-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 24 Jun 2025 16:01:10 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: ppc64el
Version: 138.0.7204.49-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: ppc64el Build Daemon (ppc64el-conova-02) <buildd_ppc64el-ppc64el-conova-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (138.0.7204.49-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2025-6555: Use after free in Animation.
       Reported by Lyra Rebane (rebane2001).
     - CVE-2025-6556: Insufficient policy enforcement in Loader.
       Reported by Shaheen Fazim.
     - CVE-2025-6557: Insufficient data validation in DevTools.
       Reported by Ameen Basha M K.
   * d/rules:
     - drop enable_reading_list=false, as Reading List is now
       supported for all architectures.
     - disable ThinLTO due to build failure with older rust.
   * d/patches:
     - upstream/arm32-crel.patch: drop, merged upstream.
     - upstream/cross-build-target.patch: drop, merged upstream.
     - upstream/span-fwd.patch: drop, merged upstream.
     - upstream/mojo-optional.patch: drop, merged upstream.
     - upstream/opener-heur.patch: drop, merged upstream.
     - upstream/allowed-state.patch: drop, merged upstream.
     - upstream/pdfium-libpng.patch: drop, merged upstream.
     - upstream/safety-hub-set.patch: drop, merged upstream.
     - fixes/media-cstdint.patch: drop, merged upstream.
     - debianization/clang-version.patch: refresh.
     - fixes/bindgen.patch: refresh.
     - fixes/armhf-icf.patch: refresh.
     - disable/catapult.patch: refresh.
     - disable/google-api-warning.patch: refresh.
     - disable/buildtools-libc.patch: refresh.
     - bookworm/clang19.patch: drop part of patch.
     - fixes/memory-allocator-dcheck-assert-fix.patch: update for renamed
       config variable kMaxBucketed.
     - disable/node-version-ck.patch: disable nodejs version check in
       protobuf.
     - bookworm/stdarch-arm.patch: drop redundant portion of patch.
     - bookworm/rust-is-none-or.patch: drop portion of patch due to
       upstream changes.
     - bookworm/gn-hpp11.patch: add another workaround for older gn.
     - bookworm/rust-split-at-checked.patch: enable unstable rust feature
       split_at_checked.
     - bookworm/crabbyav1f-macro-scope.patch: fix (macro-created) variable
       going out of scope.
     - rust-unstable-features.patch: enable a bunch more unstable rust
       features.
     - bookworm/rust-box-to-vec.patch: work around older rustc not being
       able to implicitly handle converted a boxed slice into a vector.
 .
   [ Daniel Richard G. ]
   * d/rules: Rearrange DEB_BUILD_MAINT_OPTIONS assignments to avoid
     "argument unused" warnings on armhf due to -fstack-clash-protection.
   * d/control, d/rules: Apply cross-build feedback from Helmut Grohne.
   * d/control: Add myself to Uploaders:, with Andres's blessing of course :)
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: Refresh for
       upstream changes
     - third_party/0002-regenerate-xnn-buildgn.patch: Refresh for upstream
       changes
Checksums-Sha1:
 2f8ecec98e601800e021f464c22aff8bc7706318 5860012 chromium-common-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 6b43894e9191f77a95d71c6a9c1dfac648612a33 29264244 chromium-common_138.0.7204.49-1~deb12u1_ppc64el.deb
 03ab29f1aba6d267bf5ed70d37175d556a65ffe1 29802480 chromium-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 7f92b2b4380fb4b07a75774b188002155fc13c09 8025664 chromium-driver_138.0.7204.49-1~deb12u1_ppc64el.deb
 4e0e748e9961066e278569f5874b98b77dec1a3b 23928424 chromium-headless-shell-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 4e02834fd23999d42db29000f03bb693e8652813 53631616 chromium-headless-shell_138.0.7204.49-1~deb12u1_ppc64el.deb
 ebea15d620c63dd1fb32315118c9009c023f52d4 19364 chromium-sandbox-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 53ec3a16feb5510a7914800a68a76b4e4c84c875 105324 chromium-sandbox_138.0.7204.49-1~deb12u1_ppc64el.deb
 1a2d6610d3f3a2dece9895397aaa0ec87cbb26b3 25953760 chromium-shell-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 1f2cb6bb1f80c1c06ac913e3d0bd8097630f0d23 58338804 chromium-shell_138.0.7204.49-1~deb12u1_ppc64el.deb
