-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 14 May 2026 16:39:29 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: i386 Version: 148.0.7778.167-1~deb13u1 Distribution: trixie-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-csail-01) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-headless-shell - web browser - old headless shell chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (148.0.7778.167-1~deb13u1) trixie-security; urgency=high . [ Andres Salomon ] * New upstream security release. - CVE-2026-8509: Heap buffer overflow in WebML. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-8510: Integer overflow in Skia. Reported by q@calif.io. - CVE-2026-8511: Use after free in UI. Reported by Google. - CVE-2026-8512: Use after free in FileSystem. Reported by Google. - CVE-2026-8513: Use after free in Input. Reported by Google. - CVE-2026-8514: Use after free in Aura. Reported by Google. - CVE-2026-8515: Use after free in HID. Reported by Google. - CVE-2026-8516: Insufficient validation of untrusted input in DataTransfer. Reported by Google. - CVE-2026-8517: Object lifecycle issue in WebShare. Reported by Google. - CVE-2026-8518: Use after free in Blink. Reported by Google. - CVE-2026-8519: Integer overflow in ANGLE. Reported by Google. - CVE-2026-8520: Race in Payments. Reported by Google. - CVE-2026-8521: Use after free in Tab Groups. Reported by Google. - CVE-2026-8522: Use after free in Downloads. Reported by Google. - CVE-2026-8523: Use after free in Mojo. Reported by Paul Seekamp / nullenc0de. - CVE-2026-8558: Out of bounds write in Fonts. Reported by Matej Smycka. - CVE-2026-8524: Out of bounds write in WebAudio. Reported by Brendan Dolan-Gavitt, XBOW. - CVE-2026-8525: Heap buffer overflow in ANGLE. Reported by Nathaniel Oh (@calysteon). - CVE-2026-8526: Out of bounds write in WebRTC. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-8527: Insufficient validation of untrusted input in Downloads. Reported by rachmat.abdul.ro. - CVE-2026-8528: Insufficient validation of untrusted input in SiteIsolation. Reported by Google. - CVE-2026-8529: Heap buffer overflow in Codecs. Reported by Google. - CVE-2026-8530: Use after free in Network. Reported by Google. - CVE-2026-8531: Heap buffer overflow in WebML. Reported by Syn4pse. - CVE-2026-8532: Integer overflow in XML. Reported by Google. - CVE-2026-8533: Use after free in Accessibility. Reported by Google. - CVE-2026-8534: Integer overflow in GPU. Reported by Google. - CVE-2026-8535: Out of bounds read in Media. Reported by Google. - CVE-2026-8536: Insufficient validation of untrusted input in ReadingMode. Reported by Google. - CVE-2026-8537: Insufficient policy enforcement in ViewTransitions. Reported by Google. - CVE-2026-8538: Insufficient validation of untrusted input in GPU. Reported by Google. - CVE-2026-8539: Script injection in SanitizerAPI. Reported by Jungwoo Lee (@physicube) and Wongi Lee (@_qwerty_po). - CVE-2026-8540: Type Confusion in V8. Reported by Google. - CVE-2026-8541: Out of bounds read in UI. Reported by Google. - CVE-2026-8542: Use after free in Core. Reported by Google. - CVE-2026-8543: Out of bounds read in FileSystem. Reported by Google. - CVE-2026-8544: Use after free in Media. Reported by Google. - CVE-2026-8545: Object corruption in Compositing. Reported by Google. - CVE-2026-8546: Out of bounds read in GPU. Reported by Google. - CVE-2026-8547: Insufficient policy enforcement in Passwords. Reported by Google. - CVE-2026-8548: Out of bounds write in Media. Reported by Google. - CVE-2026-8549: Use after free in Media. Reported by Google. - CVE-2026-8550: Use after free in Google Lens. Reported by Google. - CVE-2026-8551: Use after free in Downloads. Reported by Google. - CVE-2026-8552: Heap buffer overflow in GPU. Reported by Google. - CVE-2026-8553: Use after free in