-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 03 Dec 2025 01:54:50 -0500
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: armhf
Version: 143.0.7499.40-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-05) <buildd_arm64-arm-ubc-05@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (143.0.7499.40-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2025-13630: Type Confusion in V8.
       Reported by Shreyas Penkar (@streypaws).
     - CVE-2025-13631: Inappropriate implementation in Google Updater.
       Reported by Jota Domingos.
     - CVE-2025-13632: Inappropriate implementation in DevTools.
       Reported by Leandro Teles.
     - CVE-2025-13633: Use after free in Digital Credentials.
       Reported by Chrome.
     - CVE-2025-13634: Inappropriate implementation in Downloads.
       Reported by Eric Lawrence of Microsoft.
     - CVE-2025-13720: Bad cast in Loader. Reported by Chrome.
     - CVE-2025-13721: Race in v8. Reported by Chrome.
     - CVE-2025-13635: Inappropriate implementation in Downloads.
       Reported by Hafiizh.
     - CVE-2025-13636: Inappropriate implementation in Split View.
       Reported by Khalil Zhani.
     - CVE-2025-13637: Inappropriate implementation in Downloads.
       Reported by Hafiizh.
     - CVE-2025-13638: Use after free in Media Stream. Reported by sherkito.
     - CVE-2025-13639: Inappropriate implementation in WebRTC.
       Reported by Philipp Hancke.
     - CVE-2025-13640: Inappropriate implementation in Passwords.
       Reported by Anonymous.
   * d/patches:
     - fixes/headless-gn.patch: refresh.
     - fixes/chromium-142-iwyu-field-form-data.patch: drop, merged upstream.
     - disable/tests.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: sync from upstream.
     - fixes/libpng-testonly.patch: add a workaround for a missing build target
       that upstream forgot to include.
     - trixie/rust-no-alloc-shim.patch: mark nightly feature 'no_mangle' as
       unsafe to make rustc happy.
     - trixie/cookie-string-view.patch: add a workaround for missing clang-19
       feature.
 .
   [ Daniel Richard G. ]
   * d/patches:
     - debianization/cross-build.patch: Avoid "Assignment had no effect"
       error from GN when running outside of d/rules.
     - debianization/rustc-bootstrap.patch: Move RUSTC_BOOTSTRAP=1 here.
     - disable/license-headless-shell.patch: Don't generate the (unused)
       LICENSE.headless_shell file, as the rule tends to break easily.
     - fixes/headless-gn.patch: No longer needed, thanks to previous patch.
     - trixie/rust-is-multiple-of.patch: add more workarounds for missing
       rustc features.
     - bookworm/constexpr.patch: Refresh (source file moved).
     - bookworm/gn-absl.patch: Refresh.
     - bookworm/gn-path-exists2.patch: Refresh.
     - bookworm/rust-unsafe-extern.patch: add workaround for older rust code
       convention generated by bookworm's version of rust-bindgen.
     - bookworm/node-esm-dirname.patch: add workaround for older node 18.
   * d/rules: Move RUSTC_BOOTSTRAP=1 environment setting into patch.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - ppc64le/third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from
       upstream sources
     - ppc64le/fixes/fix-clang-selection.patch: Refresh for upstream changes
Checksums-Sha1:
 360216d9312faaaa544557ba97ca685eb6c7bcfe 5505068 chromium-common-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 51f1e24f79503cd446b434c5b60b73467779cc00 22642580 chromium-common_143.0.7499.40-1~deb12u1_armhf.deb
 b4b9b83a522823afda6997a10511e418668a0ecb 33836604 chromium-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 da16ddaec9b2b78b310263973280abee12efcf70 6965480 chromium-driver_143.0.7499.40-1~deb12u1_armhf.deb
 2017f8d77294d5c9ea144e2b357aae16f2665835 26565244 chromium-headless-shell-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 fcb8c0495436111dc9fb82dbeac406f15e3f38bd 51633936 chromium-headless-shell_143.0.7499.40-1~deb12u1_armhf.deb
 dc43fe208f189e924d30b9ea9425b4902d952c82 18008 chromium-sandbox-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 78d7350b9aca1d2dc70cb52e15a3ed22d0080f02 108356 chromium-sandbox_143.0.7499.40-1~deb12u1_armhf.deb
