-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 18 Jul 2023 17:50:00 -0500
Source: chromium
Binary: chromium-l10n
Architecture: all
Version: 115.0.5790.98-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all Build Daemon (x86-csail-02) <buildd_all-x86-csail-02@buildd.debian.org>
Changed-By: Timothy Pearson <tpearson@raptorengineering.com>
Description:
 chromium-l10n - web browser - language packs
Changes:
 chromium (115.0.5790.98-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream release
     - CVE-2023-3727: Use after free in WebRTC.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2023-3728: Use after free in WebRTC.
       Reported by Zhenghang Xiao (@Kipreyyy).
     - CVE-2023-3730: Use after free in Tab Groups. Reported by @ginggilBesel.
     - CVE-2023-3732: Out of bounds memory access in Mojo.
       Reported by Mark Brand of Google Project Zero.
     - CVE-2023-3733: Inappropriate implementation in WebApp Installs.
       Reported by Ahmed ElMasry.
     - CVE-2023-3734: Inappropriate implementation in Picture In Picture.
       Reported by Thomas Orlita.
     - CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts.
       Reported by Ahmed ElMasry.
     - CVE-2023-3736: Inappropriate implementation in Custom Tabs.
       Reported by Philipp Beer (TU Wien).
     - CVE-2023-3737: Inappropriate implementation in Notifications.
       Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) .
     - CVE-2023-3738: Inappropriate implementation in Autofill.
       Reported by Hafiizh.
     - CVE-2023-3740: Insufficient validation of untrusted input in Themes.
       Reported by Fardeen Siddiqui.
 .
   * d/rules:
     - use system rustc installation
   * Add build-dep on rustc.
   * d/patches:
     - debianization/master-preferences.patch: upstream variable renamed
     - disable/catapult.patch: upstream changes required reworking
     - disable/tests.patch: remove new upstream puffin test data file
       dependencies
     - disable/unrar.patch: upstream changes required reworking
     - fixes/cmath.patch: add missing header include for skia
     - fixes/vector.patch: add missing header include for net
     - upstream/sizet.patch: drop, merged upstream
     - ppc64le/fixes/fix-partition-alloc-compile.patch: refresh for upstream
       changes
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
       for upstream changes
     - ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - ppc64le/third_party/0003-third_party-libvpx-Add-ppc64-generated-config.patch:
       regenerate configs from upstream source
     - ppc64le/third_party/skia-vsx-instructions.patch: refresh for upstream
       changes
 .
   [ Andres Salomon ]
     - fixes/clang-and-gcc11.patch: drop, (a different version) merged upstream.
     - bookworm/typename.patch: drop parts that were merged upstream, and add
       new build fixes.
     - bookworm/structured-binding-scope-bug.patch: drop some of it, add new bits
     - bullseye/constexpr.patch: refresh for string -> StringPiece change.
     - bullseye/stringpiece.patch: add to work around older libre2.
     - bullseye/default-equality-op.patch: add more workarounds for older
       compilers
     - fixes/brandversion-construct.patch: add to fix build failure.
     - fixes/SkColor4f-init.patch: another missing struct constructor fix.
     - fixes/cookieresult.patch: another struct ctor build fix.
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh.
     - ppc64le/libaom/0001-Add-ppc64-target-to-libaom.patch: refresh.
     - ppc64le/third_party/0002-third-party-boringssl-add-generated-files.patch:
       refresh.
Checksums-Sha1:
 df4fb7d7e45447d8f44f78d9a581724aac58977e 6161028 chromium-l10n_115.0.5790.98-1~deb12u1_all.deb
 be7f0551393aa522278db61f8e97b46cd31f717f 20997 chromium_115.0.5790.98-1~deb12u1_all-buildd.buildinfo
Checksums-Sha256:
 09b79d0a174d9b64eca72ee93440d46211e73c706452984d5acfc940e6dbca9c 6161028 chromium-l10n_115.0.5790.98-1~deb12u1_all.deb
 d22685e4d71fe8f8e9bb98ef0d84cc5ecd3813280a337601c63ee99ef0999194 20997 chromium_115.0.5790.98-1~deb12u1_all-buildd.buildinfo
Files:
 6c8645279002c3336c3db5c750a48366 6161028 localization optional chromium-l10n_115.0.5790.98-1~deb12u1_all.deb
 4b83375f99d789bfcbb35af232fc29ef 20997 web optional chromium_115.0.5790.98-1~deb12u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtzb3SVunlrB0F8t8ExOkVqF4GXMFAmS3/78ACgkQExOkVqF4
GXOV7A//dM/H2DJa2n1tspdPnYtDR7rP43X3v6n4wIAh+ugnu/nIPH8vYTnf4+qb
HVV8nmCfOBCEG7WuLAwHhZ4aAQgaGwS2YZiVr+YnNulb0BMXl0yqHcpoZrPNCy8B
t0wFgg48LCd5Fv9qR89WdYXVHtymIoKzrHoQngUNKucTpOJZ/ydvI1dyXD8A5cln
Qu71zCGiH7kK32HXnR2h6YL1LspGh5jioNcuGhRYGU/kmpXGj55jf4XIidZSrirE
uouiQg62xnzL7YeI9hRSmViCBXRqjnocx6FZkGtJwiEhdJfAG3mRY7VBaKrBazXE
5zdS+6TD5JxonxuKaMJnocGIsj9X6VVZEKr2tosU1fL9b9hmlFIKqsO57pKEWtW0
1PvdhKnRepB6DX7WRpVR8mc1xe4cFf5HAy5oTDs17rFXcJIcjGG1Ysyokbi3hwkQ
eflG9NIm3IZm+Ikrv2HoU2ZuRQfOKExc1+X+tj5jXf6lx5Wx8SB03bu8uPOUIF9u
6ZctYqZVcD/yBs/XgiHkq8KvzbdWTuqej7FDH/0zAFEosST9uwae+PCn+tOtc5q2
X0ozkVgYJ9d3fZ8qaPFxDkAdifOh8n1wFrGI4ZwkYCZWm0ZU/6Vu5Gsy/UlbXRb0
GFlI+QOv/B2i829A6Gn/Oafo4zD4bQl2xreNJmIQ70KNJ6jQxQA=
=3Ud2
-----END PGP SIGNATURE-----