-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 14 Jan 2025 21:20:43 -0500
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: arm64
Version: 132.0.6834.83-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-04) <buildd_arm64-arm-ubc-04@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (132.0.6834.83-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2025-0434: Out of bounds memory access in V8. Reported by ddme.
     - CVE-2025-0435: Inappropriate implementation in Navigation.
       Reported by Alesandro Ortiz.
     - CVE-2025-0436: Integer overflow in Skia.
       Reported by Han Zheng (HexHive).
     - CVE-2025-0437: Out of bounds read in Metrics.
       Reported by Xiantong Hou of Wuheng Lab and Pisanbao.
     - CVE-2025-0438: Stack buffer overflow in Tracing.
       Reported by Han Zheng (HexHive).
     - CVE-2025-0439: Race in Frames. Reported by Hafiizh.
     - CVE-2025-0440: Inappropriate implementation in Fullscreen.
       Reported by Umar Farooq.
     - CVE-2025-0441: Inappropriate implementation in Fenced Frames.
       Reported by someoneverycurious.
     - CVE-2025-0442: Inappropriate implementation in Payments.
       Reported by Ahmed ElMasry.
     - CVE-2025-0443: Insufficient data validation in Extensions.
       Reported by Anonymous.
     - CVE-2025-0446: Inappropriate implementation in Extensions.
       Reported by Hafiizh.
     - CVE-2025-0447: Inappropriate implementation in Navigation.
       Reported by Khiem Tran (@duckhiem).
     - CVE-2025-0448: Inappropriate implementation in Compositing.
       Reported by Dahyeon Park.
   * d/patches:
     - upstream/blink-fix-size-assertions.patch: drop, merged upstream.
     - upstream/dawn-strlen.patch: drop, merged upstream.
     - upstream/mrc-copy-op.patch: drop, merged upstream.
     - upstream/variant.patch: part of this was merged upstream; keep the
       rest.
     - fixes/freetype.patch: drop, merged upstream.
     - fixes/gpu-crash.patch: drop, merged upstream.
     - fixes/bindgen.patch: refresh and make patch even smaller. Also some
       upstream churn.
     - fixes/fix-assert-in-vnc-sessions.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: refresh.
     - upstream/mojo.patch: fix missing files.
     - upstream/uint.patch: add gcc-specific build fix.
     - bookworm/constflatset.patch: add (probably) gcc-specific workaround.
     - fixes/lens-optional.patch: add gcc-specific build fix.
     - bookworm/gn-absl.patch: modify for new dependency.
     - bookworm/rust-visibility.patch: add build fix for older rustc.
     - bookworm/less-void.patch: add build fix for older libstdc++/gcc.
   * Downgrade to rollup3 for devtools-frontend stuff, due to the bundled
     rollup4 including wasm blobs. Update d/patches/system/rollup.patch to
     point to the right place as well, and build-dep on
     node-rollup-plugin-terser.
   * Build against newer bundled libtiff for memory limiting protection.
   * Switch to bundled libdrm due to DRM_IOCTL_SYNCOBJ_EVENTFD usage.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - workarounds/HACK-debian-clang-disable-skia-musttail.patch: Drop due
       to upstream fixes
     - third_party/skia-vsx-instructions.patch: Refresh for upstream changes
Checksums-Sha1:
 857bad6af27a71f2e62beaf5d46ca07ae6e345cb 5609432 chromium-common-dbgsym_132.0.6834.83-1~deb12u1_arm64.deb
 7ddbadaceed475ebc449ddda07a17a1a8759f87e 15255516 chromium-common_132.0.6834.83-1~deb12u1_arm64.deb
 171b023146704275b9c445eb2cb100861b37bfe4 32618872 chromium-dbgsym_132.0.6834.83-1~deb12u1_arm64.deb
 fe9e3abdb1ddb003cbaa8dfc5dbdcd13959f4702 6686320 chromium-driver_132.0.6834.83-1~deb12u1_arm64.deb
 2977f4217e241e95e0b98a34ecef200d21a4cad4 14348 chromium-sandbox-dbgsym_132.0.6834.83-1~deb12u1_arm64.deb
