-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 03 Dec 2025 01:54:50 -0500
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: arm64
Version: 143.0.7499.40-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-03) <buildd_arm64-arm-ubc-03@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (143.0.7499.40-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2025-13630: Type Confusion in V8.
       Reported by Shreyas Penkar (@streypaws).
     - CVE-2025-13631: Inappropriate implementation in Google Updater.
       Reported by Jota Domingos.
     - CVE-2025-13632: Inappropriate implementation in DevTools.
       Reported by Leandro Teles.
     - CVE-2025-13633: Use after free in Digital Credentials.
       Reported by Chrome.
     - CVE-2025-13634: Inappropriate implementation in Downloads.
       Reported by Eric Lawrence of Microsoft.
     - CVE-2025-13720: Bad cast in Loader. Reported by Chrome.
     - CVE-2025-13721: Race in v8. Reported by Chrome.
     - CVE-2025-13635: Inappropriate implementation in Downloads.
       Reported by Hafiizh.
     - CVE-2025-13636: Inappropriate implementation in Split View.
       Reported by Khalil Zhani.
     - CVE-2025-13637: Inappropriate implementation in Downloads.
       Reported by Hafiizh.
     - CVE-2025-13638: Use after free in Media Stream. Reported by sherkito.
     - CVE-2025-13639: Inappropriate implementation in WebRTC.
       Reported by Philipp Hancke.
     - CVE-2025-13640: Inappropriate implementation in Passwords.
       Reported by Anonymous.
   * d/patches:
     - fixes/headless-gn.patch: refresh.
     - fixes/chromium-142-iwyu-field-form-data.patch: drop, merged upstream.
     - disable/tests.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: sync from upstream.
     - fixes/libpng-testonly.patch: add a workaround for a missing build target
       that upstream forgot to include.
     - trixie/rust-no-alloc-shim.patch: mark nightly feature 'no_mangle' as
       unsafe to make rustc happy.
     - trixie/cookie-string-view.patch: add a workaround for missing clang-19
       feature.
 .
   [ Daniel Richard G. ]
   * d/patches:
     - debianization/cross-build.patch: Avoid "Assignment had no effect"
       error from GN when running outside of d/rules.
     - debianization/rustc-bootstrap.patch: Move RUSTC_BOOTSTRAP=1 here.
     - disable/license-headless-shell.patch: Don't generate the (unused)
       LICENSE.headless_shell file, as the rule tends to break easily.
     - fixes/headless-gn.patch: No longer needed, thanks to previous patch.
     - trixie/rust-is-multiple-of.patch: add more workarounds for missing
       rustc features.
     - bookworm/constexpr.patch: Refresh (source file moved).
     - bookworm/gn-absl.patch: Refresh.
     - bookworm/gn-path-exists2.patch: Refresh.
     - bookworm/rust-unsafe-extern.patch: add workaround for older rust code
       convention generated by bookworm's version of rust-bindgen.
     - bookworm/node-esm-dirname.patch: add workaround for older node 18.
   * d/rules: Move RUSTC_BOOTSTRAP=1 environment setting into patch.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - ppc64le/third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from
       upstream sources
     - ppc64le/fixes/fix-clang-selection.patch: Refresh for upstream changes
Checksums-Sha1:
 c9e34976ea03d05615e9ccef8cba3dbecc4336a6 6226276 chromium-common-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 e1bc2bd9c29b7f9cd1288cc12face21c3e17162a 27684432 chromium-common_143.0.7499.40-1~deb12u1_arm64.deb
 04734eca4d27084e9713243375ea207c2590e929 34795448 chromium-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 b998e0c8aa2aa8c34fcf98caea2abf195768261b 6504920 chromium-driver_143.0.7499.40-1~deb12u1_arm64.deb
 799ccf73104249aa15da067afbe60ce5c685944a 28232056 chromium-headless-shell-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 41485dc0704cd25393b05c4f914aa32f920c2259 48140740 chromium-headless-shell_143.0.7499.40-1~deb12u1_arm64.deb
 792d583279062151ec44a077a9efcc35307c8ce3 20248 chromium-sandbox-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 52c9a5d54cec10682de5a8849849d3b111e54647 109460 chromium-sandbox_143.0.7499.40-1~deb12u1_arm64.deb
