-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 21 Nov 2024 16:12:03 -0500
Source: chromium
Architecture: source
Version: 131.0.6778.85-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (131.0.6778.85-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2024-11110: Inappropriate implementation in Blink.
       Reported by Vsevolod Kokorin (Slonser) of Solidlab.
     - CVE-2024-11111: Inappropriate implementation in Autofill.
       Reported by Narendra Bhati, Suma Soft Pvt. Ltd - Pune (India).
     - CVE-2024-11112: Use after free in Media. Reported by
       Nan Wang(@eternalsakura13) and Zhenghang Xiao(@Kipreyyy) of
       360 Vulnerability Research Institute.
     - CVE-2024-11113: Use after free in Accessibility.
       Reported by Weipeng Jiang (@Krace) of VRI.
     - CVE-2024-11114: Inappropriate implementation in Views.
       Reported by Micky.
     - CVE-2024-11115: Insufficient policy enforcement in Navigation.
       Reported by mastersplinter.
     - CVE-2024-11116: Inappropriate implementation in Paint.
       Reported by Thomas Orlita.
     - CVE-2024-11117: Inappropriate implementation in FileSystem.
       Reported by Ameen Basha M K.
     - CVE-2024-11395: Type Confusion in V8. Reported by Anonymous.
   * d/patches:
     - upstream/wayland-gbm-pixmap.patch: drop, merged upstream.
     - disable/catapult.patch: refresh.
     - fixes/bindgen.patch: refresh.
     - fixes/freetype.patch: add new patch to fix missing
       enable_freetype arg declaration.
     - fixes/updater-test.patch: add simple build fix for deleted
       third_party/updater/.
     - upstream/stack-header.patch: drop, merged upstream.
     - bookworm/clang16.patch: refresh.
     - bookworm/bubble-contents.patch: refresh.
     - bookworm/constexpr.patch: refresh.
     - bookworm/gn-absl.patch: add a few more places where libs needed to
       be made visible.
     - bookworm/gn-funcs.patch: add another deletion of newer gn
       features.
     - bookworm/constexpr-assert.patch: add patch to work around more
       clang-16 constexpr bugs; this time a fun one with branching
       optimizations. Whee!
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - workarounds/HACK-debian-clang-disable-pa-musttail.patch: Work around
       additional upstream musttail definitions
     - workarounds/HACK-debian-clang-disable-base-musttail.patch: Refresh for
       upstream changes
     - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       Refresh for upstream changes
Checksums-Sha1:
 64a2e9570ee6297bb060fd8676fbe1e7bde297d1 3812 chromium_131.0.6778.85-1~deb12u1.dsc
 5d6b15ba05bff55b2035406a37f5c6d4a6cdb95a 842806384 chromium_131.0.6778.85.orig.tar.xz
 cea79ebd09e1f13d47940da4ee35f9077e91258f 8499784 chromium_131.0.6778.85-1~deb12u1.debian.tar.xz
 cbae3553e5f0f05ca3b936f49c2342bd307835c5 22111 chromium_131.0.6778.85-1~deb12u1_source.buildinfo
Checksums-Sha256:
 341a2f862bf65edb8e05b41afcf34b78370f9e2bfd740543b489cfac3fd918e9 3812 chromium_131.0.6778.85-1~deb12u1.dsc
 a78b4c3c53eef0ca396f1ee2163bbaf4bc6e2b4670e832dad6a0a2c5b330e8cc 842806384 chromium_131.0.6778.85.orig.tar.xz
 64394d82413ad71bb5d9d479058e8764cf48ba338acac5a86f8066449cb93a7f 8499784 chromium_131.0.6778.85-1~deb12u1.debian.tar.xz
 9a49fb6198be2694c6af13909b5b79290541cc83c6d9463420cf0a84b7b68dc3 22111 chromium_131.0.6778.85-1~deb12u1_source.buildinfo
Files:
 14b4ca8a44ae4ceed0535cc6d23ede4e 3812 web optional chromium_131.0.6778.85-1~deb12u1.dsc
 f060399b3842267b01d7f20429baea23 842806384 web optional chromium_131.0.6778.85.orig.tar.xz
 b029acbaf41b6a66ed403462ca783c21 8499784 web optional chromium_131.0.6778.85-1~deb12u1.debian.tar.xz
 56312befa1e6a10095aada45419fb594 22111 web optional chromium_131.0.6778.85-1~deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmdBFLIUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjfvjQ//aP1oGxKX2/ECGSBqJZJxRN5PZQFg
pAhYgi1K1BKQ+oJz4v9ho53lk7wkZ0r3WPYr95svu9DLsFkRASgtpo5/+NuFXlEO
Vg66h0ligWBN4KwK5cI9L5n2fKTDyqYhfzppgYPTMeCkqbBwEkDz3YlS1ZFgdljt
FThz/Xmoz0xv4KEo2OuLEvdnoNRmaVBnnj1GBGJlgW9Ant5281A98LF43bKT8s/G
He2CAFYiEVa8t/VUWmN5M+w8azmjIPguexYyg4+KgzO74SgxWrwtDkdUW4wMwKu6
nUGjdF3ovWVGrKvxue0Yr0mI1LEu6cfaNw37LJNvjAt2rVNXFE7shGirxPz7nmuL
SjRZDIx/vqQ7U13pnKk6J8rh/XL+W19EoorIUgfvfy4WMpeDQAKvfG9E+osikpwA
nki99qNOCt+UAL89ny3JAEDGE9PedG/QG4W5QC1pHIApctT/ANPEO6qgN82Mbf0L
6mjnRwgN6vAQVQY7QJZdub+MMxklBCHdv53rJBjE2uAWE5ZtilBtabIDvo9i97F1
Nkkpg+bLYpR60RCVGEdxneZaion7tYiHxtHAJfQfdpgE2Yf/iqlUBxqAr5Zp+YIn
r9qFM7yqYy2t/XOI3NscKxm5r8biGhptgVRTUoVD18wxLRhGY3EkoVjISVznRw9/
JP5OYnz9Lmtwx+4=
=hNrN
-----END PGP SIGNATURE-----