-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 18 Sep 2024 20:47:23 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: i386
Version: 129.0.6668.58-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) <buildd_amd64-x86-ubc-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (129.0.6668.58-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2024-8904: Type Confusion in V8. Reported by Popax21.
     - CVE-2024-8905: Inappropriate implementation in V8.
       Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team.
     - CVE-2024-8906: Incorrect security UI in Downloads.
       Reported by @retsew0x01.
     - CVE-2024-8907: Insufficient data validation in Omnibox.
       Reported by Muhammad Zaid Ghifari.
     - CVE-2024-8908: Inappropriate implementation in Autofill.
       Reported by Levit Nudi from Kenya.
     - CVE-2024-8909: Inappropriate implementation in UI.
       Reported by Shaheen Fazim.
   * d/patches:
     - debianization/sandbox.patch: refresh for upstream changes. Since we
       have some downstream users of this package, retain the Ubuntu wording.
     - disable/tests.patch: refresh.
     - disable/catapult.patch: refresh.
     - bookworm/clang16.patch: refresh, delete -Wno-dangling-assignment-gsl
     - ppc64le/crashpad/0001-Implement-support-for-PPC64-on-Linux.patch:
       refresh.
     - ppc64le/sandbox/Sandbox-linux-services-credentials.cc-PPC.patch:
       refresh.
     - ppc64le/third_party/dawn-fix-ppc64le-detection.patch: refresh.
     - bookworm/more-spaceships.patch: yet another clang-17 header
       backport for clang-16 inadequecies.
     - bookworm/signer-lambda.patch: clang-16 lambda bug workaround.
     - bookworm/bubble-contents.patch: refresh.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/dawn-fix-typos.patch: drop, applied upstream
     - third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
       refresh for upstream changes
     - libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: refresh
       for upstream changes
     - core/cargo-add-ppc64.diff: Add ppc64 to cargo architecture definitions
Checksums-Sha1:
 d30493236dbf703b3973f12c31303f77b93c8e9c 5387332 chromium-common-dbgsym_129.0.6668.58-1~deb12u1_i386.deb
 5a7f8eade780dab7e72aaf743da5be1638ce6211 10202700 chromium-common_129.0.6668.58-1~deb12u1_i386.deb
 45a64558c5ffb68ee1a4e6da3c8669779245ad30 34700264 chromium-dbgsym_129.0.6668.58-1~deb12u1_i386.deb
 50cadf488f64cd1ea5e6787006fa5c21f60ba8ff 6837240 chromium-driver_129.0.6668.58-1~deb12u1_i386.deb
 6260a1ee10b85b47d077497ba690b913d261308f 14000 chromium-sandbox-dbgsym_129.0.6668.58-1~deb12u1_i386.deb
 b1965607af6f124054cac5193d9fb5669b152c95 95408 chromium-sandbox_129.0.6668.58-1~deb12u1_i386.deb
 0bbc39a4eaa6c4b79acb825555d980cac7ed9e92 29964104 chromium-shell-dbgsym_129.0.6668.58-1~deb12u1_i386.deb
 e2f3b947f5e31f686622a67dfb912d6ec700f925 54333616 chromium-shell_129.0.6668.58-1~deb12u1_i386.deb
 e2646188fd58510012e8cf058e45a59b4d136b1c 24876 chromium_129.0.6668.58-1~deb12u1_i386-buildd.buildinfo
 3b762a5b238826d75bc2600fa0680fc4607f650f 77587268 chromium_129.0.6668.58-1~deb12u1_i386.deb
Checksums-Sha256:
