-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 21 Nov 2024 16:12:03 -0500 Source: chromium Binary: chromium-l10n Architecture: all Version: 131.0.6778.85-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) Changed-By: Andres Salomon Description: chromium-l10n - web browser - language packs Changes: chromium (131.0.6778.85-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2024-11110: Inappropriate implementation in Blink. Reported by Vsevolod Kokorin (Slonser) of Solidlab. - CVE-2024-11111: Inappropriate implementation in Autofill. Reported by Narendra Bhati, Suma Soft Pvt. Ltd - Pune (India). - CVE-2024-11112: Use after free in Media. Reported by Nan Wang(@eternalsakura13) and Zhenghang Xiao(@Kipreyyy) of 360 Vulnerability Research Institute. - CVE-2024-11113: Use after free in Accessibility. Reported by Weipeng Jiang (@Krace) of VRI. - CVE-2024-11114: Inappropriate implementation in Views. Reported by Micky. - CVE-2024-11115: Insufficient policy enforcement in Navigation. Reported by mastersplinter. - CVE-2024-11116: Inappropriate implementation in Paint. Reported by Thomas Orlita. - CVE-2024-11117: Inappropriate implementation in FileSystem. Reported by Ameen Basha M K. - CVE-2024-11395: Type Confusion in V8. Reported by Anonymous. * d/patches: - upstream/wayland-gbm-pixmap.patch: drop, merged upstream. - disable/catapult.patch: refresh. - fixes/bindgen.patch: refresh. - fixes/freetype.patch: add new patch to fix missing enable_freetype arg declaration. - fixes/updater-test.patch: add simple build fix for deleted third_party/updater/. - upstream/stack-header.patch: drop, merged upstream. - bookworm/clang16.patch: refresh. - bookworm/bubble-contents.patch: refresh. - bookworm/constexpr.patch: refresh. - bookworm/gn-absl.patch: add a few more places where libs needed to be made visible. - bookworm/gn-funcs.patch: add another deletion of newer gn features. - bookworm/constexpr-assert.patch: add patch to work around more clang-16 constexpr bugs; this time a fun one with branching optimizations. Whee! . [ Timothy Pearson ] * d/patches/ppc64le: - workarounds/HACK-debian-clang-disable-pa-musttail.patch: Work around additional upstream musttail definitions - workarounds/HACK-debian-clang-disable-base-musttail.patch: Refresh for upstream changes - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch: Refresh for upstream changes Checksums-Sha1: d5a89f90c8118c3a6833b005eef4bba9c8d7f1d1 7819996 chromium-l10n_131.0.6778.85-1~deb12u1_all.deb 96537a8e63ee0faae4da4259a303172d3671215a 22189 chromium_131.0.6778.85-1~deb12u1_all-buildd.buildinfo Checksums-Sha256: 71fff726fcca7c1c81c838e17404a1cc7214059b39d8b8d76a99ed53a1ecb710 7819996 chromium-l10n_131.0.6778.85-1~deb12u1_all.deb b5fd687fd28e55375aa9d5cde391d5249065bc9f178eca7268a02fb24eb9b23a 22189 chromium_131.0.6778.85-1~deb12u1_all-buildd.buildinfo Files: 6943f6cf077de525ccd4858c036cf1d2 7819996 localization optional chromium-l10n_131.0.6778.85-1~deb12u1_all.deb 247e57ecf53652c925e8b95f9d73a5a8 22189 web optional chromium_131.0.6778.85-1~deb12u1_all-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEe8x49oT2k+seQstpgDm7h4zfCpIFAmdBdUUACgkQgDm7h4zf CpLwXg/+LnDWM3Gbg2D2HzURyXSH+bwyXD6cQtHfm9u24YRkd4m6jKWJP6hsIq5F lHh5BZn9UquDVmRSM3xU85bJlw9seI64P9VwBQJUXqK36R6TqF1loof9tazFgILY Q/pc8mlK+cpxzWNxOv4y176j9zCk0mPzNHw81dWod493acXhBZ4kGR2HTp1DTEzB +UoxBqMFkUQEMhW25Q8y+NUZizCEiUnOcJk+AL6znBVzHipr/AcbRYEp1aQs+uly c8L1uMu+awpfENiW/RWEubUvE/8dfUpN+vFcti3HYxIwkUSZ/BrRc0G6WEoZQ6+T OIDKrKZYwEBH6yu9cuPWIfu9EH0qaIZzhqTXksUKThHE+RgqiDBJoniY77jYOYQ6 qFtwrV2Y1gZpXlfw/+IgwWCw7qnGdAGS78S4+5A+OwbbI5YESJKPF33CkBb0DaM/ OeTwd1QlUz2fwkn7QTzIjqCQno/lLl7xL88y7212Cb1Aobx5wbEfY7S9xXE9xLYS n/trg6r7SC9cS0BEECyOzJYjHzAWqP0QlTzxvbo6xxRlCU5MV1VmhSi37PTss2Rp cETILOiIGd4B55PjPM8jaWTjHFw2MsEo7XYDCW0nXiC6Lj7gNduMU1oeYhusXzwD 36DgGIy+ZX8vIuR55qRSaFyt9xMp5Sb5AqHaqAJi+jNidnWNnS0= =wg8d -----END PGP SIGNATURE-----