-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 03 Dec 2025 01:54:50 -0500
Source: chromium
Binary: chromium-l10n
Architecture: all
Version: 143.0.7499.40-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all Build Daemon (x86-csail-02) <buildd_all-x86-csail-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium-l10n - web browser - language packs
Changes:
 chromium (143.0.7499.40-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream stable release.
     - CVE-2025-13630: Type Confusion in V8.
       Reported by Shreyas Penkar (@streypaws).
     - CVE-2025-13631: Inappropriate implementation in Google Updater.
       Reported by Jota Domingos.
     - CVE-2025-13632: Inappropriate implementation in DevTools.
       Reported by Leandro Teles.
     - CVE-2025-13633: Use after free in Digital Credentials.
       Reported by Chrome.
     - CVE-2025-13634: Inappropriate implementation in Downloads.
       Reported by Eric Lawrence of Microsoft.
     - CVE-2025-13720: Bad cast in Loader. Reported by Chrome.
     - CVE-2025-13721: Race in v8. Reported by Chrome.
     - CVE-2025-13635: Inappropriate implementation in Downloads.
       Reported by Hafiizh.
     - CVE-2025-13636: Inappropriate implementation in Split View.
       Reported by Khalil Zhani.
     - CVE-2025-13637: Inappropriate implementation in Downloads.
       Reported by Hafiizh.
     - CVE-2025-13638: Use after free in Media Stream. Reported by sherkito.
     - CVE-2025-13639: Inappropriate implementation in WebRTC.
       Reported by Philipp Hancke.
     - CVE-2025-13640: Inappropriate implementation in Passwords.
       Reported by Anonymous.
   * d/patches:
     - fixes/headless-gn.patch: refresh.
     - fixes/chromium-142-iwyu-field-form-data.patch: drop, merged upstream.
     - disable/tests.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: sync from upstream.
     - fixes/libpng-testonly.patch: add a workaround for a missing build target
       that upstream forgot to include.
     - trixie/rust-no-alloc-shim.patch: mark nightly feature 'no_mangle' as
       unsafe to make rustc happy.
     - trixie/cookie-string-view.patch: add a workaround for missing clang-19
       feature.
 .
   [ Daniel Richard G. ]
   * d/patches:
     - debianization/cross-build.patch: Avoid "Assignment had no effect"
       error from GN when running outside of d/rules.
     - debianization/rustc-bootstrap.patch: Move RUSTC_BOOTSTRAP=1 here.
     - disable/license-headless-shell.patch: Don't generate the (unused)
       LICENSE.headless_shell file, as the rule tends to break easily.
     - fixes/headless-gn.patch: No longer needed, thanks to previous patch.
     - trixie/rust-is-multiple-of.patch: add more workarounds for missing
       rustc features.
     - bookworm/constexpr.patch: Refresh (source file moved).
     - bookworm/gn-absl.patch: Refresh.
     - bookworm/gn-path-exists2.patch: Refresh.
     - bookworm/rust-unsafe-extern.patch: add workaround for older rust code
       convention generated by bookworm's version of rust-bindgen.
     - bookworm/node-esm-dirname.patch: add workaround for older node 18.
   * d/rules: Move RUSTC_BOOTSTRAP=1 environment setting into patch.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - ppc64le/third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from
       upstream sources
     - ppc64le/fixes/fix-clang-selection.patch: Refresh for upstream changes
Checksums-Sha1:
 416131b1053f2cf7e1394b8cedcbd50790c29ae1 8522360 chromium-l10n_143.0.7499.40-1~deb12u1_all.deb
 7f2ea369c66ac5a7214ac44d6fcc3d5ffdd7c1d8 26836 chromium_143.0.7499.40-1~deb12u1_all-buildd.buildinfo
Checksums-Sha256:
 23fb76e51aac078ca228484c1aa9449bf713e063fcecfa348bcc225a38349ea9 8522360 chromium-l10n_143.0.7499.40-1~deb12u1_all.deb
 8574d4fb57e0fa32c8507d227a3ed7505d6abe51657828947fc6a0197ae4b8f2 26836 chromium_143.0.7499.40-1~deb12u1_all-buildd.buildinfo
Files:
 2e8954d9e3f36d258304c1017193dd94 8522360 localization optional chromium-l10n_143.0.7499.40-1~deb12u1_all.deb
 cd8bfd01ae3083cf0694bc1fd3fe95bf 26836 web optional chromium_143.0.7499.40-1~deb12u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEELusn8jY95Sf7obGlx30Wh8LXl/YFAmkxJQIACgkQx30Wh8LX
l/a0Jw/8Dg29ScJk1lXd9rcDyDj5TyPLA58ESGyXN8SkTjfWWriTH9CeoTUawCJ9
jfBf8BEgPH3TFaSUCLjBD6zCHmKR1xTyrIjGMGRLUGN6d88QBlycT/2FXQ1QSRu3
jOE/R95IB3OGnmx6d11hhDaO7UK/jByzKm7yl6PjUT4pCpEPaBTpSaRuzxb+VCLV
SgMhKU9VMzLbmF1Py7pKCB1qzOqFiHpVnB1AfwuHbfrb3E1tQEV5pBdlw8ZKsEFn
Y0p+ptA/6N1uTuUolHWWPLW8bnXrZcttASfiClj828c1fQMKD2QxcoYjsIA5FfCc
jiBs0MR0IjAryzC5XZOVd/AH6yB/toGcKqpEg8t8jqgU4E2MnUilIn4D9FHQMfYP
uWCWwlqUSBEXwwVjYH8OPF8VbIn7HXecUvKhjYnWzThJKS/Qxv2Im/+Sri5mLfbX
/PgfYSJC8RomVs4lKuoUFw+11wsYuaNGmDeAxUcT1eQDKwDmvCgnGOb4gDg5uHD7
a9UZZxNCoTVZYBSuiqk94cEcAiqi2gq2IcCsjAHV4D0fkfMrTcxu9UEbwkTdk7D+
GUyG0uooRpAdt29w0eUIF4sOEjVnqA1BLdmtWVGloqCBhF1/dpj6yGvaBs5kA4dK
K0O1L1N78KGBIfAxrwkVCs9aF/ppSRbRWjW+t9vf3sfSZ+0Nd2M=
=zE9t
-----END PGP SIGNATURE-----