 39e7ae517b54ebc4437ae9571a8e989b7f2bfbdcf351ae18ec04fab1cebd6403 5387332 chromium-common-dbgsym_129.0.6668.58-1~deb12u1_i386.deb
 3f0734f4d7aea02270644c87f5f772f6b4af2b78c8bfaca4535b8ed0b74921a2 10202700 chromium-common_129.0.6668.58-1~deb12u1_i386.deb
 8b3641fded5d01a1d2884c336d97decd9d7a761c5bca8952c9ab7b86c1f7ae66 34700264 chromium-dbgsym_129.0.6668.58-1~deb12u1_i386.deb
 19fa6aadc980d5160715e5ef63bd56a9956a75455a973bcf9299420d7652de12 6837240 chromium-driver_129.0.6668.58-1~deb12u1_i386.deb
 b2cfc00b005c472c14802a37f42c2ed172232653658f57372eee5d2cf5ed02e6 14000 chromium-sandbox-dbgsym_129.0.6668.58-1~deb12u1_i386.deb
 4fa162034a45d4e9571a465f0d95473ea8b8f5904890e29ec684f42509f30de1 95408 chromium-sandbox_129.0.6668.58-1~deb12u1_i386.deb
 2c0925a00a93e1910396822c73698d0e6ff2cb8e42b9712b061ffdbe66917ff2 29964104 chromium-shell-dbgsym_129.0.6668.58-1~deb12u1_i386.deb
 2d9b6423a057387f70d8740c4612121ed761a4c2d1f04e73bb56756b6d44dd36 54333616 chromium-shell_129.0.6668.58-1~deb12u1_i386.deb
 c131b44bfba0eea104624338d914276b3a6cddfa55db6b5ec1541716f5302b36 24876 chromium_129.0.6668.58-1~deb12u1_i386-buildd.buildinfo
 9ffa009febe9ecba573c26f9e048f697cce2d5da727a139dcb32407daf0fdc82 77587268 chromium_129.0.6668.58-1~deb12u1_i386.deb
Files:
 89a084c458ac809397d139f8a75c9c12 5387332 debug optional chromium-common-dbgsym_129.0.6668.58-1~deb12u1_i386.deb
 8be58c73a82bafc4f2005246e87dd7af 10202700 web optional chromium-common_129.0.6668.58-1~deb12u1_i386.deb
 d402689bd353e12dc61902b8d4dcf8aa 34700264 debug optional chromium-dbgsym_129.0.6668.58-1~deb12u1_i386.deb
 4f03d03ba7535ffc2f3dadc8c48197ae 6837240 web optional chromium-driver_129.0.6668.58-1~deb12u1_i386.deb
 113f3cf89116fba01861cfb16d5046c9 14000 debug optional chromium-sandbox-dbgsym_129.0.6668.58-1~deb12u1_i386.deb
 4c20940f73b3915432085efe8adbbe9e 95408 web optional chromium-sandbox_129.0.6668.58-1~deb12u1_i386.deb
 d9de4063bd1f4e89977e759f3194320a 29964104 debug optional chromium-shell-dbgsym_129.0.6668.58-1~deb12u1_i386.deb
 70eb68dd0533458a0549e24c4995a848 54333616 web optional chromium-shell_129.0.6668.58-1~deb12u1_i386.deb
 cf368c9369ab9fe1b5a4d9b1f5220d37 24876 web optional chromium_129.0.6668.58-1~deb12u1_i386-buildd.buildinfo
 484955efcadb4ea157dfe5ef0bb03efa 77587268 web optional chromium_129.0.6668.58-1~deb12u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEGBeuno8wiDXCewDuqqLQG5ksqMMFAmbsC9IACgkQqqLQG5ks
qMNHMA//dwLEnkyriujCC1CtGZc4WBJz+ssiAMW0syDbgBU7O7RrjJMgZeIOVkg6
O3V4AWn6mcFHdDXZW+0BR9hQl5u+6BvDKOrfZoDWG4mBDlI31Ys0AXhA6MSN7y3o
rZ6kAblh83ck7zrunBlJUXv40XNuQJHxxlgsWeq085qi8N8MNlwLqrMmh0ysnKCv
oIaofY7Yrxf4TnOiWGPUehw2KyBbpbYDAXlSIXFKT1gyOawSXp0xAkdKOkMSaRn0
PeFVN3l9I2Qwz3y93tAHNRemr8KMazSBr6rdNEXHFpmdkGr/V5vaz6nL98dw/LtG
ZhoByu7SfYmbU/X2mJPWlmYHOgU6pgVfdcvPwsfOqSns6IM0B7epTwRIqxmlCdp/
Jh8JyrCjaBKl4a2o0s3zOjPj49vpRKvsGa0G7pTsSgnNWXYnfTaZCsCg+N80oPiH
5Xa5104zuj0B/svu12olAXC9rhWECtZ0fA/0qQYg/A/VDSlzycgXnEX0rT2Zl4jS
QMnWt2yEQokhN4EElkZvpGyLbfbkx6f56AtDDIznJ6x2O/kAu/KMxCtxsZNpB56x
vIt7+4N3/Y9oxZk7WimjPC8Ot9ci6v61+cTPGRowXyg8ayNixa0BdTFjoHIot598
5X3n1IkYFl+v4AzIP6ym0XdnRoB4RaOZbM59sPE6QryYLinEKgw=
=JmFY
-----END PGP SIGNATURE-----