-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 13 Jan 2026 22:11:21 -0500 Source: chromium Binary: chromium-l10n Architecture: all Version: 144.0.7559.59-1~deb13u1 Distribution: trixie-security Urgency: high Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Andres Salomon Description: chromium-l10n - web browser - language packs Changes: chromium (144.0.7559.59-1~deb13u1) trixie-security; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2026-0899: Out of bounds memory access in V8. Reported by @p1nky4745. - CVE-2026-0900: Inappropriate implementation in V8. Reported by Google. - CVE-2026-0901: Inappropriate implementation in Blink. Reported by Irvan Kurniawan (sourc7). - CVE-2026-0902: Inappropriate implementation in V8. Reported by 303f06e3. - CVE-2026-0903: Insufficient validation of untrusted input in Downloads. Reported by Azur. - CVE-2026-0904: Incorrect security UI in Digital Credentials. Reported by Hafiizh. - CVE-2026-0905: Insufficient policy enforcement in Network. Reported by Google. - CVE-2026-0906: Incorrect security UI. Reported by Khalil Zhani. - CVE-2026-0907: Incorrect security UI in Split View. Reported by Hafiizh. - CVE-2026-0908: Use after free in ANGLE. Reported by Glitchers BoB 14th. * d/copyright: delete a copy of clang-22 in the openscreen build directory. * d/control: add rustfmt as a build dependency. * d/rules: make DEB_BUILD_OPTIONS=terse work. * d/patches: - disable/tests.patch: refresh. - trixie/rust-sanitize.patch: refresh. - bookworm/bindgen.patch: refresh. - fixes/force-rust-nightly.patch: add workaround to force rustc_nightly_capability, as we're using an up-to-date rust. - trixie/value-or.patch: add clang-19 workarounds to help calling value_or() with ambiguous values. - fixes/autofill-binarypb.patch: add patch to fix build for us stripping out binary-only files containing city/state autofill aliases. . [ Daniel Richard G. ] * d/patches: - trixie/adler1.patch: Refresh to follow use of if-else. - trixie/libxml2-no-xxe.patch: Add workaround for older libxml2. . [ Timothy Pearson ] * d/patches: - trixie/nodejs-set-intersection.patch: avoid using node >=22 intersection * d/patches/ppc64le: - ppc64le/third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from upstream sources - fixes/fix-clang-selection.patch: Drop due to upstream changes Checksums-Sha1: 0501668b2661cc4e77e2678c61bb6451ff0aaee6 8564288 chromium-l10n_144.0.7559.59-1~deb13u1_all.deb 47f16e1a369ce4915d53e957083a39f5aba1a62f 26799 chromium_144.0.7559.59-1~deb13u1_all-buildd.buildinfo Checksums-Sha256: ee53a5c11b4e995ba5f09b178e2c6fe2e283572aeb7e8a8a8634757ba965ef1f 8564288 chromium-l10n_144.0.7559.59-1~deb13u1_all.deb 0b43cf3296970e0287613c57b413fa48c8d92027e0cd1248d93c65abec6a1095 26799 chromium_144.0.7559.59-1~deb13u1_all-buildd.buildinfo Files: d044906dfcdc9f62a951ef569301be86 8564288 localization optional chromium-l10n_144.0.7559.59-1~deb13u1_all.deb 5b7a5b8dce4483d347b97be2be53e9e0 26799 web optional chromium_144.0.7559.59-1~deb13u1_all-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEj4Fym5GgeZdPqKhrJm69HxMTN+oFAmlnp5AACgkQJm69HxMT N+rNQQ/9EzL21uDtrIaPmHYYbr6PWNqs0yWi57B7d01G0al9w3gmJtkLfmsjGoIz Oej2t/zXGHqTu8c3WL98AaJ87mCsqfe8sMJuj0d0WyxCkwIC9BqkLC8sa4lqH/U2 HqfCrxfcjI0dZwaVASaaT2j4hM7Z19N8n22+p9Ie1ES0AhV/IrG1L/SFkJNWSG84 HnmJ6r3Me9mOmmJncyPQEab3M8HZI+OwUcL2A1z3vb2owpvrxUwR8MQG0gDyJUmm 9qq5uDxHeqJZQ6YksTWsBoiJRI9O/vsmm/CjAO2LTGS/go1LM3ZKi29CyyaMAg6r WfxR5u4d8om7cI4lRNy1umlzTw1jO6sUKjsGXIlpa7WdvLLy2bhRfdsgnumkSs57 cBIon4jqZS1ZLiSkkhLp2XYPX/6HSu6qY3kVBfyNjjLjHQpPWwyN6x0t9yD7FRNO mnA7tx4lMNIDk7BAtO9qS0Kfm4UIZVa2JM+TW2S9B1TwHlUW4X7bkMdkrFyhkGZC zjosmfm2gm0HskKIawTZOACSk5ky5ggj1Lrvl+SiKd846C9UcJwpMpzweLCytIad bM6gb1ZaWGIjzxpuaLK+cJoQ2joSfTh/9hGpUyb1/D1iA6cvbSle30asLJeWVZno Bh2/Bxa5921Kw2HKiiYlmcrhvf0nprLqFzJpstQjwwLKQiROHr8= =DIZf -----END PGP SIGNATURE-----