-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 29 Oct 2025 13:44:37 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: armhf
Version: 142.0.7444.59-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-01) <buildd_arm64-arm-conova-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (142.0.7444.59-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2025-12428: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2025-12429: Inappropriate implementation in V8.
       Reported by Aorui Zhang.
     - CVE-2025-12430: Object lifecycle issue in Media.
       Reported by round.about.
     - CVE-2025-12431: Inappropriate implementation in Extensions.
       Reported by Alesandro Ortiz.
     - CVE-2025-12432: Race in V8. Reported by Google Big Sleep.
     - CVE-2025-12433: Inappropriate implementation in V8.
       Reported by Google Big Sleep.
     - CVE-2025-12036: Inappropriate implementation in V8.
       Reported by Google Big Sleep.
     - CVE-2025-12434: Race in Storage. Reported by Lijo A.T.
     - CVE-2025-12435: Incorrect security UI in Omnibox. Reported by Hafiizh.
     - CVE-2025-12436: Policy bypass in Extensions.
       Reported by Luan Herrera (@lbherrera_).
     - CVE-2025-12437: Use after free in PageInfo. Reported by Umar Farooq.
     - CVE-2025-12438: Use after free in Ozone.
       Reported by Wei Yuan of MoyunSec VLab.
     - CVE-2025-12439: Inappropriate implementation in App-Bound Encryption.
       Reported by Ari Novick.
     - CVE-2025-12440: Inappropriate implementation in Autofill.
       Reported by Khalil Zhani.
     - CVE-2025-12441: Out of bounds read in V8. Reported by Google Big Sleep.
     - CVE-2025-12443: Out of bounds read in WebXR. Reported by Aisle Research
     - CVE-2025-12444: Incorrect security UI in Fullscreen UI.
       Reported by syrf.
     - CVE-2025-12445: Policy bypass in Extensions. Reported by Thomas Greiner
     - CVE-2025-12446: Incorrect security UI in SplitView. Reported by Hafiizh
     - CVE-2025-12447: Incorrect security UI in Omnibox.
       Reported by Khalil Zhani.
   * d/patches:
     - disable/android.patch: drop part of patch related to md5sum tool.
     - disable/catapult.patch: refresh.
     - bookworm/clang19.patch: also drop uninit-const-pointer and
       unnecessary-virtual-specifier warnings.
     - ungoogled/disable-privacy-sandbox.patch: sync from upstream.
     - i386/support-i386.patch: refresh.
     - trixie/rust-sanitize.patch: add a workaround for older rustc.
     - fixes/chromium-142-iwyu-field-form-data.patch: pull in build fix
       from gentoo.
     - trixie/rust-no-alloc-shim.patch: add another missing symbol that's
       provided by newer versions of rust.
     - bookworm/gn-path-exists2.patch: add another workaround for lack of
       path_exists() in older gn.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-third-party-hwy-wrong-include.patch: Drop due to
       upstream fixes
     - ppc64le/third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from
       upstream sources
     - core/add-ppc64-architecture-to-extensions.diff: Refresh for upstream
       changes
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-third-party-hwy-wrong-include.patch: Drop due to
       upstream fixes
     - ppc64le/third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from
       upstream sources
     - core/add-ppc64-architecture-to-extensions.diff: Refresh for upstream
       changes
Checksums-Sha1:
 fa2eac69a5b99000256aa4e749c392ccaf2a0b9d 5485488 chromium-common-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 b4f6597c7afe832ff84977090e3faca3f196e570 22483748 chromium-common_142.0.7444.59-1~deb12u1_armhf.deb
 a197d19ddd8b1d2931131345b018cd44cae957eb 33529904 chromium-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 cb11c3924664d8b0c27ae1a11c41a8ceb72a2e22 6803652 chromium-driver_142.0.7444.59-1~deb12u1_armhf.deb
 f31a1536142633a39d8752d8d8c2a3370ef126aa 26325832 chromium-headless-shell-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 ac3c5ae45d29f8548a63aa23a2f225ff78deb9a3 51219824 chromium-headless-shell_142.0.7444.59-1~deb12u1_armhf.deb
 67cc57168dd7cc8c19ceedb0eef2341b0c442ef9 18036 chromium-sandbox-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 7162e99171a01690ce161bfa54d7e9923245e6f8 107432 chromium-sandbox_142.0.7444.59-1~deb12u1_armhf.deb
