-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 01 Oct 2025 02:24:37 -0400
Source: chromium
Architecture: source
Version: 141.0.7390.54-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
chromium (141.0.7390.54-1~deb13u1) trixie-security; urgency=high
.
* New upstream stable release.
- CVE-2025-11205: Heap buffer overflow in WebGPU.
Reported by Atte Kettunen of OUSPG.
- CVE-2025-11206: Heap buffer overflow in Video. Reported by Elias Hohl.
- CVE-2025-11207: Side-channel information leakage in Storage.
Reported by Alesandro Ortiz.
- CVE-2025-11208: Inappropriate implementation in Media.
Reported by Kevin Joensen.
- CVE-2025-11209: Inappropriate implementation in Omnibox.
Reported by Hafiizh.
- CVE-2025-11210: Side-channel information leakage in Tab.
Reported by Umar Farooq.
- CVE-2025-11211: Out of bounds read in Media. Reported by Kosir Jakob.
- CVE-2025-11212: Inappropriate implementation in Media.
Reported by Ameen Basha M K.
- CVE-2025-11213: Inappropriate implementation in Omnibox.
Reported by Hafiizh.
- CVE-2025-11215: Off by one error in V8. Reported by Google Big Sleep.
- CVE-2025-11216: Inappropriate implementation in Storage.
Reported by Farras Givari.
- CVE-2025-11219: Use after free in V8. Reported by Google Big Sleep.
* d/patches:
- fixes/rust-clanglib.patch: refresh.
- trixie/rust-no-alloc-shim.patch: refresh.
- ungoogled/disable-privacy-sandbox.patch: update from ungoogled.
- fixes/gentoo-stylesheet.patch: add patch from gentoo to fix build.
- fixes/libcpp-headers.patch: add build fix for unbundling clang.
.
[ Timothy Pearson ]
* d/patches/ppc64le:
- sandbox/0001-sandbox-Enable-seccomp_bpf-for-ppc64.patch: Refresh for
upstream changes
- fixes/fix-rustc.patch: Refresh for upstream changes
Checksums-Sha1:
2670313a31364e80ea9f46afb9c95a2e806cd6a7 4023 chromium_141.0.7390.54-1~deb13u1.dsc
0cde1117ab4610c147eb64c8f09fc1d360fe71df 1001962000 chromium_141.0.7390.54.orig.tar.xz
5b68cc8fe1ec408189d672989aeb23e5378cc1ec 414792 chromium_141.0.7390.54-1~deb13u1.debian.tar.xz
7135ea382f41c21a2d74514e0b379a3a85b8bbf2 26481 chromium_141.0.7390.54-1~deb13u1_source.buildinfo
Checksums-Sha256:
d7eec6b6b2a92443e6e42e8ebb6f88d1b427686ac5b970bb6c930ccb1f901e3a 4023 chromium_141.0.7390.54-1~deb13u1.dsc
d3d28421c264a9ec46e99e65d8d162e49bd227d2e756d4bbc0d6d9a2f9248ba5 1001962000 chromium_141.0.7390.54.orig.tar.xz
3f4f7b295fbe8dfa0bbc08dfae1af7fbd4297bcd1c234dc922950a432ac17615 414792 chromium_141.0.7390.54-1~deb13u1.debian.tar.xz
df0595bfd19ac11115159686a1512bc113b2c2e77371f263113b51121e3cd0d8 26481 chromium_141.0.7390.54-1~deb13u1_source.buildinfo
Files:
ac862c5b0df8dd9aa86eaf18ea5fcf89 4023 web optional chromium_141.0.7390.54-1~deb13u1.dsc
c65eb99c82161e31658d445aefdb28ae 1001962000 web optional chromium_141.0.7390.54.orig.tar.xz
006cde593b7b6698074505c088c3a47d 414792 web optional chromium_141.0.7390.54-1~deb13u1.debian.tar.xz
4b40b994b3ea843b08e946e86b27af59 26481 web optional chromium_141.0.7390.54-1~deb13u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmjdf+oUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8Nudje2AxAAnOPXarrqFGl5vQjHAIV4NRoLIRtP
fWrDeYAMT6IzTapQW2hQzoW/XaTa5w6WLqsYOCAwiO7S/lnkG3ZvYaM6u62SqRPh
l5N+hIt/4iybe1CafWaOSn9AXdvv40L5aIXpH+zRVA9KxQDhKu0BjTRusRagkvWd
EB0vi9ihptHhRTHF7h+l7cjHIE/uxfmIJNVONwDu5AuHWJX9np+uGNKmSa/OOZNo
Bfa0MzDj33mc/gDlz+44Sg1BuB0a8r/R3xy+rdRugewQshdD7PPaEiQz07f4omCt
QfpR5C/5WPJkq6Zzvl8tb16YVcz4+HGqHajxHSsimS8F7IYW2Hqe/P0g+VmTOUte
DSrZkWle+Xts1+Xvjk02Q4+8Eem84seyZY6qs732FqExiYwgiArZxs9alGJgIH3O
Nc0NcH34FLfigVObG3hoxuV/mzZCwfwJz/vExPT5QSH1ZLtQ8wWLlWnm9Wvu3xI6
2OSqqYnucJKZ6RJZ0vexiM4nKyj83zeynwMYWUzxAmrIh4EeBvOn1LET3iieH6cb
4dl79hSRq9djDqcOEzjmY0gMXbQN+PWf+uTK9ebyLh3Xk4KbtpwaRkObCZFPOLKh
rYsItoVa/5x9hxuOwJaX6eXOlR/l612mDILl1wpPktLXpBK0Vn+6J/Vq34Muz3bS
WKfJHqVv0r3OZT0=
=34z7
-----END PGP SIGNATURE-----
