRghKCFGZ/YfbDzYXhiDqfw1MM1fKOxo7bUTmP
XcZ3pY+xl3QuUTmGQVkkG/3y+r08OTaNgWTgeU9nQIJ9W8p30Sb5PesXx7JTvPZe
qD9TvPy2mQ2tVpou/q0WJzXAVz1ErZR3n411OdWB5kKpqtOa8xo=
=WE72
-----END PGP SIGNATURE-----