-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 03 Dec 2025 01:54:50 -0500
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: amd64
Version: 143.0.7499.40-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (143.0.7499.40-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2025-13630: Type Confusion in V8.
       Reported by Shreyas Penkar (@streypaws).
     - CVE-2025-13631: Inappropriate implementation in Google Updater.
       Reported by Jota Domingos.
     - CVE-2025-13632: Inappropriate implementation in DevTools.
       Reported by Leandro Teles.
     - CVE-2025-13633: Use after free in Digital Credentials.
       Reported by Chrome.
     - CVE-2025-13634: Inappropriate implementation in Downloads.
       Reported by Eric Lawrence of Microsoft.
     - CVE-2025-13720: Bad cast in Loader. Reported by Chrome.
     - CVE-2025-13721: Race in v8. Reported by Chrome.
     - CVE-2025-13635: Inappropriate implementation in Downloads.
       Reported by Hafiizh.
     - CVE-2025-13636: Inappropriate implementation in Split View.
       Reported by Khalil Zhani.
     - CVE-2025-13637: Inappropriate implementation in Downloads.
       Reported by Hafiizh.
     - CVE-2025-13638: Use after free in Media Stream. Reported by sherkito.
     - CVE-2025-13639: Inappropriate implementation in WebRTC.
       Reported by Philipp Hancke.
     - CVE-2025-13640: Inappropriate implementation in Passwords.
       Reported by Anonymous.
   * d/patches:
     - fixes/headless-gn.patch: refresh.
     - fixes/chromium-142-iwyu-field-form-data.patch: drop, merged upstream.
     - disable/tests.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: sync from upstream.
     - fixes/libpng-testonly.patch: add a workaround for a missing build target
       that upstream forgot to include.
     - trixie/rust-no-alloc-shim.patch: mark nightly feature 'no_mangle' as
       unsafe to make rustc happy.
     - trixie/cookie-string-view.patch: add a workaround for missing clang-19
       feature.
 .
   [ Daniel Richard G. ]
   * d/patches:
     - debianization/cross-build.patch: Avoid "Assignment had no effect"
       error from GN when running outside of d/rules.
     - debianization/rustc-bootstrap.patch: Move RUSTC_BOOTSTRAP=1 here.
     - disable/license-headless-shell.patch: Don't generate the (unused)
       LICENSE.headless_shell file, as the rule tends to break easily.
     - fixes/headless-gn.patch: No longer needed, thanks to previous patch.
     - trixie/rust-is-multiple-of.patch: add more workarounds for missing
       rustc features.
     - bookworm/constexpr.patch: Refresh (source file moved).
     - bookworm/gn-absl.patch: Refresh.
     - bookworm/gn-path-exists2.patch: Refresh.
     - bookworm/rust-unsafe-extern.patch: add workaround for older rust code
       convention generated by bookworm's version of rust-bindgen.
     - bookworm/node-esm-dirname.patch: add workaround for older node 18.
   * d/rules: Move RUSTC_BOOTSTRAP=1 environment setting into patch.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - ppc64le/third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from
       upstream sources
     - ppc64le/fixes/fix-clang-selection.patch: Refresh for upstream changes
Checksums-Sha1:
 ebcae88277163dc1d3de2d6877bd986cd4118ac5 5307912 chromium-common-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 516862404add8733fe9751c2acd5094d845a73f7 22700080 chromium-common_143.0.7499.40-1~deb12u1_amd64.deb
 7605d76df09bd1d531f8e31090ed05b61e57ddfe 34095672 chromium-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 1a9ac9061b15ddf9302a54de3ca399362f58ac02 7239788 chromium-driver_143.0.7499.40-1~deb12u1_amd64.deb
 d640f2531445e28e852eb54ec60e1132ae7a47fe 28236996 chromium-headless-shell-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 8d5a74b4b20be68bd2e49a91177f4502b5116641 54509624 chromium-headless-shell_143.0.7499.40-1~deb12u1_amd64.deb
 5c3489d219f225c8b459cc919a3744a68449030c 19304 chromium-sandbox-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 06b0672e9d05fa6e9d041fe96d8a2fe7b1bbb8d6 108752 chromium-sandbox_143.0.7499.40-1~deb12u1_amd64.deb
