-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 14 May 2026 16:39:29 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: arm64 Version: 148.0.7778.167-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: arm64 Build Daemon (arm-ubc-05) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-headless-shell - web browser - old headless shell chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (148.0.7778.167-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream security release. - CVE-2026-8509: Heap buffer overflow in WebML. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-8510: Integer overflow in Skia. Reported by q@calif.io. - CVE-2026-8511: Use after free in UI. Reported by Google. - CVE-2026-8512: Use after free in FileSystem. Reported by Google. - CVE-2026-8513: Use after free in Input. Reported by Google. - CVE-2026-8514: Use after free in Aura. Reported by Google. - CVE-2026-8515: Use after free in HID. Reported by Google. - CVE-2026-8516: Insufficient validation of untrusted input in DataTransfer. Reported by Google. - CVE-2026-8517: Object lifecycle issue in WebShare. Reported by Google. - CVE-2026-8518: Use after free in Blink. Reported by Google. - CVE-2026-8519: Integer overflow in ANGLE. Reported by Google. - CVE-2026-8520: Race in Payments. Reported by Google. - CVE-2026-8521: Use after free in Tab Groups. Reported by Google. - CVE-2026-8522: Use after free in Downloads. Reported by Google. - CVE-2026-8523: Use after free in Mojo. Reported by Paul Seekamp / nullenc0de. - CVE-2026-8558: Out of bounds write in Fonts. Reported by Matej Smycka. - CVE-2026-8524: Out of bounds write in WebAudio. Reported by Brendan Dolan-Gavitt, XBOW. - CVE-2026-8525: Heap buffer overflow in ANGLE. Reported by Nathaniel Oh (@calysteon). - CVE-2026-8526: Out of bounds write in WebRTC. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-8527: Insufficient validation of untrusted input in Downloads. Reported by rachmat.abdul.ro. - CVE-2026-8528: Insufficient validation of untrusted input in SiteIsolation. Reported by Google. - CVE-2026-8529: Heap buffer overflow in Codecs. Reported by Google. - CVE-2026-8530: Use after free in Network. Reported by Google. - CVE-2026-8531: Heap buffer overflow in WebML. Reported by Syn4pse. - CVE-2026-8532: Integer overflow in XML. Reported by Google. - CVE-2026-8533: Use after free in Accessibility. Reported by Google. - CVE-2026-8534: Integer overflow in GPU. Reported by Google. - CVE-2026-8535: Out of bounds read in Media. Reported by Google. - CVE-2026-8536: Insufficient validation of untrusted input in ReadingMode. Reported by Google. - CVE-2026-8537: Insufficient policy enforcement in ViewTransitions. Reported by Google. - CVE-2026-8538: Insufficient validation of untrusted input in GPU. Reported by Google. - CVE-2026-8539: Script injection in SanitizerAPI. Reported by Jungwoo Lee (@physicube) and Wongi Lee (@_qwerty_po). - CVE-2026-8540: Type Confusion in V8. Reported by Google. - CVE-2026-8541: Out of bounds read in UI. Reported by Google. - CVE-2026-8542: Use after free in Core. Reported by Google. - CVE-2026-8543: Out of bounds read in FileSystem. Reported by Google. - CVE-2026-8544: Use after free in Media. Reported by Google. - CVE-2026-8545: Object corruption in Compositing. Reported by Google. - CVE-2026-8546: Out of bounds read in GPU. Reported by Google. - CVE-2026-8547: Insufficient policy enforcement in Passwords. Reported by Google. - CVE-2026-8548: Out of bounds write in Media. Reported by Google. - CVE-2026-8549: Use after free in Media. Reported by Google. - CVE-2026-8550: Use after free in Google Lens. Reported by Google. - CVE-2026-8551: Use after free in Downloads. Reported by Google. - CVE-2026-8552: Heap buffer overflow in GPU. Reported by Google. - CVE-2026-8553: Use after free in GPU. Reported by Google. - CVE-2026-8554: Type Confusion in ANGLE. Reported by Google. - CVE-2026-8555: