-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 14 Jan 2025 21:20:43 -0500
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: armhf
Version: 132.0.6834.83-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-06) <buildd_arm64-arm-ubc-06@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (132.0.6834.83-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2025-0434: Out of bounds memory access in V8. Reported by ddme.
     - CVE-2025-0435: Inappropriate implementation in Navigation.
       Reported by Alesandro Ortiz.
     - CVE-2025-0436: Integer overflow in Skia.
       Reported by Han Zheng (HexHive).
     - CVE-2025-0437: Out of bounds read in Metrics.
       Reported by Xiantong Hou of Wuheng Lab and Pisanbao.
     - CVE-2025-0438: Stack buffer overflow in Tracing.
       Reported by Han Zheng (HexHive).
     - CVE-2025-0439: Race in Frames. Reported by Hafiizh.
     - CVE-2025-0440: Inappropriate implementation in Fullscreen.
       Reported by Umar Farooq.
     - CVE-2025-0441: Inappropriate implementation in Fenced Frames.
       Reported by someoneverycurious.
     - CVE-2025-0442: Inappropriate implementation in Payments.
       Reported by Ahmed ElMasry.
     - CVE-2025-0443: Insufficient data validation in Extensions.
       Reported by Anonymous.
     - CVE-2025-0446: Inappropriate implementation in Extensions.
       Reported by Hafiizh.
     - CVE-2025-0447: Inappropriate implementation in Navigation.
       Reported by Khiem Tran (@duckhiem).
     - CVE-2025-0448: Inappropriate implementation in Compositing.
       Reported by Dahyeon Park.
   * d/patches:
     - upstream/blink-fix-size-assertions.patch: drop, merged upstream.
     - upstream/dawn-strlen.patch: drop, merged upstream.
     - upstream/mrc-copy-op.patch: drop, merged upstream.
     - upstream/variant.patch: part of this was merged upstream; keep the
       rest.
     - fixes/freetype.patch: drop, merged upstream.
     - fixes/gpu-crash.patch: drop, merged upstream.
     - fixes/bindgen.patch: refresh and make patch even smaller. Also some
       upstream churn.
     - fixes/fix-assert-in-vnc-sessions.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: refresh.
     - upstream/mojo.patch: fix missing files.
     - upstream/uint.patch: add gcc-specific build fix.
     - bookworm/constflatset.patch: add (probably) gcc-specific workaround.
     - fixes/lens-optional.patch: add gcc-specific build fix.
     - bookworm/gn-absl.patch: modify for new dependency.
     - bookworm/rust-visibility.patch: add build fix for older rustc.
     - bookworm/less-void.patch: add build fix for older libstdc++/gcc.
   * Downgrade to rollup3 for devtools-frontend stuff, due to the bundled
     rollup4 including wasm blobs. Update d/patches/system/rollup.patch to
     point to the right place as well, and build-dep on
     node-rollup-plugin-terser.
   * Build against newer bundled libtiff for memory limiting protection.
   * Switch to bundled libdrm due to DRM_IOCTL_SYNCOBJ_EVENTFD usage.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - workarounds/HACK-debian-clang-disable-skia-musttail.patch: Drop due
       to upstream fixes
     - third_party/skia-vsx-instructions.patch: Refresh for upstream changes
Checksums-Sha1:
 cf39eedd9becedd2bdeb5264bce0ab7f9ee07906 5823804 chromium-common-dbgsym_132.0.6834.83-1~deb12u1_armhf.deb
 08933a0a193543a666ccc49287f012d7d8b313b9 10077512 chromium-common_132.0.6834.83-1~deb12u1_armhf.deb
 8f6c84cc8ef92a3054dcfc9adb7a90e64e905035 33657104 chromium-dbgsym_132.0.6834.83-1~deb12u1_armhf.deb
 dd6c2750610729118150401b318faa407c870da5 7205648 chromium-driver_132.0.6834.83-1~deb12u1_armhf.deb
 7256d17fcf91ee6311dd3774a8b233724dcb0ec8 12708 chromium-sandbox-dbgsym_132.0.6834.83-1~deb12u1_armhf.deb
