-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 01 May 2025 12:18:24 -0400
Source: chromium
Architecture: source
Version: 136.0.7103.59-2~deb12u2
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (136.0.7103.59-2~deb12u2) bookworm-security; urgency=high
 .
   * Temporarily disable CVE verification check in order to fix build;
     will be restored on next upload.
 .
 chromium (136.0.7103.59-2~deb12u1) bookworm-security; urgency=high
 .
   * Delete third_party/jetstream due to non-free ("do no evil") license.
 .
 chromium (136.0.7103.59-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2025-4096: Heap buffer overflow in HTML. Reported by Anonymous.
     - CVE-2025-4050: Out of bounds memory access in DevTools.
       Reported by Anonymous.
     - CVE-2025-4051: Insufficient data validation in DevTools.
       Reported by Daniel Fröjdendahl.
     - CVE-2025-4052: Inappropriate implementation in DevTools.
       Reported by vanillawebdev.
   * d/rules: disable warning-suppression-mappings; llvm too old.
   * d/control: drop libevent-dev build-dep, no longer used.
   * d/scripts/unbundle:
     - libavif no longer used, no need to specify bundling.
     - bundle simdutf, which isn't packaged for debian.
   * d/patches:
     - fixes/pipewire14.patch: drop, merged upstream.
     - disable/catapult.patch: refresh.
     - disable/buildtools-libc.patch: rework patch to be easier to maintain.
     - bookworm/gn-revert-path-exists.patch: update for a bunch of new
       path_exists() users.
     - disable/node-version-ck.patch: add patch to disable upstream's strict
       nodejs version check.
     - fixes/media-cstdint.patch: add missing header include.
     - upstream/media-optional.patch: add missing header include.
     - fixes/perfetto-nullptr.patch: add nullptr_t std qualification.
     - bookworm/gn-absl.patch: refresh.
     - bookworm/crabbyav1f.patch: update for changed rustflags location.
     - bookworm/node18-import.patch: add patch to work around bookworm's
       node 18 import rules.
     - bookworm/rust-is-none-or.patch: add patch to work around missing
       is_none_or() function in bookworm's rust 1.78.
     - bookworm/fmodf.patch: add gcc-12 specific build fix.
     - bookworm/dav1d-extern.patch: add linker fix for older libdav1d.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-third_party-lss-Don-t-look-for-mmap2-on-ppc64.patch:
       drop due to upstream fixes
     - third_party/0002-third_party-lss-kernel-structs.patch: refresh for
       upstream changes
     - breakpad/0001-Implement-support-for-ppc64-on-Linux.patch: refresh for
       upstream changes
     - core/cargo-add-ppc64.diff: drop due to upstream fixes
Checksums-Sha1:
 16be2857cdd32c20f4eb1dcf524ac7b579372a78 3855 chromium_136.0.7103.59-2~deb12u2.dsc
 ba675872dbbd206064f739a22a6cf7e44bc039ee 937911104 chromium_136.0.7103.59.orig.tar.xz
 b5004b48d6822397aa29706b2dd5b1ee20c934bf 8424520 chromium_136.0.7103.59-2~deb12u2.debian.tar.xz
 a4f64b8269992c1330ffd9c2b556a7702f506d26 26573 chromium_136.0.7103.59-2~deb12u2_source.buildinfo
Checksums-Sha256:
 4eee7faa70d87300d23dd272b160ec5dd569b88d1aa55f2213f5137800c7cf0b 3855 chromium_136.0.7103.59-2~deb12u2.dsc
 2061f9a965393eb443727c98f67616775dc3bc774ad4d71f91986df1ad33e16c 937911104 chromium_136.0.7103.59.orig.tar.xz
 3badd372a5c55e93231d93f45725e83ed1ea1ff5cb6e236824174b1fbc73c709 8424520 chromium_136.0.7103.59-2~deb12u2.debian.tar.xz
 d7fbf32cd7ac55eabcedbf7d92d6993407640fa52382ba95b06f9c2116b421d9 26573 chromium_136.0.7103.59-2~deb12u2_source.buildinfo
Files:
 b46aa979eadb0ab15571ba1647d20d00 3855 web optional chromium_136.0.7103.59-2~deb12u2.dsc
 44f0fcb5941ee89b763daf76e899f672 937911104 web optional chromium_136.0.7103.59.orig.tar.xz
 b324c325faddd1c829d4b3cc5a02d5e2 8424520 web optional chromium_136.0.7103.59-2~deb12u2.debian.tar.xz
 f91aaec94d809e4a03e828f854b9334d 26573 web optional chromium_136.0.7103.59-2~deb12u2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmgToQ8UHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjdMQRAApdL78IgbLX3+2EPgseUeha6OiUZM
HUvHwQ/tVIOE5aPiwl9jUINGPq59YELsH3xzAT5WK75HHP+TRs9ni+nuQblbAW3p
cH6aDvuU5z8OHkwM7i0JV1bhitn+6WOfMtrTm8GrTSU99C6R7ols6knh4VVUEaRo
OPlBsNPDNyPSdqWtoSCISyjgYk7ja2urdySHrQ9cjm17HuXBVA5Y211GWM9E5hP3
h7fSiATrKCCpKR/2pefQ52ERHjvsysF3ptq73t6dtEQjyHCgG89znUBPYRgg65QO
WC5x8WjNrrrHpK5+IiIUNfb5Z0EAo/dteTR4s0eKbugK2hW3NGb1aXNmd8QzPUk8
eHwNG6sBopFokwf697A8N9rWdm3ohqsGoufqMyoICDlMlpTyUXnznJJRapDhbd3V
Vc5pomQrwtfc2zcYTVm3hj0/Npu3ppizvNjeLHT5+YisZ+yp8mzZ1cw6yjkDeuqz
MboZAZgirUd3Q2x18U3wDBw5XxU/pj5ylxPFD/110020XePXMEXeYDe3E8JXX28b
7BUAqjB275hlqMMNIuozfrlqFUgVAXs2MxbJEl6oxyhNll0z3Uyb2cxsc/sh4Lth
1aGnrCltX6B+vdf1Sc2VIbPbFSJxHHYErvOuEUlUY9XGM+vWc6dgw+BnXVSwnzj1
ggU2vg986JsCm34=
=gjRx
-----END PGP SIGNATURE-----