Use after free in GTK. Reported by Google. - CVE-2026-8556: Inappropriate implementation in ANGLE. Reported by Google - CVE-2026-8557: Use after free in Accessibility. Reported by Google. - CVE-2026-8559: Integer overflow in Internationalization. Reported by Google. - CVE-2026-8560: Heap buffer overflow in SwiftShader. Reported by Cassidy Kim(@cassidy6564). - CVE-2026-8561: Incorrect security UI in Fullscreen. Reported by Wolfgang Ettlinger (aff. Certitude Consulting GmbH) Alexander Hurbean (aff. Certitude Consulting GmbH). - CVE-2026-8562: Side-channel information leakage in Navigation. Reported by Google. - CVE-2026-8563: Insufficient policy enforcement in IFrame Sandbox. Reported by Luan Herrera (@lbherrera_). - CVE-2026-8564: Incorrect security UI in Downloads. Reported by Alesandro Ortiz https://AlesandroOrtiz.com. - CVE-2026-8565: Inappropriate implementation in Downloads. Reported by Farras Givari. - CVE-2026-8566: Insufficient policy enforcement in Payments. Reported by Jorian Woltjer. - CVE-2026-8567: Integer overflow in ANGLE. Reported by cinzinga. - CVE-2026-8568: Insufficient policy enforcement in AI. Reported by Tianyi Hu. - CVE-2026-8569: Out of bounds write in Codecs. Reported by Google. - CVE-2026-8570: Type Confusion in V8. Reported by Google. - CVE-2026-8571: Insufficient policy enforcement in GPU. Reported by Mark Blaszczyk. - CVE-2026-8572: Insufficient policy enforcement in Network. Reported by Google. - CVE-2026-8573: Integer overflow in Codecs. Reported by Google. - CVE-2026-8574: Use after free in Core. Reported by Google. - CVE-2026-8575: Use after free in UI. Reported by Google. - CVE-2026-8576: Inappropriate implementation in CORS. Reported by Google - CVE-2026-8577: Integer overflow in Fonts. Reported by Google. - CVE-2026-8578: Out of bounds read in GPU. Reported by Google. - CVE-2026-8579: Insufficient validation of untrusted input in Skia. Reported by Google. - CVE-2026-8580: Use after free in Mojo. Reported by Google. - CVE-2026-8581: Use after free in GPU. Reported by Google. - CVE-2026-8582: Object lifecycle issue in Dawn. Reported by Google. - CVE-2026-8583: Insufficient policy enforcement in WebXR. Reported by Google. - CVE-2026-8584: Inappropriate implementation in Views. Reported by Google - CVE-2026-8585: Inappropriate implementation in Media. Reported by Google - CVE-2026-8586: Inappropriate implementation in Chromoting. Reported by Google. - CVE-2026-8587: Use after free in Extensions. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab. * rust-1.85/file_as_c_str.patch: fix build on non-x86 archs, as char* signed-ness is apparently different there versus arm & ppc64 [trixie, bookworm]. Checksums-Sha1: 7cd9c421dd1cc602089723235a1d10aee166663d 6477824 chromium-common-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb c799bf53672fb179cf012bf4fba2ee117927425b 30405768 chromium-common_148.0.7778.167-1~deb12u1_arm64.deb 7a821edc3c5f4850c9bf6247403f426af354f2f8 37736240 chromium-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb 3623f36ac7d9d02c91b8b2cf5eb2f7ecedc54a6e 6762792 chromium-driver_148.0.7778.167-1~deb12u1_arm64.deb 508a393c6b82422b4c680a39fd6ccf2f681e757a 30644780 chromium-headless-shell-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb fecd22837ede4a04e580e7b79f68528e9db86778 50999852 chromium-headless-shell_148.0.7778.167-1~deb12u1_arm64.deb b6f6adc4963d5de55b3322913d4d687ba2a8a215 20252 chromium-sandbox-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb fd4ab48772418eaecd45be93c670dab63e1f7c1b 120664 chromium-sandbox_148.0.7778.167-1~deb12u1_arm64.deb 496107fd0e2bb7b80f7f1034900faa16cc9f26ac 32996676 chromium-shell-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb 0dc35a413c1c51c171e62241b1c1260d6ae772d5 55900964 chromium-shell_148.0.7778.167-1~deb12u1_arm64.deb 935a2a598d27e7d2c081a6227a40626620fc3fb9 30429 chromium_148.0.7778.167-1~deb12u1_arm64-buildd.buildinfo 