-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 27 May 2025 23:46:49 -0400 Source: chromium Architecture: source Version: 137.0.7151.55-1 Distribution: unstable Urgency: high Maintainer: Debian Chromium Team <chromium@packages.debian.org> Changed-By: Andres Salomon <dilinger@debian.org> Changes: chromium (137.0.7151.55-1) unstable; urgency=high . [ Daniel Richard G. ] * d/control: Elaborate Build-Depends: clause for a cross build. Also drop x11-apps, as it appears to be unused, as well as libmodpbase64-dev as it is built in-tree under third_party/modp_b64/. Add a Build-Conflicts: clause to avoid some snafus on Ubuntu. * d/patches: - debianization/cross-build.patch: New patch implementing the bulk of our cross-build support. - upstream/cross-build-target.patch: New upstream patch that sets --target=... explicitly on all builds. Needed for a cross build. - fixes/clang-rust-target.patch: Drop, as this patch is made redundant by the preceding one. * d/rules: Add settings and environment exports needed for a cross build. . [ Andres Salomon ] * New upstream stable release. - CVE-2025-5063: Use after free in Compositing. Reported by Anonymous. - CVE-2025-5280: Out of bounds write in V8. Reported by [pwn2car]. - CVE-2025-5064: Inappropriate implementation in Background Fetch API. Reported by Maurice Dauer . - CVE-2025-5065: Inappropriate implementation in FileSystemAccess API. Reported by NDevTK. - CVE-2025-5066: Inappropriate implementation in Messages. Reported by Mohit Raj (shadow2639) . - CVE-2025-5281: Inappropriate implementation in BFCache. Reported by Jesper van den Ende (Pelican Party Studios). - CVE-2025-5283: Use after free in libvpx. Reported by Mozilla. - CVE-2025-5067: Inappropriate implementation in Tab Strip. Reported by Khalil Zhani. * d/control: switch bindgen:any build-dep to bindgen:native. * d/rules: disable optimize_webui for now due to a rollup 3.x issue. * d/patches: - upstream/media-optional.patch: drop, merged upstream. - fixes/media-cstdint.patch: drop part of patch merged upstream. - fixes/perfetto-nullptr.patch: drop due to upstream code changes. - upstream/arm32-crel.patch: refresh. - disable/tests.patch: refresh. - system/gperf.patch: drop, merged upstream. - bookworm/gn-revert-path-exists.patch: refresh. - bookworm/gn-allowlist.patch: refresh. - ungoogled/disable-privacy-sandbox.patch: update from ungoogled. - bookworm/clang19.patch: add new unsupported arg removal (-fextend-variable-liveness). - upstream/span-fwd.patch: add build fix pulled from upstream. - upstream/mojo-optional.patch: add build fix pulled from upstream. - bookworm/constexpr3.patch: add yet another constexpr workaround. - upstream/opener-heur.patch: add build fix pulled from upstream. - upstream/allowed-state.patch: add build fix pulled from upstream. - upstream/pdfium-libpng.patch: add build fix pulled from upstream. - upstream/safety-hub-set.patch: add build fix pulled from upstream. . [ Timothy Pearson ] * d/patches/ppc64le: - sandbox/features.gni: refresh for upstream changes - third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch: regenerate from upstream sources - fixes/fix-partition-alloc-compile.patch: refresh for upstream changes - third_party/skia-vsx-instructions.patch: refresh for upstream changes Checksums-Sha1: b7719c8f19a3dcc739b1ccaecc7b2d90fa53b427 3923 chromium_137.0.7151.55-1.dsc 764e58eb7f85d5776e28e9f9fadca0a2e9148d66 943831428 chromium_137.0.7151.55.orig.tar.xz 1c7abf11524828392cfd35bc0627ee010621666c 344648 chromium_137.0.7151.55-1.debian.tar.xz efe54c972a7e06dd53cebf4ed7b3a34a84cd9d6d 26504 chromium_137.0.7151.55-1_source.buildinfo Checksums-Sha256: 6afd81314a8d4039a0fd2ece3d99292f01b2a0a82212aae4dce7a0a43d1c5665 3923 chromium_137.0.7151.55-1.dsc 1b7e9225c6ae7b44e0caf9ce4aedc1057b3b64c26f22dfc4f1f0e3dd27f68121 943831428 chromium_137.0.7151.55.orig.tar.xz 78e66ac6f48d56549753ed8dac459edbcbc78f79fb76f719a949e72426bfe5eb 344648 chromium_137.0.7151.55-1.debian.tar.xz cb98ac13d4d5838302ece3cc95fd9c129648c3eefb7b573b4e20c58f47c4577c 26504 chromium_137.0.7151.55-1_source.buildinfo Files: 34626792e5cc47b30c16949e64d79df3 3923 web optional chromium_137.0.7151.55-1.dsc 11471239cb9e568ccdbb9678b2a381cb 943831428 web optional chromium_137.0.7151.55.orig.tar.xz a266bb6091fa81b47a452a3479f003c6 344648 web optional chromium_137.0.7151.55-1.debian.tar.xz d1c93763a87876c9dfdd21be7511dc29 26504 web optional chromium_137.0.7151.55-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmg2iDQUHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8Nudjenfw//awK5LdpH+gBY0zec4qkIUrjPQyD6 dDoJGVrZKfDZzcOSXtdovDGP5hefjzmf9naQN2HlFVinCRrj5Ev69BNFriO4taLX tPbo2h3cCLivCw0CZIh+reM7wnAqXVY42SVf0XZCLZA59ZwGSqi7R5O+V9q4ANSz uv2GaG9sucyh4jf0EdVbEyHJnQqEk6Ojb6f+NdEMw/WSjIxkkMw9w9Z+dzAjUoM3 M1dA/wpJGYmOrwp5guC3FIsczZQHxLF6eelmSz19pzRKgQ5Q6NmUJ4OpwrE/c0zO Uvc4KYPStSD462atNO3PgC64IA2OLkf8/TW0vIMv0wNsLgA8UhHpFmngcm7v6iGP lpGTp1KN/h8XwAy0bWjbqlyrTPgDlZWoI/D8FPwCW1hKOHS7BaCDu6ZJweM4LLIG +6YW4Fq5k4U7R8jTW1GSW+3lRw8E/INJ5wjgtDfWmw8kbWQCEK3zrz5Sb0KOmns/ M3coadIYLzlZNEbdyZzna6XJDlhNIbDRJzdWYIhsZeQN0l+bRExtmkfiOeb+JH1o uQ3u4q/kefM0YkGqefle0dTE36C2fc5Cs2hhf2wBhfKsdpVTa1xe+WgttgWCmks/ TXQXKeEBvpPzWu8rHW9WSyMs8K+x37/YFlnALU2iNzy5+o+zFfusa4diIWZkx0Je R/ARwjuTuE9Cb0M= =J9Jz -----END PGP SIGNATURE-----
Attachment:
pgpYKZUKKN1AD.pgp
Description: PGP signature