-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 14 Jan 2025 21:20:43 -0500
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: i386
Version: 132.0.6834.83-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) <buildd_amd64-x86-ubc-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (132.0.6834.83-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2025-0434: Out of bounds memory access in V8. Reported by ddme.
     - CVE-2025-0435: Inappropriate implementation in Navigation.
       Reported by Alesandro Ortiz.
     - CVE-2025-0436: Integer overflow in Skia.
       Reported by Han Zheng (HexHive).
     - CVE-2025-0437: Out of bounds read in Metrics.
       Reported by Xiantong Hou of Wuheng Lab and Pisanbao.
     - CVE-2025-0438: Stack buffer overflow in Tracing.
       Reported by Han Zheng (HexHive).
     - CVE-2025-0439: Race in Frames. Reported by Hafiizh.
     - CVE-2025-0440: Inappropriate implementation in Fullscreen.
       Reported by Umar Farooq.
     - CVE-2025-0441: Inappropriate implementation in Fenced Frames.
       Reported by someoneverycurious.
     - CVE-2025-0442: Inappropriate implementation in Payments.
       Reported by Ahmed ElMasry.
     - CVE-2025-0443: Insufficient data validation in Extensions.
       Reported by Anonymous.
     - CVE-2025-0446: Inappropriate implementation in Extensions.
       Reported by Hafiizh.
     - CVE-2025-0447: Inappropriate implementation in Navigation.
       Reported by Khiem Tran (@duckhiem).
     - CVE-2025-0448: Inappropriate implementation in Compositing.
       Reported by Dahyeon Park.
   * d/patches:
     - upstream/blink-fix-size-assertions.patch: drop, merged upstream.
     - upstream/dawn-strlen.patch: drop, merged upstream.
     - upstream/mrc-copy-op.patch: drop, merged upstream.
     - upstream/variant.patch: part of this was merged upstream; keep the
       rest.
     - fixes/freetype.patch: drop, merged upstream.
     - fixes/gpu-crash.patch: drop, merged upstream.
     - fixes/bindgen.patch: refresh and make patch even smaller. Also some
       upstream churn.
     - fixes/fix-assert-in-vnc-sessions.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: refresh.
     - upstream/mojo.patch: fix missing files.
     - upstream/uint.patch: add gcc-specific build fix.
     - bookworm/constflatset.patch: add (probably) gcc-specific workaround.
     - fixes/lens-optional.patch: add gcc-specific build fix.
     - bookworm/gn-absl.patch: modify for new dependency.
     - bookworm/rust-visibility.patch: add build fix for older rustc.
     - bookworm/less-void.patch: add build fix for older libstdc++/gcc.
   * Downgrade to rollup3 for devtools-frontend stuff, due to the bundled
     rollup4 including wasm blobs. Update d/patches/system/rollup.patch to
     point to the right place as well, and build-dep on
     node-rollup-plugin-terser.
   * Build against newer bundled libtiff for memory limiting protection.
   * Switch to bundled libdrm due to DRM_IOCTL_SYNCOBJ_EVENTFD usage.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - workarounds/HACK-debian-clang-disable-skia-musttail.patch: Drop due
       to upstream fixes
     - third_party/skia-vsx-instructions.patch: Refresh for upstream changes
Checksums-Sha1:
 7d2c4005b8a576e6b5c9f8af3619a4f6516f679e 5530080 chromium-common-dbgsym_132.0.6834.83-1~deb12u1_i386.deb
 285b0e5055e10910d35f0384bff0c55e91b0d751 10333548 chromium-common_132.0.6834.83-1~deb12u1_i386.deb
 f7e08ef361771dbcf86d4272fdd46a7914980ff7 34033980 chromium-dbgsym_132.0.6834.83-1~deb12u1_i386.deb
 0293cc6a4c145b45c2eff08afda0146293ef7295 7842848 chromium-driver_132.0.6834.83-1~deb12u1_i386.deb
 9c3a34df6fbfcea576ac1c2bfec19ed82cafb8cc 14120 chromium-sandbox-dbgsym_132.0.6834.83-1~deb12u1_i386.deb