27b3328ef29921ec95a79ae5874b6d7a16506cea 65375640 chromium_148.0.7778.167-1~deb12u1_arm64.deb Checksums-Sha256: 7d976ceed5d4652e740938f452d4633833cf859ab111ec623f0e53db03af6495 6477824 chromium-common-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb c76220318d90ee0fd39eb7b22d3c6ca56cc8cc73d930e311f8bc83e38a647b6c 30405768 chromium-common_148.0.7778.167-1~deb12u1_arm64.deb 4f7a73ca7de898d264f8dd257342a034b98d7cd3eb573a84f94172bfba04d0e4 37736240 chromium-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb f85ddaaafc4edd82874f675ec0baa5823c0230c23eb09c755ac61aee1b8bb7cf 6762792 chromium-driver_148.0.7778.167-1~deb12u1_arm64.deb 97878e97e5ad558631270f0efb1182ae0ffb74c47b12fc54259a69bb3c719f97 30644780 chromium-headless-shell-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb 8b62b087b9e6194bf19dc12ec75a90609619137023a9ee50b596057e6bcdd70c 50999852 chromium-headless-shell_148.0.7778.167-1~deb12u1_arm64.deb 86368ab735b014e2f3dbf66c5d9ff08f8cfcbe15f28cb2274c18cdf0db072654 20252 chromium-sandbox-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb d8d81d4d9f38d0a71e205e782f1eea8baacf2e5e936c3fc359ca981b3e7bf1d9 120664 chromium-sandbox_148.0.7778.167-1~deb12u1_arm64.deb 06404c03f0db0c50923c28219fcf9f7219d101634c5f498ca2aead3204bdeec5 32996676 chromium-shell-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb a7bdf00b13cc8f47b9d5932bacbbe98114d3100d4058e085338e7af789d9f88c 55900964 chromium-shell_148.0.7778.167-1~deb12u1_arm64.deb 8dcf4f43ef85a7650155082ea31691de8f03d45a8949fae00b95327351da0fee 30429 chromium_148.0.7778.167-1~deb12u1_arm64-buildd.buildinfo 848587812735166d397e67a87b0f289126ea649e07c2f3e3dcc64fa2485c3fec 65375640 chromium_148.0.7778.167-1~deb12u1_arm64.deb Files: 2fd6916e79849bd0fe0c0f79fa445a17 6477824 debug optional chromium-common-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb 5dae3cbc72eb499d6cd7b4289b0b38e1 30405768 web optional chromium-common_148.0.7778.167-1~deb12u1_arm64.deb eed2ccacbb7a04f2f094f671cd9650de 37736240 debug optional chromium-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb 3c0b7298314dee2be039b855f3e9512e 6762792 web optional chromium-driver_148.0.7778.167-1~deb12u1_arm64.deb c9960837d926028107ced4632f662c73 30644780 debug optional chromium-headless-shell-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb 35f87063424882689b7d3485e899bd95 50999852 web optional chromium-headless-shell_148.0.7778.167-1~deb12u1_arm64.deb 4a7d78dfd656605fe570e2bd6cf4c6c1 20252 debug optional chromium-sandbox-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb 3a50d5f3f3bcc46d966ddd7e3f47b40d 120664 web optional chromium-sandbox_148.0.7778.167-1~deb12u1_arm64.deb 98522189ac0dd1d6b0dba00c14e79c4f 32996676 debug optional chromium-shell-dbgsym_148.0.7778.167-1~deb12u1_arm64.deb 15d26da424e1cb54e83d8242603e482a 55900964 web optional chromium-shell_148.0.7778.167-1~deb12u1_arm64.deb 3aeb79d286e41b570593eb6a774465f6 30429 web optional chromium_148.0.7778.167-1~deb12u1_arm64-buildd.buildinfo e5f9c149928edbae6fe1f4d3b908b1dd 65375640 web optional chromium_148.0.7778.167-1~deb12u1_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7rv+l3KtZdQea77lnwznazfjXToFAmoHFmYACgkQnwznazfj XTrhtxAAlUf/IKJXi+Dp+OqeQCfJY8jJbePfRRM5GvNlI9QIzCzKujr/rx0SAEo+ rfYtDsQ5QNqKf8g4VBRDmnO3lBnnLK//7oSzY2Crc5HjQN4mb9aph4wgqONOOnht i5WoUiTYM+af/a4yUCrgfEdqcEldcDCdBNaGPTBQTB0pAQQfGGnd2JVXi4tyPfa4 wXRK4UtZsV2kk8QOOSmCO0X9aVIY9j6/kOYNDkmCXheHU910ONSS4zzm6V9kBZ9c bsH1iohfCYJPpI4f482imqYD9CpdZ4frXU7i1ZK4RebH36wAYzb7DqPQbsctAQH4 fPzmyX8Qh5lb6z1BOLrmdsWCZL4n35or4vL2MWw30oR89hSKIyeOTxTvhd29NdyY FRcKzm9cHeX78EGDQ53B44C43wBSizjcCkvJ5c0fQuMnFaPmXqVwXQG3GIXwIbAg TYlGLhnslFVDVu1s1XmUP8lcYSxgZlSsNXlXIueVTz0vilxaLDoUnHNWVtDL8hWf pcLvQjEUaQYjOtgCBcCW9wJleXQm2u6O5IeET2jPjbEgDfbqkzSXqPxIlSjVsmxZ 77y+F8G1Ge0hE3pCsCCRaC7uFab1CI5T3dQ7QqQ40/LAG/aXDunewjPEzd3OxnaP 79f5Znv6ITEpBEcJcJyqY2NB6ZwK96kP/mzkdP+HxUMLCNHqdjY= =pM4O -----END PGP SIGNATURE-----