-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 14 May 2026 16:39:29 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: i386 Version: 148.0.7778.167-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-headless-shell - web browser - old headless shell chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (148.0.7778.167-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream security release. - CVE-2026-8509: Heap buffer overflow in WebML. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-8510: Integer overflow in Skia. Reported by q@calif.io. - CVE-2026-8511: Use after free in UI. Reported by Google. - CVE-2026-8512: Use after free in FileSystem. Reported by Google. - CVE-2026-8513: Use after free in Input. Reported by Google. - CVE-2026-8514: Use after free in Aura. Reported by Google. - CVE-2026-8515: Use after free in HID. Reported by Google. - CVE-2026-8516: Insufficient validation of untrusted input in DataTransfer. Reported by Google. - CVE-2026-8517: Object lifecycle issue in WebShare. Reported by Google. - CVE-2026-8518: Use after free in Blink. Reported by Google. - CVE-2026-8519: Integer overflow in ANGLE. Reported by Google. - CVE-2026-8520: Race in Payments. Reported by Google. - CVE-2026-8521: Use after free in Tab Groups. Reported by Google. - CVE-2026-8522: Use after free in Downloads. Reported by Google. - CVE-2026-8523: Use after free in Mojo. Reported by Paul Seekamp / nullenc0de. - CVE-2026-8558: Out of bounds write in Fonts. Reported by Matej Smycka. - CVE-2026-8524: Out of bounds write in WebAudio. Reported by Brendan Dolan-Gavitt, XBOW. - CVE-2026-8525: Heap buffer overflow in ANGLE. Reported by Nathaniel Oh (@calysteon). - CVE-2026-8526: Out of bounds write in WebRTC. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-8527: Insufficient validation of untrusted input in Downloads. Reported by rachmat.abdul.ro. - CVE-2026-8528: Insufficient validation of untrusted input in SiteIsolation. Reported by Google. - CVE-2026-8529: Heap buffer overflow in Codecs. Reported by Google. - CVE-2026-8530: Use after free in Network. Reported by Google. - CVE-2026-8531: Heap buffer overflow in WebML. Reported by Syn4pse. - CVE-2026-8532: Integer overflow in XML. Reported by Google. - CVE-2026-8533: Use after free in Accessibility. Reported by Google. - CVE-2026-8534: Integer overflow in GPU. Reported by Google. - CVE-2026-8535: Out of bounds read in Media. Reported by Google. - CVE-2026-8536: Insufficient validation of untrusted input in ReadingMode. Reported by Google. - CVE-2026-8537: Insufficient policy enforcement in ViewTransitions. Reported by Google. - CVE-2026-8538: Insufficient validation of untrusted input in GPU. Reported by Google. - CVE-2026-8539: Script injection in SanitizerAPI. Reported by Jungwoo Lee (@physicube) and Wongi Lee (@_qwerty_po). - CVE-2026-8540: Type Confusion in V8. Reported by Google. - CVE-2026-8541: Out of bounds read in UI. Reported by Google. - CVE-2026-8542: Use after free in Core. Reported by Google. - CVE-2026-8543: Out of bounds read in FileSystem. Reported by Google. - CVE-2026-8544: Use after free in Media. Reported by Google. - CVE-2026-8545: Object corruption in Compositing. Reported by Google. - CVE-2026-8546: Out of bounds read in GPU. Reported by Google. - CVE-2026-8547: Insufficient policy enforcement in Passwords. Reported by Google. - CVE-2026-8548: Out of bounds write in Media. Reported by Google. - CVE-2026-8549: Use after free in Media. Reported by Google. - CVE-2026-8550: Use after free in Google Lens. Reported by Google. - CVE-2026-8551: Use after free in Downloads. Reported by Google. - CVE-2026-8552: Heap buffer overflow in GPU. Reported by Google. - CVE-2026-8553: Use after free in GPU. Reported by Google. - CVE-2026-8554: Type Confusion in ANGLE. Reported by