Accepted chromium 122.0.6261.111-1~deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 05 Mar 2024 16:40:05 -0500 Source: chromium Architecture: source Version: 122.0.6261.111-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Debian Chromium Team Changed-By: Andres Salomon Changes: chromium (122.0.6261.111-1~deb12u1) bookworm-security; urgency=high . * New upstream security release. - CVE-2024-2173: Out of bounds memory access in V8. Reported by 5fceb6172bbf7e2c5a948183b53565b9. - CVE-2024-2174: Inappropriate implementation in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be8. - CVE-2024-2176: Use after free in FedCM. Reported by Anonymous. * d/rules: drop bullseye nodejs workaround. * Add a build-dep on (the newly backported) rustc-web, drop d/patches/bookworm/undo-rust-req.patch, and enable rust. Checksums-Sha1: 6ef641993b7054212ea27ccc48e3aaaeaf925ca4 3742 chromium_122.0.6261.111-1~deb12u1.dsc a2aa6629667518101007646240008e3b4843473a 830799888 chromium_122.0.6261.111.orig.tar.xz 7f55528b87797f96d419acb0f38eda175b813e5d 381532 chromium_122.0.6261.111-1~deb12u1.debian.tar.xz 0faa9ca94287982ca8a40900bf776163033851bb 21666 chromium_122.0.6261.111-1~deb12u1_source.buildinfo Checksums-Sha256: fbb8f36f655a8fd9db6b0cdbfcbbb3a12f489d76ae93246c11bcdc1ae9772939 3742 chromium_122.0.6261.111-1~deb12u1.dsc 4bcedf20e3ce113415c70b0fecdc8d339b9b7951c47fb74fb7c2ed9d427892a3 830799888 chromium_122.0.6261.111.orig.tar.xz fe2dc56eca1bb4c4692c550a4c91564c5e366cb13f7dedf53b112ae6fd2e82e1 381532 chromium_122.0.6261.111-1~deb12u1.debian.tar.xz 69bd4d33e75bcc20e3eaa8154a4cc65cfe7c6d7839a09eb89fa2b405973d1b6a 21666 chromium_122.0.6261.111-1~deb12u1_source.buildinfo Files: 63bc3a166e82722c577259c552c110bd 3742 web optional chromium_122.0.6261.111-1~deb12u1.dsc 089e2071a38ad74151456bb29f7f7b72 830799888 web optional chromium_122.0.6261.111.orig.tar.xz 734ca73d91ec6e659dfb418e019b98e9 381532 web optional chromium_122.0.6261.111-1~deb12u1.debian.tar.xz 602369e0c22829602581de555f3e5ea2 21666 web optional chromium_122.0.6261.111-1~deb12u1_source.buildinfo -BEGIN PGP SIGNATURE- iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmXoGiMUHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8Nudjc4Rw/+NgMqWe5yaEx3YjaTwKqNTvibH9Ny M1TlKExq1SlZQg4MOzl/f+l43/Mkv1ZqfofzV9XYoHq4GQJKm8m8FymJfrijt4JY +OVkmY3WZvOQw7byvbaZhTVPfSkS23AnFPjCvvxT+w397AV9wfduB8f5XyOmxVeK UVn4kpJd2OB0Jwo7a9ubPo3w6dmYqVVC90imtEXCBa9peIpXM/t3YnjH9mDMfI8f 52EAb1bJVVONS1pY+EN89jYy+dYe/P854QvcGq7CpAzVtIwnABs5gyWck4j7YW6u lTYiQ8LFgNsYgVzzMRgDxjPMMxx95j5PInMFBj4a702zJYF1Cech/OmtDuyzQ4rN eGmd9egx71YfYLmKexuKzO85+izmsiHeNgzRhnWMvZZC7PDSAewR/milEUOS+xaI LEt/LitkRgzuaPBqg+oYT5fQgVAH/WFY1Il77GnCy8ynKqTiAp3JrHr5OkJ1kYQp 8orF0ZiOT4UtdS1ku/ZJ41IW+sa8bVM6Qgo5bBqAA5ftwIDpueikYk1br5hQMxGI 9ep2nmBLcrgvk3gQ/HTqzHaf6nsod8c0By8Q3Wd5g24AbPXzZb603qHA3Tvd1Mlr uTwe8JqSyhnssEbkVGO5qiR0rukHbYUNDKvpRZCgsD3woxq3oBGR+vTIxsV6uHeL zbf7inEQcYW18As= =sM34 -END PGP SIGNATURE- pgph3ofcGNSPx.pgp Description: PGP signature
