-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 14 Jan 2025 21:20:43 -0500
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: amd64
Version: 132.0.6834.83-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (132.0.6834.83-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2025-0434: Out of bounds memory access in V8. Reported by ddme.
     - CVE-2025-0435: Inappropriate implementation in Navigation.
       Reported by Alesandro Ortiz.
     - CVE-2025-0436: Integer overflow in Skia.
       Reported by Han Zheng (HexHive).
     - CVE-2025-0437: Out of bounds read in Metrics.
       Reported by Xiantong Hou of Wuheng Lab and Pisanbao.
     - CVE-2025-0438: Stack buffer overflow in Tracing.
       Reported by Han Zheng (HexHive).
     - CVE-2025-0439: Race in Frames. Reported by Hafiizh.
     - CVE-2025-0440: Inappropriate implementation in Fullscreen.
       Reported by Umar Farooq.
     - CVE-2025-0441: Inappropriate implementation in Fenced Frames.
       Reported by someoneverycurious.
     - CVE-2025-0442: Inappropriate implementation in Payments.
       Reported by Ahmed ElMasry.
     - CVE-2025-0443: Insufficient data validation in Extensions.
       Reported by Anonymous.
     - CVE-2025-0446: Inappropriate implementation in Extensions.
       Reported by Hafiizh.
     - CVE-2025-0447: Inappropriate implementation in Navigation.
       Reported by Khiem Tran (@duckhiem).
     - CVE-2025-0448: Inappropriate implementation in Compositing.
       Reported by Dahyeon Park.
   * d/patches:
     - upstream/blink-fix-size-assertions.patch: drop, merged upstream.
     - upstream/dawn-strlen.patch: drop, merged upstream.
     - upstream/mrc-copy-op.patch: drop, merged upstream.
     - upstream/variant.patch: part of this was merged upstream; keep the
       rest.
     - fixes/freetype.patch: drop, merged upstream.
     - fixes/gpu-crash.patch: drop, merged upstream.
     - fixes/bindgen.patch: refresh and make patch even smaller. Also some
       upstream churn.
     - fixes/fix-assert-in-vnc-sessions.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: refresh.
     - upstream/mojo.patch: fix missing files.
     - upstream/uint.patch: add gcc-specific build fix.
     - bookworm/constflatset.patch: add (probably) gcc-specific workaround.
     - fixes/lens-optional.patch: add gcc-specific build fix.
     - bookworm/gn-absl.patch: modify for new dependency.
     - bookworm/rust-visibility.patch: add build fix for older rustc.
     - bookworm/less-void.patch: add build fix for older libstdc++/gcc.
   * Downgrade to rollup3 for devtools-frontend stuff, due to the bundled
     rollup4 including wasm blobs. Update d/patches/system/rollup.patch to
     point to the right place as well, and build-dep on
     node-rollup-plugin-terser.
   * Build against newer bundled libtiff for memory limiting protection.
   * Switch to bundled libdrm due to DRM_IOCTL_SYNCOBJ_EVENTFD usage.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - workarounds/HACK-debian-clang-disable-skia-musttail.patch: Drop due
       to upstream fixes
     - third_party/skia-vsx-instructions.patch: Refresh for upstream changes
Checksums-Sha1:
 aeb273552d6bb17804088d285ce3371b18b5b2f5 4764116 chromium-common-dbgsym_132.0.6834.83-1~deb12u1_amd64.deb
 b79e1e4895668dea87b00ae2976ab3169782e06f 10143448 chromium-common_132.0.6834.83-1~deb12u1_amd64.deb
 0a2ba316ddbdf9a7f921f67d4e5c08367c404adb 32148688 chromium-dbgsym_132.0.6834.83-1~deb12u1_amd64.deb
 51d6719e6fe3f26fca24f873082a179f5fcc044d 7415900 chromium-driver_132.0.6834.83-1~deb12u1_amd64.deb
 606a5645ecce043f7a024689b900c5c392b81bab 14072 chromium-sandbox-dbgsym_132.0.6834.83-1~deb12u1_amd64.deb
