-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 03 Dec 2025 01:54:50 -0500
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: i386
Version: 143.0.7499.40-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) <buildd_amd64-x86-conova-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (143.0.7499.40-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2025-13630: Type Confusion in V8.
       Reported by Shreyas Penkar (@streypaws).
     - CVE-2025-13631: Inappropriate implementation in Google Updater.
       Reported by Jota Domingos.
     - CVE-2025-13632: Inappropriate implementation in DevTools.
       Reported by Leandro Teles.
     - CVE-2025-13633: Use after free in Digital Credentials.
       Reported by Chrome.
     - CVE-2025-13634: Inappropriate implementation in Downloads.
       Reported by Eric Lawrence of Microsoft.
     - CVE-2025-13720: Bad cast in Loader. Reported by Chrome.
     - CVE-2025-13721: Race in v8. Reported by Chrome.
     - CVE-2025-13635: Inappropriate implementation in Downloads.
       Reported by Hafiizh.
     - CVE-2025-13636: Inappropriate implementation in Split View.
       Reported by Khalil Zhani.
     - CVE-2025-13637: Inappropriate implementation in Downloads.
       Reported by Hafiizh.
     - CVE-2025-13638: Use after free in Media Stream. Reported by sherkito.
     - CVE-2025-13639: Inappropriate implementation in WebRTC.
       Reported by Philipp Hancke.
     - CVE-2025-13640: Inappropriate implementation in Passwords.
       Reported by Anonymous.
   * d/patches:
     - fixes/headless-gn.patch: refresh.
     - fixes/chromium-142-iwyu-field-form-data.patch: drop, merged upstream.
     - disable/tests.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: sync from upstream.
     - fixes/libpng-testonly.patch: add a workaround for a missing build target
       that upstream forgot to include.
     - trixie/rust-no-alloc-shim.patch: mark nightly feature 'no_mangle' as
       unsafe to make rustc happy.
     - trixie/cookie-string-view.patch: add a workaround for missing clang-19
       feature.
 .
   [ Daniel Richard G. ]
   * d/patches:
     - debianization/cross-build.patch: Avoid "Assignment had no effect"
       error from GN when running outside of d/rules.
     - debianization/rustc-bootstrap.patch: Move RUSTC_BOOTSTRAP=1 here.
     - disable/license-headless-shell.patch: Don't generate the (unused)
       LICENSE.headless_shell file, as the rule tends to break easily.
     - fixes/headless-gn.patch: No longer needed, thanks to previous patch.
     - trixie/rust-is-multiple-of.patch: add more workarounds for missing
       rustc features.
     - bookworm/constexpr.patch: Refresh (source file moved).
     - bookworm/gn-absl.patch: Refresh.
     - bookworm/gn-path-exists2.patch: Refresh.
     - bookworm/rust-unsafe-extern.patch: add workaround for older rust code
       convention generated by bookworm's version of rust-bindgen.
     - bookworm/node-esm-dirname.patch: add workaround for older node 18.
   * d/rules: Move RUSTC_BOOTSTRAP=1 environment setting into patch.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - ppc64le/third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from
       upstream sources
     - ppc64le/fixes/fix-clang-selection.patch: Refresh for upstream changes
Checksums-Sha1:
 589fc3533f2fb030f12df7e4f8e9958f32fa6941 5119736 chromium-common-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 db26cf4001d3cb4f586f6bb1782407187c8dfc57 22846828 chromium-common_143.0.7499.40-1~deb12u1_i386.deb
 a92940bc655786b7f31e37af51c75fcc3cc6343b 34410952 chromium-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 b8eb669b4918a005c6e54e3428224fef1dddec4d 7600156 chromium-driver_143.0.7499.40-1~deb12u1_i386.deb
 113ae142f8b31bb49d1118fd525ed0c8f546b478 28511288 chromium-headless-shell-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 cba76a346385d44f180c0bde6044e0cd213bfc84 55921760 chromium-headless-shell_143.0.7499.40-1~deb12u1_i386.deb
 23102b6a7a2f308a454a2014f44bcbcb5548dcc7 17824 chromium-sandbox-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 c41a3d206cb37ac8cfc0aee602a1fb711533e6ec 108640 chromium-sandbox_143.0.7499.40-1~deb12u1_i386.deb
