-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 02 Apr 2025 02:04:23 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: amd64 Version: 135.0.7049.52-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-csail-01) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-headless-shell - web browser - old headless shell chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (135.0.7049.52-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2025-3066: Use after free in Navigations. Reported by Sven Dysthe (@svn-dys). - CVE-2025-3067: Inappropriate implementation in Custom Tabs. Reported by Philipp Beer (TU Wien). - CVE-2025-3068: Inappropriate implementation in Intents. Reported by Simon Rawet. - CVE-2025-3069: Inappropriate implementation in Extensions. Reported by NDevTK. - CVE-2025-3070: Insufficient validation of untrusted input in Extensions. - CVE-2025-3071: Inappropriate implementation in Navigations. Reported by David Erceg. - CVE-2025-3072: Inappropriate implementation in Custom Tabs. Reported by Om Apip. - CVE-2025-3073: Inappropriate implementation in Autofill. Reported by Hafiizh. - CVE-2025-3074: Inappropriate implementation in Downloads. Reported by Farras Givari. * d/patches: - upstream/optional.patch: drop, merged upstream. - upstream/qualifications.patch: drop, merged upstream. - fixes/lens-optional.patch: drop, merged upstream. - fixes/optional.patch: drop, merged upstream. - fixes/swiftshader-llvm.patch: drop, merged upstream. - fixes/variant.patch: drop, merged upstream. - bookworm/clang19.patch: refresh. - bookworm/gn-revert-path-exists.patch: add build fix to work around older gn. - ungoogled/disable-privacy-sandbox.patch: refresh from ungoogled. - fixes/make-pair.patch: add a gcc-specific build fix. - disable/buildtools-libc.patch: add patch to remove libc build stuff. - bookworm/gn-absl.patch: refresh. - bookworm/constexpr.patch: refresh. - bookworm/stdarch-arm.patch: refresh. - bookworm/eslint.patch: add bookworm-specific build fix; thanks Daniel Richard G. ! - bookworm/crabbyav1f.patch: add rustc 1.78 build fix workaround. . [ Timothy Pearson ] * Enable pointer compression on ppc64le This fixes V8 OOM conditions noted on e.g. https://trac.ffmpeg.org * d/patches/ppc64le: - v8/0001-Enable-ppc64-pointer-compression.patch - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch: refresh for upstream changes . [ Daniel Richard G. ] * d/rules: Add switch to allow downloading either Google's upstream tarball, or an independently-created one from Gentoo. Default to the latter. Checksums-Sha1: b12db2d29947688fd1e6fca2f0a182f91794896f 4756488 chromium-common-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb 395b234d0b7ca4d0d430b0347a44e2f00243108f 20376812 chromium-common_135.0.7049.52-1~deb12u1_amd64.deb 1234e04d246a9943500d8d081363fa14a108ff72 30440136 chromium-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb 1139510a44096f37fa7848a0a330b71916b3fdc4 7557032 chromium-driver_135.0.7049.52-1~deb12u1_amd64.deb 24d85e7ed66ff4eb14001a01cb7884d109957de3 26115256 chromium-headless-shell-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb 5d61482905612175ad40318c743bc32f89560332 58236232 chromium-headless-shell_135.0.7049.52-1~deb12u1_amd64.deb 84065c71e91f629e16e9dae5db3f41e161745486 14068 chromium-sandbox-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb 22ef86d268695ec28bbd5a255826ff22b1e0dcab 101868 chromium-sandbox_135.0.7049.52-1~deb12u1_amd64.deb e45b005ea90cb44682e39945982bc0c7f3140994 25378500 chromium-shell-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb 42a462640a4101353f167c556234be31046e7e8c 53809888 chromium-shell_135.0.7049.52-1~deb12u1_amd64.deb 7104c03aa120166068d3c472d48d66304e6a188b 30159 chromium_135.0.7049.52-1~deb12u1_amd64-buildd.buildinfo 5a9e3b8cf3a73b6186b51e378386e3ff9bfdde47 78156480 