 b63974a5bbe99be1fa091af8cfd03f819e28af92 98916 chromium-sandbox_132.0.6834.83-1~deb12u1_i386.deb
 b77df04c1e60aa32c64baf5fe4a1a55c42c2d1b7 29122132 chromium-shell-dbgsym_132.0.6834.83-1~deb12u1_i386.deb
 a45592a47a6be2455c3f8fc116ed60dbc54ead75 55588712 chromium-shell_132.0.6834.83-1~deb12u1_i386.deb
 af237b3d6f34c140c005f3f019b7d5192de9b74c 29400 chromium_132.0.6834.83-1~deb12u1_i386-buildd.buildinfo
 8cc93bc9276accd29878a50460f6acd1509d9ba0 79678476 chromium_132.0.6834.83-1~deb12u1_i386.deb
Checksums-Sha256:
 c28d8a950dea94408faf815e25606bb3dd9d5d8334dfcc3bfd343e5e1e87aa7e 5530080 chromium-common-dbgsym_132.0.6834.83-1~deb12u1_i386.deb
 28c18aaabf20f2bad515d2dcb3134743b03bfde467017ab167feb73d196ea73b 10333548 chromium-common_132.0.6834.83-1~deb12u1_i386.deb
 3029f0aac53d196036cef1b92ec6d8505589132009efacd2c61fabce7426ed3d 34033980 chromium-dbgsym_132.0.6834.83-1~deb12u1_i386.deb
 1ccb143379813c18076ecb8f619729359d74871a2eee0aff56d6e043ea3dd0c2 7842848 chromium-driver_132.0.6834.83-1~deb12u1_i386.deb
 4b6895d7e5d110671e79b7bf9903cb8b91cc84019521aebd066ad113e6e24fdd 14120 chromium-sandbox-dbgsym_132.0.6834.83-1~deb12u1_i386.deb
 d6b222213a81285c707942d5909868eef5259c6b1b3296841a08c51489f32682 98916 chromium-sandbox_132.0.6834.83-1~deb12u1_i386.deb
 9352c67f797a4ee110afda6446cf2aab4b653147ee6817ca8919ff7d8f74690b 29122132 chromium-shell-dbgsym_132.0.6834.83-1~deb12u1_i386.deb
 f300b193f85badb40a5c3293547e22dc71f33d97d05003fba850baa553648850 55588712 chromium-shell_132.0.6834.83-1~deb12u1_i386.deb
 d85ad4024b571c94e59a2224ab639034480bd5cea75329d3e146fb218a090643 29400 chromium_132.0.6834.83-1~deb12u1_i386-buildd.buildinfo
 22814bc6112282414942d844080034ceb5043e8c54f26de10469348741d5a590 79678476 chromium_132.0.6834.83-1~deb12u1_i386.deb
Files:
 d23858879215718b5dc0b4d6fe6f73d4 5530080 debug optional chromium-common-dbgsym_132.0.6834.83-1~deb12u1_i386.deb
 2da40369cc779ab778f2c285e8d536dc 10333548 web optional chromium-common_132.0.6834.83-1~deb12u1_i386.deb
 3c8c864071243d0b5a09f02d83d3c121 34033980 debug optional chromium-dbgsym_132.0.6834.83-1~deb12u1_i386.deb
 48d48327e56cd3707589b7d16201aa26 7842848 web optional chromium-driver_132.0.6834.83-1~deb12u1_i386.deb
 f3613e14ae02a1d02f20455e969c3846 14120 debug optional chromium-sandbox-dbgsym_132.0.6834.83-1~deb12u1_i386.deb
 815c792885b46d246160b930c2a95467 98916 web optional chromium-sandbox_132.0.6834.83-1~deb12u1_i386.deb
 c3c05a290ef1abaa4af15a5ee44841b5 29122132 debug optional chromium-shell-dbgsym_132.0.6834.83-1~deb12u1_i386.deb
 9f3dd52ef2a1e92335f16964deaa0a32 55588712 web optional chromium-shell_132.0.6834.83-1~deb12u1_i386.deb
 fb0f47521e9f17b6ae39e23f4e94840e 29400 web optional chromium_132.0.6834.83-1~deb12u1_i386-buildd.buildinfo
 edbbdaf93cb10bd8a5dfd8a730af776a 79678476 web optional chromium_132.0.6834.83-1~deb12u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEGBeuno8wiDXCewDuqqLQG5ksqMMFAmeHzOAACgkQqqLQG5ks
qMP/ERAAwt+ph2whqLj68aeFdo7iibSj7g7/2jq8hqF+oaWLpddeAWqfL59glmc4
OFORCrpI/uf/0zXbNSdNIEY1Q4xxzqWRiL3i1uFsKQVMKlUadDGVC/1BiugZMoA1
Rdtkl+UX8fcdbw49mfNdqEY8NuZeyehF664pp6NS1DxLarm68tACrwTsnLW/negf
vRTl4Ar9NgKLeg92QUxT4qOAkJ++qzvJfB7k2AyicmRLZ+gNqwPM6OlgJByAeco2
gAHv2VqgP8Rs3YYEdcw5hljV5xWsOJXXNnrPAP0kt0vhfcmtFWKVMQ50Ogu4Cucv
9U23iuhq1dXsERLJQqR/I3LhwqD4easZs3K7mVQTnFuE0zk4QKSjrMKCcdkBnBzF
8S7CQf9EJosSWGfluQrAUmHaIdXt9DHw1dtwDadUg3nCNgmyRFmVFh15jqCQhTB6
z5E7rx5+L0beS01TzmGOmUa9UbjGnarfScxS22heWsSYR2Iz5ULMb+NyMnETQYNy
zwcKY0dH07m2fL/LiqhjXLx2/7qSp6xm86cPvkD6Dqjflssdju/j4tvLMrZw106Q
FFjj9k8ZBs2uMOAiBTbfLdqaFHmMS5DS9dl9zKHST187upM+Clm6x/ggY3p+ww5b
sHpYOnddQ6vpDB69OGaAY2z4O8SrpEtHhlreb9cFAgsCaBwNjVY=
=vVH5
-----END PGP SIGNATURE-----