Google. - CVE-2026-8555: Use after free in GTK. Reported by Google. - CVE-2026-8556: Inappropriate implementation in ANGLE. Reported by Google - CVE-2026-8557: Use after free in Accessibility. Reported by Google. - CVE-2026-8559: Integer overflow in Internationalization. Reported by Google. - CVE-2026-8560: Heap buffer overflow in SwiftShader. Reported by Cassidy Kim(@cassidy6564). - CVE-2026-8561: Incorrect security UI in Fullscreen. Reported by Wolfgang Ettlinger (aff. Certitude Consulting GmbH) Alexander Hurbean (aff. Certitude Consulting GmbH). - CVE-2026-8562: Side-channel information leakage in Navigation. Reported by Google. - CVE-2026-8563: Insufficient policy enforcement in IFrame Sandbox. Reported by Luan Herrera (@lbherrera_). - CVE-2026-8564: Incorrect security UI in Downloads. Reported by Alesandro Ortiz https://AlesandroOrtiz.com. - CVE-2026-8565: Inappropriate implementation in Downloads. Reported by Farras Givari. - CVE-2026-8566: Insufficient policy enforcement in Payments. Reported by Jorian Woltjer. - CVE-2026-8567: Integer overflow in ANGLE. Reported by cinzinga. - CVE-2026-8568: Insufficient policy enforcement in AI. Reported by Tianyi Hu. - CVE-2026-8569: Out of bounds write in Codecs. Reported by Google. - CVE-2026-8570: Type Confusion in V8. Reported by Google. - CVE-2026-8571: Insufficient policy enforcement in GPU. Reported by Mark Blaszczyk. - CVE-2026-8572: Insufficient policy enforcement in Network. Reported by Google. - CVE-2026-8573: Integer overflow in Codecs. Reported by Google. - CVE-2026-8574: Use after free in Core. Reported by Google. - CVE-2026-8575: Use after free in UI. Reported by Google. - CVE-2026-8576: Inappropriate implementation in CORS. Reported by Google - CVE-2026-8577: Integer overflow in Fonts. Reported by Google. - CVE-2026-8578: Out of bounds read in GPU. Reported by Google. - CVE-2026-8579: Insufficient validation of untrusted input in Skia. Reported by Google. - CVE-2026-8580: Use after free in Mojo. Reported by Google. - CVE-2026-8581: Use after free in GPU. Reported by Google. - CVE-2026-8582: Object lifecycle issue in Dawn. Reported by Google. - CVE-2026-8583: Insufficient policy enforcement in WebXR. Reported by Google. - CVE-2026-8584: Inappropriate implementation in Views. Reported by Google - CVE-2026-8585: Inappropriate implementation in Media. Reported by Google - CVE-2026-8586: Inappropriate implementation in Chromoting. Reported by Google. - CVE-2026-8587: Use after free in Extensions. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab. * rust-1.85/file_as_c_str.patch: fix build on non-x86 archs, as char* signed-ness is apparently different there versus arm & ppc64 [trixie, bookworm]. Checksums-Sha1: b5ad7268971f09db715ce575a315e6c5c77accbe 5309040 chromium-common-dbgsym_148.0.7778.167-1~deb12u1_i386.deb febaae83f6ea38a5867f2b4bc2af24947ea6c0a8 25725372 chromium-common_148.0.7778.167-1~deb12u1_i386.deb 8216a3ae75544aff89cfc92e571418edc8a3be3d 36117604 chromium-dbgsym_148.0.7778.167-1~deb12u1_i386.deb 5d1bd3abfd5b4bdfc0f33cc3850602117ecbe37b 7935528 chromium-driver_148.0.7778.167-1~deb12u1_i386.deb 4f9cbce78bc672e162b110de726003ade95f8889 29774196 chromium-headless-shell-dbgsym_148.0.7778.167-1~deb12u1_i386.deb cb1a33399abbd08306bdfd75fc9c19da6b82de37 59249020 chromium-headless-shell_148.0.7778.167-1~deb12u1_i386.deb 087987402c8163cf6a947715d12764c9e04a9e0b 17824 chromium-sandbox-dbgsym_148.0.7778.167-1~deb12u1_i386.deb 3f25d6ee4c88e8b02a3fe64d08f33bf48a29298e 119880 chromium-sandbox_148.0.7778.167-1~deb12u1_i386.deb 2859d76972fdd2fc93dffdf98a6168ff93a7fe24 32600404 chromium-shell-dbgsym_148.0.7778.167-1~deb12u1_i386.deb 31059f2cc23f2cfe52ba6a96aee032f1c6b95953 64931164 chromium-shell_148.0.7778.167-1~deb12u1_i386.deb df75086a684369ee912167443aa2043d7c3dabfa 30430 