-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 02 Apr 2025 02:04:23 -0400
Source: chromium
Architecture: source
Version: 135.0.7049.52-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (135.0.7049.52-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2025-3066: Use after free in Navigations.
       Reported by Sven Dysthe (@svn-dys).
     - CVE-2025-3067: Inappropriate implementation in Custom Tabs.
       Reported by Philipp Beer (TU Wien).
     - CVE-2025-3068: Inappropriate implementation in Intents.
       Reported by Simon Rawet.
     - CVE-2025-3069: Inappropriate implementation in Extensions.
       Reported by NDevTK.
     - CVE-2025-3070: Insufficient validation of untrusted input in
       Extensions.
     - CVE-2025-3071: Inappropriate implementation in Navigations.
       Reported by David Erceg.
     - CVE-2025-3072: Inappropriate implementation in Custom Tabs.
       Reported by Om Apip.
     - CVE-2025-3073: Inappropriate implementation in Autofill.
       Reported by Hafiizh.
     - CVE-2025-3074: Inappropriate implementation in Downloads.
       Reported by Farras Givari.
   * d/patches:
     - upstream/optional.patch: drop, merged upstream.
     - upstream/qualifications.patch: drop, merged upstream.
     - fixes/lens-optional.patch: drop, merged upstream.
     - fixes/optional.patch: drop, merged upstream.
     - fixes/swiftshader-llvm.patch: drop, merged upstream.
     - fixes/variant.patch: drop, merged upstream.
     - bookworm/clang19.patch: refresh.
     - bookworm/gn-revert-path-exists.patch: add build fix to work around
       older gn.
     - ungoogled/disable-privacy-sandbox.patch: refresh from ungoogled.
     - fixes/make-pair.patch: add a gcc-specific build fix.
     - disable/buildtools-libc.patch: add patch to remove libc build stuff.
     - bookworm/gn-absl.patch: refresh.
     - bookworm/constexpr.patch: refresh.
     - bookworm/stdarch-arm.patch: refresh.
     - bookworm/eslint.patch: add bookworm-specific build fix; thanks
       Daniel Richard G. <skunk@iSKUNK.ORG>!
     - bookworm/crabbyav1f.patch: add rustc 1.78 build fix workaround.
 .
   [ Timothy Pearson ]
   * Enable pointer compression on ppc64le
     This fixes V8 OOM conditions noted on e.g. https://trac.ffmpeg.org
   * d/patches/ppc64le:
     - v8/0001-Enable-ppc64-pointer-compression.patch
     - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch:
       refresh for upstream changes
 .
   [ Daniel Richard G. ]
   * d/rules: Add switch to allow downloading either Google's upstream tarball,
     or an independently-created one from Gentoo. Default to the latter.
Checksums-Sha1:
 143023ec03400520183907c4d9b4b537707c6430 3869 chromium_135.0.7049.52-1~deb12u1.dsc
 ffd88347c5f9786bef29a41bfa28bef7e13102b0 915606044 chromium_135.0.7049.52.orig.tar.xz
 faba6d0ab5ac86eb66f4518f775dd9c0f12784b2 8422772 chromium_135.0.7049.52-1~deb12u1.debian.tar.xz
 626ea9d7c887c5927aee169a27b590dd1662a13a 26821 chromium_135.0.7049.52-1~deb12u1_source.buildinfo
Checksums-Sha256:
 8ac1a0cdd06d0d1c2ecd7c16cf56c3705be39efb5fa501ece28dd12e9bbdbd2b 3869 chromium_135.0.7049.52-1~deb12u1.dsc
 fe028f5b6aed8c8df13d34c632ab4cf2c9aa2e783a8c34161ebe51db38f00ae4 915606044 chromium_135.0.7049.52.orig.tar.xz
 5cda18e19245d3c487695ef782544b256ccdedf29caae96ee09df6d649a3e5c1 8422772 chromium_135.0.7049.52-1~deb12u1.debian.tar.xz
 e3cedc362156e3c8ad67450b9552ff9f82e4b493a68cd843bbf8a987f32b963b 26821 chromium_135.0.7049.52-1~deb12u1_source.buildinfo
Files:
 00f22ddf031c3855647fb01953049600 3869 web optional chromium_135.0.7049.52-1~deb12u1.dsc
 1cc83b4c0005615f9ac63648fe40853b 915606044 web optional chromium_135.0.7049.52.orig.tar.xz
 616a84492a9020946c48bc7a58bba776 8422772 web optional chromium_135.0.7049.52-1~deb12u1.debian.tar.xz
 1ad43cac2f039d5db4c144d9596c99da 26821 web optional chromium_135.0.7049.52-1~deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmftfFkUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjeRYw/8CTIoyVrcLo0rm70ni1v168wGn0AC
PF21bshWe4cI6s/d+ERfqmDh6ggyddAex89Jn6aHQWNFwby+Mqa4NOxWsgnv7UU4
d1fn+EAL7hJTpOIwwI9juVBZo12tgzfXxAYaJAG9+2d4SbU4EXUJRrNGBBy7x4wm
l8QgyPQzeN/yodTYiB/JQ6qUAPxuBEtu5EhU3BA798YcM7Y2omEHqfbFSeIaEZlP
jwMIajYt5NjiiVMN7yxJd1G7sJZVEtwYX4d23WNSfxUPMq0R9KDVRxoT6KWtyGKb
eDgq2GQK/mX03/TXd95KLTO1rXs2N61433EsIHv7Qd/raK40xRWhPpY1lvZjD6ra
Sw6I4UVjf1CVxkXTrm8WidG7Kwg7qQHJJS60kRlwIx+afGaFKo9nvUP78uFVMxLF
Y342RU/xnC+UhY+zTXHLkyDBZeDAT2OyzYXrxhPK/UWYwOw0uiMGmx0/1ozLvLaa
mM9+b3jB26mzG5gcZFT5ankizGh27jPGLOXPSJEKwcyFy4gOfTRDcO+Gp/au7vqz
hOTFJaXNnpeYMmOP7s7IqNg5yCpawdaVEjEf2B1i7UtDsJp/AursvJHIvAWGG1El
BlROfxny3hJ7ctKTj6oRo8LqRpnDLHzMtCaA79c+R0GCu1RMMeOfG88W1VHIt7L2
okqDlxjGEQ8gzgY=
=UCMV
-----END PGP SIGNATURE-----