-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 02 Apr 2025 02:04:23 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: amd64
Version: 135.0.7049.52-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-csail-01) <buildd_amd64-x86-csail-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
chromium - web browser
chromium-common - web browser - common resources used by the chromium packages
chromium-driver - web browser - WebDriver support
chromium-headless-shell - web browser - old headless shell
chromium-sandbox - web browser - setuid security sandbox for chromium
chromium-shell - web browser - minimal shell
Changes:
chromium (135.0.7049.52-1~deb12u1) bookworm-security; urgency=high
.
[ Andres Salomon ]
* New upstream stable release.
- CVE-2025-3066: Use after free in Navigations.
Reported by Sven Dysthe (@svn-dys).
- CVE-2025-3067: Inappropriate implementation in Custom Tabs.
Reported by Philipp Beer (TU Wien).
- CVE-2025-3068: Inappropriate implementation in Intents.
Reported by Simon Rawet.
- CVE-2025-3069: Inappropriate implementation in Extensions.
Reported by NDevTK.
- CVE-2025-3070: Insufficient validation of untrusted input in
Extensions.
- CVE-2025-3071: Inappropriate implementation in Navigations.
Reported by David Erceg.
- CVE-2025-3072: Inappropriate implementation in Custom Tabs.
Reported by Om Apip.
- CVE-2025-3073: Inappropriate implementation in Autofill.
Reported by Hafiizh.
- CVE-2025-3074: Inappropriate implementation in Downloads.
Reported by Farras Givari.
* d/patches:
- upstream/optional.patch: drop, merged upstream.
- upstream/qualifications.patch: drop, merged upstream.
- fixes/lens-optional.patch: drop, merged upstream.
- fixes/optional.patch: drop, merged upstream.
- fixes/swiftshader-llvm.patch: drop, merged upstream.
- fixes/variant.patch: drop, merged upstream.
- bookworm/clang19.patch: refresh.
- bookworm/gn-revert-path-exists.patch: add build fix to work around
older gn.
- ungoogled/disable-privacy-sandbox.patch: refresh from ungoogled.
- fixes/make-pair.patch: add a gcc-specific build fix.
- disable/buildtools-libc.patch: add patch to remove libc build stuff.
- bookworm/gn-absl.patch: refresh.
- bookworm/constexpr.patch: refresh.
- bookworm/stdarch-arm.patch: refresh.
- bookworm/eslint.patch: add bookworm-specific build fix; thanks
Daniel Richard G. <skunk@iSKUNK.ORG>!
- bookworm/crabbyav1f.patch: add rustc 1.78 build fix workaround.
.
[ Timothy Pearson ]
* Enable pointer compression on ppc64le
This fixes V8 OOM conditions noted on e.g. https://trac.ffmpeg.org
* d/patches/ppc64le:
- v8/0001-Enable-ppc64-pointer-compression.patch
- sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch:
refresh for upstream changes
.
[ Daniel Richard G. ]
* d/rules: Add switch to allow downloading either Google's upstream tarball,
or an independently-created one from Gentoo. Default to the latter.
Checksums-Sha1:
b12db2d29947688fd1e6fca2f0a182f91794896f 4756488 chromium-common-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
395b234d0b7ca4d0d430b0347a44e2f00243108f 20376812 chromium-common_135.0.7049.52-1~deb12u1_amd64.deb
1234e04d246a9943500d8d081363fa14a108ff72 30440136 chromium-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
1139510a44096f37fa7848a0a330b71916b3fdc4 7557032 chromium-driver_135.0.7049.52-1~deb12u1_amd64.deb
24d85e7ed66ff4eb14001a01cb7884d109957de3 26115256 chromium-headless-shell-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
5d61482905612175ad40318c743bc32f89560332 58236232 chromium-headless-shell_135.0.7049.52-1~deb12u1_amd64.deb
84065c71e91f629e16e9dae5db3f41e161745486 14068 chromium-sandbox-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
22ef86d268695ec28bbd5a255826ff22b1e0dcab 101868 chromium-sandbox_135.0.7049.52-1~deb12u1_amd64.deb
e45b005ea90cb44682e39945982bc0c7f3140994 25378500 chromium-shell-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
42a462640a4101353f167c556234be31046e7e8c 53809888 chromium-shell_135.0.7049.52-1~deb12u1_amd64.deb
