-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 05 Aug 2025 17:48:13 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: armhf Version: 139.0.7258.66-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-conova-03) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-headless-shell - web browser - old headless shell chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (139.0.7258.66-1~deb12u1) bookworm-security; urgency=high . * New upstream stable release. - CVE-2025-8576: Use after free in Extensions. Reported by asnine. - CVE-2025-8577: Inappropriate implementation in Picture In Picture. Reported by Umar Farooq. - CVE-2025-8578: Use after free in Cast. Reported by Fayez. - CVE-2025-8579: Inappropriate implementation in Gemini Live in Chrome. Reported by Alesandro Ortiz. - CVE-2025-8580: Inappropriate implementation in Filesystems. Reported by Huuuuu. - CVE-2025-8581: Inappropriate implementation in Extensions. Reported by Vincent Dragnea. - CVE-2025-8582: Insufficient validation of untrusted input in DOM. Reported by Anonymous. - CVE-2025-8583: Inappropriate implementation in Permissions. Reported by Shaheen Fazim. * d/copyright: delete third_party/enterprise_companion, as it includes a binary. * d/control: - Replace elfutils build-dep with llvm-19 for switch to llvm-strip. - Update rustc-web build-dep to >= 1.84. * d/rules: - drop enable_nacl=false; upstream removed NaCL. - set enable_enterprise_companion=false. - disable Gemini AI (enable_glic=false). * d/patches: - disable/catapult.patch: refresh. - disable/buildtools-libc.patch: refresh. - system/eu-strip.patch: drop, upstream switched to llvm-strip. - bookworm/gn-revert-path-exists.patch: refresh & drop unused part. - ungoogled/disable-privacy-sandbox.patch: refresh. - fixes/bindgen.patch: rename to bookworm/bindgen.patch, since trixie now has a newer bindgen. - bookworm/gn-absl.patch: refresh. - bookworm/rust-is-none-or.patch: drop, thanks to newer rustc-web. - bookworm/rust-unstable-features.patch: drop - newer rustc-web. - bookworm/bubble-contents.patch: drop, no longer needed. . [ Timothy Pearson ] * d/patches/ppc64le: - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch: Refresh for upstream changes - sandbox/0009-sandbox-updates-138.patch: Properly handle IPC and send syscalls - third_party/0001-add-xnn-ppc64el-support.patch: Refresh for upstream changes - third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from upstream sources - third_party/skia-vsx-instructions.patch: Refresh for upstream changes - fixes/fix-partition-alloc-compile.patch: Refresh for upstream changes Checksums-Sha1: 71763615fd7e259d43bde3499d79140cb780bcb9 5499748 chromium-common-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb 6fe84f72f6ec63251e3d9cb7f4f5019030c37d44 22081708 chromium-common_139.0.7258.66-1~deb12u1_armhf.deb c01ebf3db594d2fd7dbfa302b7a826be48d5e91f 32854988 chromium-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb 5d98c42eb4f6956a93a60e96ffd0a0496885866e 7601440 chromium-driver_139.0.7258.66-1~deb12u1_armhf.deb 30924cb25a117ddbc67e3f211596370b331e98fb 26152616 chromium-headless-shell-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb e7228852e97079581a920d69280af99e2c53f4ca 52088368 chromium-headless-shell_139.0.7258.66-1~deb12u1_armhf.deb 3a5dfe06d045f39508cacc7e0e06ee4de592dd5b 18044 chromium-sandbox-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb 589351023c8f1844888ca0f1ee3180d2b1989a26 105608 chromium-sandbox_139.0.7258.66-1~deb12u1_armhf.deb c62612062399d4501f7a4c228b6e4d30c66fc573 28310600 chromium-shell-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb f61efddbe22fd4333fdaf8f7bf0a82a786e57484 56703952 chromium-shell_139.0.7258.66-1~deb12u1_armhf.deb fec302a784ec5e2e1ff4d860bfd93de63d43ced4 30161 chromium_139.0.7258.66-1~deb12u1_armhf-buildd.buildinfo 70bd568a5c4ea43ef1b8aa45d35877989735615b 