-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 05 Mar 2025 13:26:45 -0500 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: i386 Version: 134.0.6998.35-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-headless-shell - web browser - old headless shell chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (134.0.6998.35-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2025-1914: Out of bounds read in V8. Reported by Zhenghang Xiao (@Kipreyyy) and Nan Wang (@eternalsakura13). - CVE-2025-1915: Improper Limitation of a Pathname to a Restricted Directory in DevTools. Reported by Topi Lassila. - CVE-2025-1916: Use after free in Profiles. Reported by parkminchan, SSD Labs Korea. - CVE-2025-1917: Inappropriate Implementation in Browser UI. Reported by Khalil Zhani. - CVE-2025-1918: Out of bounds read in PDFium. Reported by asnine. - CVE-2025-1919: Out of bounds read in Media. Reported by @Bl1nnnk and @Pisanbao. - CVE-2025-1921: Inappropriate Implementation in Media Stream. Reported by Kaiido. - CVE-2025-1922: Inappropriate Implementation in Selection. Reported by Alesandro Ortiz. - CVE-2025-1923: Inappropriate Implementation in Permission Prompts. Reported by Khalil Zhani. * d/patches: - fixes/widevine-revision.patch: drop. Upstream says "with CDMs using manifest-based registration, no need to" hardcode version string. - disable/catapult.patch: refresh. - bookworm/clang19.patch: refresh. - ungoogled/disable-privacy-sandbox.patch: refresh from ungoogled. - bookworm/gn-allowlist.patch: add workaround for older gn. - bookworm/adler1.patch: add workaround for older rust. - fixes/stdatomic.patch: add build fix to ensure isn't used. - fixes/variant.patch: add missing header include. - upstream/qualifications.patch: add fix to silence annoying warnings. - upstream/optional.patch: add more missing header includes. - bookworm/constflatset.patch: refresh. - bookworm/constexpr.patch: refresh. - bookworm/modff.patch: add workaround for libstdc++ build issue. - bookworm/foreach.patch: add workaround for libstdc++ build issue. * d/rules: update to ensure both qt5 AND qt6 are disabled. . [ Timothy Pearson ] * d/patches: - fixes/swiftshader-llvm.patch: Add LLVM patches from upstream LLVM project to fix integrated SwiftShader LLVM FTBFS * d/patches/ppc64le: - third_party/0001-Add-PPC64-support-for-boringssl.patch: Refresh for upstream changes Checksums-Sha1: e54bc2aaca0c29189a1e0570ec0cb11a4b1ab82c 4830184 chromium-common-dbgsym_134.0.6998.35-1~deb12u1_i386.deb c278a07a8836ab5e9f47deb6da15588bd1a5f8fd 20383620 chromium-common_134.0.6998.35-1~deb12u1_i386.deb c02b22753cb1e76f331f960787f1839cf9c3adf1 32604088 chromium-dbgsym_134.0.6998.35-1~deb12u1_i386.deb 160aa6dd77d05464b03d04052c7a6bea8e7c55e1 7954292 chromium-driver_134.0.6998.35-1~deb12u1_i386.deb da9dac8cbd2eac8e3443aaf72726a28837cd2879 27168172 chromium-headless-shell-dbgsym_134.0.6998.35-1~deb12u1_i386.deb 1a4f62121587335bae1f38eed6d37db4026a855b 53860080 chromium-headless-shell_134.0.6998.35-1~deb12u1_i386.deb 3724d80f6ca40b241566ae04db6dc9a878d2b97d 14112 chromium-sandbox-dbgsym_134.0.6998.35-1~deb12u1_i386.deb 672b077cce98ce8b0269dd86bd08baf923b9fb96 101000 chromium-sandbox_134.0.6998.35-1~deb12u1_i386.deb e04654e9722fa8a516bb37a214ba78e1c4f92f3c 27574900 chromium-shell-dbgsym_134.0.6998.35-1~deb12u1_i386.deb 6a87d5ac7a86223397fb4233da331b03ea684191 55752180 chromium-shell_134.0.6998.35-1~deb12u1_i386.deb 164dac11052b23824888a92c39474babfe4f1f34 30111 chromium_134.0.6998.35-1~deb12u1_i386-buildd.buildinfo 5c790ddfc45b1b7f8fa5cc7a3990e03be77f7694 70520932 chromium_134.0.6998.35-1~deb12u1_i386.deb Checksums-Sha256: 