Your message dated Mon, 15 Jul 2024 19:36:44 +0000
with message-id <[email protected]>
and subject line Bug#1073378: fixed in chromium 126.0.6478.126-1~deb13u1
has caused the Debian Bug report #1073378,
regarding chromium: Chromium exits with SIGSEGV resulting in "Restore pages"
dialog on next start
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1073378: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1073378
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: chromium
Version: 126.0.6478.56-1~deb12u1
Severity: important
Dear Maintainer,
Chromium process is killed with a SIGSEGV starting with 126.0.6478.56-1~deb12u1.
* What led up to the situation?
The crash appears to started happening with upgrade from
121.0.6167.139-1~deb12u1 to 126.0.6478.56-1~deb12u1.
* What exactly did you do (or not do) that was effective (or
ineffective)?
Simply stopping the chromium windows (either from window manager, or using the
Exit menu item) results in the chromium process to be killed by SIGSEGV.
* What was the outcome of this action?
The process is killed by SIGSEGV. After restarting the browser asks to restore
the pages opened previously complaining not being shutdown properly.
Running "DEBUGINFOD_URLS=https://debuginfod.debian.net chromium --debug"
produces this upon exiting:
Thread 6 "ThreadPoolForeg" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffeea006c0 (LWP 9403)]
0x000055555f453b7c in ?? ()
(gdb) bt
#0 0x000055555f453b7c in ()
#1 0x00001ddc06ab4f00 in ()
#2 0x00001ddc097471c0 in ()
#3 0x00007fffee9fd770 in ()
#4 0x000055555f47135f in ()
#5 0x00007fffee9fd870 in ()
#6 0x00001ddc02811c50 in ()
#7 0x00001ddc097471c0 in ()
#8 0x0000000000000000 in ()
Running and exiting chromium with a clean profile still crashes and prints
something similar but equally unusable:
Thread 1 "chromium" received signal SIGSEGV, Segmentation fault.
0x000055555c5f2e3c in ?? ()
(gdb) bt
#0 0x000055555c5f2e3c in ()
#1 0x00007fffffffcf70 in ()
#2 0x0000555557d3d20c in ()
#3 0x0000000000000002 in ()
#4 0x0000000000000070 in ()
#5 0x00007fffffffcf88 in ()
#6 0x0000299400020568 in ()
#7 0x0000555563650000 in data_start ()
#8 0x0000299400c40a50 in ()
#9 0x0000299400020440 in ()
#10 0xfffffffc00000000 in ()
#11 0x00007fffffffcfc0 in ()
#12 0x0000555557d37e6a in ()
#13 0x00007fffffffcfc0 in ()
#14 0x0000299400b21c30 in ()
#15 0x000055555c6fe9e0 in ()
#16 0xa170406ef4a88800 in ()
#17 0x0000299400b21c30 in ()
#18 0x0000555563650000 in data_start ()
#19 0x0000299400020440 in ()
#20 0xfffffffc00000000 in ()
#21 0x00007fffffffd000 in ()
#22 0x000055555f011f78 in ()
#23 0x00005555631ddee8 in ()
#24 0x0000299400b21c30 in ()
#25 0x0000555563650000 in data_start ()
#26 0x0000299400c40a50 in ()
#27 0x0000299400979400 in ()
#28 0x0000299400979410 in ()
#29 0x00007fffffffd020 in ()
#30 0x000055555f01209e in ()
#31 0x00005555631ddee8 in ()
#32 0x0000299400020440 in ()
#33 0x00007fffffffd080 in ()
#34 0x000055555f00bd04 in ()
#35 0x0000000000000000 in ()
* What outcome did you expect instead?
At least not having to restore the open pages.
Not crashing at all would be a welcome extra, as I sometimes record core dumps
system-wide (for unrelated reasons) and would like to have less noise to
analyze.
