Accepted chromium 139.0.7258.127-1~deb13u1 (source) into proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted chromium 139.0.7258.127-1~deb13u1 (source) into proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Fri, 22 Aug 2025 21:32:11 +0000
Message-id: <[🔎] E1upZMp-001BlR-0t@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 12 Aug 2025 17:12:12 -0400
Source: chromium
Architecture: source
Version: 139.0.7258.127-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (139.0.7258.127-1~deb13u1) trixie-security; urgency=high
 .
   * New upstream security release.
     - CVE-2025-8879: Heap buffer overflow in libaom. Reported by Anonymous
     - CVE-2025-8880: Race in V8. Reported by Seunghyun Lee (@0x10n).
     - CVE-2025-8901: Out of bounds write in ANGLE.
       Reported by Google Big Sleep.
     - CVE-2025-8881: Inappropriate implementation in File Picker.
       Reported by Alesandro Ortiz.
     - CVE-2025-8882: Use after free in Aura. Reported by Umar Farooq.
 .
 chromium (139.0.7258.66-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2025-8576: Use after free in Extensions. Reported by asnine.
     - CVE-2025-8577: Inappropriate implementation in Picture In Picture.
       Reported by Umar Farooq.
     - CVE-2025-8578: Use after free in Cast. Reported by Fayez.
     - CVE-2025-8579: Inappropriate implementation in Gemini Live in
       Chrome. Reported by Alesandro Ortiz.
     - CVE-2025-8580: Inappropriate implementation in Filesystems.
       Reported by Huuuuu.
     - CVE-2025-8581: Inappropriate implementation in Extensions.
       Reported by Vincent Dragnea.
     - CVE-2025-8582: Insufficient validation of untrusted input in DOM.
       Reported by Anonymous.
     - CVE-2025-8583: Inappropriate implementation in Permissions.
       Reported by Shaheen Fazim.
   * d/copyright: delete third_party/enterprise_companion, as it includes
     a binary.
   * d/control: Replace elfutils build-dep with llvm-19 for switch to
     llvm-strip.
   * d/rules:
     - drop enable_nacl=false; upstream removed NaCL.
     - set enable_enterprise_companion=false.
     - disable Gemini AI (enable_glic=false).
   * d/patches:
     - disable/catapult.patch: refresh.
     - disable/buildtools-libc.patch: refresh.
     - system/eu-strip.patch: drop, upstream switched to llvm-strip.
     - bookworm/gn-revert-path-exists.patch: refresh & drop unused part.
     - ungoogled/disable-privacy-sandbox.patch: refresh.
     - fixes/bindgen.patch: rename to bookworm/bindgen.patch, since trixie
       now has a newer bindgen.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch:
       Refresh for upstream changes
     - sandbox/0009-sandbox-updates-138.patch: Properly handle IPC and send
       syscalls
     - third_party/0001-add-xnn-ppc64el-support.patch: Refresh for upstream
       changes
     - third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from upstream
       sources
     - third_party/skia-vsx-instructions.patch: Refresh for upstream changes
     - fixes/fix-partition-alloc-compile.patch: Refresh for upstream changes
Checksums-Sha1:
 82efed7415403daa835c1d10d155758651db2b18 4027 chromium_139.0.7258.127-1~deb13u1.dsc
 5a6bb7d858ff749f78b292c601e54dd6a924a5a4 970152272 chromium_139.0.7258.127.orig.tar.xz
 1bea28815ba61b140b30fa3cb567d3fbd99b9b1d 396840 chromium_139.0.7258.127-1~deb13u1.debian.tar.xz
 a8e363c08c41ef957cef430546fe7ead5b74fb1e 26231 chromium_139.0.7258.127-1~deb13u1_source.buildinfo
Checksums-Sha256:
 362c3af4417d5bca0c67c0027058dd13e99d63b4b8b5cfeec5400c75a55a27b9 4027 chromium_139.0.7258.127-1~deb13u1.dsc
 950be055598444f29aa5c4fd2210a1751d001259a068edf972d823eb0bfad5a5 970152272 chromium_139.0.7258.127.orig.tar.xz
 a4759b78113f7e01eda1b6b36a1b7d010ec70943d1e9affd05c656a28ce8d2ed 396840 chromium_139.0.7258.127-1~deb13u1.debian.tar.xz
 a72ad5b737055f39dd1f114c110cfe7297c603736eddb2fa6aaf7467adaca65f 26231 chromium_139.0.7258.127-1~deb13u1_source.buildinfo
Files:
 d78d4388556a549184f44f8494431ddf 4027 web optional chromium_139.0.7258.127-1~deb13u1.dsc
 df4389306d542832f758b402f153ccee 970152272 web optional chromium_139.0.7258.127.orig.tar.xz
 fc8dc964f6f1ecde9569ef306f19afdf 396840 web optional chromium_139.0.7258.127-1~deb13u1.debian.tar.xz
 8b4aa570ec507c51ac45fdef47004f15 26231 web optional chromium_139.0.7258.127-1~deb13u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmib/swUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudjd96BAAjGeKUHWqkzv/ZPb1BJPXjNC7xL/P
yHDAUhYo7gB1v3ybz8ncdzCiM/l4kf5AnK5HiKUC6cUGBaRzfmCFXHHFwuGm44ji
oQ3YXWkHxJecVJRTs0ZYCuN2wNUqLAu6XNLFPlGD6ycmdXLxLVoRf3CtRPcUshun
P3Rr4f/MIEUoFi7mVMJaQ7RLxZclBWFt0y7K3su9FNfH1xHlx+EQprcn4W4c2hnM
KXwZGvch3AKqN4ejVh20i7MgFT73IyKJYRXXgvy9+/eEuR9n6RmB4+kDT/4r/sHi
JHR0vYS81p1dg/OYgZm6fYH/WfC1Oq9mLqs465ZYylw8FaGJ2X3VIy1m2rJwBOYy
oxBu/jmooy5/rrsnBk9TFqLAXk9jJNjGH3SYB8lMIoBudWWpEXpzFiDVr2nyjxV3
lepP+flb+ecpWwF+blbO4jj5r1X09fT8PThrPczBpRGTk+7vbmK9d5dPa7tIKMuP
v8MVurAogu2DjnKENnlOm3tYb7W6ewsouRU7sBU/+bExHEbVepNSF0F6X+m6bU3f
CUffgzTdJcAGAnMsGDF/WZjGZZ6LUSZSQVuC/hgUMetYtF5M95xfnQ8q9kb733Oi
Te9PejnQ6UIR1hea9IkGx3zE63Rd2iiYsUXp6HZaZWEl+IqmlS8gGAWhzOKBC3T4
KmRj10V5+jKboX4=
=iG9/
-----END PGP SIGNATURE-----

Attachment: pgpC3r6tEcyq8.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted wireless-regdb 2025.07.10-1~deb12u1 (source) into oldstable-proposed-updates
Next by Date: Accepted firefox-esr 128.14.0esr-1~deb13u1 (source) into proposed-updates
Previous by thread: Accepted wireless-regdb 2025.07.10-1~deb12u1 (source) into oldstable-proposed-updates
Next by thread: Accepted firefox-esr 128.14.0esr-1~deb13u1 (source) into proposed-updates
Index(es):
- Date
- Thread