-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 14 May 2026 16:39:29 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: amd64 Version: 148.0.7778.167-1~deb13u1 Distribution: trixie-security Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-headless-shell - web browser - old headless shell chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (148.0.7778.167-1~deb13u1) trixie-security; urgency=high . [ Andres Salomon ] * New upstream security release. - CVE-2026-8509: Heap buffer overflow in WebML. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-8510: Integer overflow in Skia. Reported by q@calif.io. - CVE-2026-8511: Use after free in UI. Reported by Google. - CVE-2026-8512: Use after free in FileSystem. Reported by Google. - CVE-2026-8513: Use after free in Input. Reported by Google. - CVE-2026-8514: Use after free in Aura. Reported by Google. - CVE-2026-8515: Use after free in HID. Reported by Google. - CVE-2026-8516: Insufficient validation of untrusted input in DataTransfer. Reported by Google. - CVE-2026-8517: Object lifecycle issue in WebShare. Reported by Google. - CVE-2026-8518: Use after free in Blink. Reported by Google. - CVE-2026-8519: Integer overflow in ANGLE. Reported by Google. - CVE-2026-8520: Race in Payments. Reported by Google. - CVE-2026-8521: Use after free in Tab Groups. Reported by Google. - CVE-2026-8522: Use after free in Downloads. Reported by Google. - CVE-2026-8523: Use after free in Mojo. Reported by Paul Seekamp / nullenc0de. - CVE-2026-8558: Out of bounds write in Fonts. Reported by Matej Smycka. - CVE-2026-8524: Out of bounds write in WebAudio. Reported by Brendan Dolan-Gavitt, XBOW. - CVE-2026-8525: Heap buffer overflow in ANGLE. Reported by Nathaniel Oh (@calysteon). - CVE-2026-8526: Out of bounds write in WebRTC. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-8527: Insufficient validation of untrusted input in Downloads. Reported by rachmat.abdul.ro. - CVE-2026-8528: Insufficient validation of untrusted input in SiteIsolation. Reported by Google. - CVE-2026-8529: Heap buffer overflow in Codecs. Reported by Google. - CVE-2026-8530: Use after free in Network. Reported by Google. - CVE-2026-8531: Heap buffer overflow in WebML. Reported by Syn4pse. - CVE-2026-8532: Integer overflow in XML. Reported by Google. - CVE-2026-8533: Use after free in Accessibility. Reported by Google. - CVE-2026-8534: Integer overflow in GPU. Reported by Google. - CVE-2026-8535: Out of bounds read in Media. Reported by Google. - CVE-2026-8536: Insufficient validation of untrusted input in ReadingMode. Reported by Google. - CVE-2026-8537: Insufficient policy enforcement in ViewTransitions. Reported by Google. - CVE-2026-8538: Insufficient validation of untrusted input in GPU. Reported by Google. - CVE-2026-8539: Script injection in SanitizerAPI. Reported by Jungwoo Lee (@physicube) and Wongi Lee (@_qwerty_po). - CVE-2026-8540: Type Confusion in V8. Reported by Google. - CVE-2026-8541: Out of bounds read in UI. Reported by Google. - CVE-2026-8542: Use after free in Core. Reported by Google. - CVE-2026-8543: Out of bounds read in FileSystem. Reported by Google. - CVE-2026-8544: Use after free in Media. Reported by Google. - CVE-2026-8545: Object corruption in Compositing. Reported by Google. - CVE-2026-8546: Out of bounds read in GPU. Reported by Google. - CVE-2026-8547: Insufficient policy enforcement in Passwords. Reported by Google. - CVE-2026-8548: Out of bounds write in Media. Reported by Google. - CVE-2026-8549: Use after free in Media. Reported by Google. - CVE-2026-8550: Use after free in Google Lens. Reported by Google. - CVE-2026-8551: Use after free in Downloads. Reported by Google. - CVE-2026-8552: Heap buffer overflow in GPU. Reported by Google. - CVE-2026-8553: Use after free in GPU. Reported by Google. - CVE-2026-8554: Type Confusion in ANGLE. Reported by Google. - CVE-2026-8555: Use after