Debian Quality Assurance

chromium (140.0.7339.80-1) [PTS] [DDPO]

NEW: VCS has unreleased changes: 140.0.7339.127-1 > 140.0.7339.80-1

• Git: https://salsa.debian.org/chromium-team/chromium.git
• JSON
  Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
  For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
  The next upload will reset the information from the source package headers.
• Branch: master
• Path: debian/changelog
• Repo size: 3588096
• Browser: https://salsa.debian.org/chromium-team/chromium
• Last scan: 2025-09-09 22:32:07+00
• Next scan: 2025-09-15 16:55:00+00
• Merge requests: 3
• Debian changelog in Git:

  chromium (140.0.7339.127-1) unstable; urgency=high
  
    [ Andres Salomon ]
    * New upstream security release.
      - CVE-2025-10200: Use after free in Serviceworker.
        Reported by Looben Yang.
      - CVE-2025-10201: Inappropriate implementation in Mojo.
        Reported by Sahan Fernando & Anon.
  
    [ Jianfeng Liu ]
    * drop not working fixes/libsync-rk3588-panthor.patch.
    * drop fixes/strlcpy.patch, which isn't needed w/ clang-19.
  
   -- Andres Salomon <dilinger@debian.org>  Tue, 09 Sep 2025 17:50:07 -0400

• This branch is 6 commits ahead of tag debian/140.0.7339.80-1
• Git log:

  commit 2cd930fea7530952de097fe7177df8ec7389f7fe
  Author: Andres Salomon <dilinger@queued.net>
  Date:   Tue Sep 9 17:52:35 2025 -0400
  
      release 140.0.7339.127-1
  
  commit 02c92ca1170123f0f3ce8eaaab53c9a4fe292396
  Author: Andres Salomon <dilinger@queued.net>
  Date:   Thu Sep 4 13:55:10 2025 -0400
  
      retroactively add CVEs to prior release changelog
      
      Upstream added the CVEs to the announcement post at least a day (maybe more)
      after they made the release announcement. 🙄
  
  commit 3ffea2a90207550ff6f98c2bd91b46f5d7402b35
  Author: Andres Salomon <dilinger@queued.net>
  Date:   Tue Sep 2 23:47:14 2025 -0400
  
      add changelog entry for Jianfeng's prior commits
  
  commit 3e45d34b891084e86110d4f9ccf063b88775b2b6
  Merge: 52d98e6 bf5199e
  Author: Andres Salomon <dilinger@queued.net>
  Date:   Tue Sep 2 23:29:59 2025 -0400
  
      Merge branch 'v140-drop-strlcpy-patch'
  
  commit bf5199e01e310312116b9fac0f7e27346139b9db
  Author: Jianfeng Liu <liujianfeng1994@gmail.com>
  Date:   Mon Sep 1 10:34:50 2025 +0800
  
      drop not working rk3588 libsync patch
      
      Signed-off-by: Jianfeng Liu <liujianfeng1994@gmail.com>
  
  commit 2a6b5be7fd145dd176259d07cc08e0e7e87a31ee
  Author: Jianfeng Liu <liujianfeng1994@gmail.com>
  Date:   Mon Sep 1 10:33:39 2025 +0800
  
      drop strlcpy patch for libsync
      
      Signed-off-by: Jianfeng Liu <liujianfeng1994@gmail.com>
      
      [Andres Salomon: instead of fully deleting, leave strlcpy.patch around but
      commented out for other distributions still supporting older clang]

Package: JSON [Main page]

---

Back to the Debian Project homepage.

---