Accepted chromium 122.0.6261.128-1~deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 12 Mar 2024 18:43:05 -0400 Source: chromium Architecture: source Version: 122.0.6261.128-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Debian Chromium Team Changed-By: Andres Salomon Changes: chromium (122.0.6261.128-1~deb12u1) bookworm-security; urgency=high . * New upstream security release. - CVE-2024-2400: Use after free in Performance Manager. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab. Checksums-Sha1: f44cde4e5f95d43cff7ef9453ed4f3d6a04dea7f 3742 chromium_122.0.6261.128-1~deb12u1.dsc ef6653c0e0b4d6c4562233a898c646450882a497 830731696 chromium_122.0.6261.128.orig.tar.xz 5bdf8cd0d6174f759b46f96990a59b08618ecddc 381540 chromium_122.0.6261.128-1~deb12u1.debian.tar.xz 89c9c61f69b7b272fb4184c113f80a36184f6208 21666 chromium_122.0.6261.128-1~deb12u1_source.buildinfo Checksums-Sha256: 52b8108e09b0818ab27d68aa6dc8b5a1e2eab43d8b8c59aa3d7ccb7d282976c1 3742 chromium_122.0.6261.128-1~deb12u1.dsc d2a81a1295fd99f1533b40e7792f374a69e4a607ab9bb5f7ae8ce73ad446d89c 830731696 chromium_122.0.6261.128.orig.tar.xz 0df3b1eada605ae43c06e6decc37940ee4956b754a0b39824559dbb29b0403c1 381540 chromium_122.0.6261.128-1~deb12u1.debian.tar.xz 267e8cbdc7796289acf055729bb5972ab1521af5a8ef9aa22841171bd1102e20 21666 chromium_122.0.6261.128-1~deb12u1_source.buildinfo Files: 028a68dbcdc74c30177f5d4f98145525 3742 web optional chromium_122.0.6261.128-1~deb12u1.dsc 8739c36d2ed80507e788af70732f234b 830731696 web optional chromium_122.0.6261.128.orig.tar.xz d56039d0aa897fddb044070db087c1ab 381540 web optional chromium_122.0.6261.128-1~deb12u1.debian.tar.xz b4b69cc848ad62562ccdb14e4b4e9100 21666 web optional chromium_122.0.6261.128-1~deb12u1_source.buildinfo -BEGIN PGP SIGNATURE- iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmXxX64UHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8NudjfwPxAAvAAMOTe/tJRmRwEKcII3ItNqmKc+ MhEQz/Xzle2f5eOXUi8O3flPJYHc8Y8BQZf+lKEZ51nGsrx9rCq0t6wRSpXBE1UD iEyWI1D3z8uFSFg30f5t/a+Zgu9dLwVBlZVa8zPe4qJ+YXNmlmltRfdSZL+7KyT7 tbI4G5DVCOPA94pNeK/nLKD9AhtLt2dSEl3MqsF73cO6Px7tjMSArj6AU6AbnQ9+ ukDJ9FjO7+fvU/R+r2i9lIByHEhVNtrEJpt0wLfgNtNS7x+dKXiUGijJ/eLAUQqq kDwie0zNDNUnWujIBmfHh272YhjkUt36eyAF9utV/gvK0ed3FPm8CSvGa/qY4WQc raUKtDg2pobsTPoHXsvdX+HSluRyFMWHTy1BjhwWRyPXUCIsNbQo010I09Uu9Yv+ VeXUOvEMg/9WAyjjuu5PmBkl01aqoTKZnBxiVQOYnH1ZurCm4NoBXZ/+2/ETHsMK mesXayiRblcbDz2o7eC6kLaFWBJbzxJFEHSMM7awSJ41Plo6+p84RaoY2TrInN3t 36FBnsY3TP6E9kJr9J/o6w4DoMQfTuR3D9Ugi22fnI0SzASPDa9Hck/QdLl3wJf5 gQEB3mTDeHHBX4ORIKlR53an3BnYGOGzFPTwjxpiqr4SqEnuI3v3j9ZCniRQWELg 5lRJPK45TJfBHIA= =txqO -END PGP SIGNATURE- pgpPnYc63cwM_.pgp Description: PGP signature
