-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 29 Oct 2025 13:44:37 -0400
Source: chromium
Binary: chromium-l10n
Architecture: all
Version: 142.0.7444.59-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) <buildd_amd64-x86-grnet-03@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium-l10n - web browser - language packs
Changes:
 chromium (142.0.7444.59-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2025-12428: Type Confusion in V8.
       Reported by Man Yue Mo of GitHub Security Lab.
     - CVE-2025-12429: Inappropriate implementation in V8.
       Reported by Aorui Zhang.
     - CVE-2025-12430: Object lifecycle issue in Media.
       Reported by round.about.
     - CVE-2025-12431: Inappropriate implementation in Extensions.
       Reported by Alesandro Ortiz.
     - CVE-2025-12432: Race in V8. Reported by Google Big Sleep.
     - CVE-2025-12433: Inappropriate implementation in V8.
       Reported by Google Big Sleep.
     - CVE-2025-12036: Inappropriate implementation in V8.
       Reported by Google Big Sleep.
     - CVE-2025-12434: Race in Storage. Reported by Lijo A.T.
     - CVE-2025-12435: Incorrect security UI in Omnibox. Reported by Hafiizh.
     - CVE-2025-12436: Policy bypass in Extensions.
       Reported by Luan Herrera (@lbherrera_).
     - CVE-2025-12437: Use after free in PageInfo. Reported by Umar Farooq.
     - CVE-2025-12438: Use after free in Ozone.
       Reported by Wei Yuan of MoyunSec VLab.
     - CVE-2025-12439: Inappropriate implementation in App-Bound Encryption.
       Reported by Ari Novick.
     - CVE-2025-12440: Inappropriate implementation in Autofill.
       Reported by Khalil Zhani.
     - CVE-2025-12441: Out of bounds read in V8. Reported by Google Big Sleep.
     - CVE-2025-12443: Out of bounds read in WebXR. Reported by Aisle Research
     - CVE-2025-12444: Incorrect security UI in Fullscreen UI.
       Reported by syrf.
     - CVE-2025-12445: Policy bypass in Extensions. Reported by Thomas Greiner
     - CVE-2025-12446: Incorrect security UI in SplitView. Reported by Hafiizh
     - CVE-2025-12447: Incorrect security UI in Omnibox.
       Reported by Khalil Zhani.
   * d/patches:
     - disable/android.patch: drop part of patch related to md5sum tool.
     - disable/catapult.patch: refresh.
     - bookworm/clang19.patch: also drop uninit-const-pointer and
       unnecessary-virtual-specifier warnings.
     - ungoogled/disable-privacy-sandbox.patch: sync from upstream.
     - i386/support-i386.patch: refresh.
     - trixie/rust-sanitize.patch: add a workaround for older rustc.
     - fixes/chromium-142-iwyu-field-form-data.patch: pull in build fix
       from gentoo.
     - trixie/rust-no-alloc-shim.patch: add another missing symbol that's
       provided by newer versions of rust.
     - bookworm/gn-path-exists2.patch: add another workaround for lack of
       path_exists() in older gn.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-third-party-hwy-wrong-include.patch: Drop due to
       upstream fixes
     - ppc64le/third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from
       upstream sources
     - core/add-ppc64-architecture-to-extensions.diff: Refresh for upstream
       changes
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-third-party-hwy-wrong-include.patch: Drop due to
       upstream fixes
     - ppc64le/third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from
       upstream sources
     - core/add-ppc64-architecture-to-extensions.diff: Refresh for upstream
       changes
Checksums-Sha1:
 5c15dfef67cbf7e679552f09ebba5692ea8f1ffb 8476656 chromium-l10n_142.0.7444.59-1~deb12u1_all.deb
 0b661224c01a6d6c89bcbecf49ee878f5e3f8297 26820 chromium_142.0.7444.59-1~deb12u1_all-buildd.buildinfo
Checksums-Sha256:
 e7d6ac8ebad80821cfffdf3b07c69b424ce5987eff5f9f5a79acf6c6a19d8703 8476656 chromium-l10n_142.0.7444.59-1~deb12u1_all.deb
 da9b13b8bc8c2572310ac3e1325f5822f4f423a5ec910071813d0df3ec967231 26820 chromium_142.0.7444.59-1~deb12u1_all-buildd.buildinfo
Files:
 520cecfc8ffd4fa1e4d8ebf8aa1eee10 8476656 localization optional chromium-l10n_142.0.7444.59-1~deb12u1_all.deb
 a4774165a2315ace6e30a798788adb21 26820 web optional chromium_142.0.7444.59-1~deb12u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEHqtYLkdKRyCY94K8fUw6/tXbAmMFAmkDWdUACgkQfUw6/tXb
AmOFZw//UhjJ9ejAtcrAAWqSJ8Bq/ZSbTRKlk2oMfdz+T4ekisfO/CR8XH4+x/Ek
BwZ4SMePcJvhT6lDfS14nkaJW0yf7O8Uw5ZRDy+2mlthOTtfVlHmLUXVHQg31jeB
oAZZNsn492SlzdebQOAcjYyBAE0WIjqpNR0c6GwcjWBMM0qOaR7ZnbU6OxGyYzEV
SMcvkUOaPjrgfrsJyqOAEOfXFnqFpxuBnnuBuxSwl9pGqQ4gEA+ZwXrt/K5auutC
Vd/RgRfA3rtMOXVmHfnJUXzRNz3ZPEgmC4kYLQ9ElakIxJYh4rVFM0p6m1aj1Ue3
k/40Od6GkdQ827WSuT2S/imew396Lxis0GCiVq5kJWhaQMvrpvRR35iBO6Yc2wKe
Pbq+9FlfRJYcob49KfPnJYf1696O2iOX9Co4sxgRe766dsU6r85S2RiGYHw9YxIw
T9soJqbKcOdhobQ1T+nSS9eNsLsycVUynH/+6aU23u7rtMdJMlMVyAjDkWhlj1o/
xlsHKTecC4SF5rl2emn2dEs6rHkqTG1iBwpmkun0hKHqGLX8530YhQIsrYxB/Qts
0ksFG96TnrLL0VvOki3Jd7O3qDO1NFO9z9/ZF6QwlgUVwajbwpH9Obzi3p27Bm9K
3qHDKclRNVx5xGzjLf/QA/qdIHtmdDD+puo48+mcmcPyMeMQuF4=
=LKYm
-----END PGP SIGNATURE-----