 198c72fbd630ea972d7af9d8a70afe286ca7fe34 31005760 chromium-shell-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 3313620a0231eea85f6f254403593292b0e86705 59609156 chromium-shell_143.0.7499.40-1~deb12u1_amd64.deb
 bd72360d0d600aefef2f6caf831cce289f7213e2 30332 chromium_143.0.7499.40-1~deb12u1_amd64-buildd.buildinfo
 d36591ced5d51ee2e5343e98d1e0dede5dd30e4d 70646620 chromium_143.0.7499.40-1~deb12u1_amd64.deb
Checksums-Sha256:
 7b672fb80c1e8932081f41abeaef28b67a1297138cd3350519d3b8aed7fc941e 5307912 chromium-common-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 cdd74bca04d0b725ff57d569283ccc8d07d55a67a4e617d179d554f1a1b999c5 22700080 chromium-common_143.0.7499.40-1~deb12u1_amd64.deb
 e75d391eeb30b9bbfde0a115fa876464b088f7953f802614e528da62dc00c783 34095672 chromium-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 b79066b92929ab2e731f425b15efc46370e43cd4633e0baacdcfa984494dea5e 7239788 chromium-driver_143.0.7499.40-1~deb12u1_amd64.deb
 59bf53cf4c0cd0395f448589466ed349dbae94b7d1de52d33a1f650891678ab6 28236996 chromium-headless-shell-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 1328b3faf71b1c2f7fe9cfdbcd7c24cf10e3fec744ea85c10ad4bfb012e269bf 54509624 chromium-headless-shell_143.0.7499.40-1~deb12u1_amd64.deb
 70b8b56dccd94e45e587f17740981b48b16547c18e55991f1316ac8590a7ee36 19304 chromium-sandbox-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 882a3087827fad636ee1b94d7d9819cf8fae9cbfd74398dcfdb54542f9bd3e30 108752 chromium-sandbox_143.0.7499.40-1~deb12u1_amd64.deb
 a7edd88cdaa3611267e4c819676c4ca9e0fc520a5b527ae8dbbe48820964abdc 31005760 chromium-shell-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 e736bcb8f9866a9114cb6d42b8f30689a1f6c06246921b7fa2c835d62b50e611 59609156 chromium-shell_143.0.7499.40-1~deb12u1_amd64.deb
 6c6af698baca7bc287b79f2a68a85a4b2b60ae347d8126c6891c0cbd514b9dbd 30332 chromium_143.0.7499.40-1~deb12u1_amd64-buildd.buildinfo
 98015116cfe5e67dc1948b5bf0229d094ada0b2eb5a4f0b1dd6a2fe432d81b36 70646620 chromium_143.0.7499.40-1~deb12u1_amd64.deb
Files:
 2a374b265c2687cf419202c15231d597 5307912 debug optional chromium-common-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 bd8b0c35fdacc2070570682bdc15d6c6 22700080 web optional chromium-common_143.0.7499.40-1~deb12u1_amd64.deb
 bb0c98bcca4b521a8fb1e11310799321 34095672 debug optional chromium-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 e947d5c12eefc3716c878d46524b3a9b 7239788 web optional chromium-driver_143.0.7499.40-1~deb12u1_amd64.deb
 ca2eb2bf7fd5ca0dda25c26d10fa0828 28236996 debug optional chromium-headless-shell-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 1acee0463d65211fc54bf528b1034ebb 54509624 web optional chromium-headless-shell_143.0.7499.40-1~deb12u1_amd64.deb
 b779690b102d60d8b74b9eb25c5e5bca 19304 debug optional chromium-sandbox-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 d8cf8f553bcb37b49df4b78a35c8fb27 108752 web optional chromium-sandbox_143.0.7499.40-1~deb12u1_amd64.deb
 32cff576ed226b126d46bc22ba791e19 31005760 debug optional chromium-shell-dbgsym_143.0.7499.40-1~deb12u1_amd64.deb
 d3ecc542ec34dfa3ae4cf99ee8501a74 59609156 web optional chromium-shell_143.0.7499.40-1~deb12u1_amd64.deb
 1a8bc81a8d1a626b1f25bd913a6d7717 30332 web optional chromium_143.0.7499.40-1~deb12u1_amd64-buildd.buildinfo
 27e0505628f33ff8422ed8c9df25cbb6 70646620 web optional chromium_143.0.7499.40-1~deb12u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEnw0rdzqckKx6dwRTEbCLukZn24oFAmkxc6EACgkQEbCLukZn
24opCg/9HMZ2DnQM1E7/NYPz4F3vCGGRhx36n/cJnP5Ly4apfgEx/OGG6CogN3bj
R6ws5hh8FywkKAuguM4IlzJ5xUqlNAH2H2ip37vCqbsTHtCe+m/Cn9epzWnHz0nT
rO01hNL3krx+YQQlETn545VeifTK0P3RPqTIHCeX5aqcSY5KcB+u43ipyQgyOEOA
MzYe+WtGEl/HGHlQwkq2dfbSUs1FTzq0FQLDn6TnTUOPJwRo7JUqsMq3WZ9SaYN0
kOutTSWOk5YEzjKk93sjw/kKYGYOoYKbBq4LjEjf+0Dvdk/GTQdxEbcUsQJEiklF
IZXTMCF5/8etkUOk2SAcAlH/OWnuj9o/jGI2BbvW9vMBzvlVXWsCDOAbroxA6s3P
iFfbtsF1vQZjSJ5hEAXxxDM8UyMInOQRtxBcY7fVFoF58SSVRSipYVoyeuaUgRVD
M/MHBnjlFhvo/+COpZhqn22YB23LlI65KaGrokqYdHMEYKQbiBV6vNRKBgVEC0y+
FJvNENKwhDA4MqLKu9uuKrhLCr+pkc2JFZDF+lz/wGEqg+pH+ENxR5FgpcSTuec0
rzhz9ijUte0D+pR0Z1BT/U04RchYDTl0PCvy5ofuGDLiGlJqc0pj7Hiifp97IdAG
7tr+nWvaa8Yf3f5D1GN5d3MhNcDwpkEywg+gVWD0C6E/RwnSwGc=
=vNEi
-----END PGP SIGNATURE-----