Accepted libuv1 1.44.2-1+deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 20 Feb 2024 18:28:54 +0100 Source: libuv1 Architecture: source Version: 1.44.2-1+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: Dominique Dumont Changed-By: Dominique Dumont Closes: 1063484 Changes: libuv1 (1.44.2-1+deb12u1) bookworm-security; urgency=medium . * add patch to fix CVE-2024-24806 (Closes: 1063484) Checksums-Sha1: 9588ae6ca442e22acaec2475194ec189901f9d4f 2029 libuv1_1.44.2-1+deb12u1.dsc ced06e69586ea4b3be56c2cc67caa5dc1718a70c 1308776 libuv1_1.44.2.orig.tar.gz 5061d77c2055b183b1bc3640f3f53eb9c24c53dd 21460 libuv1_1.44.2-1+deb12u1.debian.tar.xz 3d8acd17328c4b9935cca168e7bec194226fc46e 8840 libuv1_1.44.2-1+deb12u1_source.buildinfo Checksums-Sha256: 798be0a2bcbcd40bb85302f6ccbf02b240e1958d4ad9cf153b8101c3a82f21b9 2029 libuv1_1.44.2-1+deb12u1.dsc d79b4b06ef04be85fb890bf39d55942cc64c2e15fd14eaa32dae5dce94485484 1308776 libuv1_1.44.2.orig.tar.gz 14fc605e7d1520137416fd8c097b58a191be9b07bdbb406f7b39c7894b7d66a5 21460 libuv1_1.44.2-1+deb12u1.debian.tar.xz 6729f56c1a50bcf954f70ab4016e1c44047af50707e283e83d9d79b8651e70ac 8840 libuv1_1.44.2-1+deb12u1_source.buildinfo Files: 24577671198dca02c1a0da01b977dd35 2029 libs optional libuv1_1.44.2-1+deb12u1.dsc c154b7548028901c9ad70d2adfa5dae2 1308776 libs optional libuv1_1.44.2.orig.tar.gz 5767cebbb44a080de662a588a60cada2 21460 libs optional libuv1_1.44.2-1+deb12u1.debian.tar.xz 335d3ed99956c306769bf1a81bf53d5c 8840 libs optional libuv1_1.44.2-1+deb12u1_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEn3I5/LZk8Qsz6dwDwx9P2UmrK2wFAmXoo1IACgkQwx9P2Umr K2x4yQ//d9/UFdrIW4zOHRGOCviDrSbVDYbkvYululPUpn3VmEkW0G1JXAf/IK4f s9HPfQxCExtKE7CDyEOPQdmgT45I8nZ4HHHAfwWPJzSErLyxVx0Mf8sd8/v3VQga mDa3czCAKw4m9fMrXszpGxhOj1s9D6stz8xbIoPTrVMAVg6/NBWmIjBCgGR/c6/N LMamSn2UkrDx5N74QBtkToUCovMCC/CaGE8kCePIFjj1HyF6Bnd/dypySOqoTP7z F57kYzGx0blSn7vDrTHUCA/kENL7gVgWHiL9xZrir9eEdo3q9YYOff53ghU1nLIs 5qOcnp7/dlAi2pblWrvNZOGB5ALpzC8V2Q9cNcZ4EitQxu+q7z0eGo9qIPVtRLLN CkWv1P2xeDsVg2gf01gca4wnGanwBpK+6EKITT4OncOS8YQtMr12xV0h+hr9 sgwRANGYmIXPHdPqKCCwBfkJZwRypJwccHo92Px8AzLrhUwrMvld54J5zUBNUcmh Fi8sdWXGWc0RDa3ZvUhp7d4UEg9IpLRamBCVF2TXWrNWXOIQy372okLcxlO7ufGT /++q50/F0QmRASGZaPQih4sSdlAvHbk789FN4RH/9d+pxFUZ1hs0pZpfoFJvp8IA JAOKtBBcIHBQWrl08Wd4CfXYxS2UUvnxIOaPInV0mlup6fPRkx4= =ZSft -END PGP SIGNATURE- pgpSY90zX3NgE.pgp Description: PGP signature
