-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 02 Apr 2025 02:04:23 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: ppc64el Version: 135.0.7049.52-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-headless-shell - web browser - old headless shell chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (135.0.7049.52-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2025-3066: Use after free in Navigations. Reported by Sven Dysthe (@svn-dys). - CVE-2025-3067: Inappropriate implementation in Custom Tabs. Reported by Philipp Beer (TU Wien). - CVE-2025-3068: Inappropriate implementation in Intents. Reported by Simon Rawet. - CVE-2025-3069: Inappropriate implementation in Extensions. Reported by NDevTK. - CVE-2025-3070: Insufficient validation of untrusted input in Extensions. - CVE-2025-3071: Inappropriate implementation in Navigations. Reported by David Erceg. - CVE-2025-3072: Inappropriate implementation in Custom Tabs. Reported by Om Apip. - CVE-2025-3073: Inappropriate implementation in Autofill. Reported by Hafiizh. - CVE-2025-3074: Inappropriate implementation in Downloads. Reported by Farras Givari. * d/patches: - upstream/optional.patch: drop, merged upstream. - upstream/qualifications.patch: drop, merged upstream. - fixes/lens-optional.patch: drop, merged upstream. - fixes/optional.patch: drop, merged upstream. - fixes/swiftshader-llvm.patch: drop, merged upstream. - fixes/variant.patch: drop, merged upstream. - bookworm/clang19.patch: refresh. - bookworm/gn-revert-path-exists.patch: add build fix to work around older gn. - ungoogled/disable-privacy-sandbox.patch: refresh from ungoogled. - fixes/make-pair.patch: add a gcc-specific build fix. - disable/buildtools-libc.patch: add patch to remove libc build stuff. - bookworm/gn-absl.patch: refresh. - bookworm/constexpr.patch: refresh. - bookworm/stdarch-arm.patch: refresh. - bookworm/eslint.patch: add bookworm-specific build fix; thanks Daniel Richard G. ! - bookworm/crabbyav1f.patch: add rustc 1.78 build fix workaround. . [ Timothy Pearson ] * Enable pointer compression on ppc64le This fixes V8 OOM conditions noted on e.g. https://trac.ffmpeg.org * d/patches/ppc64le: - v8/0001-Enable-ppc64-pointer-compression.patch - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch: refresh for upstream changes . [ Daniel Richard G. ] * d/rules: Add switch to allow downloading either Google's upstream tarball, or an independently-created one from Gentoo. Default to the latter. Checksums-Sha1: f5987c4daac9652fbcf368432c49bcaddbfb6f66 5300360 chromium-common-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb fb1a59c238232c6510b5cbaefae40929e0c376d4 26235604 chromium-common_135.0.7049.52-1~deb12u1_ppc64el.deb f961114028784129ff4ccfee841137a3a80c47ff 26002752 chromium-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb e15e23cadb5c518ca5c2ba4544ad52b3e9f12bb1 7412252 chromium-driver_135.0.7049.52-1~deb12u1_ppc64el.deb 0056eec14fbba69be3726261e7115b7d19aebbd0 21512460 chromium-headless-shell-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb f0d15bdb9daecdbf6afe36bed7bd71f1d0069b7f 54560992 chromium-headless-shell_135.0.7049.52-1~deb12u1_ppc64el.deb 489c3eea5c1f425fdff55e2c7499762f60e157f2 14240 chromium-sandbox-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb b6e40420c39e566da074f56c59601ff2074820bb 101960 chromium-sandbox_135.0.7049.52-1~deb12u1_ppc64el.deb 20b13f8f6d5f1d6d7eeab084b27d9f601ffaff4e 21283108 chromium-shell-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb 1e78fcd95fd3de00c1ed6f05cdf9758214e53f34 51503492 chromium-shell_135.0.7049.52-1~deb12u1_ppc64el.deb a6fbacc58b12fce47f573297d27b3893abd11e21 30102 chromium_135.0.7049.52-1~deb12u1_ppc64el-buildd.buildinfo 3597e8e6a4bbfde2deadba740fad5459ddd146b4 74013280 chromium_135.0.7049.52-1~deb12u1_ppc64el.deb