1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted chromium 135.0.7049.52-1~deb12u1 (source) into proposed-update

    From Debian FTP Masters@21:1/5 to All on Sat Apr 5 19:10:02 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Wed, 02 Apr 2025 02:04:23 -0400
    Source: chromium
    Architecture: source
    Version: 135.0.7049.52-1~deb12u1
    Distribution: bookworm-security
    Urgency: high
    Maintainer: Debian Chromium Team <chromium@packages.debian.org>
    Changed-By: Andres Salomon <dilinger@debian.org>
    Changes:
    chromium (135.0.7049.52-1~deb12u1) bookworm-security; urgency=high
    .
    [ Andres Salomon ]
    * New upstream stable release.
    - CVE-2025-3066: Use after free in Navigations.
    Reported by Sven Dysthe (@svn-dys).
    - CVE-2025-3067: Inappropriate implementation in Custom Tabs.
    Reported by Philipp Beer (TU Wien).
    - CVE-2025-3068: Inappropriate implementation in Intents.
    Reported by Simon Rawet.
    - CVE-2025-3069: Inappropriate implementation in Extensions.
    Reported by NDevTK.
    - CVE-2025-3070: Insufficient validation of untrusted input in
    Extensions.
    - CVE-2025-3071: Inappropriate implementation in Navigations.
    Reported by David Erceg.
    - CVE-2025-3072: Inappropriate implementation in Custom Tabs.
    Reported by Om Apip.
    - CVE-2025-3073: Inappropriate implementation in Autofill.
    Reported by Hafiizh.
    - CVE-2025-3074: Inappropriate implementation in Downloads.
    Reported by Farras Givari.
    * d/patches:
    - upstream/optional.patch: drop, merged upstream.
    - upstream/qualifications.patch: drop, merged upstream.
    - fixes/lens-optional.patch: drop, merged upstream.
    - fixes/optional.patch: drop, merged upstream.
    - fixes/swiftshader-llvm.patch: drop, merged upstream.
    - fixes/variant.patch: drop, merged upstream.
    - bookworm/clang19.patch: refresh.
    - bookworm/gn-revert-path-exists.patch: add build fix to work around
    older gn.
    - ungoogled/disable-privacy-sandbox.patch: refresh from ungoogled.
    - fixes/make-pair.patch: add a gcc-specific build fix.
    - disable/buildtools-libc.patch: add patch to remove libc build stuff.
    - bookworm/gn-absl.patch: refresh.
    - bookworm/constexpr.patch: refresh.
    - bookworm/stdarch-arm.patch: refresh.
    - bookworm/eslint.patch: add bookworm-specific build fix; thanks
    Daniel Richard G. <skunk@iSKUNK.ORG>!
    - bookworm/crabbyav1f.patch: add rustc 1.78 build fix workaround.
    .
    [ Timothy Pearson ]
    * Enable pointer compression on ppc64le
    This fixes V8 OOM conditions noted on e.g. https://trac.ffmpeg.org
    * d/patches/ppc64le:
    - v8/0001-Enable-ppc64-pointer-compression.patch
    - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch:
    refresh for upstream changes
    .
    [ Daniel Richard G. ]
    * d/rules: Add switch to allow downloading either Google's upstream tarball,
    or an independently-created one from Gentoo. Default to the latter. Checksums-Sha1:
    143023ec03400520183907c4d9b4b537707c6430 3869 chromium_135.0.7049.52-1~deb12u1.dsc
    ffd88347c5f9786bef29a41bfa28bef7e13102b0 915606044 chromium_135.0.7049.52.orig.tar.xz
    faba6d0ab5ac86eb66f4518f775dd9c0f12784b2 8422772 chromium_135.0.7049.52-1~deb12u1.debian.tar.xz
    626ea9d7c887c5927aee169a27b590dd1662a13a 26821 chromium_135.0.7049.52-1~deb12u1_source.buildinfo
    Checksums-Sha256:
    8ac1a0cdd06d0d1c2ecd7c16cf56c3705be39efb5fa501ece28dd12e9bbdbd2b 3869 chromium_135.0.7049.52-1~deb12u1.dsc
    fe028f5b6aed8c8df13d34c632ab4cf2c9aa2e783a8c34161ebe51db38f00ae4 915606044 chromium_135.0.7049.52.orig.tar.xz
    5cda18e19245d3c487695ef782544b256ccdedf29caae96ee09df6d649a3e5c1 8422772 chromium_135.0.7049.52-1~deb12u1.debian.tar.xz
    e3cedc362156e3c8ad67450b9552ff9f82e4b493a68cd843bbf8a987f32b963b 26821 chromium_135.0.7049.52-1~deb12u1_source.buildinfo
    Files:
    00f22ddf031c3855647fb01953049600 3869 web optional chromium_135.0.7049.52-1~deb12u1.dsc
    1cc83b4c0005615f9ac63648fe40853b 915606044 web optional chromium_135.0.7049.52.orig.tar.xz
    616a84492a9020946c48bc7a58bba776 8422772 web optional chromium_135.0.7049.52-1~deb12u1.debian.tar.xz
    1ad43cac2f039d5db4c144d9596c99da 26821 web optional chromium_135.0.7049.52-1~deb12u1_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmftfFkUHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8NudjeRYw/8CTIoyVrcLo0rm70ni1v168wGn0AC PF21bshWe4cI6s/d+ERfqmDh6ggyddAex89Jn6aHQWNFwby+Mqa4NOxWsgnv7UU4 d1fn+EAL7hJTpOIwwI9juVBZo12tgzfXxAYaJAG9+2d4SbU4EXUJRrNGBBy7x4wm l8QgyPQzeN/yodTYiB/JQ6qUAPxuBEtu5EhU3BA798YcM7Y2omEHqfbFSeIaEZlP jwMIajYt5NjiiVMN7yxJd1G7sJZVEtwYX4d23WNSfxUPMq0R9KDVRxoT6KWtyGKb eDgq2GQK/mX03/TXd95KLTO1rXs2N61433EsIHv7Qd/raK40xRWhPpY1lvZjD6ra Sw6I4UVjf1CVxkXTrm8WidG7Kwg7qQHJJS60kRlwIx+afGaFKo9nvUP78uFVMxLF Y342RU/xnC+UhY+zTXHLkyDBZeDAT2OyzYXrxhPK/UWYwOw0uiMGmx0/1ozLvLaa mM9+b3jB26mzG5gcZFT5ankizGh27jPGLOXPSJEKwcyFy4gOfTRDcO+Gp/au7vqz hOTFJaXNnpeYMmOP7s7IqNg5yCpawdaVEjEf2B1i7UtDsJp/AursvJHIvAWGG1El BlROfxny3hJ7ctKTj6oRo8LqRpnDLHzMtCaA79c+R0GCu1RMMeOfG88W1VHIt7L2 okqDlxjGEQ8gzgY=
    =UCMV
    -----END PGP SIGNATURE-----


    --==============♣34809929626245651=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZ/FiKAAKCRCb9qggYcy5 IZ9fAP9ZK1YduUWOwGrJ4SW/s6AiATkGqRIHSnMvH1OiZJQ0xwEAgRvLYNFBIuvT U4qurj6bMEDwda0KSt/zgbESfVfsgAIKhD
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)