-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 15 Apr 2025 22:12:30 -0400
Source: chromium
Architecture: source
Version: 135.0.7049.95-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Closes: 1103226
Changes:
 chromium (135.0.7049.95-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2025-3619: Heap buffer overflow in Codecs. Reported by Elias Hohl.
     - CVE-2025-3620: Use after free in USB. Reported by @retsew0x01.
 .
   [ Daniel Richard G. ]
   * d/copyright, d/patches/system/rapidjson.patch: Slightly narrow the scope
     of the bundled RapidJSON deletion, and rework this patch so that it does
     not require the deletion in order to apply. This allows applying the
     debianization directly to the unrepackaged upstream tarball source.
   * d/patches/system/gperf.patch: Import (self-authored) upstream patch to
     prevent build breakage due to changes in gperf 3.2 generated code
     (closes: #1103226).
   * d/rules: Add new check-version rule to validate the package version.
     Also squelch error messages due to absent clang and rustc executables.
   * d/rules: Download Gentoo's upstream source tarball straight from GitHub.
Checksums-Sha1:
 a5a9d4cd47e4244da534547ed15d301e8f5b3cc7 3869 chromium_135.0.7049.95-1~deb12u1.dsc
 788415e107741e45c2401198c2acc79a46713659 915632280 chromium_135.0.7049.95.orig.tar.xz
 574edb1cb6fddfa36f66a8de1c891b3940906b94 8423900 chromium_135.0.7049.95-1~deb12u1.debian.tar.xz
 8c6e1be7dde1c7461ad208c7774df17fa044d73f 26821 chromium_135.0.7049.95-1~deb12u1_source.buildinfo
Checksums-Sha256:
 52941f59b415ede301050c77f5ae4dee4d44c8483b4db5568f6c4c05a66ca1c4 3869 chromium_135.0.7049.95-1~deb12u1.dsc
 1eced33757e662834b6b37c6973d5ce06218fdac07e6fd1f18416d2fa932ccbe 915632280 chromium_135.0.7049.95.orig.tar.xz
 26994825c3c830e8814bc8e84250922b5ae6000caa34d7655753bc21108c0013 8423900 chromium_135.0.7049.95-1~deb12u1.debian.tar.xz
 7b1086ca264598f5e85888be4b51c6180df35e374c5f017fac2918e46f7b75da 26821 chromium_135.0.7049.95-1~deb12u1_source.buildinfo
Files:
 5c41f3281305047d8e787be05e7328cb 3869 web optional chromium_135.0.7049.95-1~deb12u1.dsc
 9630d56c8bc9e437091b4a7d2d3cbba5 915632280 web optional chromium_135.0.7049.95.orig.tar.xz
 ba609b96f638feeba0ac407f46d871ec 8423900 web optional chromium_135.0.7049.95-1~deb12u1.debian.tar.xz
 ccc881927b06438ecdabf8a3bfe6aaa6 26821 web optional chromium_135.0.7049.95-1~deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmf/y8QUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjddsRAAm/Kf215EuKno+9RFWPt78I7XWFgz
ktmsn7ZQtZJK1WQnBMhCrv+/wPgc6df3nh13UmjRCtLsa6exXIb7LLeM8KJhm/BH
0syE5ztzWCd0AaFcJi12tsrM0fqlXPrByw1BTKbILSYOIGmEE6hMIGevrgi9m9aD
pCuuiEpGlm7wAxEl6UeEF2YwTQbXlk4f/ekmv5QjB2/TPXF/UzVo7yWR3Yp6BJuR
g9B1tdjokcFSxFGx/G4bdtzjMlfnVP7J0Osv5afCeEgGpkhflbb/sKekTLsKOdme
+4nF+ACBuY0UyhY7xF2BqUzPR9Evag6DZwla5lAEmcpSYgkW8c0d/8z1A3XERlwU
GtjdsG3fkMgghaiFu1kbFWOD+dN1LnOkECU16OOpdb8WeJVNKb3CKBvz8TZtZZ4r
+CHO2dpfxU4JNZeuhlhJ4qrSuT3GK4a3J+Y6mX6b2ukNcVZZrCi7MePVU0LhKMxI
OTOPTkSDupKCHwHT1Q5MH4HBoek5dAiDgVflHmtgTssmMG4dYqrO3Nqtqt0y3p9Q
rn82acR7RiNr31jnelAayg2ihHSsGTCcJRzW7Wt43HeKjeFIPS458KUZ6VQEWHFe
fKrJjkV5uw0DnDeeH+Lsp2dUG2NZ/AbQjGccDPVbt0QTwysS9WAQMMsRErbFwafD
o87Q34nA2Thj7ms=
=X+NQ
-----END PGP SIGNATURE-----