 bd66b0db8ef84dbfee4a7cc1486ea5b33b9ae2a7 31273972 chromium-shell-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 b6474607bb7df6af40921161a4f3e349fc7b6abb 61101272 chromium-shell_143.0.7499.40-1~deb12u1_i386.deb
 30588143ebb1f0e457c4abf9e4307cad705ea6c9 30314 chromium_143.0.7499.40-1~deb12u1_i386-buildd.buildinfo
 01e3d988f6fdc6be2c5ee0da72af3c7b11088476 72825360 chromium_143.0.7499.40-1~deb12u1_i386.deb
Checksums-Sha256:
 d86949cf65db4fa119a2d7c74467a06871e97666d3564bd7eca417e3e7787674 5119736 chromium-common-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 232a3a6371da5360a869694a5c0e3ea9600cfc4ad4e9cd56cb150c217d741311 22846828 chromium-common_143.0.7499.40-1~deb12u1_i386.deb
 1e21e325a267e14a594ded7c20137350d5555ea767926553b1c1c5cdefbf565c 34410952 chromium-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 4691ba1e584719fae805e4a7fa5ef29802b25e51fe7496405c3c7325eedcb9c2 7600156 chromium-driver_143.0.7499.40-1~deb12u1_i386.deb
 ff775e71526047a6b54b8d32f432422a81aa05cf0c86e6db29776f4bf611d4ab 28511288 chromium-headless-shell-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 e2e28a78c39c08f2e579a263c8212c8630f091c933287c5c38463db376aec438 55921760 chromium-headless-shell_143.0.7499.40-1~deb12u1_i386.deb
 6001bb1f49dbe759181c5ff96ed55a44ad65aa1f5eaebbe27965f6b9d507ae06 17824 chromium-sandbox-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 013e322141c584b56ff5acaaff44d6900073df2148ecddca276ab74a27494006 108640 chromium-sandbox_143.0.7499.40-1~deb12u1_i386.deb
 f87b1dd52bf9d68caf515a8dce38666eef3b35261bc621119cabbee137971e95 31273972 chromium-shell-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 ff5fae639dabb324f19ef3ea85136c3690efd6054bfc8dc5038322b970e92522 61101272 chromium-shell_143.0.7499.40-1~deb12u1_i386.deb
 dc3e4ce52d7f6ebd6221de05d1763033d29e360f1d1147040fcabc9b5744abd2 30314 chromium_143.0.7499.40-1~deb12u1_i386-buildd.buildinfo
 ef656e416c435315980754584b31881a1dd01e6cd0b5a7c3265e08fa8154b8e1 72825360 chromium_143.0.7499.40-1~deb12u1_i386.deb
Files:
 e499170552d5c78a2eaeded0789c5988 5119736 debug optional chromium-common-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 6847f01411b3779a0afe8915e05e4522 22846828 web optional chromium-common_143.0.7499.40-1~deb12u1_i386.deb
 f9236c907b372489aea33d08323d4a3c 34410952 debug optional chromium-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 848d1c06a3f5f2edc1d6b0635091a4df 7600156 web optional chromium-driver_143.0.7499.40-1~deb12u1_i386.deb
 51a6e69879b2b1d658cc2a5b376996ed 28511288 debug optional chromium-headless-shell-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 e3eb6a14adc272fca30edfad87380823 55921760 web optional chromium-headless-shell_143.0.7499.40-1~deb12u1_i386.deb
 1c55680c58d70daf9306d460ff944cfc 17824 debug optional chromium-sandbox-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 c5c4daa4f829d0b18ff652802a094add 108640 web optional chromium-sandbox_143.0.7499.40-1~deb12u1_i386.deb
 84a63e6fc5e157d19fa98ea5180ba240 31273972 debug optional chromium-shell-dbgsym_143.0.7499.40-1~deb12u1_i386.deb
 cff41fd9e2d7e92c05b0b72d673e7488 61101272 web optional chromium-shell_143.0.7499.40-1~deb12u1_i386.deb
 68fff184977f1edac56727eb10c8f195 30314 web optional chromium_143.0.7499.40-1~deb12u1_i386-buildd.buildinfo
 b98e0e45084973031bbd5ea8b1226399 72825360 web optional chromium_143.0.7499.40-1~deb12u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEErwLLVsiCiGZggzpHJuP6X4A0XeIFAmkxckYACgkQJuP6X4A0
XeLaXw//QFotBQLaFyDgyZgyHTwy0bXpTxkA+60Kj9tSZWhyLFTc8yJeS++gD9O8
hymOKrfmRKa00N8a/M8euUTZ0+zWe/y2nbjpqVhjOkrByIPONnXcD99dRsbfL8EU
NarfYrFG8N/UuOjnpBhrzGQDZ96A7OYgUWnh9CsDvhL3wdjDONvVq8aWT9VXg9Ip
4m76NOwedVmatHzVrEJDs8yutrv3+1zx/D6INTw2RWuWFMTOBDY0yhr5xIgKmE30
NHt86byExTynQTgOBmEw/1vFm0C5qVQ/YOPgw0jIzvd3bJEtVrh479K3ds0KF1kV
PHeD9mppRO9RsI+RODT1uIUuuVwKt3aP+rKsOzOOcYy9pSYwnFGyOdQ5zdpiYGCc
h3m+o9HLw6iaaKzybiGDg6pOgCQSNoT/GrhKvQFg0s8aF91eqxnWGGT964sTf19l
7eTUXo/l+J4S1mfsjEMQ6E9/2kFyIjxhiuWwSCSz4lUJTBm4UVqGM/kFJdjsBw74
ibHmHe97i1ChSAKc3mhGdt3A3VohfAzgfWPLTSqNloNZetWWnQ8Pq8MK6OIBS9A0
gBWofAczun/9c8vXVYj0/2ouCHdjSFCGzsp+9b57QdrddtLTmRZ0MDkU9HO48maY
tK8Y9sRGYxUgIZxT7p/7xRBZDZ5zfiqxzzs7ZdgLP+sCfL1Jf4k=
=xeeK
-----END PGP SIGNATURE-----