-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 24 Jun 2025 16:01:10 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: armhf
Version: 138.0.7204.49-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-06) <buildd_arm64-arm-ubc-06@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (138.0.7204.49-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2025-6555: Use after free in Animation.
       Reported by Lyra Rebane (rebane2001).
     - CVE-2025-6556: Insufficient policy enforcement in Loader.
       Reported by Shaheen Fazim.
     - CVE-2025-6557: Insufficient data validation in DevTools.
       Reported by Ameen Basha M K.
   * d/rules:
     - drop enable_reading_list=false, as Reading List is now
       supported for all architectures.
     - disable ThinLTO due to build failure with older rust.
   * d/patches:
     - upstream/arm32-crel.patch: drop, merged upstream.
     - upstream/cross-build-target.patch: drop, merged upstream.
     - upstream/span-fwd.patch: drop, merged upstream.
     - upstream/mojo-optional.patch: drop, merged upstream.
     - upstream/opener-heur.patch: drop, merged upstream.
     - upstream/allowed-state.patch: drop, merged upstream.
     - upstream/pdfium-libpng.patch: drop, merged upstream.
     - upstream/safety-hub-set.patch: drop, merged upstream.
     - fixes/media-cstdint.patch: drop, merged upstream.
     - debianization/clang-version.patch: refresh.
     - fixes/bindgen.patch: refresh.
     - fixes/armhf-icf.patch: refresh.
     - disable/catapult.patch: refresh.
     - disable/google-api-warning.patch: refresh.
     - disable/buildtools-libc.patch: refresh.
     - bookworm/clang19.patch: drop part of patch.
     - fixes/memory-allocator-dcheck-assert-fix.patch: update for renamed
       config variable kMaxBucketed.
     - disable/node-version-ck.patch: disable nodejs version check in
       protobuf.
     - bookworm/stdarch-arm.patch: drop redundant portion of patch.
     - bookworm/rust-is-none-or.patch: drop portion of patch due to
       upstream changes.
     - bookworm/gn-hpp11.patch: add another workaround for older gn.
     - bookworm/rust-split-at-checked.patch: enable unstable rust feature
       split_at_checked.
     - bookworm/crabbyav1f-macro-scope.patch: fix (macro-created) variable
       going out of scope.
     - rust-unstable-features.patch: enable a bunch more unstable rust
       features.
     - bookworm/rust-box-to-vec.patch: work around older rustc not being
       able to implicitly handle converted a boxed slice into a vector.
 .
   [ Daniel Richard G. ]
   * d/rules: Rearrange DEB_BUILD_MAINT_OPTIONS assignments to avoid
     "argument unused" warnings on armhf due to -fstack-clash-protection.
   * d/control, d/rules: Apply cross-build feedback from Helmut Grohne.
   * d/control: Add myself to Uploaders:, with Andres's blessing of course :)
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: Refresh for
       upstream changes
     - third_party/0002-regenerate-xnn-buildgn.patch: Refresh for upstream
       changes
Checksums-Sha1:
 c8684410e3b6792353f4e51539c9d45c1fdd539f 5395020 chromium-common-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 60cedef53227ffda3c4f2a78519d163586c7e663 22045620 chromium-common_138.0.7204.49-1~deb12u1_armhf.deb
 fc9577b06068951949cd06d620dd6c54351182ca 32840856 chromium-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 dcc00377152be06e85a46bcb38d0a24a6327f6ad 7476456 chromium-driver_138.0.7204.49-1~deb12u1_armhf.deb
 8aea731a03d107545658647fcc1cc697aa6ee648 26120204 chromium-headless-shell-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 9835dde42b2805d45a0cb9611575bd574d9a338a 51601220 chromium-headless-shell_138.0.7204.49-1~deb12u1_armhf.deb
 b53b918680a5dcfd6b9d0d980cef05791b8374c8 18044 chromium-sandbox-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 ed8c423989b3a1a466beeb72e16fedd46a88120e 104796 chromium-sandbox_138.0.7204.49-1~deb12u1_armhf.deb
 01e742f06142c809c350b8bc6122f835add1570c 28304492 chromium-shell-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 6d12cb630a1ce395ee6951b744e0c7f80f32dca3 56194096 chromium-shell_138.0.7204.49-1~deb12u1_armhf.deb