Thanks,
Alex Riesen
-- System Information:
Debian Release: 12.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.9.5 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages chromium depends on:
ii chromium-common 126.0.6478.56-1~deb12u1
ii libasound2 1.2.8-1+b1
ii libatk-bridge2.0-0 2.46.0-5
ii libatk1.0-0 2.46.0-5
ii libatomic1 12.2.0-14
ii libatspi2.0-0 2.46.0-5
ii libc6 2.36-9+deb12u7
ii libcairo2 1.16.0-7
ii libcups2 2.4.2-3+deb12u5
ii libdav1d6 1.0.0-2+deb12u1
ii libdbus-1-3 1.14.10-1~deb12u1
ii libdouble-conversion3 3.2.1-1
ii libdrm2 2.4.114-1+b1
ii libevent-2.1-7 2.1.12-stable-8
ii libexpat1 2.5.0-1
ii libflac12 1.4.2+ds-2
ii libfontconfig1 2.14.1-4
ii libfreetype6 2.12.1+dfsg-5
ii libgbm1 22.3.6-1+deb12u1
ii libgcc-s1 12.2.0-14
ii libglib2.0-0 2.74.6-2+deb12u2
ii libgtk-3-0 3.24.38-2~deb12u1
ii libharfbuzz-subset0 6.0.0+dfsg-3
ii libharfbuzz0b 6.0.0+dfsg-3
ii libjpeg62-turbo 1:2.1.5-2
ii libjsoncpp25 1.9.5-4
ii liblcms2-2 2.14-2
ii libminizip1 1.1-8+deb12u1
ii libnspr4 2:4.35-1
ii libnss3 2:3.87.1-1
ii libopenh264-7 2.3.1+dfsg-3
ii libopenjp2-7 2.5.0-2
ii libopus0 1.3.1-3
ii libpango-1.0-0 1.50.12+ds-1
ii libpng16-16 1.6.39-2
ii libpulse0 16.1+dfsg1-2+b1
ii libsnappy1v5 1.1.9-3
ii libstdc++6 12.2.0-14
ii libwoff1 1.0.2-2
ii libx11-6 2:1.8.4-2+deb12u2
ii libxcb1 1.15-1
ii libxcomposite1 1:0.4.5-1
ii libxdamage1 1:1.1.6-1
ii libxext6 2:1.3.4-1+b1
ii libxfixes3 1:6.0.0-2
ii libxkbcommon0 1.5.0-1
ii libxml2 2.9.14+dfsg-1.3~deb12u1
ii libxnvctrl0 525.85.05-3~deb12u1
ii libxrandr2 2:1.5.2-2+b1
ii libxslt1.1 1.1.35-1
ii zlib1g 1:1.2.13.dfsg-1
Versions of packages chromium recommends:
ii chromium-sandbox 126.0.6478.56-1~deb12u1
Versions of packages chromium suggests:
ii chromium-driver 126.0.6478.56-1~deb12u1
pn chromium-l10n <none>
ii chromium-shell 126.0.6478.56-1~deb12u1
Versions of packages chromium-common depends on:
ii libc6 2.36-9+deb12u7
ii libdrm2 2.4.114-1+b1
ii libjsoncpp25 1.9.5-4
ii libstdc++6 12.2.0-14
ii libx11-6 2:1.8.4-2+deb12u2
ii libxnvctrl0 525.85.05-3~deb12u1
ii x11-utils 7.7+5
ii xdg-utils 1.1.3-4.1
ii zlib1g 1:1.2.13.dfsg-1
Versions of packages chromium-common recommends:
ii chromium-sandbox 126.0.6478.56-1~deb12u1
ii dunst [notification-daemon] 1.9.2-1~bpo12+1
ii fonts-liberation 1:1.07.4-11
ii libgl1-mesa-dri 22.3.6-1+deb12u1
pn system-config-printer <none>
ii udev 252.22-1~deb12u1
ii upower 0.99.20-2
Versions of packages chromium-driver depends on:
ii libatomic1 12.2.0-14
ii libc6 2.36-9+deb12u7
ii libdouble-conversion3 3.2.1-1
ii libevent-2.1-7 2.1.12-stable-8
ii libglib2.0-0 2.74.6-2+deb12u2
ii libjsoncpp25 1.9.5-4
ii libminizip1 1.1-8+deb12u1
ii libnspr4 2:4.35-1
ii libnss3 2:3.87.1-1
ii libstdc++6 12.2.0-14
ii libxcb1 1.15-1
ii zlib1g 1:1.2.13.dfsg-1
Versions of packages chromium-sandbox depends on:
ii libc6 2.36-9+deb12u7
-- no debconf information
[http://cetitec.com/_resources/app/css/img/signature_logo.png]
CETITEC GmbH
Mannheimer Str. 17
D-75179 Pforzheim
https://www.cetitec.com
Sitz der Gesellschaft / Location: Pforzheim, Germany
Amtsgericht / Registry Court: Mannheim, Germany, HRB 715734
Geschäftsführer / Chief Executive Officer: Dr. Michael Back
________________________________
Hinweis / Note:
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen.
