-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 02 Apr 2025 02:04:23 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: armhf Version: 135.0.7049.52-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-ubc-06) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-headless-shell - web browser - old headless shell chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (135.0.7049.52-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2025-3066: Use after free in Navigations. Reported by Sven Dysthe (@svn-dys). - CVE-2025-3067: Inappropriate implementation in Custom Tabs. Reported by Philipp Beer (TU Wien). - CVE-2025-3068: Inappropriate implementation in Intents. Reported by Simon Rawet. - CVE-2025-3069: Inappropriate implementation in Extensions. Reported by NDevTK. - CVE-2025-3070: Insufficient validation of untrusted input in Extensions. - CVE-2025-3071: Inappropriate implementation in Navigations. Reported by David Erceg. - CVE-2025-3072: Inappropriate implementation in Custom Tabs. Reported by Om Apip. - CVE-2025-3073: Inappropriate implementation in Autofill. Reported by Hafiizh. - CVE-2025-3074: Inappropriate implementation in Downloads. Reported by Farras Givari. * d/patches: - upstream/optional.patch: drop, merged upstream. - upstream/qualifications.patch: drop, merged upstream. - fixes/lens-optional.patch: drop, merged upstream. - fixes/optional.patch: drop, merged upstream. - fixes/swiftshader-llvm.patch: drop, merged upstream. - fixes/variant.patch: drop, merged upstream. - bookworm/clang19.patch: refresh. - bookworm/gn-revert-path-exists.patch: add build fix to work around older gn. - ungoogled/disable-privacy-sandbox.patch: refresh from ungoogled. - fixes/make-pair.patch: add a gcc-specific build fix. - disable/buildtools-libc.patch: add patch to remove libc build stuff. - bookworm/gn-absl.patch: refresh. - bookworm/constexpr.patch: refresh. - bookworm/stdarch-arm.patch: refresh. - bookworm/eslint.patch: add bookworm-specific build fix; thanks Daniel Richard G. ! - bookworm/crabbyav1f.patch: add rustc 1.78 build fix workaround. . [ Timothy Pearson ] * Enable pointer compression on ppc64le This fixes V8 OOM conditions noted on e.g. https://trac.ffmpeg.org * d/patches/ppc64le: - v8/0001-Enable-ppc64-pointer-compression.patch - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch: refresh for upstream changes . [ Daniel Richard G. ] * d/rules: Add switch to allow downloading either Google's upstream tarball, or an independently-created one from Gentoo. Default to the latter. Checksums-Sha1: 959497acb803b24a4b517a2db9aeb89de7ffac20 5137652 chromium-common-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb 0f19f4203463082ab399b7e25ed88448396554ff 20257164 chromium-common_135.0.7049.52-1~deb12u1_armhf.deb 5fa7f701cfe292d050c1f03c4401d37422e09898 32196408 chromium-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb f45450346ba16bb695b182f78ae726d8d134a8bb 7322716 chromium-driver_135.0.7049.52-1~deb12u1_armhf.deb 3ee2a4274a7521038a72d752b76a33974c3ac370 25590072 chromium-headless-shell-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb 91b72f2d8c53ba4766d3844c43b730f09c7c5a9c 48755440 chromium-headless-shell_135.0.7049.52-1~deb12u1_armhf.deb dce5dbe87fd82f2ea6aa95182aa433640afaf887 12684 chromium-sandbox-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb 1cf11b27f4a7a4fa4211ef8806dab75958724a32 101436 chromium-sandbox_135.0.7049.52-1~deb12u1_armhf.deb 7cd07870a07f85d7c3d324fe56bfbf98edb2909d 26113092 chromium-shell-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb 074285707e3b8476edb57597171f5753af9383ce 50665568 chromium-shell_135.0.7049.52-1~deb12u1_armhf.deb 0006fd8648f5c899cbe22af24eeb216bfce662bf 30082 chromium_135.0.7049.52-1~deb12u1_armhf-buildd.buildinfo 98cc5401606990f51c5996e44b054fc25be4627f 63114740 