-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 01 May 2025 12:18:24 -0400
Source: chromium
Architecture: source
Version: 136.0.7103.59-2~deb12u2
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <
chromium@packages.debian.org>
Changed-By: Andres Salomon <
dilinger@debian.org>
Changes:
chromium (136.0.7103.59-2~deb12u2) bookworm-security; urgency=high
.
* Temporarily disable CVE verification check in order to fix build;
will be restored on next upload.
.
chromium (136.0.7103.59-2~deb12u1) bookworm-security; urgency=high
.
* Delete third_party/jetstream due to non-free ("do no evil") license.
.
chromium (136.0.7103.59-1~deb12u1) bookworm-security; urgency=high
.
[ Andres Salomon ]
* New upstream stable release.
- CVE-2025-4096: Heap buffer overflow in HTML. Reported by Anonymous.
- CVE-2025-4050: Out of bounds memory access in DevTools.
Reported by Anonymous.
- CVE-2025-4051: Insufficient data validation in DevTools.
Reported by Daniel Fröjdendahl.
- CVE-2025-4052: Inappropriate implementation in DevTools.
Reported by vanillawebdev.
* d/rules: disable warning-suppression-mappings; llvm too old.
* d/control: drop libevent-dev build-dep, no longer used.
* d/scripts/unbundle:
- libavif no longer used, no need to specify bundling.
- bundle simdutf, which isn't packaged for debian.
* d/patches:
- fixes/pipewire14.patch: drop, merged upstream.
- disable/catapult.patch: refresh.
- disable/buildtools-libc.patch: rework patch to be easier to maintain.
- bookworm/gn-revert-path-exists.patch: update for a bunch of new
path_exists() users.
- disable/node-version-ck.patch: add patch to disable upstream's strict
nodejs version check.
- fixes/media-cstdint.patch: add missing header include.
- upstream/media-optional.patch: add missing header include.
- fixes/perfetto-nullptr.patch: add nullptr_t std qualification.
- bookworm/gn-absl.patch: refresh.
- bookworm/crabbyav1f.patch: update for changed rustflags location.
- bookworm/node18-import.patch: add patch to work around bookworm's
node 18 import rules.
- bookworm/rust-is-none-or.patch: add patch to work around missing
is_none_or() function in bookworm's rust 1.78.
- bookworm/fmodf.patch: add gcc-12 specific build fix.
- bookworm/dav1d-extern.patch: add linker fix for older libdav1d.
.
[ Timothy Pearson ]
* d/patches/ppc64le:
- third_party/0001-third_party-lss-Don-t-look-for-mmap2-on-ppc64.patch:
drop due to upstream fixes
- third_party/0002-third_party-lss-kernel-structs.patch: refresh for
upstream changes
- breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh for
upstream changes
- core/cargo-add-ppc64.diff: drop due to upstream fixes
Checksums-Sha1:
16be2857cdd32c20f4eb1dcf524ac7b579372a78 3855 chromium_136.0.7103.59-2~deb12u2.dsc
ba675872dbbd206064f739a22a6cf7e44bc039ee 937911104 chromium_136.0.7103.59.orig.tar.xz
b5004b48d6822397aa29706b2dd5b1ee20c934bf 8424520 chromium_136.0.7103.59-2~deb12u2.debian.tar.xz
a4f64b8269992c1330ffd9c2b556a7702f506d26 26573 chromium_136.0.7103.59-2~deb12u2_source.buildinfo
Checksums-Sha256:
4eee7faa70d87300d23dd272b160ec5dd569b88d1aa55f2213f5137800c7cf0b 3855 chromium_136.0.7103.59-2~deb12u2.dsc
2061f9a965393eb443727c98f67616775dc3bc774ad4d71f91986df1ad33e16c 937911104 chromium_136.0.7103.59.orig.tar.xz
3badd372a5c55e93231d93f45725e83ed1ea1ff5cb6e236824174b1fbc73c709 8424520 chromium_136.0.7103.59-2~deb12u2.debian.tar.xz
d7fbf32cd7ac55eabcedbf7d92d6993407640fa52382ba95b06f9c2116b421d9 26573 chromium_136.0.7103.59-2~deb12u2_source.buildinfo
Files:
b46aa979eadb0ab15571ba1647d20d00 3855 web optional chromium_136.0.7103.59-2~deb12u2.dsc
44f0fcb5941ee89b763daf76e899f672 937911104 web optional chromium_136.0.7103.59.orig.tar.xz
b324c325faddd1c829d4b3cc5a02d5e2 8424520 web optional chromium_136.0.7103.59-2~deb12u2.debian.tar.xz
f91aaec94d809e4a03e828f854b9334d 26573 web optional chromium_136.0.7103.59-2~deb12u2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmgToQ8UHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8NudjdMQRAApdL78IgbLX3+2EPgseUeha6OiUZM HUvHwQ/tVIOE5aPiwl9jUINGPq59YELsH3xzAT5WK75HHP+TRs9ni+nuQblbAW3p cH6aDvuU5z8OHkwM7i0JV1bhitn+6WOfMtrTm8GrTSU99C6R7ols6knh4VVUEaRo OPlBsNPDNyPSdqWtoSCISyjgYk7ja2urdySHrQ9cjm17HuXBVA5Y211GWM9E5hP3 h7fSiATrKCCpKR/2pefQ52ERHjvsysF3ptq73t6dtEQjyHCgG89znUBPYRgg65QO WC5x8WjNrrrHpK5+IiIUNfb5Z0EAo/dteTR4s0eKbugK2hW3NGb1aXNmd8QzPUk8 eHwNG6sBopFokwf697A8N9rWdm3ohqsGoufqMyoICDlMlpTyUXnznJJRapDhbd3V Vc5pomQrwtfc2zcYTVm3hj0/Npu3ppizvNjeLHT5+YisZ+yp8mzZ1cw6yjkDeuqz MboZAZgirUd3Q2x18U3wDBw5XxU/pj5ylxPFD/110020XePXMEXeYDe3E8JXX28b 7BUAqjB275hlqMMNIuozfrlqFUgVAXs2MxbJEl6oxyhNll0z3Uyb2cxsc/sh4Lth 1aGnrCltX6B+vdf1Sc2VIbPbFSJxHHYErvOuEUlUY9XGM+vWc6dgw+BnXVSwnzj1 ggU2vg986JsCm34=
=gjRx
-----END PGP SIGNATURE-----
--==============54733613144329991=Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaCpFOwAKCRCb9qggYcy5 IcLtAQCDhdL53hgkkbph2gkmA3rupuicgZ+86uCon/fSMIgO7QEAqDA6/hSSQPsY 85DoNBhjH0E/RsZKzOqUIRYXUmUAIAM=kpvR
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)