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten
haben, informieren Sie bitte sofort den Absender und löschen Sie diese Mail.
Das unerlaubte Speichern, Kopieren sowie die unbefugte Weitergabe dieser Mail
ist nicht gestattet!
This e-mail may contain confidential and/or privileged information. If you are
not the intended recipient or have received this e-mail in error, please notify
the sender immediately and delete this e-mail. Any unauthorized copying,
disclosure or distribution of the contents in this e-mail is not allowed!
--- End Message ---
--- Begin Message ---
Source: chromium
Source-Version: 126.0.6478.126-1~deb13u1
Done: Andres Salomon <[email protected]>
We believe that the bug you reported is fixed in the latest version of
chromium, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andres Salomon <[email protected]> (supplier of updated chromium package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 15 Jul 2024 05:28:21 +0000
Source: chromium
Architecture: source
Version: 126.0.6478.126-1~deb13u1
Distribution: trixie
Urgency: high
Maintainer: Debian Chromium Team <[email protected]>
Changed-By: Andres Salomon <[email protected]>
Closes: 1068096 1071662 1073378
Changes:
chromium (126.0.6478.126-1~deb13u1) trixie; urgency=high
.
* Rebuild for trixie.
* Revert libxml2-dev versioned build dep, and re-add
d/patches/fixes/libxml-parseerr.patch.
.
chromium (126.0.6478.126-1) unstable; urgency=high
.
* New upstream security release.
- CVE-2024-6290: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-6291: Use after free in Swiftshader.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-6292: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-6293: Use after free in Dawn. Reported by wgslfuzz.
* d/patches/upstream/observer.patch: add crash-on-exit fix from
upstream (closes: #1073378).
.
chromium (126.0.6478.114-1) unstable; urgency=high
.
* New upstream security release.
- CVE-2024-6100: Type Confusion in V8. Reported by Seunghyun Lee
(@0x10n) participating in SSD Secure Disclosure's TyphoonPWN 2024.
- CVE-2024-6101: Inappropriate implementation in WebAssembly.
Reported by @ginggilBesel.
- CVE-2024-6102: Out of bounds memory access in Dawn.
Reported by wgslfuzz.
- CVE-2024-6103: Use after free in Dawn. Reported by wgslfuzz.
.
chromium (126.0.6478.56-1) unstable; urgency=high
.
* New upstream stable release.
- CVE-2024-5830: Type Confusion in V8.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2024-5831: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-5832: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-5833: Type Confusion in V8. Reported by @ginggilBesel.
- CVE-2024-5834: Inappropriate implementation in Dawn.
Reported by gelatin dessert.
- CVE-2024-5835: Heap buffer overflow in Tab Groups.
Reported by Weipeng Jiang (@Krace) of VRI.
- CVE-2024-5836: Inappropriate Implementation in DevTools.
Reported by Allen Ding.
- CVE-2024-5837: Type Confusion in V8. Reported by Anonymous.
- CVE-2024-5838: Type Confusion in V8.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2024-5839: Inappropriate Implementation in Memory Allocator.