 26be94cab83b42a9151cd1b0138e96c8efa08cda 30214 chromium_138.0.7204.49-1~deb12u1_ppc64el-buildd.buildinfo
 92e1ded0c70231f808b963905cc98fda21045c56 69603896 chromium_138.0.7204.49-1~deb12u1_ppc64el.deb
Checksums-Sha256:
 e53398870cb750f05ade3eef3231cf5caa0f53966c0bebcaa1fbfcaf0a850ad0 5860012 chromium-common-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 78d2b81080d6b1f021c993f2208ef4d284b8e122edfd08436b7c0b9094d10674 29264244 chromium-common_138.0.7204.49-1~deb12u1_ppc64el.deb
 bf6f5f6772ec11837039436bf915210bdad963a458d24ca89766d3e7ce7c7982 29802480 chromium-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 5f25c088669a0dd43703fc8e52be3110df733e6d8bf7e168338a578c81662aa7 8025664 chromium-driver_138.0.7204.49-1~deb12u1_ppc64el.deb
 1782fe288aaa903fc2c66f0f53c6c6b5c2923364b1f83479db271422052e1345 23928424 chromium-headless-shell-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 bcac84659efec2d8d4d7884679653344ca6d9d2ca71e0e7e9b38b0a4fa7da10c 53631616 chromium-headless-shell_138.0.7204.49-1~deb12u1_ppc64el.deb
 32cb217f4aa03e08ad0b1929a0d29cedf42d04fcc13e4488812f6ddacd9722c5 19364 chromium-sandbox-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 5f3705b925f94843f7415e8be92a58bf2507fa7da07e0aeb00337a45d6a8ba84 105324 chromium-sandbox_138.0.7204.49-1~deb12u1_ppc64el.deb
 a22de1f8ceeaf54fbb55e1159691cb5c98f24bc1fd46c3c30de4e18f68984345 25953760 chromium-shell-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 d2b5b627c071986edd27d8e3353bbfaecba090d17cea636b5107b11abb6aa268 58338804 chromium-shell_138.0.7204.49-1~deb12u1_ppc64el.deb
 53f4fc2a8dde394a65f20642e39f4339a3715a60a94b2842137760b6f1efbc37 30214 chromium_138.0.7204.49-1~deb12u1_ppc64el-buildd.buildinfo
 0556e024dfcd05dfdeecfb7b66269be5ca5697a5dcf36e8588f95f53e620d054 69603896 chromium_138.0.7204.49-1~deb12u1_ppc64el.deb
Files:
 6d9d598730735f3606222d58232edf6d 5860012 debug optional chromium-common-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 0c41c9d62023513e9c60f52013a3cdfa 29264244 web optional chromium-common_138.0.7204.49-1~deb12u1_ppc64el.deb
 0423b62cc7ed81886ef13b70e657c2fb 29802480 debug optional chromium-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 b96d7228a13aed2e10228a8fe21e2fe0 8025664 web optional chromium-driver_138.0.7204.49-1~deb12u1_ppc64el.deb
 6e4835417b1c986b30eedfc753fb22d5 23928424 debug optional chromium-headless-shell-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 0294efe440b88ecdb108a2dfa4d6079d 53631616 web optional chromium-headless-shell_138.0.7204.49-1~deb12u1_ppc64el.deb
 228ffc9ec98e14c778ddc796737370d3 19364 debug optional chromium-sandbox-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 87571abd3ef263c6ab2b59c2026b1cd6 105324 web optional chromium-sandbox_138.0.7204.49-1~deb12u1_ppc64el.deb
 3d3cf6a64b6b0bfb92784df95322bf4c 25953760 debug optional chromium-shell-dbgsym_138.0.7204.49-1~deb12u1_ppc64el.deb
 7211665dc7ff56be266b1d0c8d7c8d7a 58338804 web optional chromium-shell_138.0.7204.49-1~deb12u1_ppc64el.deb
 99525cc80560d1697d0e07ca30f373dd 30214 web optional chromium_138.0.7204.49-1~deb12u1_ppc64el-buildd.buildinfo
 1c4ca2d4afe50462016459fb7f6560f9 69603896 web optional chromium_138.0.7204.49-1~deb12u1_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZAv/jpGRqS40qyb11oy1TpxF0ZAFAmheE6IACgkQ1oy1TpxF
0ZDHqA/+OZFrEBMQUYEBe2bM6SV5bKUOhdWmPuzLrpxMkYA11EwJL9Dli/OnGzhl
l8D2eOH5YJgEbwAGOTCS/JWXZ7+qlRlqjxgugKhlvc7d+1rXvoo4Lx1SC+UMLEGa
vsWb1CX4uOGH6kxzDeFMtPJMqcFw0lOp/1GEyqzRuUDhmN8yiKV+PG1fuOsIDiz4
a64e6OSToiYldYHgb46jgp7pbAe4Phip+UY95uf+ASQu2gz/Y0xGXdk6JFRwcnNe
GlOVbl+IOUqkThvGM6cN2jP2lZjR9JTHp7szmp4A37cok5tCtbLVOK8sxdTkIJiq
opohM+4ZAJN/nmSmnoXGDMy9u3o8nKXmtx2P5SUoDzzleK2I8sL5hBFgmB8Dfr2B
oWQI/kiLJRNKlNwgFs78c0cC5XNom614VHo2iRoAREIZmmBYycpOseOuRhlqSHX8
k1zX3r8FlEP9JFXhzi8IocCS5LUoyzaAUR5ghXHeBNHLahK4ZYx4n1j/bCz9utp5
S04iO3HzXmcUHMxTBYAym/piL7Z4oISZD0eaEPRs2h6nO+2zw1z7U+1FwwB3TYPt
YOPfzh2DE3BPeHyHJww5NHEjjlXIS0an+i4BjE6YxhBrbOY2gFyHmXGhZibWdbBX
EIUaIBHT7tTcLrNiAItXRHYYoBUMSGP3Dx7eYNA9isef3J7ENyc=
=7qDe
-----END PGP SIGNATURE-----