• Accepted chromium 136.0.7103.59-2~deb12u2 (source) into proposed-update

    From Debian FTP Masters@21:1/5 to All on Sun May 18 22:40:01 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Thu, 01 May 2025 12:18:24 -0400
    Source: chromium
    Architecture: source
    Version: 136.0.7103.59-2~deb12u2
    Distribution: bookworm-security
    Urgency: high
    Maintainer: Debian Chromium Team <chromium@packages.debian.org>
    Changed-By: Andres Salomon <dilinger@debian.org>
    Changes:
    chromium (136.0.7103.59-2~deb12u2) bookworm-security; urgency=high
    .
    * Temporarily disable CVE verification check in order to fix build;
    will be restored on next upload.
    .
    chromium (136.0.7103.59-2~deb12u1) bookworm-security; urgency=high
    .
    * Delete third_party/jetstream due to non-free ("do no evil") license.
    .
    chromium (136.0.7103.59-1~deb12u1) bookworm-security; urgency=high
    .
    [ Andres Salomon ]
    * New upstream stable release.
    - CVE-2025-4096: Heap buffer overflow in HTML. Reported by Anonymous.
    - CVE-2025-4050: Out of bounds memory access in DevTools.
    Reported by Anonymous.
    - CVE-2025-4051: Insufficient data validation in DevTools.
    Reported by Daniel Fröjdendahl.
    - CVE-2025-4052: Inappropriate implementation in DevTools.
    Reported by vanillawebdev.
    * d/rules: disable warning-suppression-mappings; llvm too old.
    * d/control: drop libevent-dev build-dep, no longer used.
    * d/scripts/unbundle:
    - libavif no longer used, no need to specify bundling.
    - bundle simdutf, which isn't packaged for debian.
    * d/patches:
    - fixes/pipewire14.patch: drop, merged upstream.
    - disable/catapult.patch: refresh.
    - disable/buildtools-libc.patch: rework patch to be easier to maintain.
    - bookworm/gn-revert-path-exists.patch: update for a bunch of new
    path_exists() users.
    - disable/node-version-ck.patch: add patch to disable upstream's strict
    nodejs version check.
    - fixes/media-cstdint.patch: add missing header include.
    - upstream/media-optional.patch: add missing header include.
    - fixes/perfetto-nullptr.patch: add nullptr_t std qualification.
    - bookworm/gn-absl.patch: refresh.
    - bookworm/crabbyav1f.patch: update for changed rustflags location.
    - bookworm/node18-import.patch: add patch to work around bookworm's
    node 18 import rules.
    - bookworm/rust-is-none-or.patch: add patch to work around missing
    is_none_or() function in bookworm's rust 1.78.
    - bookworm/fmodf.patch: add gcc-12 specific build fix.
    - bookworm/dav1d-extern.patch: add linker fix for older libdav1d.
    .
    [ Timothy Pearson ]
    * d/patches/ppc64le:
    - third_party/0001-third_party-lss-Don-t-look-for-mmap2-on-ppc64.patch:
    drop due to upstream fixes
    - third_party/0002-third_party-lss-kernel-structs.patch: refresh for
    upstream changes
    - breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh for
    upstream changes
    - core/cargo-add-ppc64.diff: drop due to upstream fixes
    Checksums-Sha1:
    16be2857cdd32c20f4eb1dcf524ac7b579372a78 3855 chromium_136.0.7103.59-2~deb12u2.dsc
    ba675872dbbd206064f739a22a6cf7e44bc039ee 937911104 chromium_136.0.7103.59.orig.tar.xz
    b5004b48d6822397aa29706b2dd5b1ee20c934bf 8424520 chromium_136.0.7103.59-2~deb12u2.debian.tar.xz
    a4f64b8269992c1330ffd9c2b556a7702f506d26 26573 chromium_136.0.7103.59-2~deb12u2_source.buildinfo
    Checksums-Sha256:
    4eee7faa70d87300d23dd272b160ec5dd569b88d1aa55f2213f5137800c7cf0b 3855 chromium_136.0.7103.59-2~deb12u2.dsc
    2061f9a965393eb443727c98f67616775dc3bc774ad4d71f91986df1ad33e16c 937911104 chromium_136.0.7103.59.orig.tar.xz
    3badd372a5c55e93231d93f45725e83ed1ea1ff5cb6e236824174b1fbc73c709 8424520 chromium_136.0.7103.59-2~deb12u2.debian.tar.xz
    d7fbf32cd7ac55eabcedbf7d92d6993407640fa52382ba95b06f9c2116b421d9 26573 chromium_136.0.7103.59-2~deb12u2_source.buildinfo
    Files:
    b46aa979eadb0ab15571ba1647d20d00 3855 web optional chromium_136.0.7103.59-2~deb12u2.dsc
    44f0fcb5941ee89b763daf76e899f672 937911104 web optional chromium_136.0.7103.59.orig.tar.xz
    b324c325faddd1c829d4b3cc5a02d5e2 8424520 web optional chromium_136.0.7103.59-2~deb12u2.debian.tar.xz
    f91aaec94d809e4a03e828f854b9334d 26573 web optional chromium_136.0.7103.59-2~deb12u2_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmgToQ8UHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8NudjdMQRAApdL78IgbLX3+2EPgseUeha6OiUZM HUvHwQ/tVIOE5aPiwl9jUINGPq59YELsH3xzAT5WK75HHP+TRs9ni+nuQblbAW3p cH6aDvuU5z8OHkwM7i0JV1bhitn+6WOfMtrTm8GrTSU99C6R7ols6knh4VVUEaRo OPlBsNPDNyPSdqWtoSCISyjgYk7ja2urdySHrQ9cjm17HuXBVA5Y211GWM9E5hP3 h7fSiATrKCCpKR/2pefQ52ERHjvsysF3ptq73t6dtEQjyHCgG89znUBPYRgg65QO WC5x8WjNrrrHpK5+IiIUNfb5Z0EAo/dteTR4s0eKbugK2hW3NGb1aXNmd8QzPUk8 eHwNG6sBopFokwf697A8N9rWdm3ohqsGoufqMyoICDlMlpTyUXnznJJRapDhbd3V Vc5pomQrwtfc2zcYTVm3hj0/Npu3ppizvNjeLHT5+YisZ+yp8mzZ1cw6yjkDeuqz MboZAZgirUd3Q2x18U3wDBw5XxU/pj5ylxPFD/110020XePXMEXeYDe3E8JXX28b 7BUAqjB275hlqMMNIuozfrlqFUgVAXs2MxbJEl6oxyhNll0z3Uyb2cxsc/sh4Lth 1aGnrCltX6B+vdf1Sc2VIbPbFSJxHHYErvOuEUlUY9XGM+vWc6dgw+BnXVSwnzj1 ggU2vg986JsCm34=
    =gjRx
    -----END PGP SIGNATURE-----


    --==============54733613144329991=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaCpFOwAKCRCb9qggYcy5 IcLtAQCDhdL53hgkkbph2gkmA3rupuicgZ+86uCon/fSMIgO7QEAqDA6/hSSQPsY 85DoNBhjH0E/RsZKzOqUIRYXUmUAIAM=kpvR
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)