-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 05 Mar 2025 13:26:45 -0500 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: ppc64el Version: 134.0.6998.35-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-conova-02) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-headless-shell - web browser - old headless shell chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (134.0.6998.35-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2025-1914: Out of bounds read in V8. Reported by Zhenghang Xiao (@Kipreyyy) and Nan Wang (@eternalsakura13). - CVE-2025-1915: Improper Limitation of a Pathname to a Restricted Directory in DevTools. Reported by Topi Lassila. - CVE-2025-1916: Use after free in Profiles. Reported by parkminchan, SSD Labs Korea. - CVE-2025-1917: Inappropriate Implementation in Browser UI. Reported by Khalil Zhani. - CVE-2025-1918: Out of bounds read in PDFium. Reported by asnine. - CVE-2025-1919: Out of bounds read in Media. Reported by @Bl1nnnk and @Pisanbao. - CVE-2025-1921: Inappropriate Implementation in Media Stream. Reported by Kaiido. - CVE-2025-1922: Inappropriate Implementation in Selection. Reported by Alesandro Ortiz. - CVE-2025-1923: Inappropriate Implementation in Permission Prompts. Reported by Khalil Zhani. * d/patches: - fixes/widevine-revision.patch: drop. Upstream says "with CDMs using manifest-based registration, no need to" hardcode version string. - disable/catapult.patch: refresh. - bookworm/clang19.patch: refresh. - ungoogled/disable-privacy-sandbox.patch: refresh from ungoogled. - bookworm/gn-allowlist.patch: add workaround for older gn. - bookworm/adler1.patch: add workaround for older rust. - fixes/stdatomic.patch: add build fix to ensure isn't used. - fixes/variant.patch: add missing header include. - upstream/qualifications.patch: add fix to silence annoying warnings. - upstream/optional.patch: add more missing header includes. - bookworm/constflatset.patch: refresh. - bookworm/constexpr.patch: refresh. - bookworm/modff.patch: add workaround for libstdc++ build issue. - bookworm/foreach.patch: add workaround for libstdc++ build issue. * d/rules: update to ensure both qt5 AND qt6 are disabled. . [ Timothy Pearson ] * d/patches: - fixes/swiftshader-llvm.patch: Add LLVM patches from upstream LLVM project to fix integrated SwiftShader LLVM FTBFS * d/patches/ppc64le: - third_party/0001-Add-PPC64-support-for-boringssl.patch: Refresh for upstream changes Checksums-Sha1: 7bd1d6c07f4023f010ab77256d3f4d8223fff49a 5294796 chromium-common-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb f35df767501c39b3170fb4c02f2e2b3c7716744a 26102220 chromium-common_134.0.6998.35-1~deb12u1_ppc64el.deb 8d1c3c61574a4af7ba63e34d64a1fd452ff64442 26000032 chromium-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb 666a8cd59aa55d8426f601c15656abb5ee6b99cd 7383588 chromium-driver_134.0.6998.35-1~deb12u1_ppc64el.deb 5e80987c78a6363f5422c93e4deaf3463ff77bc6 21473432 chromium-headless-shell-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb 8dc9626b94118d8f9146708c27ab3e2f27ca7c60 54345708 chromium-headless-shell_134.0.6998.35-1~deb12u1_ppc64el.deb 6c5747a697b519a31dfa4e75704a6b7bb546e0c9 14252 chromium-sandbox-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb 08dd7eea6edec70786616d14d212093d5804bfaf 101240 chromium-sandbox_134.0.6998.35-1~deb12u1_ppc64el.deb 5bd5a495495aad626e9b93aa8211f596704c93a5 21209760 chromium-shell-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb 91181b6602ccc490769b14fcfe0104decd492bc6 51280408 chromium-shell_134.0.6998.35-1~deb12u1_ppc64el.deb 00fdfd8ff01920e6ce0e3fb969605df69a3c725d 30049 chromium_134.0.6998.35-1~deb12u1_ppc64el-buildd.buildinfo 54f88ed1ce43f2b42fc3220d6843f00cd1795779 74208232 chromium_134.0.6998.35-1~deb12u1_ppc64el.deb Checksums-Sha256: 