66455620 chromium_139.0.7258.66-1~deb12u1_armhf.deb Checksums-Sha256: 33909c0a762110108ff2cca224c9f25f0496fa5658a3e724fd94ec769f33bb91 5499748 chromium-common-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb 8691d03fa7dd4025ed705eaab30e5f76f05029abd17abf86eb97e3e6e5cdba46 22081708 chromium-common_139.0.7258.66-1~deb12u1_armhf.deb f52c3b4791924807e593656f383a763a335277364f58d18eb6716459e13f704f 32854988 chromium-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb bc536214104fa5407b82546a7238ecb5d6acbf6d21bdf1fa03e977b3ab19bfbf 7601440 chromium-driver_139.0.7258.66-1~deb12u1_armhf.deb a868f57a0f803337979d65a5dbeb43081a778962550ce26996c17f9a0436d14b 26152616 chromium-headless-shell-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb a60675e2899d23b2906874a955cb75c2323415d47424e0d1c18ee8b512032c4e 52088368 chromium-headless-shell_139.0.7258.66-1~deb12u1_armhf.deb b0c702650f2b95588a73199dbdb9d33b39b215e980bc0eb731f119051ee89164 18044 chromium-sandbox-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb e1abd9ee3d40bac7d71f667da7d35cad409bd8e1df2bff963a195047df9a2b0a 105608 chromium-sandbox_139.0.7258.66-1~deb12u1_armhf.deb 1ff71a38aede7cfd09a7c17d9f871543d1e6236885916e3177ade72f0a790a67 28310600 chromium-shell-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb 7df04f1711796dbae30e1cad6f88f32b9136df0a7c2c7112f35bca85351d4228 56703952 chromium-shell_139.0.7258.66-1~deb12u1_armhf.deb c23e198b09ad366118b7391699f5706b8763edf968ef0a00679826df99b8135b 30161 chromium_139.0.7258.66-1~deb12u1_armhf-buildd.buildinfo 08b80eeeacddfd78e1c00b3b6b812a0df5d816ff7e60768633a35e94d5e0ceaf 66455620 chromium_139.0.7258.66-1~deb12u1_armhf.deb Files: 9581f94b808d55ba6edb96b3ad8c0c31 5499748 debug optional chromium-common-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb 2627dacd17a1d662858067eb0a3a8c55 22081708 web optional chromium-common_139.0.7258.66-1~deb12u1_armhf.deb 713967e6c3b6964c048fb58b039f3dd5 32854988 debug optional chromium-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb 727312205d165d924099874fde933952 7601440 web optional chromium-driver_139.0.7258.66-1~deb12u1_armhf.deb d696a5e6c4ed52546bb41a5acf33a6ba 26152616 debug optional chromium-headless-shell-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb 7d527b35ec6529502bb28a4e7279031c 52088368 web optional chromium-headless-shell_139.0.7258.66-1~deb12u1_armhf.deb f53dc163d3e3bf87a7a521e24a7cf22f 18044 debug optional chromium-sandbox-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb 566e720a9ff9c7154d9ec14957d043c8 105608 web optional chromium-sandbox_139.0.7258.66-1~deb12u1_armhf.deb 5f84ae8807c8d8c74e2d53f1a4c868af 28310600 debug optional chromium-shell-dbgsym_139.0.7258.66-1~deb12u1_armhf.deb 237e818b17209732823c2457d7832094 56703952 web optional chromium-shell_139.0.7258.66-1~deb12u1_armhf.deb 13b7cfebadb2195cbe7d3599ecd3fe51 30161 web optional chromium_139.0.7258.66-1~deb12u1_armhf-buildd.buildinfo 0d14ee8e8fa74f54035b683619a86154 66455620 web optional chromium_139.0.7258.66-1~deb12u1_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEVM4SKBZumztS8zr3lST9Us03ywsFAmiTnT4ACgkQlST9Us03 ywvtcRAAj2GHfuCXyEnhpYGCNJxsuCPJOTWEH6k/GSEDUzcM3CAwfZZhfSy5Quge Quh9JxgfT/14ROYdTF72LZ8QBOe40R1O/qwBfA93aaeMN2LwuIiQ97d58IeIjm0P AXN1+8aVBNhyamewc+6pCYPOcKUWCBh2Y3GgCGlISjlFmhMzuiCY7MfItGWlYRgw iLKkOVuG5WFpUL1DaGSD0S2BFMaP/HzIgVtJcBigk0S2TcT4m6r/MHlKPb5W9K/P KiKkmBRBaf2iqHmGlt/gbkOdFW+6uCemNZOm2vezOhzueJxbG5HHOhaSSWRiVUmI 1NJMEKx8Rg71B8kQnLkh5C/t8vaMEizAgTHvJ013uJmejkFLTgfeTF+cocelImAw 3h0wZVgm5BdeWCmg0k2WX1kdQAAhkZDqcQWKcpWOL4JH7CPTQSBsk2E3KLMA07E3 RZ86QuC26ciFzu6a90+X5N54jw9iF5OGFcbvD7Yk30tzcxGimmmKSnQyDk4GlEq4 HhEtNNsrfx+saGP9viqAiVOP+96+TT6i6WE7HyfZeAWkGYWqmidJ1B3ZceyVY/Qo 2vv3WvJYx+cTgqlrgMx3/TeTqT9xbLP7rxnBK7j4oEQSZ3o5RKoCGW5d7G3CJ4Kw bvAEaMxmOYB9Bnyjt/IzkGe1FzRFXpHPhorYVBnVN9oWP0PRr3c= =gbnx -----END PGP SIGNATURE-----