free in GTK. Reported by Google. - CVE-2026-8556: Inappropriate implementation in ANGLE. Reported by Google - CVE-2026-8557: Use after free in Accessibility. Reported by Google. - CVE-2026-8559: Integer overflow in Internationalization. Reported by Google. - CVE-2026-8560: Heap buffer overflow in SwiftShader. Reported by Cassidy Kim(@cassidy6564). - CVE-2026-8561: Incorrect security UI in Fullscreen. Reported by Wolfgang Ettlinger (aff. Certitude Consulting GmbH) Alexander Hurbean (aff. Certitude Consulting GmbH). - CVE-2026-8562: Side-channel information leakage in Navigation. Reported by Google. - CVE-2026-8563: Insufficient policy enforcement in IFrame Sandbox. Reported by Luan Herrera (@lbherrera_). - CVE-2026-8564: Incorrect security UI in Downloads. Reported by Alesandro Ortiz https://AlesandroOrtiz.com. - CVE-2026-8565: Inappropriate implementation in Downloads. Reported by Farras Givari. - CVE-2026-8566: Insufficient policy enforcement in Payments. Reported by Jorian Woltjer. - CVE-2026-8567: Integer overflow in ANGLE. Reported by cinzinga. - CVE-2026-8568: Insufficient policy enforcement in AI. Reported by Tianyi Hu. - CVE-2026-8569: Out of bounds write in Codecs. Reported by Google. - CVE-2026-8570: Type Confusion in V8. Reported by Google. - CVE-2026-8571: Insufficient policy enforcement in GPU. Reported by Mark Blaszczyk. - CVE-2026-8572: Insufficient policy enforcement in Network. Reported by Google. - CVE-2026-8573: Integer overflow in Codecs. Reported by Google. - CVE-2026-8574: Use after free in Core. Reported by Google. - CVE-2026-8575: Use after free in UI. Reported by Google. - CVE-2026-8576: Inappropriate implementation in CORS. Reported by Google - CVE-2026-8577: Integer overflow in Fonts. Reported by Google. - CVE-2026-8578: Out of bounds read in GPU. Reported by Google. - CVE-2026-8579: Insufficient validation of untrusted input in Skia. Reported by Google. - CVE-2026-8580: Use after free in Mojo. Reported by Google. - CVE-2026-8581: Use after free in GPU. Reported by Google. - CVE-2026-8582: Object lifecycle issue in Dawn. Reported by Google. - CVE-2026-8583: Insufficient policy enforcement in WebXR. Reported by Google. - CVE-2026-8584: Inappropriate implementation in Views. Reported by Google - CVE-2026-8585: Inappropriate implementation in Media. Reported by Google - CVE-2026-8586: Inappropriate implementation in Chromoting. Reported by Google. - CVE-2026-8587: Use after free in Extensions. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab. * rust-1.85/file_as_c_str.patch: fix build on non-x86 archs, as char* signed-ness is apparently different there versus arm & ppc64 [trixie, bookworm]. Checksums-Sha1: d4c80c4007d089acc321e0afe3be9dbed6344ec5 5195688 chromium-common-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb 5cbcfaf94c8b9aad19f5aed6fb6ae156f22e4b1b 25707516 chromium-common_148.0.7778.167-1~deb13u1_amd64.deb 36268a605842d917c51715df06c98a87365e4072 33210668 chromium-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb 03c2e7455fd7898b8f31410d54f4010e9e4fd3cd 7525156 chromium-driver_148.0.7778.167-1~deb13u1_amd64.deb 3b1739760078fa5a03f2e8f12f0e65dc3d755c22 28139972 chromium-headless-shell-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb 56b68964c9a855a7d84ec39103b4589a1819219e 62875692 chromium-headless-shell_148.0.7778.167-1~deb13u1_amd64.deb 537fa1ca23179869c231033e3118c6dec147641f 20224 chromium-sandbox-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb 4cd801a6b3e9717edd4fc21692338a5a9d3204b3 117872 chromium-sandbox_148.0.7778.167-1~deb13u1_amd64.deb 12cc731f82ec15c1816252e18016a3407f509450 29727412 chromium-shell-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb ff682f986b5c679dddc3d11b06e30a7ebfadaca6 62450172 chromium-shell_148.0.7778.167-1~deb13u1_amd64.deb dd89560dca7f461628928ad69ae0b4b4d1e10e1c 30549 chromium_148.0.7778.167-1~deb13u1_amd64-buildd.buildinfo 