chromium (125.0.6422.141-1) unstable; urgency=high
* New upstream security release.
- CVE-2024-5493: Heap buffer overflow in WebRTC.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-5494: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-5495: Use after free in Dawn. Reported by wgslfuzz.
- CVE-2024-5496: Use after free in Media Session.
Reported by Cassidy Kim(@cassidy6564).
- CVE-2024-5497: Out of bounds memory access in Keyboard Inputs.
Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab.
- CVE-2024-5498: Use after free in Presentation API.
- CVE-2024-5499: Out of bounds write in Streams API.
* d/patches/fixes/libxml-parseerr.patch: delete, now that we have a
newer libxml2.
* d/control: add versioned build-dep on libxml2-dev >= 2.12.
-- Andres Salomon <email address hidden> Thu, 30 May 2024 22:11:26 -0400