-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 29 Oct 2025 13:44:37 -0400
Source: chromium
Architecture: source
Version: 142.0.7444.59-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
chromium (142.0.7444.59-1~deb12u1) bookworm-security; urgency=high
.
* New upstream stable release.
- CVE-2025-12428: Type Confusion in V8.
Reported by Man Yue Mo of GitHub Security Lab.
- CVE-2025-12429: Inappropriate implementation in V8.
Reported by Aorui Zhang.
- CVE-2025-12430: Object lifecycle issue in Media.
Reported by round.about.
- CVE-2025-12431: Inappropriate implementation in Extensions.
Reported by Alesandro Ortiz.
- CVE-2025-12432: Race in V8. Reported by Google Big Sleep.
- CVE-2025-12433: Inappropriate implementation in V8.
Reported by Google Big Sleep.
- CVE-2025-12036: Inappropriate implementation in V8.
Reported by Google Big Sleep.
- CVE-2025-12434: Race in Storage. Reported by Lijo A.T.
- CVE-2025-12435: Incorrect security UI in Omnibox. Reported by Hafiizh.
- CVE-2025-12436: Policy bypass in Extensions.
Reported by Luan Herrera (@lbherrera_).
- CVE-2025-12437: Use after free in PageInfo. Reported by Umar Farooq.
- CVE-2025-12438: Use after free in Ozone.
Reported by Wei Yuan of MoyunSec VLab.
- CVE-2025-12439: Inappropriate implementation in App-Bound Encryption.
Reported by Ari Novick.
- CVE-2025-12440: Inappropriate implementation in Autofill.
Reported by Khalil Zhani.
- CVE-2025-12441: Out of bounds read in V8. Reported by Google Big Sleep.
- CVE-2025-12443: Out of bounds read in WebXR. Reported by Aisle Research
- CVE-2025-12444: Incorrect security UI in Fullscreen UI.
Reported by syrf.
- CVE-2025-12445: Policy bypass in Extensions. Reported by Thomas Greiner
- CVE-2025-12446: Incorrect security UI in SplitView. Reported by Hafiizh
- CVE-2025-12447: Incorrect security UI in Omnibox.
Reported by Khalil Zhani.
* d/patches:
- disable/android.patch: drop part of patch related to md5sum tool.
- disable/catapult.patch: refresh.
- bookworm/clang19.patch: also drop uninit-const-pointer and
unnecessary-virtual-specifier warnings.
- ungoogled/disable-privacy-sandbox.patch: sync from upstream.
- i386/support-i386.patch: refresh.
- trixie/rust-sanitize.patch: add a workaround for older rustc.
- fixes/chromium-142-iwyu-field-form-data.patch: pull in build fix
from gentoo.
- trixie/rust-no-alloc-shim.patch: add another missing symbol that's
provided by newer versions of rust.
- bookworm/gn-path-exists2.patch: add another workaround for lack of
path_exists() in older gn.
.
[ Timothy Pearson ]
* d/patches/ppc64le:
- third_party/0001-third-party-hwy-wrong-include.patch: Drop due to
upstream fixes
- ppc64le/third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from
upstream sources
- core/add-ppc64-architecture-to-extensions.diff: Refresh for upstream
changes
.
[ Timothy Pearson ]
* d/patches/ppc64le:
- third_party/0001-third-party-hwy-wrong-include.patch: Drop due to
upstream fixes
- ppc64le/third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from
upstream sources
- core/add-ppc64-architecture-to-extensions.diff: Refresh for upstream
changes
Checksums-Sha1:
c979c2503081b15951ad24d744caab97a8cdde3d 4059 chromium_142.0.7444.59-1~deb12u1.dsc
284c56effdbdea38b4f895d2a8b17cc9078ecf68 1007003032 chromium_142.0.7444.59.orig.tar.xz
132a2abd007787720381792f17f68c075d95598d 8507028 chromium_142.0.7444.59-1~deb12u1.debian.tar.xz
ebf89d9ec037897da625baf17de35822bc5bc40d 26768 chromium_142.0.7444.59-1~deb12u1_source.buildinfo
Checksums-Sha256:
7119c62d18f5253f16f963f8d3c0ee41475188b44e4f332a55ac93bc5a70a76e 4059 chromium_142.0.7444.59-1~deb12u1.dsc
7fedcc6cf4acafeb36ca8773264b3ee06fea6f072884d320a35009fa07ef056b 1007003032 chromium_142.0.7444.59.orig.tar.xz
73a5976ee24e037a89ebe8adbe9a60aa0b2099d1b76246b7c0d9458167a843dd 8507028 chromium_142.0.7444.59-1~deb12u1.debian.tar.xz
a20d89aa4bc87f02f46ef474ec6bc713263f57e9e91d16b8bbf1f48e038457ec 26768 chromium_142.0.7444.59-1~deb12u1_source.buildinfo
Files:
3439f7c6c6b2c97d32d0166e1ab4e508 4059 web optional chromium_142.0.7444.59-1~deb12u1.dsc
4af26316f53be13d6f9f47595c145a5f 1007003032 web optional chromium_142.0.7444.59.orig.tar.xz
33a7b7028ed83fd6b425f62d66d020a8 8507028 web optional chromium_142.0.7444.59-1~deb12u1.debian.tar.xz
08e6063579b79bac8d3c11f1d0277d23 26768 web optional chromium_142.0.7444.59-1~deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmkCzlAUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjdLcA/6Ambx+eSbhfDP4vlPRnuG4u8x2Key
9j6lIpR+2mGpAtgflEYbdYvDwvsNdS2zoDlfdMTGlrBSuyS9OhpPvTWOogyTTUJQ
CX2nR5qhkfq5evKdxEUSgkKkMZ+01wMdXryT7YFuxgRtoh63NywhawhdSZcbDtxd
iOURGiFS1N6Cw/R7ZzQ0niNyW86e4GE+W2IsE+NCJ0CU6x1CjfDNRYB9n76014Xw
BhRi9fKdW6vTeuNTk6VwPitzAwO09JPS6DwGu8ZcHzbS0+TzP3FHHRNbPPvZCVBg
Rp8+CplPtu5AtoEuQ9NcZtx+aQSsYluz5/kP/HcNBMkjODSyv0pjQUmNeSf2FwXa
EhMwqJnLKyPav1U9wczubCuqK05XKxxQxH15AGeEDd4h9TohlWu/K96kjJvJ0YKL
sBulXE3Q99xY6KjEv+OPtqtw4vLwJP5l+Az5W5BMToUNFQFZZkdJ50b5VZK92X4T
Yglde6KdyytctviaITM9SlloLYRCE2HTEEDavM1kGjoWjqmSESwHISeopWhD6w/C
EgRlOlabyC02bQtfxzbisBEhB9vEi8L50g/CPQqT3FPDe6UbUc2+8XF6ENFQsFMt
XaWysVwXNCXidGMgQLNCe/rhfro7V/vOu3TOiy8ItoZi6FLJQSeN7i6ygvOIIqMM
MiVgXOJhssG2VXs=
=CdSF
-----END PGP SIGNATURE-----
Attachment:
pgpOlND3rbo1E.pgp
Description: PGP signature