 fcfd85e1a450e1673c76f02e35dabd9bfefd2a87 30483732 chromium-shell-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 d91a89765a143b6f1730228d9c80a14d0d9e5630 52530092 chromium-shell_143.0.7499.40-1~deb12u1_arm64.deb
 5da7f0b83bff810b3fd344ff63abb7bb6d859525 30297 chromium_143.0.7499.40-1~deb12u1_arm64-buildd.buildinfo
 fb6aaa7b69e6d0d6ed6664f67663da5b07daa555 61717236 chromium_143.0.7499.40-1~deb12u1_arm64.deb
Checksums-Sha256:
 eb7217a858b957e13c82bbd7946bad454047b2b5845d31876522af292fe13e18 6226276 chromium-common-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 cfb5b21a961f74cf7edf4d23e341f579b816d9027de5bbac4a05f29cba991d25 27684432 chromium-common_143.0.7499.40-1~deb12u1_arm64.deb
 f2f5aa6198418d4680b223340cd9f6605666098dd789985ec482f8b7e257567e 34795448 chromium-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 a58f8213e73b5d11bf6154c44d9d7752e604c674d229ecf719a837f5181a5d3d 6504920 chromium-driver_143.0.7499.40-1~deb12u1_arm64.deb
 95d249408d7955cea7f5642c33e7e8a9ea2b7db19ef20168e3569d4767195855 28232056 chromium-headless-shell-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 ca9036e3b86ea4b830b039bcd3ca659a76b3729aa0942c0564a820a69a7a5234 48140740 chromium-headless-shell_143.0.7499.40-1~deb12u1_arm64.deb
 1efbc15ba770acd4e0be6bfbe427c921d302a5b4460eda57e469a52af827180f 20248 chromium-sandbox-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 e1abee6ec7e987de4a6ff5bc768a961164d8d7e665535dd98de59d2899c56cbe 109460 chromium-sandbox_143.0.7499.40-1~deb12u1_arm64.deb
 de341fd416fa33844e7aee057e94c5e8e1f8ba175aac128e9e2ded18670bb132 30483732 chromium-shell-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 f4b850f90657286ca82de3dc1776b9e2f357d0f78378900606f7d1ebc596af80 52530092 chromium-shell_143.0.7499.40-1~deb12u1_arm64.deb
 37a294a52c0046c0ac2ed81acc4fa9a468443337b572c4266412ae1bf0a2455d 30297 chromium_143.0.7499.40-1~deb12u1_arm64-buildd.buildinfo
 56d91f1c072e15e077b4ace41fa59b4aa95388b5cb989a849f38233057a04b18 61717236 chromium_143.0.7499.40-1~deb12u1_arm64.deb
Files:
 6fddb18b01b44862c595370a9e2a43cb 6226276 debug optional chromium-common-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 e21c0eaae578fe752825c8533a6d496b 27684432 web optional chromium-common_143.0.7499.40-1~deb12u1_arm64.deb
 a7345cfee44cb57b87b7cf49b346c6ec 34795448 debug optional chromium-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 b8275f36b9c14e56eedc5cc88b0d1372 6504920 web optional chromium-driver_143.0.7499.40-1~deb12u1_arm64.deb
 71158e8b53484816d1f7d5adf1471177 28232056 debug optional chromium-headless-shell-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 515ce2d0ee4dc2ce071716f360a79765 48140740 web optional chromium-headless-shell_143.0.7499.40-1~deb12u1_arm64.deb
 7db5d97f3de50b357712a68cbf136943 20248 debug optional chromium-sandbox-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 3952636dd25f0e07c5a81273e8cb8511 109460 web optional chromium-sandbox_143.0.7499.40-1~deb12u1_arm64.deb
 0b3883a05aea1ccf4f6b26eee001fe8d 30483732 debug optional chromium-shell-dbgsym_143.0.7499.40-1~deb12u1_arm64.deb
 73423a775e69d60e7355789248b81d6c 52530092 web optional chromium-shell_143.0.7499.40-1~deb12u1_arm64.deb
 6cbb1ed3c0a95a452441fec6b5529d8e 30297 web optional chromium_143.0.7499.40-1~deb12u1_arm64-buildd.buildinfo
 0c7816e504964d429a8eed39c7bf22d3 61717236 web optional chromium_143.0.7499.40-1~deb12u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEENsdrABvTD8MQ0UffVza3l394K2AFAmkxbzIACgkQVza3l394
K2ADhhAAy2PCXTZrzpC2dqWzFfpjT7lHRO+6XY1SP7ID9w5mrkDR8rQBjlyM4d1/
4WmOVifYIXf4XPaHZJjUdPDtTRN3cwZrtDloFteLEUxbRN1TWdoQowL9c0QW/O1W
mjl11rW1WTnNA7lGX0TDSqLutJhY8in7K978/o2r8MjvkA+USUNiQCdpmVozM54y
ILl1Nu2/Rae7F0DWmOV4dZGLsMzfPFzYgPIvy+oGhofxM4Lm4GyxIHIpLWpVT8b/
ZYbhSqWWN168R08cZNOfEiVSDXPxi/6hf76FF36xE0+2UeEDJ8YBN2J8uMznNj3l
so4GdPWdnK2s2MREVKGp+PJZyoqVsdLTJcrE5sQ1V0D2nGVcYsYxyv7tk/rG5xjv
LNq0QdIdviW+vb3+PY7PdFbDNIY777Df4PMJ4wkrMJxwelt0IGrF42N2mTH04K+h
AgtAybH9aBz60KhKsRq7jy0SiyL8cLgaVAwDqOJoFL9YZSg6IHuAUGbe8PEvkvsf
YCTbBAHnppQxb03kBnJn9c3jzKPQ9JV+TZdykK+SjjIaHm3bENMTEjo73b/0RCMl
rZU6a/nB+r0E1bLhlu7gcaoYwP7FEhfAZNhuVc1wSVgLBahGV0SEqWCKp0fgphyu
rmrWsZCqev72B+XVZVDuTFaLIWpAkCzF4cZxz8x5Un2fUa+X1E4=
=PT2Y
-----END PGP SIGNATURE-----