chromium_148.0.7778.167-1~deb12u1_i386-buildd.buildinfo b05218c857ffa6811cd8cd4c82a5517141dd3578 77585696 chromium_148.0.7778.167-1~deb12u1_i386.deb Checksums-Sha256: 4f8524c5ebbd85b36836959f9fb742fef990aa5f9549f2fa530a3195d93255a6 5309040 chromium-common-dbgsym_148.0.7778.167-1~deb12u1_i386.deb 2913a03c5f496b8c4748089a741e3627a3910740f6e2859d970a80e2b15c7f8e 25725372 chromium-common_148.0.7778.167-1~deb12u1_i386.deb 9029e39a3d41dac48223227354c22c0431a0f017c795c283b297b82307deb0f8 36117604 chromium-dbgsym_148.0.7778.167-1~deb12u1_i386.deb 77d41794768f948a92b8b5f744f2f20942c86807e78526790389102307508263 7935528 chromium-driver_148.0.7778.167-1~deb12u1_i386.deb da91bbe67a03db5e8961e23d11715adb7314bdd2a9b76ce996e56c02e7e856f4 29774196 chromium-headless-shell-dbgsym_148.0.7778.167-1~deb12u1_i386.deb f4ae3dbd33db4279bbb2331a8c5bc1debdf417b7d27fe76b7eaec2ba02b15981 59249020 chromium-headless-shell_148.0.7778.167-1~deb12u1_i386.deb f147cf5971cc8a44c755c5e7cda18e0b5056d23f84ec3345214308c32f71e02e 17824 chromium-sandbox-dbgsym_148.0.7778.167-1~deb12u1_i386.deb 36d839d5689d592fae59052c2bbff98cf1f87a8c9cd22ab370f25d8dfb8f4bba 119880 chromium-sandbox_148.0.7778.167-1~deb12u1_i386.deb 32777892460cd207f80d89c360812e5094880f851ef4591726d302035ac20075 32600404 chromium-shell-dbgsym_148.0.7778.167-1~deb12u1_i386.deb 540452888a81347712689d72c4051df3e6c02eeb2bb294ce6b3d28f0bc94fc2c 64931164 chromium-shell_148.0.7778.167-1~deb12u1_i386.deb 15893d19290a220c35b3e7e766a6f31ff36a871aa8abfe507181d4788e33c803 30430 chromium_148.0.7778.167-1~deb12u1_i386-buildd.buildinfo f2124ace98028d4bd0759067b3fb4ae6ba7cb819440ecac3e4fa2b413f976204 77585696 chromium_148.0.7778.167-1~deb12u1_i386.deb Files: e8d53ced6015f8707cfabb5faed0a7d8 5309040 debug optional chromium-common-dbgsym_148.0.7778.167-1~deb12u1_i386.deb b50229937be0883613560879e8effdea 25725372 web optional chromium-common_148.0.7778.167-1~deb12u1_i386.deb 1624e1e5fd5c87c3da239b9fb644da35 36117604 debug optional chromium-dbgsym_148.0.7778.167-1~deb12u1_i386.deb 93ffef04fbdafdf3dab4d5678cca4dd1 7935528 web optional chromium-driver_148.0.7778.167-1~deb12u1_i386.deb 7f6835b95d260b6ba97632a222944afb 29774196 debug optional chromium-headless-shell-dbgsym_148.0.7778.167-1~deb12u1_i386.deb be5eec5c7c6516cbd86b25ff52982dee 59249020 web optional chromium-headless-shell_148.0.7778.167-1~deb12u1_i386.deb 29e51c9847fcd4eaae64ab8d71a5294f 17824 debug optional chromium-sandbox-dbgsym_148.0.7778.167-1~deb12u1_i386.deb dd48a6cd7a9e2732a6c47b0d31853bf3 119880 web optional chromium-sandbox_148.0.7778.167-1~deb12u1_i386.deb 0b389e6669c10c3f7b45c40d16998258 32600404 debug optional chromium-shell-dbgsym_148.0.7778.167-1~deb12u1_i386.deb 3565a1bcbece409d09ad6c48dde352ab 64931164 web optional chromium-shell_148.0.7778.167-1~deb12u1_i386.deb ed749d2fc7a86d49dc2964bcaa44c294 30430 web optional chromium_148.0.7778.167-1~deb12u1_i386-buildd.buildinfo 3bd8466069a42611afdb292018fb102e 77585696 web optional chromium_148.0.7778.167-1~deb12u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEb5EwsJvHBEjqIJYIbheoBegwXLIFAmoGy0kACgkQbheoBegw XLK95Q/8DoFpavw6KWRVq9+NpCeWnNgDs8WG2KKKIIPlW5g+w7u5no0PJKzf+ApP PONhZiLpVzQJB67PnoImYuE77UUajeO9ixKA2iTaPvXy+0lXHZWc1wPrFJ6dVCO8 FMhKwqgOnW2eXQwfdv/OWjVRF91u4MMnFaby8B+J5gMP4gNIrth/XqbisGgIi8hh uaxqVrE6jg0Wrl/tB3TGcDsIWKKuBDABtlMy9EGskhgf6xUJOCbxCXliGh43o/75 XKsFgm+wdYev0MArpMSwHnlZlxnkDviofATev4iR3bOFF6piKlC192LBHncdQ/WL 2+u5XgJ0Je3VPSamPKY/E3fqbnCpW9N9q0b1LJRH556vLbm2MDcnIAi7+uXntjgH nhwb8h/ShUxgZxRw0ArXPrUIMIXVpXZJf4dJixJe83FWp4brGgT+D4mOj/FSzXwG qQKsHoA2OHs7E8eQLwF3szKEwlst3oXRXK57+0/VRoBm86VBXbS5gY5VP/Qj/aFg RhEXQoXSYTgNdDHyHGipVM9YOdj9hTKAIJFlLhW+07TvdJW7zkOyL2HRZnt3oP4o p51nMyXDLO4wD38h19hy/vO+lYvevOJPwODfFUPm1JK5K1S/8i6KUhB2RIHUHQo/ v1wq1s5tVT2wSF3TedAmd9vfr3kHLv3IRdtgVwsej/Kuelz4vjk= =2FQ7 -----END PGP SIGNATURE-----