Accepted openvswitch 3.1.0-2+deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 18 Feb 2024 16:46:26 +0100 Source: openvswitch Architecture: source Version: 3.1.0-2+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: Debian OpenStack Changed-By: Thomas Goirand Closes: 1063492 Changes: openvswitch (3.1.0-2+deb12u1) bookworm-security; urgency=medium . * CVE-2023-5366: A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses. Added upstream patch: "Fix missing masks on a final stage with ports trie". * CVE-2023-3966: Invalid memory access in Geneve with HW offload. Added upstream patch: netdev-offload-tc: Check geneve metadata length (Closes: #1063492). Checksums-Sha1: 6fddff647c4124aa3e34552fb523ee4632c95a42 3559 openvswitch_3.1.0-2+deb12u1.dsc f1fd1f728cbf71894c752b546cd3c27d57ebaebe 4847692 openvswitch_3.1.0.orig.tar.xz 6e6cbffad704d727e6b3e4b05dd83a1be765f62d 74096 openvswitch_3.1.0-2+deb12u1.debian.tar.xz 8b24eaa8734c78d1bc87330092ecaa365a95334e 25342 openvswitch_3.1.0-2+deb12u1_amd64.buildinfo Checksums-Sha256: 22ca1b4ea0ac2e00c6d017aeb3fc16a2d1e381338414960011543ee2a16a9b4a 3559 openvswitch_3.1.0-2+deb12u1.dsc c56c34e37058ce4dd131733b0b24c9b557b0d0ee092a9786739b51f5e906a297 4847692 openvswitch_3.1.0.orig.tar.xz a73be9099e7014117cc7625711efeed1e0b90c2cef3a3341f146cfb7ce37df8d 74096 openvswitch_3.1.0-2+deb12u1.debian.tar.xz 301974eaed1bee652b6b4a53c48be3638e8ac72b3b4c495e2cad5ea06bfce1fd 25342 openvswitch_3.1.0-2+deb12u1_amd64.buildinfo Files: 8fcf6e716a9c556bfbebc93bdfd86f4b 3559 net optional openvswitch_3.1.0-2+deb12u1.dsc 45a3b182b9cbf6d9c98c76c0026a65d6 4847692 net optional openvswitch_3.1.0.orig.tar.xz 5cbf3df575d6aaa567c28c3c4b67c47e 74096 net optional openvswitch_3.1.0-2+deb12u1.debian.tar.xz b88ccade8d141cc34354dac8bec9c9f2 25342 net optional openvswitch_3.1.0-2+deb12u1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmXxu3YACgkQ1BatFaxr Q/6hSg//QPjYGfVAu1TvYCU2jFEJV5M3jvGj2J16OM5jmciYxmgkQNoritawmWaC EYMixP/rEcuX2tA5PUxTnoa6/qd999rZOOamffwocEt/jTcuoyac1jpVeRwb3+Dr OjU/gXTCPxyfJFeDVSez2Pb42Ff17xaq/aFfWdyO+aeE2SBTpFB0fimouqmNjvd0 KccdW4Llsf+UtcHD4D+Q4IknMDXtn2eeLZShvjgjVDkNONMNlpYIqiUNFHbXGo09 /PgNfStjwbYh+ZXhVEkHWaXtyjN79ylUD34HwMFAS69XXVyQ0FFXtp/NCBiHLKNl XjD1KzCpS78Ay06nkKMLKd+A87Ez7lclQgbGkoK1eI6GAz8CtU7dGTMRgIsSaN0S HHfA2MfNtFGTaXVeBL7yCw3x4Iqf6OPg0kxY9lI3yaTJpkYKr0LUK+WTIA3EKIhJ NYvU+YR86gC6fjC8NH4vHWR4H016vAAFVVvt0vfMIv3E4IelSgyOsfrCjzOsBFu6 eQZvdNZ7ext7hE5JBpZ8tUkZkuYIQHhRstwN/JYr5B8dqYIz65sR0Yv44mus+FTK 6pfJAG5EZH7xGrOiD3VbnspOMadonyTkMQgrr/JS6VHpIItKth4XBjjBlYB4alzW 4FRqBGHhS9RwskV/ipMWB177kEtgQr4ZC0xzJ0gpVwrkpb5TB1k= =bC4r -END PGP SIGNATURE- pgpOy0Y2qgYfj.pgp Description: PGP signature
