Changelog
chromium (123.0.6312.86-1) unstable; urgency=high
* New upstream stable release.
- CVE-2024-2883: Use after free in ANGLE.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-2885: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-2886: Use after free in WebCodecs. Reported by
Seunghyun Lee (@0x10n) of KAIST Hacking Lab, via Pwn2Own 2024.
- CVE-2024-2887: Type Confusion in WebAssembly.
Reported by Manfred Paul, via Pwn2Own 2024.
* d/patches/ppc64le:
- fixes/fix-clang-selection.patch: select clang on ppc64 platforms
- ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: fix
ARM builds.
[ Andres Salomon ]
* d/patches:
- fixes/bad-font-gc1.patch, fixes/bad-font-gc2.patch: revert a pair of
upstream commits that result in blink's garbage collector frequently
deadlocking and crashing (closes: #1067886).
-- Timothy Pearson <email address hidden> Wed, 28 Mar 2024 16:58:00 -0500