7104c03aa120166068d3c472d48d66304e6a188b 30159 chromium_135.0.7049.52-1~deb12u1_amd64-buildd.buildinfo
5a9e3b8cf3a73b6186b51e378386e3ff9bfdde47 78156480 chromium_135.0.7049.52-1~deb12u1_amd64.deb
Checksums-Sha256:
f6d438102d826ff36e13a961edf4d54770e8f71099828731e0a79a7e2e0d39e5 4756488 chromium-common-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
4b05c52369f965814bbb3e7d83ecb13c81e1c5cd2237ce14ec01942914cd8888 20376812 chromium-common_135.0.7049.52-1~deb12u1_amd64.deb
c15e4a83ae930d836536e08b8c29313221540f579b968aea93a8c67adc22953d 30440136 chromium-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
8a417014ba495fc038ebb8fbb6371f8b7ac79bb252d9dd718f5d19603eb4d2ca 7557032 chromium-driver_135.0.7049.52-1~deb12u1_amd64.deb
42b3bc1cb23e3e882de4bca8572c7242b0a7789afc2f6fba4535ef43994e6b41 26115256 chromium-headless-shell-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
b4d3e9d2778d0aeefca2e76cf508bc70c0816c135221ef61c222b48a23fe8d6e 58236232 chromium-headless-shell_135.0.7049.52-1~deb12u1_amd64.deb
825277d57c0972a5549d55f2052859a8dc1a2466eb7943b487f65cab89a96ddc 14068 chromium-sandbox-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
92af5f1e30593af7a2bb8e2b8ec61fb66f9a45086d670b61f7c9298f7eaa0a73 101868 chromium-sandbox_135.0.7049.52-1~deb12u1_amd64.deb
850e63d5d31d3c1c692cfb5bfda0112eaa01f62f48b8093156e02a5b81aee412 25378500 chromium-shell-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
2590659f48ae0effaabb70da37eb54a0fb8b9c3c98b170e6620eb143ee18b0d6 53809888 chromium-shell_135.0.7049.52-1~deb12u1_amd64.deb
84cf74c50756ed662244cd19fef8caa4a8386a659bcfb072d0b35d0cb94fd83c 30159 chromium_135.0.7049.52-1~deb12u1_amd64-buildd.buildinfo
ca0e5e59c620fe2a869679220f61425771aaa96773f67e1ca84923b3e9a4600f 78156480 chromium_135.0.7049.52-1~deb12u1_amd64.deb
Files:
86cc3c802d715ad3a66a2ba29230d2d6 4756488 debug optional chromium-common-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
0d565926b1b6a64bbfe534ce9bdff423 20376812 web optional chromium-common_135.0.7049.52-1~deb12u1_amd64.deb
a26eabc8470311fa08aa4be253fe0146 30440136 debug optional chromium-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
e44ec3cdc2c076be6a3d2ec76751e1c8 7557032 web optional chromium-driver_135.0.7049.52-1~deb12u1_amd64.deb
c4125bcfde2a22d93050cf10f6769eab 26115256 debug optional chromium-headless-shell-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
dd1273e17d9f37414da5d95242cff1c5 58236232 web optional chromium-headless-shell_135.0.7049.52-1~deb12u1_amd64.deb
41b7aae3e36cb9e36a25fb3979b95b54 14068 debug optional chromium-sandbox-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
0d75cf307647e23a98bae2e610d11adf 101868 web optional chromium-sandbox_135.0.7049.52-1~deb12u1_amd64.deb
5abaeb97825bf62709292845898d9ef0 25378500 debug optional chromium-shell-dbgsym_135.0.7049.52-1~deb12u1_amd64.deb
9987d1dd054379e06374095eeb8b100d 53809888 web optional chromium-shell_135.0.7049.52-1~deb12u1_amd64.deb
32d86c481edd6e03d9ef5c71311681d8 30159 web optional chromium_135.0.7049.52-1~deb12u1_amd64-buildd.buildinfo
bd43e43494d3343aff97458aff844453 78156480 web optional chromium_135.0.7049.52-1~deb12u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXNeYFUF3FbHcrtSeIy3Pg040HrAFAmfuLIMACgkQIy3Pg040
HrDA/Q//atT+8bacIZxQWCoPwG5q9hFnPNxqxmOLqTYtHfgHoE7vqKFRa6jo/3OF
IT0uIHbk3GXXaftfM7ESDoj1QxaNkQ3kRPvlBhLUo4qTS9p0q574pDoo0mb33bV6
tcMGDF3dU8CPu//JFzoCRgIcaq8CcOsBMDgI3qnAccLGF2BUrF3lFWo3wdC8hrN2
jhTTSq1DIwp/XodK3FC9dBR+ibdrG0B4JPE2iVQ0AeRn2upm0QCGA66N6SXvBseB
RqDXXuj6xGDF5wnc9oZckGlGhZ0BQq0qpp93ENzRkfVDCj7fHUMpGqrTDPnhb+sx
A6n5WCSaoPb8jnRpZlsDiCD2tsJSfYIyNo+9F3Lu1o3UZU6dgF0f5RAyyst0Az2d
KUF7zp9CVtBti3E3cj8lk2N/ekJbiuPzrnbksqAqpSXCT1CDQMISeXyF+H+FhB1z
sC47/oMjVJgkAQfx5DP2xkNq++PzNGts0d3ON6RC6uF57NLy/bkfpRx6Y23q4h55
cI6ptPIH4b3DdTjLutBs+VIv0AZz86YwiQ9HNVx3F24Yg5qx2vrUbU4ohM1aJeal
Pc6LtLWx9TbFxd5vEB+FIVYk7wUVG3SAc+z1YzOonqLbJIiI8CXV4gDRBKBaJqui
jDDFUycsQLleb1LlmPmq7XBIJc8Phk233NqHmbwHHzrf6UG/JAw=
=/ORw
-----END PGP SIGNATURE-----