 2bb75b527272ed5e6700bff33d8abb7a9bc8e8ff 98860 chromium-sandbox_132.0.6834.83-1~deb12u1_arm64.deb
 01e8b7dbd42185b8dc9a91ddfb488b194523d8b2 26957940 chromium-shell-dbgsym_132.0.6834.83-1~deb12u1_arm64.deb
 eac00b0db8dc284d4f69306943247b337cbfce23 47425236 chromium-shell_132.0.6834.83-1~deb12u1_arm64.deb
 a6a5c4eaeeb88249158379d695ee2ec5712cbc5d 29386 chromium_132.0.6834.83-1~deb12u1_arm64-buildd.buildinfo
 d4ac161836aaf9b1a7f187d7e06031c9bd0fc39a 76866268 chromium_132.0.6834.83-1~deb12u1_arm64.deb
Checksums-Sha256:
 1dc82482fc5ca507c41850b01c3cf31558dca6f6f2df114ca6b495992c3d47af 5609432 chromium-common-dbgsym_132.0.6834.83-1~deb12u1_arm64.deb
 52332aa3ca77bbf903f1f0003f43099e2b671837aba73c29a0896ad48cdeb747 15255516 chromium-common_132.0.6834.83-1~deb12u1_arm64.deb
 bf26a485dc80e4c6fdf051ed57850c17e87ece22cc8fd697b2dcfe98b094e0db 32618872 chromium-dbgsym_132.0.6834.83-1~deb12u1_arm64.deb
 b81ff3f6d86741bb393babf3fef9ff58e093bd5a77e4e7e04080f30079d1fc6f 6686320 chromium-driver_132.0.6834.83-1~deb12u1_arm64.deb
 b9eff580590fc7d4db1f87fdcf25a9993b72ddc64bf07597d4afaa480b3b256a 14348 chromium-sandbox-dbgsym_132.0.6834.83-1~deb12u1_arm64.deb
 a80519badea74e26c310e3b5bc2b804265a1d6890daf955b3b2b8aa343c6b8ef 98860 chromium-sandbox_132.0.6834.83-1~deb12u1_arm64.deb
 c1edb0fed1c601255b49baa911f55572c28ba932d6625d2e94afc019fe70773a 26957940 chromium-shell-dbgsym_132.0.6834.83-1~deb12u1_arm64.deb
 064716cfd123d84d10794a75fd92719b8120305909ab221ec1812ca92f5ae86a 47425236 chromium-shell_132.0.6834.83-1~deb12u1_arm64.deb
 df840fac63725951ff42d7c625fc4113134da8435e58d0628d92af3c98f1e333 29386 chromium_132.0.6834.83-1~deb12u1_arm64-buildd.buildinfo
 7aa3c5e97c9caf8fd1d82c294aaaca70aa76b7d7e15c7ce21b5b208362e8073b 76866268 chromium_132.0.6834.83-1~deb12u1_arm64.deb
Files:
 973c70d4a420e84dd822d2afd1ffffe3 5609432 debug optional chromium-common-dbgsym_132.0.6834.83-1~deb12u1_arm64.deb
 ce8ed48255859017ad3c67f35980e112 15255516 web optional chromium-common_132.0.6834.83-1~deb12u1_arm64.deb
 7f0c4915ba83f3329c8f87df2f73a139 32618872 debug optional chromium-dbgsym_132.0.6834.83-1~deb12u1_arm64.deb
 6c32451c635b3c0b682e483363c0068f 6686320 web optional chromium-driver_132.0.6834.83-1~deb12u1_arm64.deb
 acfb0348ff25c3584389ee96bc27efc3 14348 debug optional chromium-sandbox-dbgsym_132.0.6834.83-1~deb12u1_arm64.deb
 401602351ae5b9167198ecdb777adc2d 98860 web optional chromium-sandbox_132.0.6834.83-1~deb12u1_arm64.deb
 e0faa08799916dfa69a8f906f96e4541 26957940 debug optional chromium-shell-dbgsym_132.0.6834.83-1~deb12u1_arm64.deb
 e0f6b0044deff76e51d33a01bb3f6cb1 47425236 web optional chromium-shell_132.0.6834.83-1~deb12u1_arm64.deb
 0da87e454d2c364cb0f5e2563d586b3b 29386 web optional chromium_132.0.6834.83-1~deb12u1_arm64-buildd.buildinfo
 1764184925086a708847bc459c9c62f9 76866268 web optional chromium_132.0.6834.83-1~deb12u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE6s8UzO+WAx8RRAOV80lOEvgzuSsFAmeK9AkACgkQ80lOEvgz
uSs+Jg//WNzXHG4MAqh7gmotPl2VjBxa7LCMdftGsYBtEvH0S0/U9WBVdeDeX2g5
4UEHT0j7gLGdUbTiXrEzK1wEgCop3RQcCJvkMKHBsYSG01Exg2ddoHQABqHcdvK8
gMAK71HObQoGmG2kGDQOLrjUUCgmixG8rf+GUkvvQ9D5hpbOnRWLUO4SAVzaeDAy
LsXJPeiPgDeiB1owbS1+zTy4VqF9fJnEQqwgm73ms3w+Jz3GvwHIGsVpw5a101Vg
F9Cg5TaSZlXosTYj652oXiwbSB+/hTtGvisQty1QtISxZmJ9sdQ7r1KGiE6rJvje
k8OLRDzyM/AeujZy/Aya4Trx/8Eu7eWh7O2eyl5/0BWcP1Dz/8hwfRQ6k7DbA6Xy
zSebzzKto/SbC3GIaTshsi0s+f6s+wiPOk8j3sYdAahXQV1ipT7Av3semr5jVMgD
d8LeYonwL/5kPVKEWo1oDVc2mF7D6hkVMV6Rg2OJtkjM4W31N1gyrl9SHmo54iOF
O1aftWK7nhQNc5dYvmDUVIIzJecwO/xhSTJb3/hmrF6PhUGKT55e3Sp4gr23rgd5
c8hO5crgDsRqXIFP0zHg8b3yoArqwj+iH15jQe2xY6HUmDMA+rhhEIvsH2218efG
6PITfJF6xF4DWLUsEMjKmAxXYiKw0U6z64WJInsJaniTrllRxGY=
=fzap
-----END PGP SIGNATURE-----