34a6560d41855bc1d3718855cc43f4d8c7ced9471727a28d18c6a84deec7cfa1 5294796 chromium-common-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb eac84d9fc99fd58afb82c389ac07cd05daaabaeca829f3631c689463ce8cf744 26102220 chromium-common_134.0.6998.35-1~deb12u1_ppc64el.deb 0b6cdca82102cba90a417f7630d364a0d2aa98a422abd7cf071f274c4d1aee62 26000032 chromium-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb 53df675da3a49bdb633d898af101c9a913e47c3b86ebf9130261605d31fae872 7383588 chromium-driver_134.0.6998.35-1~deb12u1_ppc64el.deb f12201293c9c7fb4e4043e1e8155971fc2bb3d051022fc4d76626879dba734cc 21473432 chromium-headless-shell-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb 2e19967037294d302f406bc17352e44809483f19165f88571d62434f3878823f 54345708 chromium-headless-shell_134.0.6998.35-1~deb12u1_ppc64el.deb 11396f65ebbb7e80706796f5c98c21bab4e3fa84b8333e43970da3ac85162330 14252 chromium-sandbox-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb ecafc8d5f947ee0443e9ac446413e716be2691378c818ee94e2fcc4ed2e2e3b6 101240 chromium-sandbox_134.0.6998.35-1~deb12u1_ppc64el.deb 5afbccc8013f1aec7020b84d91b299556d38590ca6ad6545fc9bc564400783f5 21209760 chromium-shell-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb 41086947cde967475e9c5c7e51bdc4ec8f2144657725ff96697f82fef87f9ad7 51280408 chromium-shell_134.0.6998.35-1~deb12u1_ppc64el.deb 6a6a248a66a9a5600bf6e532ff944ec0c36638e35ba25d287107c01e9d50df44 30049 chromium_134.0.6998.35-1~deb12u1_ppc64el-buildd.buildinfo 8d64b73eaddf0270aff43dc6a274f16c247ff251b717412ec04cc91853b21965 74208232 chromium_134.0.6998.35-1~deb12u1_ppc64el.deb Files: abe56d3c42d691bac3f86f1130279244 5294796 debug optional chromium-common-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb 2baa0e57125dc1965e96823799740995 26102220 web optional chromium-common_134.0.6998.35-1~deb12u1_ppc64el.deb 10526115484bf3f18eaba988a3bb3251 26000032 debug optional chromium-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb d719d5afd6035020a9e432de9aeacb58 7383588 web optional chromium-driver_134.0.6998.35-1~deb12u1_ppc64el.deb 0c89758f862991120d45b9c824807046 21473432 debug optional chromium-headless-shell-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb 0905d2921d75c28b26dcb63113444352 54345708 web optional chromium-headless-shell_134.0.6998.35-1~deb12u1_ppc64el.deb 7c4a4a78ad9a8897cbd43c7e8c40661a 14252 debug optional chromium-sandbox-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb 0c2a2e7b5aded4a113f30440443f59ee 101240 web optional chromium-sandbox_134.0.6998.35-1~deb12u1_ppc64el.deb aeff10e37fdd57c8e6da8dc457344191 21209760 debug optional chromium-shell-dbgsym_134.0.6998.35-1~deb12u1_ppc64el.deb 3cf1940ccb1a6fdc3765f681edf32ca4 51280408 web optional chromium-shell_134.0.6998.35-1~deb12u1_ppc64el.deb 88cdf2056df6bba55cb5386f13be843b 30049 web optional chromium_134.0.6998.35-1~deb12u1_ppc64el-buildd.buildinfo b47b1aa2f3b7f624bca469953fbc3416 74208232 web optional chromium_134.0.6998.35-1~deb12u1_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEZAv/jpGRqS40qyb11oy1TpxF0ZAFAmfJ3WkACgkQ1oy1TpxF 0ZAiFQ//T6oBMyzc6AZmhpC5esKOTTUNo60C9FRhxiofydaoKsn93t5Gm9nISOBk kp8O6p8cBtaQqIJngLEo4M5q7W/cTaHRzvLpSP9SBV4ox6aJTKsO3cXfB1kL4ZWx 3/GGzeFNW+LH0FM0XvhBBsrfoxmr3JZ5E02fFD1yWuOBRMYdLObLgOxlcG8LhSur 7PDSNxtfo35qxFNsT+u2BdJ0GtiEXwfwGrnZzR/uU13n44JHcTgrv61h+1gGHebc fUKtnXZTeccqvHQrm16JltXfxGC6w0GaT7tbfDo5ZeVr95Ty9H/BQKQSYjyOf4PO Nmys4J31Q2OOF1DBGoz33X5/dAFdIkS84090LklSnM9Mg/5D6eVJQXpVv0PQrir0 3J3fmOne76swfRmxC/HwS2eaSYdwP3qmPpjcuO/wEa+F/1OrSKyRveMDlIvyXVOM hc4qMNTtKGQDdu49OuhJ6gTkWSEG6gAbVfjc3VVXq9AmFEuST8WgH1IGhYCqtaNz obtbYoIpouVWC3XE/QrsgsQc5f79MWMtkZmq47PZPMgET21qEcKftIJauPm97XOD 2rWVQDDXZCahadNZOfpeAYvfvVbgVfFTVsKBn/1mC1nem8jR4Lp9KTnYRb4+GXNL G3QV71oJ6PLMZDfmeoUDu5BY4P6GFJJqH0BYHYnZj4lQL3H1k9k= =4xEm -----END PGP SIGNATURE-----