-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 14 May 2026 16:39:29 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: armhf Version: 148.0.7778.167-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: armhf Build Daemon (arm-ubc-06) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-headless-shell - web browser - old headless shell chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (148.0.7778.167-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream security release. - CVE-2026-8509: Heap buffer overflow in WebML. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-8510: Integer overflow in Skia. Reported by q@calif.io. - CVE-2026-8511: Use after free in UI. Reported by Google. - CVE-2026-8512: Use after free in FileSystem. Reported by Google. - CVE-2026-8513: Use after free in Input. Reported by Google. - CVE-2026-8514: Use after free in Aura. Reported by Google. - CVE-2026-8515: Use after free in HID. Reported by Google. - CVE-2026-8516: Insufficient validation of untrusted input in DataTransfer. Reported by Google. - CVE-2026-8517: Object lifecycle issue in WebShare. Reported by Google. - CVE-2026-8518: Use after free in Blink. Reported by Google. - CVE-2026-8519: Integer overflow in ANGLE. Reported by Google. - CVE-2026-8520: Race in Payments. Reported by Google. - CVE-2026-8521: Use after free in Tab Groups. Reported by Google. - CVE-2026-8522: Use after free in Downloads. Reported by Google. - CVE-2026-8523: Use after free in Mojo. Reported by Paul Seekamp / nullenc0de. - CVE-2026-8558: Out of bounds write in Fonts. Reported by Matej Smycka. - CVE-2026-8524: Out of bounds write in WebAudio. Reported by Brendan Dolan-Gavitt, XBOW. - CVE-2026-8525: Heap buffer overflow in ANGLE. Reported by Nathaniel Oh (@calysteon). - CVE-2026-8526: Out of bounds write in WebRTC. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-8527: Insufficient validation of untrusted input in Downloads. Reported by rachmat.abdul.ro. - CVE-2026-8528: Insufficient validation of untrusted input in SiteIsolation. Reported by Google. - CVE-2026-8529: Heap buffer overflow in Codecs. Reported by Google. - CVE-2026-8530: Use after free in Network. Reported by Google. - CVE-2026-8531: Heap buffer overflow in WebML. Reported by Syn4pse. - CVE-2026-8532: Integer overflow in XML. Reported by Google. - CVE-2026-8533: Use after free in Accessibility. Reported by Google. - CVE-2026-8534: Integer overflow in GPU. Reported by Google. - CVE-2026-8535: Out of bounds read in Media. Reported by Google. - CVE-2026-8536: Insufficient validation of untrusted input in ReadingMode. Reported by Google. - CVE-2026-8537: Insufficient policy enforcement in ViewTransitions. Reported by Google. - CVE-2026-8538: Insufficient validation of untrusted input in GPU. Reported by Google. - CVE-2026-8539: Script injection in SanitizerAPI. Reported by Jungwoo Lee (@physicube) and Wongi Lee (@_qwerty_po). - CVE-2026-8540: Type Confusion in V8. Reported by Google. - CVE-2026-8541: Out of bounds read in UI. Reported by Google. - CVE-2026-8542: Use after free in Core. Reported by Google. - CVE-2026-8543: Out of bounds read in FileSystem. Reported by Google. - CVE-2026-8544: Use after free in Media. Reported by Google. - CVE-2026-8545: Object corruption in Compositing. Reported by Google. - CVE-2026-8546: Out of bounds read in GPU. Reported by Google. - CVE-2026-8547: Insufficient policy enforcement in Passwords. Reported by Google. - CVE-2026-8548: Out of bounds write in Media. Reported by Google. - CVE-2026-8549: Use after free in Media. Reported by Google. - CVE-2026-8550: Use after free in Google Lens. Reported by Google. - CVE-2026-8551: Use after free in Downloads. Reported by Google. - CVE-2026-8552: Heap buffer overflow in GPU. Reported by Google. - CVE-2026-8553: Use after free in GPU. Reported by Google. - CVE-2026-8554: Type Confusion in ANGLE. Reported by Google. - CVE-2026-8555: Use after free in GTK. Reported by Google. - CVE-2026-8556: Inappropriate implementation in ANGLE. Reported by Google - CVE-2026-8557: Use after free in Accessibility. Reported by Google. - CVE-2026-8559: Integer overflow in Internationalization. Reported by Google. - CVE-2026-8560: Heap buffer overflow in SwiftShader. Reported by Cassidy Kim(@cassidy6564). - CVE-2026-8561: Incorrect security UI in Fullscreen. Reported by Wolfgang Ettlinger (aff. Certitude Consulting GmbH) Alexander Hurbean (aff. Certitude Consulting GmbH). - CVE-2026-8562: Side-channel information leakage in Navigation. Reported by Google. - CVE-2026-8563: Insufficient policy enforcement in IFrame Sandbox. Reported by Luan Herrera (@lbherrera_). - CVE-2026-8564: Incorrect security UI in Downloads. Reported by Alesandro Ortiz https://AlesandroOrtiz.com. - CVE-2026-8565: Inappropriate implementation in Downloads. Reported by Farras Givari. - CVE-2026-8566: Insufficient policy enforcement in Payments. Reported by Jorian Woltjer. - CVE-2026-8567: Integer overflow in ANGLE. Reported by cinzinga. - CVE-2026-8568: Insufficient policy enforcement in AI. Reported by Tianyi Hu. - CVE-2026-8569: Out of bounds write in Codecs. Reported by Google. - CVE-2026-8570: Type Confusion in V8. Reported by Google. - CVE-2026-8571: Insufficient policy enforcement in GPU. Reported by Mark Blaszczyk. - CVE-2026-8572: Insufficient policy enforcement in Network. Reported by Google. - CVE-2026-8573: Integer overflow in Codecs. Reported by Google. - CVE-2026-8574: Use after free in Core. Reported by Google. - CVE-2026-8575: Use after free in UI. Reported by Google. - CVE-2026-8576: Inappropriate implementation in CORS. Reported by Google - CVE-2026-8577: Integer overflow in Fonts. Reported by Google. - CVE-2026-8578: Out of bounds read in GPU. Reported by Google. - CVE-2026-8579: Insufficient validation of untrusted input in Skia. Reported by Google. - CVE-2026-8580: Use after free in Mojo. Reported by Google. - CVE-2026-8581: Use after free in GPU. Reported by Google. - CVE-2026-8582: Object lifecycle issue in Dawn. Reported by Google. - CVE-2026-8583: Insufficient policy enforcement in WebXR. Reported by Google. - CVE-2026-8584: Inappropriate implementation in Views. Reported by Google - CVE-2026-8585: Inappropriate implementation in Media. Reported by Google - CVE-2026-8586: Inappropriate implementation in Chromoting. Reported by Google. - CVE-2026-8587: Use after free in Extensions. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab. * rust-1.85/file_as_c_str.patch: fix build on non-x86 archs, as char* signed-ness is apparently different there versus arm & ppc64 [trixie, bookworm]. Checksums-Sha1: 7d1dcbb07985a307c49d84b3c873d4ea1f8df15f 5825020 chromium-common-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb 943c1d05886e35820dd13349377bfe93ec606d53 25484016 chromium-common_148.0.7778.167-1~deb12u1_armhf.deb 8496c9a24c6bb0238bd563d8f57ea5fad206bd96 35373228 chromium-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb e475c1d1eed54497f7b1d55b88b21b9617adaf31 7210700 chromium-driver_148.0.7778.167-1~deb12u1_armhf.deb 436ee826ab97489bdcbc19f46ce4b864fa878502 27511412 chromium-headless-shell-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb 0e8c3860fa4cdd8927f9f133add10b7d3ef40a2d 54434080 chromium-headless-shell_148.0.7778.167-1~deb12u1_armhf.deb de1442734d94d660901b769e975ff3c3f1b8a554 18008 chromium-sandbox-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb cfff6310d6e4f43168c25bfdc949163a46ac3602 119592 chromium-sandbox_148.0.7778.167-1~deb12u1_armhf.deb bc07f037791c725327a2bcad18edb2c8b618f09e 29884928 chromium-shell-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb 8f50409cecae245e76938cf00a5b87094db791e4 59716184 chromium-shell_148.0.7778.167-1~deb12u1_armhf.deb 2fb01959dd6ec2593a7fe7e04c63297c75016cf3 30339 chromium_148.0.7778.167-1~deb12u1_armhf-buildd.buildinfo 