Checksums-Sha256: 5ff0cd00723fc67938c3a7f9ad9870c3d954371973a46251b1590c6f4e9529ab 5300360 chromium-common-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb 20a4310f549995e1bfccf1877013be65df2b3debcf3f3a7d83ebf97e327172b5 26235604 chromium-common_135.0.7049.52-1~deb12u1_ppc64el.deb 38833ef675e11d09247c503ea83ba6763b3090d4f4fff6d6ddf4ef72a9f00f80 26002752 chromium-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb 35c044403e80e2fde4bb08194adc24e93815fa1db7d0a8ccbc93b6e7924b6de0 7412252 chromium-driver_135.0.7049.52-1~deb12u1_ppc64el.deb 4c5248ac21aba8b850c88076306ad1a24569b3b0841444421aa061ac11f90ce6 21512460 chromium-headless-shell-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb 365e93afe1ccbd44c1bb71407e6d9520cd667a0248d72c48467febfb3adfccf4 54560992 chromium-headless-shell_135.0.7049.52-1~deb12u1_ppc64el.deb 2ced0121709b0f655eb1cc0a1c3f2f0b0e3a4a90b8b416af5ec55ea216bbf502 14240 chromium-sandbox-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb 18b73da7af47a2d0d091ee329a438b32472855647459c9a31ce7595a238e7cdc 101960 chromium-sandbox_135.0.7049.52-1~deb12u1_ppc64el.deb f5c7d11a4f9682ff1536440c5604e8fefd9fe4a8155c8c0c3e0b771284d39e07 21283108 chromium-shell-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb 6d6a581dcb3f68064af35701a5f726d0848fdec1dfd8d8658a1db2b28946c73b 51503492 chromium-shell_135.0.7049.52-1~deb12u1_ppc64el.deb 582221c524f9ae26a7b19fc1e81b29d6a1e55e31658c5cbd1a8cbeb2d6c46e74 30102 chromium_135.0.7049.52-1~deb12u1_ppc64el-buildd.buildinfo 942a68dab54f52e0f9b96421fb4cec9982f29eee0681feb64de05d66ace6a45a 74013280 chromium_135.0.7049.52-1~deb12u1_ppc64el.deb Files: 8b20357158c9546bebb9d3613cca6906 5300360 debug optional chromium-common-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb 1f883cc714034ac43f7713973e1f3833 26235604 web optional chromium-common_135.0.7049.52-1~deb12u1_ppc64el.deb f4b16b2a6722cef6fff622f4fea6d28c 26002752 debug optional chromium-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb 767ceb61b0648c6423e47f35ed772bd5 7412252 web optional chromium-driver_135.0.7049.52-1~deb12u1_ppc64el.deb 0999fe99c76b7812bd1709ddfe01ebd7 21512460 debug optional chromium-headless-shell-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb 6b5109d9d4c2639211948adb88fd54d8 54560992 web optional chromium-headless-shell_135.0.7049.52-1~deb12u1_ppc64el.deb 1ccc850cf3ab5f59d1d218699709c9b5 14240 debug optional chromium-sandbox-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb 4f07828ae5f7dad19225f3f8d76df7ff 101960 web optional chromium-sandbox_135.0.7049.52-1~deb12u1_ppc64el.deb 3eba3506be08c027c2d58293d00f1c73 21283108 debug optional chromium-shell-dbgsym_135.0.7049.52-1~deb12u1_ppc64el.deb ae41ecbb3f780f1a258766ad3af40ace 51503492 web optional chromium-shell_135.0.7049.52-1~deb12u1_ppc64el.deb 8e4423dabc6f2a738397f7169a6ff936 30102 web optional chromium_135.0.7049.52-1~deb12u1_ppc64el-buildd.buildinfo 69e2427fdd51da249914b18d4977360f 74013280 web optional chromium_135.0.7049.52-1~deb12u1_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0YcVZfZCWQv84jpRNcqbeolus3sFAmfuMPsACgkQNcqbeolu s3so8A//RHiArRfwU3aEbjFRd0JfBviYaj1GssVwqviBSeQv4vxr0WZ7y9gl3ZPR BAV38uCLmyRRQ+eVNQX7QE2WGUWT8nORA8QOdIyUo5yBinlFHEu7DlJDcM6ziQ62 /vkLbCPXjNpBmXsMiIt0j5MH9LGFAHfWuwJiohk6QhOszxAl4J85azhNQNWiXfwu VYrMxq+KcLw3ra5QDs/2cRdqan0opAWew7dZvQqK9PgOYjugD82u6NDhJnHhwUk8 DcphcYeeBssgmPV39VGapWlyXQphOBQPm1gXAqd5m8bQKL8Pzhw5C8G7WHktiFL7 uOqOEOZluWYh6xJiEQgd4Vv9vc9Z20ZJTWsDkl+U4pCiKdNvy6oSTOkedauDjrQe 5q6YYW6G+N1bwiRT/RsYhtDW0BHmI6vCdlZLxnIxKpZQPI9jDLDIydTsYW2hehQb pxbIcrgQkHDXmXiDzuiNqk3etn/iv1wZ/5wHq7/Dx06KXRzQXp9VyvouyOCJV+6f iRYhdhJWvq/dHi9aDZQvn4iPikYaG2pIj3/6suKWcvyoQfUuzEkO00xgQEOoHzKW wXWC9ua3AbCUuHh72tJwAeuxbG7kIZA8dEN55JiyCuyl1BXEQSGwAndu32E9liZg ouZknP6xfCmZoaluS0qQCdmcgv29fULmrXxB6msp4PpbKmJNSH0= =p5WL -----END PGP SIGNATURE-----