Accepted squid 5.7-2+deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 6 Mar 2024 00:21:52 CET Source: squid Architecture: source Version: 5.7-2+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Luigi Gangitano Changed-By: Markus Koschany Checksums-Sha1: e3c04077d35b9af42a4db2735ab7b49a23ce315a 2871 squid_5.7-2+deb12u1.dsc 141e8007d6b1cfee34654127a9ca025125b37b58 2566560 squid_5.7.orig.tar.xz 0ca4e7cf9a3838c7944ba4a5e48d5623e822ff7a 55324 squid_5.7-2+deb12u1.debian.tar.xz e8322c38c8ab122ea095b43e79fa05434b918221 11088 squid_5.7-2+deb12u1_amd64.buildinfo Checksums-Sha256: 972f9eaea48c84b47cb8630e176a4b3ff934b6ffaecd7c074dc097f8e15f1208 2871 squid_5.7-2+deb12u1.dsc 6b0753aaba4c9c4efd333e67124caecf7ad6cc2d38581f19d2f0321f5b7ecd81 2566560 squid_5.7.orig.tar.xz e52c73948661d979c26fe18dc6f4ac1fddb2e217a7cad700490325ea5623dfb6 55324 squid_5.7-2+deb12u1.debian.tar.xz f2fbfc804f5818ae25a3aa06046a4e57f5c6d41e8bcf426eae2cbab0653a 11088 squid_5.7-2+deb12u1_amd64.buildinfo Changes: squid (5.7-2+deb12u1) bookworm-security; urgency=high . * Non-maintainer upload. * Fix CVE-2023-46724, CVE-2023-46846, CVE-2023-46847, CVE-2023-46848, CVE-2023-49285, CVE-2023-49286, CVE-2023-50269, CVE-2024-23638, CVE-2024-25111, CVE-2024-25617. * Several security vulnerabilities have been discovered in Squid, a full featured web proxy cache. Due to programming errors in Squid's HTTP request parsing, remote attackers may be able to execute a denial of service attack by sending large X-Forwarded-For header or trigger a stack buffer overflow while performing HTTP Digest authentication. Other issues facilitate request smuggling past a firewall or a denial of service against Squid's Helper process management. In regard to CVE-2023-46728: Please note that support for the Gopher protocol has simply been removed in future Squid versions. There are no plans by the upstream developers of Squid to fix this issue. We recommend to reject all Gopher URL requests instead. Files: b46b09a0bb848cddb1af0387535f6006 2871 web optional squid_5.7-2+deb12u1.dsc 7a3764a3c5833631a779d7827901cda7 2566560 web optional squid_5.7.orig.tar.xz 60f01eafeb78618c71baf9004a06d0f7 55324 web optional squid_5.7-2+deb12u1.debian.tar.xz 0b0866406328d58fc36d1ac8c20eda22 11088 web optional squid_5.7-2+deb12u1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmXnqU1fFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkfgUP/iXYLQzVtiwbKarHxiBeKr/trR6OtDOTb3h4 tHFS8jTb7oxIGfgwz1guNJtkXXALWk3i5JnjKcMUByjUhZjMc2sjcXeYzqJ1OQMT 14Xp+QyoPwYUzh8T6ly05/dXgrV315Nw2NtJhWmnNsiglpJMPh9mh1Tg/xU9lSUU mm3EmQuKenHhtXp60pd3abfVBiL4HAkTgtoh14zKMl3KlKo1cdJ1taqwYfnx7ZTd q4gkIUk0/5O37a6M7CgDSghOhEoec+b9GnHpIsyeOE5LUbAYQM/atrgaeSpX7HBM eyBoGJJLQxS2hySuTfvBSergn8oEH8tel55qQ/OgkaEGy4H6e/GhEbAtmPPw9vy4 MPltiEE64FVNZ0coofLy8LcBvtYyWY50yeacqOobruMfNWEgMRTfD72rB0rx1+5H 7s45OcnlxOl13xTcUVdaxV5oolVapnuXCX2lOpb1FivYgOIlbZfWnEjRTdQ5ZAp5 DSDS2RgT/+4EIpy7kGmsp2HBVGsVBqXbeCnGa4Ukj2GhpO30obG4724AzypdIDag KB29DXcIzYYruaO7LFmd0oCmLFzA4nRaa+3zKoCJR2KlwD1VIPiSiUdHJtXVJYnf iSml6OghLhytwJN5OwciJKu1nQu2uPa6HuYhl70n2DRftQYFPVqipeNJ1tj85xHJ ynWYYq0e =cRFx -END PGP SIGNATURE- pgp4uzXegcvg1.pgp Description: PGP signature