 ea006681b230a654f9caaafd7ee147f2ebb25313 30178 chromium_138.0.7204.49-1~deb12u1_armhf-buildd.buildinfo
 0717102f35382690a16adcc40308d7ba27a60db1 65970040 chromium_138.0.7204.49-1~deb12u1_armhf.deb
Checksums-Sha256:
 18993bdf7be0edd1d5cc5d6c8e8b0286881fbdf5da75e670ec2972b497316280 5395020 chromium-common-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 e9773d63b18bdbf8b7cc07eac78b26e447ee89d265a04cf7cba1b1ebc33be318 22045620 chromium-common_138.0.7204.49-1~deb12u1_armhf.deb
 14a0af895fbd1e5ea0e83406099bdf9510ad14c02f5126b32dcf83b96260cc16 32840856 chromium-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 64968eb127326b69ebc4a2c61fff9adc070499b17d846123aa12daf4a9554ecc 7476456 chromium-driver_138.0.7204.49-1~deb12u1_armhf.deb
 1ccffe56ea8685cc17b88094b1db572f2d16ce1af37c3d4f58fc1d3556a6787b 26120204 chromium-headless-shell-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 32698758e443ca7fb6750805cdd10a38fd4c8b54ea3672e394672d6af234d46c 51601220 chromium-headless-shell_138.0.7204.49-1~deb12u1_armhf.deb
 38d1ca66fd7bea30c26b92163f7a9882522ba03b2f2ea54aca16b248e3f28317 18044 chromium-sandbox-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 45b5d714219e19ac94454b8637ae59cb559a10605eadcbe7bc61012ba02d5e2d 104796 chromium-sandbox_138.0.7204.49-1~deb12u1_armhf.deb
 921a374fa2e0ec00d64d8cae74ffed0dc24ce567e63c8e9f0fe4cf2fe49e6e94 28304492 chromium-shell-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 a9585b4bf4eb9077cfff6238314545df2e76a20001111f75789c35913db8268a 56194096 chromium-shell_138.0.7204.49-1~deb12u1_armhf.deb
 9417fa5e903b736e13fa9ae5f9a4bacbbbefc0cb7e74d0186a0c0f897a76ba5c 30178 chromium_138.0.7204.49-1~deb12u1_armhf-buildd.buildinfo
 ecabe43ba2fca9d9e4787b4431b0671ce02be458b1485df6488981e5659d0ab1 65970040 chromium_138.0.7204.49-1~deb12u1_armhf.deb
Files:
 b83bc35b00b690104fefea1fe8d99b51 5395020 debug optional chromium-common-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 e47ce5e4dbaf7c0fe3c78c98fd0d94f2 22045620 web optional chromium-common_138.0.7204.49-1~deb12u1_armhf.deb
 f65f365389cfc8c1e2ab17df6bff1a36 32840856 debug optional chromium-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 7940d249e8fbc97745fe6c4e7fe5f225 7476456 web optional chromium-driver_138.0.7204.49-1~deb12u1_armhf.deb
 a2dc4c7edb62c628cfc332a6f2f9dcb2 26120204 debug optional chromium-headless-shell-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 c1e33a7206a78ea84d657bdb5af120b0 51601220 web optional chromium-headless-shell_138.0.7204.49-1~deb12u1_armhf.deb
 94dc195c05b3d5575a3a918850773726 18044 debug optional chromium-sandbox-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 a41d04331209b4e3202ea121c0ec56eb 104796 web optional chromium-sandbox_138.0.7204.49-1~deb12u1_armhf.deb
 873a85490f73508a27b4193abb7da6e5 28304492 debug optional chromium-shell-dbgsym_138.0.7204.49-1~deb12u1_armhf.deb
 494ee63fdd5189d705de02c13022999d 56194096 web optional chromium-shell_138.0.7204.49-1~deb12u1_armhf.deb
 46c81405391aa853640ba5c4005b9857 30178 web optional chromium_138.0.7204.49-1~deb12u1_armhf-buildd.buildinfo
 d1c3faa162e160a3a346ad2d79fb8969 65970040 web optional chromium_138.0.7204.49-1~deb12u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEpxWVfktWxVoKRwGgJ7tNDw2WyRsFAmhhN64ACgkQJ7tNDw2W
yRunxQ/8DXRfhsKmQeIFlDyumpeFGit/Ew0aOFxgMMtoHSRRBmr2+hmoFem/dJsg
84Z8TslWxJ6UK+lp+aFdBDGL+pFdZXIduihQeOjqWIeWfyU2gOoTIbndvWjCHExr
R7kr0BKIe9AOmzpcZibdOoZEeMGiw411EvhRdvH9N678qkczp/22Ykp+D+OQuLc1
pvoAEUTXB0DfdNpgrLtLOix/7jTlwLYuCAu+9zJ3r6ppYwQu2YaIWvLMk/xe6Lkr
kZWrCebwknx17OT/Om2LAutEPcA2fBv0bxqIbS+TtgDFvmVXurTp6ued1/dSjPrc
Fjs5lh5ANJ53rp/9O4UVWafjkD9nU7eor0TRHFZIvDcXm1MbOjoVdsvnBLI2YLkl
gwB9Jzb4FBSxff3pKkznbTs/kI3zoY2k7PI1PZK7vEIYVzWhcpfg7P+yICFqB1/f
95fxDYH37odx6jDaBOja9KLLs6yl9BdpBY/SgiKdNZ2qJ+8b1uN8beNvM3MsURn2
NgbS5vddAzkI/U7pyhj28rJ6FlwiFjsB6ijcIbaOym/1OEsmfVGvaiw+q9r/34gj
aVhX0fXoZBYT0vj47/GcS7J5rR5rHOz2+FS5yFihaXjl+GcaDSf9fMOzFcQK2E2d
KwuC6bz+OWHgFgPaRVTO/7jyfy8lCU5egbhnOGEwntq/bIA16c4=
=tlb2
-----END PGP SIGNATURE-----