GPU. Reported by Google. - CVE-2026-8554: Type Confusion in ANGLE. Reported by Google. - CVE-2026-8555: Use after free in GTK. Reported by Google. - CVE-2026-8556: Inappropriate implementation in ANGLE. Reported by Google - CVE-2026-8557: Use after free in Accessibility. Reported by Google. - CVE-2026-8559: Integer overflow in Internationalization. Reported by Google. - CVE-2026-8560: Heap buffer overflow in SwiftShader. Reported by Cassidy Kim(@cassidy6564). - CVE-2026-8561: Incorrect security UI in Fullscreen. Reported by Wolfgang Ettlinger (aff. Certitude Consulting GmbH) Alexander Hurbean (aff. Certitude Consulting GmbH). - CVE-2026-8562: Side-channel information leakage in Navigation. Reported by Google. - CVE-2026-8563: Insufficient policy enforcement in IFrame Sandbox. Reported by Luan Herrera (@lbherrera_). - CVE-2026-8564: Incorrect security UI in Downloads. Reported by Alesandro Ortiz https://AlesandroOrtiz.com. - CVE-2026-8565: Inappropriate implementation in Downloads. Reported by Farras Givari. - CVE-2026-8566: Insufficient policy enforcement in Payments. Reported by Jorian Woltjer. - CVE-2026-8567: Integer overflow in ANGLE. Reported by cinzinga. - CVE-2026-8568: Insufficient policy enforcement in AI. Reported by Tianyi Hu. - CVE-2026-8569: Out of bounds write in Codecs. Reported by Google. - CVE-2026-8570: Type Confusion in V8. Reported by Google. - CVE-2026-8571: Insufficient policy enforcement in GPU. Reported by Mark Blaszczyk. - CVE-2026-8572: Insufficient policy enforcement in Network. Reported by Google. - CVE-2026-8573: Integer overflow in Codecs. Reported by Google. - CVE-2026-8574: Use after free in Core. Reported by Google. - CVE-2026-8575: Use after free in UI. Reported by Google. - CVE-2026-8576: Inappropriate implementation in CORS. Reported by Google - CVE-2026-8577: Integer overflow in Fonts. Reported by Google. - CVE-2026-8578: Out of bounds read in GPU. Reported by Google. - CVE-2026-8579: Insufficient validation of untrusted input in Skia. Reported by Google. - CVE-2026-8580: Use after free in Mojo. Reported by Google. - CVE-2026-8581: Use after free in GPU. Reported by Google. - CVE-2026-8582: Object lifecycle issue in Dawn. Reported by Google. - CVE-2026-8583: Insufficient policy enforcement in WebXR. Reported by Google. - CVE-2026-8584: Inappropriate implementation in Views. Reported by Google - CVE-2026-8585: Inappropriate implementation in Media. Reported by Google - CVE-2026-8586: Inappropriate implementation in Chromoting. Reported by Google. - CVE-2026-8587: Use after free in Extensions. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab. * rust-1.85/file_as_c_str.patch: fix build on non-x86 archs, as char* signed-ness is apparently different there versus arm & ppc64 [trixie, bookworm]. Checksums-Sha1: 34e3a07a43f6cbbc504b3a30a8b2e1861e17548b 5334784 chromium-common-dbgsym_148.0.7778.167-1~deb13u1_i386.deb 54d3d97c82d4122382af9fec08f18d3988d8ad5f 25685852 chromium-common_148.0.7778.167-1~deb13u1_i386.deb 7f2bb87e4459ca6efd0850b133deb9b109c48870 36144480 chromium-dbgsym_148.0.7778.167-1~deb13u1_i386.deb 82f368c7621715f4fb169f5da7462f2ca8c7f8f0 7933592 chromium-driver_148.0.7778.167-1~deb13u1_i386.deb cce2a519a7dc51904c0f25cccdf129db7fc4c269 29781804 chromium-headless-shell-dbgsym_148.0.7778.167-1~deb13u1_i386.deb 4106b1db9a75d871864f612f663c05e9c8adf9a4 59231460 chromium-headless-shell_148.0.7778.167-1~deb13u1_i386.deb 7da752ff6807976819237b5ba6ea0419efe00d0a 18984 chromium-sandbox-dbgsym_148.0.7778.167-1~deb13u1_i386.deb 1ce39268c0623140464a1cd1a03c6b24f173a433 117732 chromium-sandbox_148.0.7778.167-1~deb13u1_i386.deb 2992aef1fd29d455ed8674a3d6ee690bac6d41d7 32617180 chromium-shell-dbgsym_148.0.7778.167-1~deb13u1_i386.deb bd11b32156a9c825456ed3933ea4585b7f47f547 64899948 chromium-shell_148.0.7778.167-1~deb13u1_i386.deb a092940441841047482a08efb4d0d9db58697135 