-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 15 Apr 2025 22:12:30 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: arm64
Version: 135.0.7049.95-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-02) <buildd_arm64-arm-conova-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Closes: 1103226
Changes:
 chromium (135.0.7049.95-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2025-3619: Heap buffer overflow in Codecs. Reported by Elias Hohl.
     - CVE-2025-3620: Use after free in USB. Reported by @retsew0x01.
 .
   [ Daniel Richard G. ]
   * d/copyright, d/patches/system/rapidjson.patch: Slightly narrow the scope
     of the bundled RapidJSON deletion, and rework this patch so that it does
     not require the deletion in order to apply. This allows applying the
     debianization directly to the unrepackaged upstream tarball source.
   * d/patches/system/gperf.patch: Import (self-authored) upstream patch to
     prevent build breakage due to changes in gperf 3.2 generated code
     (closes: #1103226).
   * d/rules: Add new check-version rule to validate the package version.
     Also squelch error messages due to absent clang and rustc executables.
   * d/rules: Download Gentoo's upstream source tarball straight from GitHub.
Checksums-Sha1:
 7a2a80e114c61da35c39e09844f3afc8a9ecc9ad 5608236 chromium-common-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 6909d89348d887441e3762dc881322f7bff62c10 25441472 chromium-common_135.0.7049.95-1~deb12u1_arm64.deb
 7224119fbe904a16c308eaea2f210d2b7e447dd8 31082248 chromium-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 3ee027183ea8aa8cf0204013f315148b6563ec7b 6797192 chromium-driver_135.0.7049.95-1~deb12u1_arm64.deb
 7afcbe8ee2c00b7c2ab8e2d13f6982cb1b138b39 26228484 chromium-headless-shell-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 ce33e569f023aee9a7b1d0ae0135513ea02136e1 50776624 chromium-headless-shell_135.0.7049.95-1~deb12u1_arm64.deb
 6a8ec0a2ede20707af538985e8d0d68efb481b7b 14360 chromium-sandbox-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 b19394004a6572075ada5108b34b17e06e856740 102120 chromium-sandbox_135.0.7049.95-1~deb12u1_arm64.deb
 188c2e76f32baf264155449e83ff380091c137cb 25933888 chromium-shell-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 a2618037586f1a14d6cdef9e5a753f88c2d393c7 47743300 chromium-shell_135.0.7049.95-1~deb12u1_arm64.deb
 0b4453c56a53f99fa8672d4ed1a1c781d7c37192 30302 chromium_135.0.7049.95-1~deb12u1_arm64-buildd.buildinfo
 4a2123ae4c4f1dcf76466f29bd4300802e20df05 67778924 chromium_135.0.7049.95-1~deb12u1_arm64.deb
Checksums-Sha256:
 bf9141c66b4d98cceaecb873ddb1e3e349c141aa69c80d9c6f44d33d770c013a 5608236 chromium-common-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 e88580e645b3688e3892e0d3bda576017ce303807f7c70b1e4e9171047a95ecc 25441472 chromium-common_135.0.7049.95-1~deb12u1_arm64.deb
 d1a7f173635ce4e3f2c6e242c70263e56fac1ec5f87baee5e756f4e1a4c1601d 31082248 chromium-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 cf46c2785c76f49851dd63e8be9fb5bcf99254ace6c028bfab1bf679f26aa0f8 6797192 chromium-driver_135.0.7049.95-1~deb12u1_arm64.deb
