-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 12 Aug 2025 17:12:12 -0400 Source: chromium Architecture: source Version: 139.0.7258.127-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Debian Chromium Team Changed-By: Andres Salomon Changes: chromium (139.0.7258.127-1~deb12u1) bookworm-security; urgency=high . * New upstream security release. - CVE-2025-8879: Heap buffer overflow in libaom. Reported by Anonymous - CVE-2025-8880: Race in V8. Reported by Seunghyun Lee (@0x10n). - CVE-2025-8901: Out of bounds write in ANGLE. Reported by Google Big Sleep. - CVE-2025-8881: Inappropriate implementation in File Picker. Reported by Alesandro Ortiz. - CVE-2025-8882: Use after free in Aura. Reported by Umar Farooq. Checksums-Sha1: 29fa8af3de303d1c4ae06c0e4b435eb6eab90f79 4063 chromium_139.0.7258.127-1~deb12u1.dsc 5a6bb7d858ff749f78b292c601e54dd6a924a5a4 970152272 chromium_139.0.7258.127.orig.tar.xz 25101d4e4e4f30e9219a42c40f6f7f99c0bc9506 8484288 chromium_139.0.7258.127-1~deb12u1.debian.tar.xz 18e2991dfa3695cdb74b2ec622d95612d9e2c418 26749 chromium_139.0.7258.127-1~deb12u1_source.buildinfo Checksums-Sha256: 587c05166727dadb3cdc57036d0655a9ad696c9bbebe20e684a0d10ef1730582 4063 chromium_139.0.7258.127-1~deb12u1.dsc 950be055598444f29aa5c4fd2210a1751d001259a068edf972d823eb0bfad5a5 970152272 chromium_139.0.7258.127.orig.tar.xz 8c42533a001036b01b5ceb2a371c49c9bf3fd84b8c9f15024f4d2e40eee42998 8484288 chromium_139.0.7258.127-1~deb12u1.debian.tar.xz 3055dbf60b5745bbd5730d30338e2e3a98dccd7d24d154d55b4ef6d500131c45 26749 chromium_139.0.7258.127-1~deb12u1_source.buildinfo Files: 4ea3dfc76339d6b80244ec786dbd338e 4063 web optional chromium_139.0.7258.127-1~deb12u1.dsc df4389306d542832f758b402f153ccee 970152272 web optional chromium_139.0.7258.127.orig.tar.xz e944b062d7da7115099f24b49bdff168 8484288 web optional chromium_139.0.7258.127-1~deb12u1.debian.tar.xz d66e8e39b68681983971d0f0e0e31925 26749 web optional chromium_139.0.7258.127-1~deb12u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmicJqUUHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8NudjfxPQ/+JbYo7ZAQF5MC+f++KQs+AqsTQtdn WuvgR4/emzzHG5tDhsMH157u4tJN8IjGzZAjR7dJ/3tGQtci8IgX/ktmsbj3zLT9 drx6IVwY2ewvjvENYUPf7qWFwtOtvsle2V42fEeXfbECRvgjzrn/C+BBjFm11dlm KB+xzDvKjbA6wlDIEKw/XBfvt7/V1oogcHimqkwKdiACa5Jr82ncmqB4+CWXb8Jg T2Cu5MnxmHsOtjzPO3qVw8CL94q99kjOOLokOcWf79hOoM/ulGo0Y7jjIbEKpO+R a82bntwtI1qq0KL7sDdsSjpj26OQD0jpgDZoRTjnMVFlUK4V5ls6Oz6AuUAEkPyF OdZjZoUNSoYcHC7UMpbVY6XPc5usoM67oKld5rEAXMfnNqBGVBtRZk7KxMZ+K0xm O/BM0xzo9/a9ixGJrUfd8hlIRQoFPM7iQj3bGrju/Vlc1/MfrDxNDurSBEv7yg0z dtRtghcyIJLHjbAlXDfcaAL5KP5Fqfq4Bgv0hhaI8kKU8OHX9qMkzeIm4FRzpxIS rs2Ib2z0naGXKoBL9EgzQLyRDDnELbXJmWvxB82eCgq6r7WXm/NpCkdXTmM0SmiH c/gemiOF60dP6xzqwcLQyLTlr26QxIkBfq/eltwoGTYLSf8DXtRdtRtjEzlP0Z6a cwBe7YBrqqbljeM= =JuZW -----END PGP SIGNATURE-----