 fc14648cc4300281e3afae78471bf4e434dd2047 99012 chromium-sandbox_132.0.6834.83-1~deb12u1_amd64.deb
 5b19d8e97fe08b4331ea0d7475d0fb6037ef3afc 26438488 chromium-shell-dbgsym_132.0.6834.83-1~deb12u1_amd64.deb
 bb660a68466bb369a617377dec8bb83918a010cb 53414612 chromium-shell_132.0.6834.83-1~deb12u1_amd64.deb
 14b5fe086f6f5558113328998398d148079fb227 29404 chromium_132.0.6834.83-1~deb12u1_amd64-buildd.buildinfo
 a66e6949ced011efb19ff38d80976cde93ed7047 87291612 chromium_132.0.6834.83-1~deb12u1_amd64.deb
Checksums-Sha256:
 0e1fcc006caef9e5e2a28e592ba414a45f12b78ac0bac66df96911183bf1b44e 4764116 chromium-common-dbgsym_132.0.6834.83-1~deb12u1_amd64.deb
 8f03775c6f67d23e8261d038e8a87c54cec8fb00342d814b0e7c2e821981d632 10143448 chromium-common_132.0.6834.83-1~deb12u1_amd64.deb
 779a4e51fc4dc6aa1840e5f30e52e1af56feac4864e7d2491e31f8c056dea6d7 32148688 chromium-dbgsym_132.0.6834.83-1~deb12u1_amd64.deb
 06500835a91b703718a3c42932cc70cfe9178cfcbea6620d88b8faa34385596b 7415900 chromium-driver_132.0.6834.83-1~deb12u1_amd64.deb
 c54ae512e82eb7aaca71ae4041fb0cea389c40c9e65f4bbd066266a55688b862 14072 chromium-sandbox-dbgsym_132.0.6834.83-1~deb12u1_amd64.deb
 5daab01c688a7e5fdcb0401d5981fabac8876cac699cde61950ebeffbf34d601 99012 chromium-sandbox_132.0.6834.83-1~deb12u1_amd64.deb
 8f9362e8783efb97c6de91e8d10f4886fde3334125c8ea966b5f4bd42d3a0603 26438488 chromium-shell-dbgsym_132.0.6834.83-1~deb12u1_amd64.deb
 1590bd248d14d72bb899f0feb709a67ffc0052924084317be4b248c0e354558f 53414612 chromium-shell_132.0.6834.83-1~deb12u1_amd64.deb
 d62f94bb4c429b6ad3a328f09a4a5e8003d47d304fa02257b36e578a4f54a420 29404 chromium_132.0.6834.83-1~deb12u1_amd64-buildd.buildinfo
 167553359b15e7a0beffc7f696f62fe712c5448cb1870f8fbd427389cb4ed8c4 87291612 chromium_132.0.6834.83-1~deb12u1_amd64.deb
Files:
 1af512a710e8549b1ed98d5954b5088f 4764116 debug optional chromium-common-dbgsym_132.0.6834.83-1~deb12u1_amd64.deb
 99b6ba0f8a8d8c21474eaf3f8507a45e 10143448 web optional chromium-common_132.0.6834.83-1~deb12u1_amd64.deb
 84744c19e79fddfe18210f00a2478886 32148688 debug optional chromium-dbgsym_132.0.6834.83-1~deb12u1_amd64.deb
 b05eccd80075ff19d8a99db429f125e9 7415900 web optional chromium-driver_132.0.6834.83-1~deb12u1_amd64.deb
 dd296bf03e15d31bd4958044ee2d15d4 14072 debug optional chromium-sandbox-dbgsym_132.0.6834.83-1~deb12u1_amd64.deb
 e4120b19a95271f6aa2c00f33cc6f17b 99012 web optional chromium-sandbox_132.0.6834.83-1~deb12u1_amd64.deb
 83e99413d57e7bf15a4c5d2a8ad51bcb 26438488 debug optional chromium-shell-dbgsym_132.0.6834.83-1~deb12u1_amd64.deb
 3f0fe1afd756ee111645cef0226566f5 53414612 web optional chromium-shell_132.0.6834.83-1~deb12u1_amd64.deb
 4afb47d53ccd765fc1e1c7d70c3a7eaa 29404 web optional chromium_132.0.6834.83-1~deb12u1_amd64-buildd.buildinfo
 134710ba6e9f04dad78c606d3142b08d 87291612 web optional chromium_132.0.6834.83-1~deb12u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE4Unr4QHS5Yi4rr9Q3KGKEAtjIVgFAmeHwwkACgkQ3KGKEAtj
IVi1pg//UYwOmQ3EGp2ccmC1z6jqVpvfrzsljxnY3JBs0UpILIqVTcZk2F6VqvIc
y0WKVLJ4rXMlFe183oFHmtykl8DHLsYM23m3cvGdoqBpdKGcR96ZeD3oKt1jY+2o
f7K9XglgU3eFQSXlorh3xmdMztWdyDLFVJAqjp/P1QmYetNq88CUY+srGvxKBxEU
3Sb2fBqtzAjrqNPmWdHVsk86qmcxzkxkg73m+66+b1SwATp6IZKtGRX1Y9uhgKXk
/PCCFBVShw0e9wOP1GNu2bZ8mdsng4KNgR+eckKwXLIkmb5bVLbvdkfpNAdvhoIc
Jhcny7HYyeObttuofz4SjDwTEN8kb+nGWzCobFx8RXHMA7cgRtfatn724ApntHMg
AyZKeDCJ3/hCS3BuDpvE6awiFI3RXKXW4jei2y17mbZkelQ98gwecfmYqjdFoPl3
x3sLR1fqNRw4IIgFi06PkZNRuxwKjtZoxjs3rF/KGwcCCoSC7fwndbIA9D1RoA1+
W0FAXQHr7F8lMr4sFamP/kOAldYrt54Du1hl1w3KyCn68UPJBomLsw4pHIxSu2Ho
l1LVQL1gBpEKuqqiRGNovGqJ+V5lGRJgDoRYZEc8sFV23PrJQPhtW75xduCcFvYG
oLxZ+TkXwSWzTYK4OxFzzLtskEXtSVhLDJlsEZ3eIHcssZdRLSI=
=yGsw
-----END PGP SIGNATURE-----