 05b93e2fe7d017a9b334e00b7a0f6d6132958bca 28653660 chromium-shell-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 0307ed863756ebb2f4e9c15486617f956fd0135c 56008120 chromium-shell_142.0.7444.59-1~deb12u1_armhf.deb
 18b99f49a6857129c9adf6a7ad8cf9f54b84ec98 30191 chromium_142.0.7444.59-1~deb12u1_armhf-buildd.buildinfo
 0f82a6f70794d3f77be904e06ae0bac66d60b6f3 66853252 chromium_142.0.7444.59-1~deb12u1_armhf.deb
Checksums-Sha256:
 5d8c0303ff2b765a87c4434ceadb3e9228f4b87df742c3f4d94439b3b399a9d6 5485488 chromium-common-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 04fa95296df3b413a82896a461f9a69fc66c4c467fbbada341c90c86d757a2ba 22483748 chromium-common_142.0.7444.59-1~deb12u1_armhf.deb
 98833c2e2908dc4686658544b29c16efaef7a8992bedc6b979cc189b37589eff 33529904 chromium-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 d9999470e0c574e325dc5ad312e0bb03ffb371de32a68a04d6bee2893469b1be 6803652 chromium-driver_142.0.7444.59-1~deb12u1_armhf.deb
 e8fec3919ad288ec8460c3ef8b95b79940ed34469aac9c4dfa44ce20a5bfcd31 26325832 chromium-headless-shell-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 418eecaf865a12fc027dfd053c76c587f5f5f0bd117c82df97afabcc3c3694b2 51219824 chromium-headless-shell_142.0.7444.59-1~deb12u1_armhf.deb
 0161e16350b48600297639a9befe85a2fc56756c78f9bd4528cd312af296f86d 18036 chromium-sandbox-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 4af7b049e112fff605cf1588021323ba35730f25573c5c47cfd0003c11c58657 107432 chromium-sandbox_142.0.7444.59-1~deb12u1_armhf.deb
 cdd46e24c2ddfdb0017a736c977ca9520b83efd185ff32bd68e67c3117da96f8 28653660 chromium-shell-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 cabe15f2ff08750a7efc7493062f958e193c76820852cfd1fdd284a94b1a7507 56008120 chromium-shell_142.0.7444.59-1~deb12u1_armhf.deb
 c881f625e526b777710dd0a0bbfbf3fe5cdf830d713347788ac0a71dff177d9f 30191 chromium_142.0.7444.59-1~deb12u1_armhf-buildd.buildinfo
 d7d115f74975f27658a2096980925eb752869edfb82644acd551ed2857bc08ff 66853252 chromium_142.0.7444.59-1~deb12u1_armhf.deb
Files:
 dcfc6a559d1282a45b2661ab65b5a9a5 5485488 debug optional chromium-common-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 8530c36ce068b73e4711004e3cde9377 22483748 web optional chromium-common_142.0.7444.59-1~deb12u1_armhf.deb
 6321165949f67f5b1b9489d4271a1d92 33529904 debug optional chromium-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 965f16155c8d38c2e70ec9c349f95639 6803652 web optional chromium-driver_142.0.7444.59-1~deb12u1_armhf.deb
 729873eaad6f71f4bc9ab4c140d6484c 26325832 debug optional chromium-headless-shell-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 d12555455ccf8e68d65bf7824cde924b 51219824 web optional chromium-headless-shell_142.0.7444.59-1~deb12u1_armhf.deb
 0b17c467bc1f3d3500ad5bc8900b994b 18036 debug optional chromium-sandbox-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 1848551dee202162134970ef5f29d16f 107432 web optional chromium-sandbox_142.0.7444.59-1~deb12u1_armhf.deb
 8a8e2f8eb56f72525452e10962b3bce4 28653660 debug optional chromium-shell-dbgsym_142.0.7444.59-1~deb12u1_armhf.deb
 0c776385d3a0f2a79867e4f4218e1880 56008120 web optional chromium-shell_142.0.7444.59-1~deb12u1_armhf.deb
 833809eb7a9877f13f75b124385838bf 30191 web optional chromium_142.0.7444.59-1~deb12u1_armhf-buildd.buildinfo
 61543ef4e7f162d4fd3053efb7d5a8c0 66853252 web optional chromium_142.0.7444.59-1~deb12u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEO4qAQUSIo2p/kVRf8U6eOZMpj68FAmkDjxQACgkQ8U6eOZMp
j6/Qfg//T000tDbov4HHpj67TFhjpSu9ZAvN6ciKET6X3JtJAM2b1xI4X2P9mK0D
VqfeOecfc3Y8+gSOcMrCKGKF8Ced8mgjkmWN7qfMuokf51MCj0LDAt3gz4Bc8ARH
D0Ikz/d53jIYvfy2opN6M4u2WyRXu4lGYynvYaQfJOk1ENlLT/thLHpYgyvvLYqu
SqzPyNeSqHND6hw3RJwnxVtPnRC288FyZ85nRpKgFagQw+LTiFuD4zhmDtFZXasA
luqiKC6t26gFSrvWq3xUIQxQ6rz/xDahgLhOAaCysmRuqACbFHjrQQRCff9D+TZV
1pZQcF448PHGTkM3+T+W7vAOFwfOlbK8bRJQ5BUiCiOX1Z1UNDBOsEXQadoNilH0
6/Zzo1Ua1Uar9cfUW4AI/w5iBcYcMLpR1LjNtGwAnMsZnM/whHPIzN1P22jqBQ+J
IgWTXzXSTj2Biv01xPh762Yi9+cDPzn0I1uKqjFFzfiaRv/mm7s0LdSVAUDXHF6b
/BRQUsUuB/SLswVbWVGryoDRtH7K+24m41fHGbJF3t/uxZP6mdtE9YyGkm4NjBJU
9xE2aLD7Gvv0DIP2+Gsbs3Sop5IUGJ0c/hjgvLREQgd3qQd6RfI90AY/wG7rUgaf
KVS4tnUUAEDjXnmLjjgETiIi3ZZrhFXq84vme+cqdEU3ahePByM=
=TjeG
-----END PGP SIGNATURE-----