30471 chromium_148.0.7778.167-1~deb13u1_i386-buildd.buildinfo de943ac88a36891840a4f0021a75578df5514886 77594364 chromium_148.0.7778.167-1~deb13u1_i386.deb Checksums-Sha256: 100cc11e7b15e8984aeaf8531ca17a238c7b21c0f6b44d0a516ad43724250a79 5334784 chromium-common-dbgsym_148.0.7778.167-1~deb13u1_i386.deb 7afc34b840b3b2588a1dca061ce6bf4e17beb004ed41bd761a700de167675bdc 25685852 chromium-common_148.0.7778.167-1~deb13u1_i386.deb 7d4d85dc126e3d503821968a11d05c38fe1a7d3c3e1e37c5347756916920e424 36144480 chromium-dbgsym_148.0.7778.167-1~deb13u1_i386.deb 811582a2d90b2191ce620943caea9cba179f08212abf6709ac0aadd231b347ab 7933592 chromium-driver_148.0.7778.167-1~deb13u1_i386.deb d3c1e63be13b774c0e9feb19c015e449043349344ca9c5dc20d4d9449dbb14c9 29781804 chromium-headless-shell-dbgsym_148.0.7778.167-1~deb13u1_i386.deb f5f987cb8615b16314138c912d88cfa13f6910033542167cee832dab3ec476a9 59231460 chromium-headless-shell_148.0.7778.167-1~deb13u1_i386.deb ebfd2042ea2576a568d1580848f037ea8bcc8a40f5f3f1b8368df07c0dc0ec7f 18984 chromium-sandbox-dbgsym_148.0.7778.167-1~deb13u1_i386.deb 99cec7c478b4742621b491d780d21c58f6b93ee5433b19b222f25758ebed7022 117732 chromium-sandbox_148.0.7778.167-1~deb13u1_i386.deb 1bfd935394724681d06b83081aa9bac5b5224f9ddfa88bba044e08270a8a87ce 32617180 chromium-shell-dbgsym_148.0.7778.167-1~deb13u1_i386.deb e162a99206e4b599456e0afaeec8914f3be16177d795f646a5482bbfa5a863b1 64899948 chromium-shell_148.0.7778.167-1~deb13u1_i386.deb f32dfc1ae5de0d7f17b4bf5e5bd8dc631c44fcf6b95c626dc3ebe9940aeabc20 30471 chromium_148.0.7778.167-1~deb13u1_i386-buildd.buildinfo b0d941ee33dd86f13d7387e30bb3ac4405213a54c24e7a34b5c4c3e47bd79210 77594364 chromium_148.0.7778.167-1~deb13u1_i386.deb Files: 8490bbda0487eca99478f89743301f3e 5334784 debug optional chromium-common-dbgsym_148.0.7778.167-1~deb13u1_i386.deb 7f382fda5b268128216d76e436f09185 25685852 web optional chromium-common_148.0.7778.167-1~deb13u1_i386.deb 4d8055796d489d4ac166569ffd31e938 36144480 debug optional chromium-dbgsym_148.0.7778.167-1~deb13u1_i386.deb 0bd45f4e87fb55c9eff5add08c868f8b 7933592 web optional chromium-driver_148.0.7778.167-1~deb13u1_i386.deb a8fcd655d9cce1e90484d43a3f37add7 29781804 debug optional chromium-headless-shell-dbgsym_148.0.7778.167-1~deb13u1_i386.deb 187d3ff3be022c95c4724d2320d412ad 59231460 web optional chromium-headless-shell_148.0.7778.167-1~deb13u1_i386.deb 219376d159aecc64b91fdd91d3ab4236 18984 debug optional chromium-sandbox-dbgsym_148.0.7778.167-1~deb13u1_i386.deb 5cba2f0842ca9adcc7f8a83efca30bba 117732 web optional chromium-sandbox_148.0.7778.167-1~deb13u1_i386.deb 87074bd40e08aecf4eb66b86508b485d 32617180 debug optional chromium-shell-dbgsym_148.0.7778.167-1~deb13u1_i386.deb 744f6b482b065ce94d9ba73f53117263 64899948 web optional chromium-shell_148.0.7778.167-1~deb13u1_i386.deb eea42338f9ee9510152eab103c01f542 30471 web optional chromium_148.0.7778.167-1~deb13u1_i386-buildd.buildinfo 3419b1f5e9f072b07aa9c99420d68a8e 77594364 web optional chromium_148.0.7778.167-1~deb13u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEBDWXQb2umOtH4DRpYg9P9sm2dfEFAmoHGKkACgkQYg9P9sm2 dfH9oQ/6AjULzhJ9m6Z6lAdba6BS64QEegulzfMaCABLpGla7xqzf1NZZDflY701 PYxT58izHRB2blNo5PfEWHafezgABaF4QFBGR838cCCAzui5ws8zJSaqb7Yk+xcN xWu37aNPRpBGhiMQPj8LhRN/qcMVXmBehA2aaHjfI6NEAAB+4iKc9TRvmVcVzeKE elQE5cCj4rQBrnV0uAkTKvpMOtkS6xTRN/LVzGtGHUwO/qV3mlq2C///M3YeOhFP lvkRmieWLKWnrI1U/E6A4BbHwQq+mxpf0TBXh8OO6kmGj7a491K3OAywPwdQMtl1 AALk1mdYnm4DrvEH9dGNUjAaPsUpCVP649v+PribW+zfha3vYc1bWkVhDS7OqHAy 5DnXql7L7qYBRgGYuxmFhMuNLbeMaEgd+qh3uTzQwQq9heCdxR8eI3CcYjSZAPts Re5BV6DqV+D0bQxg2pKlriMinGBXGD51CQ2sQo40LzJRiycIjRWLZHBSK4TYxi6E Pbtave5jo5Qq7Or3eMgJMZlvKWm9VOvWPbL9kccIngS8+lpmHgCSboHZuZdWgTBa ToklWHvM9rrumJ9r5LNet118odgd9hQH2KkbqZQ0ZpOjThAL5AbpLTws2T9jECug oVyomfsA8Fupl0byCzCIiIiUT3YuA/UkBm+P898PdtXibA0WhVc= =tp63 -----END PGP SIGNATURE-----