Reported by Mickey.
- CVE-2024-5840: Policy Bypass in CORS. Reported by Matt Howard.
- CVE-2024-5841: Use after free in V8.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-5842: Use after free in Browser UI.
Reported by Sven Dysthe (@svn_dy).
- CVE-2024-5843: Inappropriate implementation in Downloads.
Reported by hjy79425575.
- CVE-2024-5844: Heap buffer overflow in Tab Strip. Reported by Sri.
- CVE-2024-5845: Use after free in Audio. Reported by anonymous.
- CVE-2024-5846: Use after free in PDFium.
Reported by Han Zheng (HexHive).
- CVE-2024-5847: Use after free in PDFium.
Reported by Han Zheng (HexHive).
* d/copyright: delete bullseye environment that upstream ships (??).
* d/patches:
- upstream/appservice-include.patch: drop, merged upstream.
- upstream/lens-include.patch: drop, merged upstream.
- upstream/mojo-bindings-include.patch: drop, merged upstream.
- upstream/ninja.patch: drop, merged upstream.
- upstream/no-vector-consts.patch: drop, merged upstream.
- upstream/vulkan-include.patch: drop, merged upstream.
- system/clang-format.patch: drop it; we broke it some time ago, and
didn't notice. Guess we don't need it?
- bookworm/clang16.patch: refresh.
- fixes/bad-font-gc00000.patch: refresh
- fixes/bad-font-gc11.patch: refresh
- fixes/bad-font-gc2.patch: refresh
- disable/signin.patch: refresh
- upstream/quiche-deque.patch: gcc build fix pulled from upstream.
- upstream/gpu-header.patch: add header build fix from upstream.
- upstream/blink-header.patch: add header build fix from upstream.
- upstream/blink-header2.patch: add header build fix from upstream.
- upstream/blink-header3.patch: add header build fix from upstream.
- upstream/realtime-reporting.patch: gcc build fix from upstream.
- upstream/urlvisit-header.patch: add header build fix from upstream.
- upstream/accessibility-format.patch: gcc build fix from upstream.
- bookworm/urlhelper-ctor.patch: work around a clang-16 bug; add an
explicit constructor.
.
[ Timothy Pearson ]
* d/patches/ppc64le:
- sandbox/0008-sandbox-fix-ppc64le-glibc234.patch: Modify for upstream
changes
- third_party/0002-Add-PPC64-generated-files-for-boringssl.patch: Modify
for upstream changes
- libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: Refresh
for upstream changes
.
chromium (125.0.6422.141-1) unstable; urgency=high
.
* New upstream security release.
- CVE-2024-5493: Heap buffer overflow in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-5494: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-5495: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-5496: Use after free in Media Session.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-5497: Out of bounds memory access in Keyboard Inputs.
Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab.
- CVE-2024-5498: Use after free in Presentation API.
- CVE-2024-5499: Out of bounds write in Streams API.
* d/patches/fixes/libxml-parseerr.patch: delete, now that we have a
newer libxml2.
* d/control: add versioned build-dep on libxml2-dev >= 2.12.
.
chromium (125.0.6422.112-1) unstable; urgency=high
.
* New upstream security release.
- CVE-2024-5274: Type Confusion in V8. Reported by Clément Lecigne of
Google's Threat Analysis Group and Brendon Tiszka of Chrome Security.
* Fix handling of quoted arguments (closes: #1071662).
.
chromium (125.0.6422.76-1) unstable; urgency=high
.
* New upstream security release.
- CVE-2024-5157: Use after free in Scheduling. Reported by Looben Yang.
- CVE-2024-5158: Type Confusion in V8.
Reported by Zhenghang Xiao (@Kipreyyy).
- CVE-2024-5159: Heap buffer overflow in ANGLE.
Reported by David Sievers (@loknop).
- CVE-2024-5160: Heap buffer overflow in Dawn. Reported by wgslfuzz.