6f1fa00973965a1860dc9b499c2a9b412a8487c9 85178684 chromium_148.0.7778.167-1~deb13u1_amd64.deb Checksums-Sha256: eff424725fdecda8eb100e079c1fd41c4b1bdf5103cb741bb457b3d058fe9eba 5195688 chromium-common-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb 494104d5d8ef9350f979a07464abafabd4c78fe7f5122309d9c06770c2d08101 25707516 chromium-common_148.0.7778.167-1~deb13u1_amd64.deb 05f09ab9abd2a8b8940e6eca605077c63391db253f0072dc22f8a790a6f3bdb4 33210668 chromium-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb 04f426ec1a50d3e8704b0dd50b25e67438b2afdf2c46772e68f9a7685d9de161 7525156 chromium-driver_148.0.7778.167-1~deb13u1_amd64.deb 745de33fcdcede42851125e910143f4899f2047580d348279a22b3fd34327a92 28139972 chromium-headless-shell-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb 0e533c787a6f55cacb5f5f564ef0d8a215986cbf85525b02319c6c3a51b2e2ba 62875692 chromium-headless-shell_148.0.7778.167-1~deb13u1_amd64.deb 52387374081b444ab35e63c6323021c5de55302bf220339da6b42c57dd988690 20224 chromium-sandbox-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb 0b11a8fc58ea0e6ceb4568094c9d42a44cd6ec123add6784827d8f0714bbf75d 117872 chromium-sandbox_148.0.7778.167-1~deb13u1_amd64.deb 99e4afc7578c1e3e987a2879b5d1a9e8400ff4ed27f2a984398ceff3ef45808e 29727412 chromium-shell-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb 70298667c17b36cdfc7544164eb93e487a1aebfcc7135751624c36b4075fffae 62450172 chromium-shell_148.0.7778.167-1~deb13u1_amd64.deb ce07b7723675f6a9d41d29c11d277607d600341053d6e533285b532053d33314 30549 chromium_148.0.7778.167-1~deb13u1_amd64-buildd.buildinfo 2cbc5c390349f4d98690b7415dd5d5ff05eb70bb8ebf9d764ee2805660836546 85178684 chromium_148.0.7778.167-1~deb13u1_amd64.deb Files: fc4dc34d1381f50ed1bf85411fd0e803 5195688 debug optional chromium-common-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb 87c144bf7770960bb9a00204253698c3 25707516 web optional chromium-common_148.0.7778.167-1~deb13u1_amd64.deb 8bbb5c575015ec719cb97f1ec84136b8 33210668 debug optional chromium-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb 35fa9be4e50fb6577be0c2b44c884c52 7525156 web optional chromium-driver_148.0.7778.167-1~deb13u1_amd64.deb bce706dcf5001b3c0c7adf36ed363fbb 28139972 debug optional chromium-headless-shell-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb 497f03829aa9fdb096c931b8141061e4 62875692 web optional chromium-headless-shell_148.0.7778.167-1~deb13u1_amd64.deb c325bee54033086ba9ec55c3324217d5 20224 debug optional chromium-sandbox-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb a11a25dac1e389cc3b21f03982c06585 117872 web optional chromium-sandbox_148.0.7778.167-1~deb13u1_amd64.deb 64f21b2689fe514d8d5201d4e20d2e29 29727412 debug optional chromium-shell-dbgsym_148.0.7778.167-1~deb13u1_amd64.deb bc227d6d1c152d6631b4eeaf536163a2 62450172 web optional chromium-shell_148.0.7778.167-1~deb13u1_amd64.deb d0578ffae42889b4fbe82f0f6f8145f5 30549 web optional chromium_148.0.7778.167-1~deb13u1_amd64-buildd.buildinfo 90cbcca0f2265938bceafc3c69bb662c 85178684 web optional chromium_148.0.7778.167-1~deb13u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7cQ9mRD4+dWjjrb6PkCWRKsh20cFAmoHCOwACgkQPkCWRKsh 20e76xAAjI/mEfKoZbjRyIhcwVE4jEIjrvAlk0qxCgz2r2sRUa/aUbUa6svlMBxC +q8fkkKuD5xB/VHKF/lW/UsIua+5Fs+6QhvIXUAsyKDWZiQ7zTCnkiG4hWcxJ2Kv 6nn7obZHpaK4iRhUGYV02U2TJn0unY9MDMXPKxKFihPQQbfzuDJHY/KBEWUIsND8 b7ZXUncSm8w5Hh5Si6kE+pls6XeMNrdTULncQBwpNQbHKEwNxFoPFFyRSPTXBHQY zuBI06mjKb57+f7Ed0oWIootKKp43N1CZjAILWtfOIfq746TkgCpR5eozQvrI+lQ QOuRSjy08FzaZECg1EnrK3ooUNAtDWlFsQVLEVXJBX0H63yIJWR1lSEiIlEwSrYt QcQE0fSzlceeyiMfQcvK1KRdmCBDUZ1fIFSSX+z7Vk+BsZPOxqETWrXc2AqD2h84 HPfznpAlJzqncrS/l7lKtzUpn14A/3dcMpgj5hQAQN7aDHslXiK2aAhhlXzlVn5e 0rb5E4aZrPWpaWe3adb8gzNnfTl0VUoKXAc8fHpJJ79wn569m/XSjAnHux89M9uz ybmM3QYGS8riOFaj7WP3GivP3Zp5c38a22EUqcwVIcwEz8TURKtTflWoQjgH078z Xct65Mm/WrxFnqWuui1KnxOz0IEfsWwAgLkCE+00iXSvvbsKULo= =swwr -----END PGP SIGNATURE-----