 d4ab17d0d050c07fb64ee317c52acf0f6b05ba42 98580 chromium-sandbox_132.0.6834.83-1~deb12u1_armhf.deb
 fdad6e4320f860193f4f32217068259ec4f677f1 27653964 chromium-shell-dbgsym_132.0.6834.83-1~deb12u1_armhf.deb
 eb20f597efcd7de946397aa9d3d0d97f7c9625d2 50436496 chromium-shell_132.0.6834.83-1~deb12u1_armhf.deb
 cf0f7278211041ed0b5bf80ee4d4e841551fb700 29328 chromium_132.0.6834.83-1~deb12u1_armhf-buildd.buildinfo
 8b473325b4cb6f10570cfc834610bc261c5498e1 72401164 chromium_132.0.6834.83-1~deb12u1_armhf.deb
Checksums-Sha256:
 bd970ca51adde4ea7bd3916b4667cf16507fbb1b9e74090bd77cd7b10b5c266a 5823804 chromium-common-dbgsym_132.0.6834.83-1~deb12u1_armhf.deb
 c58553dbd6c0d90a9f8cfce706d922162c22f779055978e34c942f8a7a26ebc2 10077512 chromium-common_132.0.6834.83-1~deb12u1_armhf.deb
 5a3deef105f133f69ab9b1a6243a127240f4e9065037bfd5d2d14aaff4040f17 33657104 chromium-dbgsym_132.0.6834.83-1~deb12u1_armhf.deb
 a7aae8afaa6b7adafa0e85228d724104032f2d4fdbaf00c40908916d30468117 7205648 chromium-driver_132.0.6834.83-1~deb12u1_armhf.deb
 31c8565ce75138970def08f9cc433b39a9f20a3b19f81c0f6bf03fd0552499f6 12708 chromium-sandbox-dbgsym_132.0.6834.83-1~deb12u1_armhf.deb
 67dc90fa300f54e1dd31d47f2c8e69c3cd4589b897556446b0043766feb6797f 98580 chromium-sandbox_132.0.6834.83-1~deb12u1_armhf.deb
 e4f0db6848a71a859ab3f2a9ff5f7710ee3c59eae4aa5ab09960e5bac55788e7 27653964 chromium-shell-dbgsym_132.0.6834.83-1~deb12u1_armhf.deb
 da15f762e03b3d2279dd3cd97430f08a3a4ed62488cdffe02332706803bdadcc 50436496 chromium-shell_132.0.6834.83-1~deb12u1_armhf.deb
 bd2ff581655e6e064a356523895bd6d0e2d289ca37843346747a5ac96abf27b4 29328 chromium_132.0.6834.83-1~deb12u1_armhf-buildd.buildinfo
 03f276acb28e78e41647b33f26d067fa3edfce6e8c3986716266ff324d7b0f4b 72401164 chromium_132.0.6834.83-1~deb12u1_armhf.deb
Files:
 5e648568423a5876ce4f0b72a25f2c7a 5823804 debug optional chromium-common-dbgsym_132.0.6834.83-1~deb12u1_armhf.deb
 4b31a74b1f0b91477a006bcd1cebc631 10077512 web optional chromium-common_132.0.6834.83-1~deb12u1_armhf.deb
 787e4d3ffbf73ede32061473f9f8c788 33657104 debug optional chromium-dbgsym_132.0.6834.83-1~deb12u1_armhf.deb
 731e83ef45dfa6827179c2aad5d3a034 7205648 web optional chromium-driver_132.0.6834.83-1~deb12u1_armhf.deb
 1a054376b1e48d71c47b75924e2ef012 12708 debug optional chromium-sandbox-dbgsym_132.0.6834.83-1~deb12u1_armhf.deb
 4cf79459d9448fd1370022ff8241bb8d 98580 web optional chromium-sandbox_132.0.6834.83-1~deb12u1_armhf.deb
 7ff228e36c7fc364787c5d0e0fe3f0f6 27653964 debug optional chromium-shell-dbgsym_132.0.6834.83-1~deb12u1_armhf.deb
 8e415165210d601d846c3a3d57e2ba37 50436496 web optional chromium-shell_132.0.6834.83-1~deb12u1_armhf.deb
 e43f62cc74861215f0a9f6c9fcced577 29328 web optional chromium_132.0.6834.83-1~deb12u1_armhf-buildd.buildinfo
 fa6bfdfd81ae8ca53165ff086a005dba 72401164 web optional chromium_132.0.6834.83-1~deb12u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEErcTbumGV7Ig2iXlfQdxRZ9J7nEgFAmeK0WwACgkQQdxRZ9J7
nEi1bxAAnGsoG7X9Vws13Ux5nHBFIZF1ALZCKL8EmfYB7sDKoQOI5SWYUTCPCTY0
l7s1CEy7CnSeWJ/A5GlawvYLIOqmZdYPkeM5HnPnBOzGL9Ue2JaFcV31AA9o0ag9
GZauXVp+h3gcnLbE52WMDvuo43hHuG8Xr2o988ntfjLdxl4XevWPsGxpPV18xtsY
gpyd0TS34rJ4tO/2J5rWQCkqXz2txQSy7GUuV5oI2D/jX1UtikdqMzVAvFsi50IH
xAo277GwUUElAjn1M6aVdMmTooY1aJnGYY4eetEiNi4+H1CtOA19RPS451IUJdsK
uLPHztKvsLe+c3QfoIEs6PJCmgycqJuse+7FmI1EQH2FU3jnlA+pgtktujMrmRjc
O6PiwFoJQhDUxJDDmJ3byM0so4AoR6Bkn/6qZKv76a+QGlC5BXB/q5/ldjt30V5W
juk9bzU+uKOWGgcSFZ0P+0WkofFkF1OfAbWqMP9qWiNQRJ3c1o4QdCuKmYMy+dJV
fKi4E+pnjyN7LnnbZdo98pw90xwEF1NtiYwV1K02/jKHlZOyq0V7AHXlyVbU88fV
uf5e4utzwi3Kws/xSjmLWk0g2FPv3TUM2THp+cn4pYoRUY5V38d8/6GRmL+saVnK
CjtYWmLi4nHgzUuw03ffyMZsszJTL+c3FslHF6InrrInmEEiRns=
=3tiF
-----END PGP SIGNATURE-----