 6576f210b85ebca34fae56f4758ad67478c08068 28844544 chromium-shell-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 e1e9e1bf4f065af4961866d2c8bf7dac9ae06efe 56447784 chromium-shell_143.0.7499.40-1~deb12u1_armhf.deb
 a864efbfc09edce6408dc92e30213d5c9752c7db 30207 chromium_143.0.7499.40-1~deb12u1_armhf-buildd.buildinfo
 bf8beec2e62c3dc718086eea57201ddf4fe0fc29 67500256 chromium_143.0.7499.40-1~deb12u1_armhf.deb
Checksums-Sha256:
 ed0df7451aead02687be018585670d9593d1eb658126c7de83ac37b131f45f59 5505068 chromium-common-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 18c1a489a4b17cd61b362a0a6e8ae203aea83d7f218f20b7b5b561ae85657be6 22642580 chromium-common_143.0.7499.40-1~deb12u1_armhf.deb
 d2de7e31f897a14d80c79f139641aa505395bd400d7fa3bce1b4ecb66ce26779 33836604 chromium-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 5f19ac27037adbf249dea755ffc8de0fd99974733838c40d4090577cf844da88 6965480 chromium-driver_143.0.7499.40-1~deb12u1_armhf.deb
 34842fa06dc4fb105a41362769a30f16afa1353fdbdbaf96fc55c3014eb7abd0 26565244 chromium-headless-shell-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 c01ced300ba9e7c25fd9a6f7a0e31180dc02fff326067b06e1549cbf119340cb 51633936 chromium-headless-shell_143.0.7499.40-1~deb12u1_armhf.deb
 bb26bda5d53a09e7a8c555ebafa01b1ad21ee5e0656411a739166d97b689032e 18008 chromium-sandbox-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 b4414ce5361f5019bf81aba50bfecf0637ccb1a63a258f77809d0835bd065da4 108356 chromium-sandbox_143.0.7499.40-1~deb12u1_armhf.deb
 68398ff0dc75d47562c5e6f63b32254a65f2815302090c4cf2fc515e1eaad87c 28844544 chromium-shell-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 ab73d16bd6ad148697b937b710f355c84147b128edd4f8746cedf67c98478532 56447784 chromium-shell_143.0.7499.40-1~deb12u1_armhf.deb
 ab9fc6fc32cd134b7df37c5bc014159b9e367e9f5ce9aee438d7fb67cfa84e7e 30207 chromium_143.0.7499.40-1~deb12u1_armhf-buildd.buildinfo
 750946ca9fc3416e1c7608265844fdccf0e6b6abe9bc57299f7c2806632c71c8 67500256 chromium_143.0.7499.40-1~deb12u1_armhf.deb
Files:
 d7cffd72407c600956b1b7c1cb8d919d 5505068 debug optional chromium-common-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 49f0b3f342bfe21c9b333c67b363dce0 22642580 web optional chromium-common_143.0.7499.40-1~deb12u1_armhf.deb
 0fdfeec319d30c22c57774df26ef13f7 33836604 debug optional chromium-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 903362f49de32ac90bc3f54e473e01b7 6965480 web optional chromium-driver_143.0.7499.40-1~deb12u1_armhf.deb
 b3f8c776d00470e66a4155ef0686d0df 26565244 debug optional chromium-headless-shell-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 77029a2034525a5dd25ee879059d3622 51633936 web optional chromium-headless-shell_143.0.7499.40-1~deb12u1_armhf.deb
 7b4455d3cd4e849efcd29a3c3062c0e3 18008 debug optional chromium-sandbox-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 e7d121bbc05cf04bb79cb3036f3d0682 108356 web optional chromium-sandbox_143.0.7499.40-1~deb12u1_armhf.deb
 295ff2cc21d6a3008d9b995b3fd8da05 28844544 debug optional chromium-shell-dbgsym_143.0.7499.40-1~deb12u1_armhf.deb
 652e4b505fdba1440b8ad1479310dfbd 56447784 web optional chromium-shell_143.0.7499.40-1~deb12u1_armhf.deb
 48ed8563f2f4fbd2ebc8f0a7b67684b8 30207 web optional chromium_143.0.7499.40-1~deb12u1_armhf-buildd.buildinfo
 748263d9485a9cd9654444c7b508136f 67500256 web optional chromium_143.0.7499.40-1~deb12u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEiIG3Q3DxwDgRKKeyLRECdjCZQkcFAmkxdTMACgkQLRECdjCZ
QkeaYA//QSPHHKHzxpN3Sg82SVMPNYw2+xvHgRMc7SdNszcOqBxNjRj5qC0/oUKm
rDi4jmUWevYNaXJbe9clbMEX9c2IIUWzsVLybki/EqVCwBQYDQwub52cHnQ/Blug
gxTWJfu8JxsLaltVZiwpb87hCCetktfIIoufw1VZJFYZ3KDYCetADhi5RmGoSZCJ
IYYAFCQK3fZC0rFywmXmU3o6n3YQlK2M9jNGR6OXX4K0ABoT7XT9PuLeaEzdE7Ck
5eYS2no5X3jCoAUMDXqkU0P7yBfhKadaW/GMC66Y0oQ3CHXCFn3ksADXupyEuB69
RpAuCbi8j/si6avo0ySH4Ggua9uDe9ucNOX1l7496CzEuy+17m78Gwb3UCRLlfho
ObMD9qOejkVjv8105WoJmNnz+QYjdVfhpLpX1EFaZ7p5ALiHqBktLwypjxuJKfiF
pMjbnLZJka3LBqNvGSJoG4GTtfSKJ1b/vWE53ZaEsoN0DAaqzOrAI3CFSZI4KdMb
11meWxiVNZYu+PS3FX4i+LRQNYzuD8czR/5U8uZJoQVppuEpqj9MDL4JpHJJxbfk
v6c9FUAlY7x9iyZnmySo6QTKOl9wQbJQXrjf1TrQMH/8qjYoHlD7iGsa1UwIFnuN
EOPaIAhW6iPripzcPHsq04t0cM8q+d9xUAA+BPJ5ZQYcmnxZmDY=
=sqbB
-----END PGP SIGNATURE-----