* Don't silently ignore arguments meant for the wrapper script if chromium
args happen to come first (closes: #1068096).
* d/patches:
- upstream/tabstrip-include.patch: add header build fix.
Checksums-Sha1:
914bbb70ef1c71a70f87b023a40baf45bee7bcd5 3788
chromium_126.0.6478.126-1~deb13u1.dsc
87e695d0a9cbc777cedf80bfdbf01b2fd5b4b243 963484100
chromium_126.0.6478.126.orig.tar.xz
06b13d2156418c7f888438e5eea5ab1e6c3120bf 430444
chromium_126.0.6478.126-1~deb13u1.debian.tar.xz
7f2dd0f0240fd2fc05953914f86c4b3ed28d0b9f 21944
chromium_126.0.6478.126-1~deb13u1_source.buildinfo
Checksums-Sha256:
7d58af94dc7c089ad23c7a1acd2fff511ef4bc6a625ff9046a08672013635e59 3788
chromium_126.0.6478.126-1~deb13u1.dsc
aa828cedf44c81e21282393b8436d9c75bb20f6427476d614649b0813bf5ee16 963484100
chromium_126.0.6478.126.orig.tar.xz
ae1b2014c84faf2ecd4479a7f60a05fa050d1f569061b262b5f1d4b5ac125336 430444
chromium_126.0.6478.126-1~deb13u1.debian.tar.xz
b872e8cad1bc13f450e4b3c7a3decf7df8331a0dd8bd0800cb1d9bace71ffce3 21944
chromium_126.0.6478.126-1~deb13u1_source.buildinfo
Files:
636a233c3f0214439bbf4d9564600fe4 3788 web optional
chromium_126.0.6478.126-1~deb13u1.dsc
799dbd059c1642ac0ce58438f44d1169 963484100 web optional
chromium_126.0.6478.126.orig.tar.xz
6e32992cdac465cdf16e5c08d9df67be 430444 web optional
chromium_126.0.6478.126-1~deb13u1.debian.tar.xz
3d1abbfb1efc90fcc65f7c00302e9650 21944 web optional
chromium_126.0.6478.126-1~deb13u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmaVWkoUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudjeq/w//TDxkY2MPt0jKGXQdebXSySkD1KXt
HdCcIByPz0sFtgeJ9VL3pD0n61ag4syjBjnWj6DgAWIQyXVxh9mBMlBtG/OF6dyl
A6Bryk9pAsr0dLW2wY5dmLQooll5hEnCjgJ9BnyBEOGxMpZi633Y3BMWkLnYLThi
ztFVxLaICc0V6h14dJ7p2TxKMhVngn94o3/sI/oKYEU2nnUMkU/fDZPqBO1+Iuxe
qzd+NaqnyQSB5Bb57uqfFhV5LlaVBeXX+0RQwAZRwNBiAEmMF+Qq/vTLQoXi40iP
GPQ9ZRpIhH5eA1WbnYw4iJ4zMhPJP2WGM0/dTCHfgkjsi8LYn6sXMjQmfVB8IVMt
+/1LYSGF7VWQw27Dm6yAc6JAidTufjKF4lvEzcz21gZIdyELjFh/Qgpv8OrLVAXf
A57XbcKQaOC5vlbH/ScCEBpvjYVRwN35QtsBj1lrRzmfq8RiGM5tTVLgTyaF4XWC
nlYcV7v3+J5cQWo8sUMPI6EhYE6lp9xqZFTXvp9gbb0e1uA+cD+1zvog+PTN4cQy
t8z0HrGhYmBhmWr3CUF78QF46OSb0K+xfiLrqcJZsPDai4secc7x57f6YUgoq/qk
dbQelouPEKAOgK9iUYNVCSINxmnnEXTgxl/Il93mGC0u6CGNezsD8NL1Q6GLPtUU
DvKFumR+bMyOXUM=
=yrFI
-----END PGP SIGNATURE-----
pgpqUBCr8j5BL.pgp
Description: PGP signature
--- End Message ---