chromium_135.0.7049.52-1~deb12u1_armhf.deb Checksums-Sha256: 35bbb448caa25683699f84d0133f910e774463d046c12116cd0a793ea7199e44 5137652 chromium-common-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb 55264bbdc3bacbae86d7ef4e802d3be2933af0aa56740b4336c8141f2796d6ae 20257164 chromium-common_135.0.7049.52-1~deb12u1_armhf.deb 38b79d9e8f2a1a45de9f5de14913b1f8a0a15963f21a39fe88e82d93fc73966b 32196408 chromium-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb da2dab4fdeff3e063ce1819fbf19726daa9b726adc133fb17f05417c40acbc7e 7322716 chromium-driver_135.0.7049.52-1~deb12u1_armhf.deb 10e461f021c848eb198daac5b689729113db9564fa89c5beba14f64a2b90e71a 25590072 chromium-headless-shell-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb 616cf5af9354f76a657d3d8f6647d0f7e5c63b7b531f59c4902abf012712fad1 48755440 chromium-headless-shell_135.0.7049.52-1~deb12u1_armhf.deb 3132fa196bdb5fc452fcf8fb85420f265b9445505fe62a9932818d555fd4976b 12684 chromium-sandbox-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb 590b6f33134c04ed5a7e6dd4d3bc60c5eb4ab00b0fcf8b70cb8b7bfd6a2066ad 101436 chromium-sandbox_135.0.7049.52-1~deb12u1_armhf.deb fb59cdbd856cf40784ee499774482507a283cd6edeebd9ce32e127fbfd86887b 26113092 chromium-shell-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb def445c5bbf01779a7be6109d47aba7cb9a1286d787b62fa63c7e0b45d1b9e0c 50665568 chromium-shell_135.0.7049.52-1~deb12u1_armhf.deb 7da642e7667b0b6480b4b29feb6d84e666ee0b049474cd5932de600d279ed7e7 30082 chromium_135.0.7049.52-1~deb12u1_armhf-buildd.buildinfo cce432dea0beeb36a20c0532bdccb1e9a118924586666bd4ae0ba85cea3f3042 63114740 chromium_135.0.7049.52-1~deb12u1_armhf.deb Files: 70a9330c25a917ae5373c3b16caba4f5 5137652 debug optional chromium-common-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb cd7764cb73dda347b1abc459d5ced54d 20257164 web optional chromium-common_135.0.7049.52-1~deb12u1_armhf.deb 7bf10c13195060085f6e476c936636be 32196408 debug optional chromium-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb ae8dc98ea1a5a21479080bb95100e39c 7322716 web optional chromium-driver_135.0.7049.52-1~deb12u1_armhf.deb 0b3157a75e73da15c785592b713ee754 25590072 debug optional chromium-headless-shell-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb b62fba7608ce78cf9ce50ed33984725e 48755440 web optional chromium-headless-shell_135.0.7049.52-1~deb12u1_armhf.deb 8312277b3160a98c0cf97302a583f870 12684 debug optional chromium-sandbox-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb c0511450d9c53a712dba163d711d160f 101436 web optional chromium-sandbox_135.0.7049.52-1~deb12u1_armhf.deb 9aa36bbec854fdc99cd37f498153d065 26113092 debug optional chromium-shell-dbgsym_135.0.7049.52-1~deb12u1_armhf.deb 9214cc5529cd3872541e63050de434ab 50665568 web optional chromium-shell_135.0.7049.52-1~deb12u1_armhf.deb aa19c353efdff088814f9d6236b1cfa5 30082 web optional chromium_135.0.7049.52-1~deb12u1_armhf-buildd.buildinfo 83a8840208ef8781d182d4a69d322b03 63114740 web optional chromium_135.0.7049.52-1~deb12u1_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErcTbumGV7Ig2iXlfQdxRZ9J7nEgFAmfxIuwACgkQQdxRZ9J7 nEiRsxAAt8BAQQaGf1Fw6L8VcvAQPOV7LBH9EyPewHaPAldBpoWITOImSz7PrSSi gHWxJwNZVS6yrs+F1E532jvv8QedpJSrCrzdm9gCqmLugRdFzfWJEYv6HbN20fux bvdnExPqDd+z72Lg/MW1wc+RI/BR4d7u5okAHXscutIriX5/vefQPEDr4WByhQbG tGSgNgzKJ9fwb9fK8/KEBaJMO5946ezsUB6cX+OqgiSaCUkJ2Bqjwf4fXYeK+vms arEvWz10RAGrKbQVHoH8jfUaO+q0IeNUn7mEX1o4rmbi2p+ngUvM6ukWiimod/vG FsVCOqP20Peo1/InPYjgucEAsGZbzvKFw+UW9V/28plwKvNIMbQeXKgS6Quy/pTL dee4n2X6/RP5I1clUrtihkdH1/UbaZIymY9e/0sEhuvLgEuOh5dqeJsoGMxXbnl1 o9mXu1Z+jhrBM3mRQjFJzwvnbU31DIFyY/rndlBkx/6qiWgfWBy3zvigy/94CRUh Z3HXaN7r3d2p8kp3W1vkHAkKcI79juL8+DSp6VRhwHvHLvl7ltjQ9PQh/hqXKtw4 L2DcOz5doNYKLB1b6px8QUkjWZKUmhCBw9F55m9bx0v4EnLofyE8cRKW2Bvq7QaG vnPJLCcsvHpfE+FfCYPB0Vaj4o3/pfCDi3YPh921NL69YZSDHu4= =nY2X -----END PGP SIGNATURE-----