chromium_135.0.7049.52-1~deb12u1_amd64.deb Checksums-Sha256: f6d438102d826ff36e13a961edf4d54770e8f71099828731e0a79a7e2e0d39e5 4756488 chromium-common-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb 4b05c52369f965814bbb3e7d83ecb13c81e1c5cd2237ce14ec01942914cd8888 20376812 chromium-common_135.0.7049.52-1~deb12u1_amd64.deb c15e4a83ae930d836536e08b8c29313221540f579b968aea93a8c67adc22953d 30440136 chromium-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb 8a417014ba495fc038ebb8fbb6371f8b7ac79bb252d9dd718f5d19603eb4d2ca 7557032 chromium-driver_135.0.7049.52-1~deb12u1_amd64.deb 42b3bc1cb23e3e882de4bca8572c7242b0a7789afc2f6fba4535ef43994e6b41 26115256 chromium-headless-shell-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb b4d3e9d2778d0aeefca2e76cf508bc70c0816c135221ef61c222b48a23fe8d6e 58236232 chromium-headless-shell_135.0.7049.52-1~deb12u1_amd64.deb 825277d57c0972a5549d55f2052859a8dc1a2466eb7943b487f65cab89a96ddc 14068 chromium-sandbox-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb 92af5f1e30593af7a2bb8e2b8ec61fb66f9a45086d670b61f7c9298f7eaa0a73 101868 chromium-sandbox_135.0.7049.52-1~deb12u1_amd64.deb 850e63d5d31d3c1c692cfb5bfda0112eaa01f62f48b8093156e02a5b81aee412 25378500 chromium-shell-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb 2590659f48ae0effaabb70da37eb54a0fb8b9c3c98b170e6620eb143ee18b0d6 53809888 chromium-shell_135.0.7049.52-1~deb12u1_amd64.deb 84cf74c50756ed662244cd19fef8caa4a8386a659bcfb072d0b35d0cb94fd83c 30159 chromium_135.0.7049.52-1~deb12u1_amd64-buildd.buildinfo ca0e5e59c620fe2a869679220f61425771aaa96773f67e1ca84923b3e9a4600f 78156480 chromium_135.0.7049.52-1~deb12u1_amd64.deb Files: 86cc3c802d715ad3a66a2ba29230d2d6 4756488 debug optional chromium-common-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb 0d565926b1b6a64bbfe534ce9bdff423 20376812 web optional chromium-common_135.0.7049.52-1~deb12u1_amd64.deb a26eabc8470311fa08aa4be253fe0146 30440136 debug optional chromium-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb e44ec3cdc2c076be6a3d2ec76751e1c8 7557032 web optional chromium-driver_135.0.7049.52-1~deb12u1_amd64.deb c4125bcfde2a22d93050cf10f6769eab 26115256 debug optional chromium-headless-shell-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb dd1273e17d9f37414da5d95242cff1c5 58236232 web optional chromium-headless-shell_135.0.7049.52-1~deb12u1_amd64.deb 41b7aae3e36cb9e36a25fb3979b95b54 14068 debug optional chromium-sandbox-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb 0d75cf307647e23a98bae2e610d11adf 101868 web optional chromium-sandbox_135.0.7049.52-1~deb12u1_amd64.deb 5abaeb97825bf62709292845898d9ef0 25378500 debug optional chromium-shell-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb 9987d1dd054379e06374095eeb8b100d 53809888 web optional chromium-shell_135.0.7049.52-1~deb12u1_amd64.deb 32d86c481edd6e03d9ef5c71311681d8 30159 web optional chromium_135.0.7049.52-1~deb12u1_amd64-buildd.buildinfo bd43e43494d3343aff97458aff844453 78156480 web optional chromium_135.0.7049.52-1~deb12u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXNeYFUF3FbHcrtSeIy3Pg040HrAFAmfuLIMACgkQIy3Pg040 HrDA/Q//atT+8bacIZxQWCoPwG5q9hFnPNxqxmOLqTYtHfgHoE7vqKFRa6jo/3OF IT0uIHbk3GXXaftfM7ESDoj1QxaNkQ3kRPvlBhLUo4qTS9p0q574pDoo0mb33bV6 tcMGDF3dU8CPu//JFzoCRgIcaq8CcOsBMDgI3qnAccLGF2BUrF3lFWo3wdC8hrN2 jhTTSq1DIwp/XodK3FC9dBR+ibdrG0B4JPE2iVQ0AeRn2upm0QCGA66N6SXvBseB RqDXXuj6xGDF5wnc9oZckGlGhZ0BQq0qpp93ENzRkfVDCj7fHUMpGqrTDPnhb+sx A6n5WCSaoPb8jnRpZlsDiCD2tsJSfYIyNo+9F3Lu1o3UZU6dgF0f5RAyyst0Az2d KUF7zp9CVtBti3E3cj8lk2N/ekJbiuPzrnbksqAqpSXCT1CDQMISeXyF+H+FhB1z sC47/oMjVJgkAQfx5DP2xkNq++PzNGts0d3ON6RC6uF57NLy/bkfpRx6Y23q4h55 cI6ptPIH4b3DdTjLutBs+VIv0AZz86YwiQ9HNVx3F24Yg5qx2vrUbU4ohM1aJeal Pc6LtLWx9TbFxd5vEB+FIVYk7wUVG3SAc+z1YzOonqLbJIiI8CXV4gDRBKBaJqui jDDFUycsQLleb1LlmPmq7XBIJc8Phk233NqHmbwHHzrf6UG/JAw= =/ORw -----END PGP SIGNATURE-----