3bcef83b9d32d6ebd71765e8a91a26e5dbee6f159b852ef73445871118493cf4 4830184 chromium-common-dbgsym_134.0.6998.35-1~deb12u1_i386.deb 23aedfc9bc20fedc0c3f4ee24303f75bca81e45fe6f7a300395db782a9ec9578 20383620 chromium-common_134.0.6998.35-1~deb12u1_i386.deb bf1669865a1bbb5b5ed2b7e56b5ebcda170b5b76a356364813435c02cfb6ad46 32604088 chromium-dbgsym_134.0.6998.35-1~deb12u1_i386.deb d6197ba261a02a7cd8d7f856d0b6f58076e9a31533f819967c4e931f3ba5fdff 7954292 chromium-driver_134.0.6998.35-1~deb12u1_i386.deb 833ffcebd7f49c05129e5df7a4afbd082be737d50eca868ddbf082f91939beaf 27168172 chromium-headless-shell-dbgsym_134.0.6998.35-1~deb12u1_i386.deb b56c3eb9330687a8b2476bcc3e9ba8bfc98c1197c522b5dec9fbd68f6b54918d 53860080 chromium-headless-shell_134.0.6998.35-1~deb12u1_i386.deb fa4c180e1f62b3ecfba786ba729f730f40bef80076b6fa11a89980b3e97e4396 14112 chromium-sandbox-dbgsym_134.0.6998.35-1~deb12u1_i386.deb 507a9f203a3ac1fefd0617cedbf7f79740b3a611d724976b9c1a974d62eb5078 101000 chromium-sandbox_134.0.6998.35-1~deb12u1_i386.deb 320589a2239d14cff25786d1e87c9cac0432a15bb3baed76f2cab7e7eee88d60 27574900 chromium-shell-dbgsym_134.0.6998.35-1~deb12u1_i386.deb dc67acbae211898cb48c84bc489f9a62709ee28070a04533afb70ac431092866 55752180 chromium-shell_134.0.6998.35-1~deb12u1_i386.deb f50d7f2747e87d6e0c0291d0782251b2e76a729aba3b8d77a01aa644c1e6d2a2 30111 chromium_134.0.6998.35-1~deb12u1_i386-buildd.buildinfo 2389ddcc3e322d65de94733dfb99aa06b39567fb81ddfa7f9467050e229558f3 70520932 chromium_134.0.6998.35-1~deb12u1_i386.deb Files: b877d3b44187eef9fb16a74ed5d6199f 4830184 debug optional chromium-common-dbgsym_134.0.6998.35-1~deb12u1_i386.deb a4b566fb891f88cc04d86e43feec7ed8 20383620 web optional chromium-common_134.0.6998.35-1~deb12u1_i386.deb 286f2fe238c1768184040205a630ed78 32604088 debug optional chromium-dbgsym_134.0.6998.35-1~deb12u1_i386.deb b7bd68989649c501a04d46b3559ebe33 7954292 web optional chromium-driver_134.0.6998.35-1~deb12u1_i386.deb e9b94877b10fe59a289d58e042fe19d5 27168172 debug optional chromium-headless-shell-dbgsym_134.0.6998.35-1~deb12u1_i386.deb a1b9b1dc1423caa2379bf0e85b5abeb8 53860080 web optional chromium-headless-shell_134.0.6998.35-1~deb12u1_i386.deb 4f92a5f7d5bb2302100c426a2f5a7d0f 14112 debug optional chromium-sandbox-dbgsym_134.0.6998.35-1~deb12u1_i386.deb 28e4fd720ccc42641e4e0a6c7f7c6b79 101000 web optional chromium-sandbox_134.0.6998.35-1~deb12u1_i386.deb 8f35172a7ea25963b5e8eefd7f686b29 27574900 debug optional chromium-shell-dbgsym_134.0.6998.35-1~deb12u1_i386.deb 6def577b142c02c54af8d293e7da1639 55752180 web optional chromium-shell_134.0.6998.35-1~deb12u1_i386.deb 3205178c00e3a1acb57e33705f41dada 30111 web optional chromium_134.0.6998.35-1~deb12u1_i386-buildd.buildinfo 21b272056174c0c937a6bca3d2fc67bd 70520932 web optional chromium_134.0.6998.35-1~deb12u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErEDrIdpJkzFMm6K+PyQET5WCY90FAmfKAJ0ACgkQPyQET5WC Y92vzw//duVWlA8vi/C2zpPItevONyGt99e/0f1tR1TFPq9B7cSbaqcvhKWxO4FO B982ohdn+H5GfhNI1auDhjaVgLihXJQ6tjfGdLfP/anAPAEKh6LpE0EjYBVPCHQ2 1VAfeXZbxEoN2itr20Jd4oYI7v+KHUhDW+6vrR687H4iylq2je7IsvO8RnM9Eu5d Y5VnI9/+yNwgzAKKUqpjFVq4pNgrf7AiZLl6GrmIYJTvrGLa5eG2tHF9OMqckDWW NhsETRQ1gOqG70aI0NkQkq80vRGVpdF+80RDgWp2y780JkK0PKklpqrmkUIvmkzK Q7Uj2OQo7MHxr7CcdP2SEohnWIoGkfs/XbFVnDBVCJKcoS5i+YPIIdmxu1ML6NoF BhbepvS0xtJLl6j2A4gXx1oviNXdJ4v/X6u2J+QWes09Nvh9HtT3CTIu1Hwc6p8J KZ/XA5ahxKTkRYFanKCsyUdgxaT7Rft6Rh0gi+5hTb7WRSio773OhB80sebouO2T B+HJx1/objDT25QHiiJ6/MCOXjTzV8fe37LABwYwIbRBEgtlreWkdPB0ILctimMH EfIASWGkA1RNBiapvFDXZbCNn1VhqztHjHDHIbMzuWp3uwXdO6l+FzHxnvPuFYfR VY3m3Qrh8gVQ0KwrrEpwbtnWlV8Ux3Rhmod7vVa4KURdwY5/w7E= =3xL/ -----END PGP SIGNATURE-----