6dbc2335c929fcc07cb9620475bf2dcab7fce1c6 71469756 chromium_148.0.7778.167-1~deb12u1_armhf.deb Checksums-Sha256: 7aeec21a2694167c56abb750b79134c5270d42a33606d30034aa6fe22384b1dc 5825020 chromium-common-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb c019cd822a8877635a3f8c37f53fd2a333b2b180e5df8f86c4355e8535417161 25484016 chromium-common_148.0.7778.167-1~deb12u1_armhf.deb 32b119a0cbe40d09d39517812a08b636be34753542bd1240ed1701230af75b72 35373228 chromium-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb a63723217c1001c1c560fa4c0b5b49f5d7a36f3ba4dac59ee25864386c976712 7210700 chromium-driver_148.0.7778.167-1~deb12u1_armhf.deb 3bbd3fc67a16ddd3501a3e3323d5a70782de81c32b0e57d440596965963580b5 27511412 chromium-headless-shell-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb 444fc48c61e35fbb4e77afc1d1cd50e5f4d1e661e5d909225328a945727d5377 54434080 chromium-headless-shell_148.0.7778.167-1~deb12u1_armhf.deb 1013daa5d2353ee29544f9ea8a3f3fcad709a526b9e1383bdde631c637966810 18008 chromium-sandbox-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb 3db9b6aea310e081f55a716abf74a4f140d3384dd57f41d23caec0f57f107772 119592 chromium-sandbox_148.0.7778.167-1~deb12u1_armhf.deb 756f38b777560452c47332fce7ea10beaf51f2159d9adfa32296f8d8663727db 29884928 chromium-shell-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb 0320afaac52144965b052d7a1a3913c0dfd4948a5a51f453e3c28a94fb7d990b 59716184 chromium-shell_148.0.7778.167-1~deb12u1_armhf.deb 34d228ae43afeca762b88910905366a254894b960003483951e80e22de6beeb7 30339 chromium_148.0.7778.167-1~deb12u1_armhf-buildd.buildinfo d37c53eaf20232e24b97ec469176c10c17248789ce7d74a9fc156f367139904b 71469756 chromium_148.0.7778.167-1~deb12u1_armhf.deb Files: 8b17e95ebacb61de57221fdb79e46611 5825020 debug optional chromium-common-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb 173631c5f9480c220a87fb529dd89a6d 25484016 web optional chromium-common_148.0.7778.167-1~deb12u1_armhf.deb a79df1ce730955506f4fc4e0660c8818 35373228 debug optional chromium-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb 99d3f71e2971d1aed3718950e9a9a17a 7210700 web optional chromium-driver_148.0.7778.167-1~deb12u1_armhf.deb bcfd3aaed61c639c3fc0cf1f67792b38 27511412 debug optional chromium-headless-shell-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb a996047edb86589c77d3c78606194a88 54434080 web optional chromium-headless-shell_148.0.7778.167-1~deb12u1_armhf.deb 203f97bb584a4092d7c031793b6ce02e 18008 debug optional chromium-sandbox-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb 706a25bb7d32e3878671e8a0f38d8beb 119592 web optional chromium-sandbox_148.0.7778.167-1~deb12u1_armhf.deb addcc3c6ed00bbcf4655f77c2f878645 29884928 debug optional chromium-shell-dbgsym_148.0.7778.167-1~deb12u1_armhf.deb 3930fab4e90c8036d6601c99ca18258f 59716184 web optional chromium-shell_148.0.7778.167-1~deb12u1_armhf.deb 2091330e490fefddcdb89cc4fc4dc120 30339 web optional chromium_148.0.7778.167-1~deb12u1_armhf-buildd.buildinfo c35472bf89f153d795bad6129293ea62 71469756 web optional chromium_148.0.7778.167-1~deb12u1_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEBOUsBrtd5lcy6oRfutMAkCxKbL0FAmoHJFoACgkQutMAkCxK bL2/Jg/+MN5geZ623l9mHKKDLJ15/FzOxZg136xUYHfZ8GFrEf0Jkoqy275ahwNi rBFA49DVgCGXgxWa5wxf2iaUvdJ97N5wz4jJDvCq51IE2MYZC//WBbnHJFU+f3uk j6gpdYpeac2rqBq7giZ3buZ4+CppE+FzPEUcv3FhzuR1uZ8f19qVn4TX+Qll1BfA Y707L65M024jsD6SCTk9N7nQrTeLWHlWd+XOEo2VrWUhpGLmlRocd99D4HuIlhJC V3P8Xy+6MTngdG/iVJbpyPY8J7mT2vcwXDeEf0h5+fzlPkPfg/fcblwEszPce495 9B0CcETEH8dB7spXpsfXmzQ2l/A022qBu26S5giLBV6rDdsoc9HTeH92JfGVnK7i zblwjbMGdlpT/LaTtxycoi6G3OCLc4T3Tf7X12PF92hbJADigP1MqXO4IInuGwKK kHxC4ldw9mJxIbTe4E5j45H8doqv3P74CZcV7ohrEHQSZXAWOYlMs22mOmqVlq2W aGmkYyBj0kTkLI1qzZfOgDEeUMi8ezBL8BeOdmrK1uZWqIPRewOgzlJrFmcNhVV8 xAIJ0zrVSyfnlxaDcSnQsj4e+4oFJnHl2raPqOTSbp/AI1PYkuRp3GNIInDIg7zr EnujC9RdOrP15tNAmdcWNNWSd8OVjosfC/yNcZduWX2u73NI4fY= =1rPC -----END PGP SIGNATURE----