 d7278328f06f95498bb2401a45cbc64d094368ed221b22d9a5a5fa80bd446f60 26228484 chromium-headless-shell-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 2e006038d3ccbff5f1460191a1d9232dd92715622a6abf0624efe8a05cc29126 50776624 chromium-headless-shell_135.0.7049.95-1~deb12u1_arm64.deb
 ac18d09f1254205b29e888a680decf6ff48b17e632585cfe3a5de4dbd4ec0e33 14360 chromium-sandbox-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 af4bb606bb3d8cd174511dc82b9b5a074f2279764a56352ffec5d48ae0309ed0 102120 chromium-sandbox_135.0.7049.95-1~deb12u1_arm64.deb
 acb4f1719fea83bc3086aa7a4c3a3b04f18e32a7c9c7fc55867b2fb048702fc1 25933888 chromium-shell-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 a45f382847a8da7c0f516e69d1823aee64db6c4a95ebada391e9d95fe59d6ded 47743300 chromium-shell_135.0.7049.95-1~deb12u1_arm64.deb
 b9dc1af234054b349670ae1858cf7e0b28fcc0789018983f53210c08de3d59ef 30302 chromium_135.0.7049.95-1~deb12u1_arm64-buildd.buildinfo
 d053011bdecb701c17a5c2f989ecdd206a29a369aa38e03a2dedb0e3dd9f0216 67778924 chromium_135.0.7049.95-1~deb12u1_arm64.deb
Files:
 efaed3478fc5ff7e45a53e45679a7840 5608236 debug optional chromium-common-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 c247b6821ea933fb13134d2295e83c22 25441472 web optional chromium-common_135.0.7049.95-1~deb12u1_arm64.deb
 a94ede9d3923311eb2157fff370971a2 31082248 debug optional chromium-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 b9aef79ec53f00a7bb10d762b3ec7648 6797192 web optional chromium-driver_135.0.7049.95-1~deb12u1_arm64.deb
 79a26848e6f5b5d562ebc8cfaff9a128 26228484 debug optional chromium-headless-shell-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 70383cb62699195382a7c21baaa05308 50776624 web optional chromium-headless-shell_135.0.7049.95-1~deb12u1_arm64.deb
 e3ff0faa0fdabc151e385d615e228b9d 14360 debug optional chromium-sandbox-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 db7625308aa0cb519c5c34b0e9cd6614 102120 web optional chromium-sandbox_135.0.7049.95-1~deb12u1_arm64.deb
 d59dc6e1e1aba307dd9c804a57a9999a 25933888 debug optional chromium-shell-dbgsym_135.0.7049.95-1~deb12u1_arm64.deb
 5551529299b3b847eb1f3e71b4cbe70f 47743300 web optional chromium-shell_135.0.7049.95-1~deb12u1_arm64.deb
 d9ebd9ce40f26239566381c2f047cc0a 30302 web optional chromium_135.0.7049.95-1~deb12u1_arm64-buildd.buildinfo
 ea4a9e2c0041ac0dc6f6bb4403b019f9 67778924 web optional chromium_135.0.7049.95-1~deb12u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEKAzExpjGvTI78ZO8LARVyvnD3xkFAmgAheEACgkQLARVyvnD
3xnK1Q/+MAqq5ha2MpHnLck3BJEpo+kPNU2n6a2j6pHCfBcBYb7kfaXYTHLpntVb
GpVQPFjxsHhm2ICpxqLbLG7jeRjlWzBbYymDBRcm3MABMOTkJJ4hUI6ctGgIx8Zy
HBH36wvp4f3xpjVAr39SumQYZHNOFPOfcZNtKohrU+Hqa6JutUzFV/1bSRQOIvC5
PrHgEMWgMosZ7BptpHnyLUCYXRhcaSAmJiY2UunT2NqO/fHRPKsSfuxxlLXc6THl
VzpdE7+kwhrSRVOaZr9xdUhhqSyPmd8AePvNXQIBFNrMikZFSj3/trDVEwr+rPVC
hIFH7cQGCBQuE/gSv+Cl4abxoGBMNBprrmIOdpzfQw7rUd57Xd/bVxemm8Bkpmh8
TJC0KeqCEbnLqzZE1ZGgF7KeB7pTnZ55FStsPtSoAsfiPqzwbRpaZW2gVTRf2Vwy
IBnUzPSrY40wiyTAitmM1AjtUuYP+zMrM1QSpxQQDzfY8deI6Q+5GGl16zO1hvVH
q72D3gUaNxILLnZDX3KYVMTFN3cSwyhWEZWACjfEO6fTY9YUGQfemEH2tk+0MKmx
nP67fLiRdJbZk0bjiNg61A6dA/4vPknto7ZOp8NepL9RFVu1Hih0t4GMJ49it4we
87ZSORyQe85u2imQAONPvn2+rg247COsLeqeTSdCgiQbxLTEvbk=
=Fxi7
-----END PGP SIGNATURE-----