Accepted chromium 139.0.7258.66-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted chromium 139.0.7258.66-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 06 Aug 2025 02:04:46 +0000
Message-id: <[🔎] E1ujTWI-005zIg-34@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 05 Aug 2025 17:48:13 -0400
Source: chromium
Architecture: source
Version: 139.0.7258.66-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (139.0.7258.66-1) unstable; urgency=high
 .
   * New upstream stable release.
     - CVE-2025-8576: Use after free in Extensions. Reported by asnine.
     - CVE-2025-8577: Inappropriate implementation in Picture In Picture.
       Reported by Umar Farooq.
     - CVE-2025-8578: Use after free in Cast. Reported by Fayez.
     - CVE-2025-8579: Inappropriate implementation in Gemini Live in
       Chrome. Reported by Alesandro Ortiz.
     - CVE-2025-8580: Inappropriate implementation in Filesystems.
       Reported by Huuuuu.
     - CVE-2025-8581: Inappropriate implementation in Extensions.
       Reported by Vincent Dragnea.
     - CVE-2025-8582: Insufficient validation of untrusted input in DOM.
       Reported by Anonymous.
     - CVE-2025-8583: Inappropriate implementation in Permissions.
       Reported by Shaheen Fazim.
   * d/copyright: delete third_party/enterprise_companion, as it includes
     a binary.
   * d/control: Replace elfutils build-dep with llvm-19 for switch to
     llvm-strip.
   * d/rules:
     - drop enable_nacl=false; upstream removed NaCL.
     - set enable_enterprise_companion=false.
     - disable Gemini AI (enable_glic=false).
   * d/patches:
     - disable/catapult.patch: refresh.
     - disable/buildtools-libc.patch: refresh.
     - system/eu-strip.patch: drop, upstream switched to llvm-strip.
     - bookworm/gn-revert-path-exists.patch: refresh & drop unused part.
     - ungoogled/disable-privacy-sandbox.patch: refresh.
     - fixes/bindgen.patch: rename to bookworm/bindgen.patch, since trixie
       now has a newer bindgen.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - sandbox/0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch:
       Refresh for upstream changes
     - sandbox/0009-sandbox-updates-138.patch: Properly handle IPC and send
       syscalls
     - third_party/0001-add-xnn-ppc64el-support.patch: Refresh for upstream
       changes
     - third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from upstream
       sources
     - third_party/skia-vsx-instructions.patch: Refresh for upstream changes
     - fixes/fix-partition-alloc-compile.patch: Refresh for upstream changes
Checksums-Sha1:
 073fc515dd580d638c095053d2ab9eefd71f51cb 3988 chromium_139.0.7258.66-1.dsc
 a9d30fc0a4c991d014aaa4df199346dd67064583 970141088 chromium_139.0.7258.66.orig.tar.xz
 0b585e0ba7ebc28289612810203eb7604a2787ae 396620 chromium_139.0.7258.66-1.debian.tar.xz
 629512cc3467597d73ef76fcdd5b27aaaa6ce434 26195 chromium_139.0.7258.66-1_source.buildinfo
Checksums-Sha256:
 0cdb8e2d2e8715baea9c84ef3becebc1d04146baed5b28f7b4b13f8b2135069f 3988 chromium_139.0.7258.66-1.dsc
 b1eeb141ab939de93b7dc090497b906dc7515a2a4dc332fa2203b3510a419b7b 970141088 chromium_139.0.7258.66.orig.tar.xz
 c2449d9f55fc59fc584914555c6394f5e7b7d0401a5586c8ed8b1283e0e9d54f 396620 chromium_139.0.7258.66-1.debian.tar.xz
 093507560895d8d2a03a4d630ac845c9f808a4f54a776c5872a54ccef3271228 26195 chromium_139.0.7258.66-1_source.buildinfo
Files:
 79e5e9399e6835f8a4e01ec30822a630 3988 web optional chromium_139.0.7258.66-1.dsc
 217173c1f07c9482f1edca4e5f5846c6 970141088 web optional chromium_139.0.7258.66.orig.tar.xz
 58f7909d3503345c73fa22921d5c3985 396620 web optional chromium_139.0.7258.66-1.debian.tar.xz
 74e51491b747e65cbd813b86b78b9c6a 26195 web optional chromium_139.0.7258.66-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmiSpl8UHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjdABg/+InO9SDqFDqE9suPtqKbh5KodKPdY
ma5VVKI9e+ISEOO8h9uLARClr2NXq0sKzo4lNqE3H8WCy75H/zOmm6cDpLNy/h9g
GzuNQ2bhFsCF9cejarGL65mRbNRydQUCymX28eUUKS6qmpImdAazZgS2z4jRjRn+
US1XZEH7gorqB1hrLCeV8CLYt8YUPOhnQTaLTSwNDUlGo/rT9MKe6iIERq5tKxKR
yZyeK+K51xlNRt3kfd5Ji/2r3iMnUNuNndknY+ZRPx1gdxW/MGIZ437VaGs4kEnC
EPMMHyEetynTxoOa1Fdw+aBnRSkUZSOaft1MXZXb66QMBsR4FmSxhOGFR7J/bEzU
K3ibLMD7zKZ6QB9HDUdlDIL9SlMrr0dT3xDbwQVBgX9DJfIfOfOXzvb3yyrwVC23
PwnTWARiEP1YKMSdhYXIwD8BFMRM7fViLFQlYY9ps9EDKqSOsqy4BBgbGFepL2g9
/RRZuMK10ealrAnSza/CnZp+7YxzAJHUwR+QjwEsx6KyLhzzZrrWSlYFzhtX22to
K+W9p6fzX0fBzhdmnciQCb3kBGvmF3CNn1ciRbeaEOgnbjnTuhXYAaD2cHUv1lv6
9C6tw9cMhIoVg0w4OpRe+12TNDY7Af4o+9rRVCnhgEFDHFG5svI5yQjq2Rq2byZM
R05fnCnxgjqg5Fg=
=afkv
-----END PGP SIGNATURE-----

Attachment: pgpPhPvkrb9Ff.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted gnome-control-center 1:49~beta-1 (source) into experimental
Next by Date: Accepted h2orestart 0.7.5-1 (source) into unstable
Previous by thread: Accepted gnome-control-center 1:49~beta-1 (source) into experimental
Next by thread: Accepted h2orestart 0.7.5-1 (source) into unstable
Index(es):
- Date
- Thread