-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 14 May 2026 16:39:29 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: arm64
Version: 148.0.7778.167-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: arm64 Build Daemon (arm-conova-03) <buildd_arm64-arm-conova-03@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (148.0.7778.167-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-8509: Heap buffer overflow in WebML.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-8510: Integer overflow in Skia. Reported by q@calif.io.
     - CVE-2026-8511: Use after free in UI. Reported by Google.
     - CVE-2026-8512: Use after free in FileSystem. Reported by Google.
     - CVE-2026-8513: Use after free in Input. Reported by Google.
     - CVE-2026-8514: Use after free in Aura. Reported by Google.
     - CVE-2026-8515: Use after free in HID. Reported by Google.
     - CVE-2026-8516: Insufficient validation of untrusted input in
       DataTransfer. Reported by Google.
     - CVE-2026-8517: Object lifecycle issue in WebShare. Reported by Google.
     - CVE-2026-8518: Use after free in Blink. Reported by Google.
     - CVE-2026-8519: Integer overflow in ANGLE. Reported by Google.
     - CVE-2026-8520: Race in Payments. Reported by Google.
     - CVE-2026-8521: Use after free in Tab Groups. Reported by Google.
     - CVE-2026-8522: Use after free in Downloads. Reported by Google.
     - CVE-2026-8523: Use after free in Mojo.
       Reported by Paul Seekamp / nullenc0de.
     - CVE-2026-8558: Out of bounds write in Fonts. Reported by Matej Smycka.
     - CVE-2026-8524: Out of bounds write in WebAudio.
       Reported by Brendan Dolan-Gavitt, XBOW.
     - CVE-2026-8525: Heap buffer overflow in ANGLE.
       Reported by Nathaniel Oh (@calysteon).
     - CVE-2026-8526: Out of bounds write in WebRTC.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-8527: Insufficient validation of untrusted input in Downloads.
       Reported by rachmat.abdul.ro.
     - CVE-2026-8528: Insufficient validation of untrusted input in
       SiteIsolation. Reported by Google.
     - CVE-2026-8529: Heap buffer overflow in Codecs. Reported by Google.
     - CVE-2026-8530: Use after free in Network. Reported by Google.
     - CVE-2026-8531: Heap buffer overflow in WebML. Reported by Syn4pse.
     - CVE-2026-8532: Integer overflow in XML. Reported by Google.
     - CVE-2026-8533: Use after free in Accessibility. Reported by Google.
     - CVE-2026-8534: Integer overflow in GPU. Reported by Google.
     - CVE-2026-8535: Out of bounds read in Media. Reported by Google.
     - CVE-2026-8536: Insufficient validation of untrusted input in
       ReadingMode. Reported by Google.
     - CVE-2026-8537: Insufficient policy enforcement in ViewTransitions.
       Reported by Google.
     - CVE-2026-8538: Insufficient validation of untrusted input in GPU.
       Reported by Google.
     - CVE-2026-8539: Script injection in SanitizerAPI.
       Reported by Jungwoo Lee (@physicube) and Wongi Lee (@_qwerty_po).
     - CVE-2026-8540: Type Confusion in V8. Reported by Google.
     - CVE-2026-8541: Out of bounds read in UI. Reported by Google.
     - CVE-2026-8542: Use after free in Core. Reported by Google.
     - CVE-2026-8543: Out of bounds read in FileSystem. Reported by Google.
     - CVE-2026-8544: Use after free in Media. Reported by Google.
     - CVE-2026-8545: Object corruption in Compositing. Reported by Google.
     - CVE-2026-8546: Out of bounds read in GPU. Reported by Google.
     - CVE-2026-8547: Insufficient policy enforcement in Passwords.
       Reported by Google.
     - CVE-2026-8548: Out of bounds write in Media. Reported by Google.
     - CVE-2026-8549: Use after free in Media. Reported by Google.
     - CVE-2026-8550: Use after free in Google Lens. Reported by Google.
     - CVE-2026-8551: Use after free in Downloads. Reported by Google.
     - CVE-2026-8552: Heap buffer overflow in GPU. Reported by Google.
     - CVE-2026-8553: Use after free in GPU. Reported by Google.
     - CVE-2026-8554: Type Confusion in ANGLE. Reported by Google.
     - CVE-2026-8555: Use after free in GTK. Reported by Google.
     - CVE-2026-8556: Inappropriate implementation in ANGLE. Reported by Google
     - CVE-2026-8557: Use after free in Accessibility. Reported by Google.
     - CVE-2026-8559: Integer overflow in Internationalization.
       Reported by Google.
     - CVE-2026-8560: Heap buffer overflow in SwiftShader.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2026-8561: Incorrect security UI in Fullscreen. Reported by
       Wolfgang Ettlinger (aff. Certitude Consulting GmbH) Alexander Hurbean
       (aff. Certitude Consulting GmbH).
     - CVE-2026-8562: Side-channel information leakage in Navigation.
       Reported by Google.
     - CVE-2026-8563: Insufficient policy enforcement in IFrame Sandbox.
       Reported by Luan Herrera (@lbherrera_).
     - CVE-2026-8564: Incorrect security UI in Downloads.
       Reported by Alesandro Ortiz https://AlesandroOrtiz.com.
     - CVE-2026-8565: Inappropriate implementation in Downloads.
       Reported by Farras Givari.
     - CVE-2026-8566: Insufficient policy enforcement in Payments.
       Reported by Jorian Woltjer.
     - CVE-2026-8567: Integer overflow in ANGLE. Reported by cinzinga.
     - CVE-2026-8568: Insufficient policy enforcement in AI.
       Reported by Tianyi Hu.
     - CVE-2026-8569: Out of bounds write in Codecs. Reported by Google.
     - CVE-2026-8570: Type Confusion in V8. Reported by Google.
     - CVE-2026-8571: Insufficient policy enforcement in GPU.
       Reported by Mark Blaszczyk.
     - CVE-2026-8572: Insufficient policy enforcement in Network.
       Reported by Google.
     - CVE-2026-8573: Integer overflow in Codecs. Reported by Google.
     - CVE-2026-8574: Use after free in Core. Reported by Google.
     - CVE-2026-8575: Use after free in UI. Reported by Google.
     - CVE-2026-8576: Inappropriate implementation in CORS. Reported by Google
     - CVE-2026-8577: Integer overflow in Fonts. Reported by Google.
     - CVE-2026-8578: Out of bounds read in GPU. Reported by Google.
     - CVE-2026-8579: Insufficient validation of untrusted input in Skia.
       Reported by Google.
     - CVE-2026-8580: Use after free in Mojo. Reported by Google.
     - CVE-2026-8581: Use after free in GPU. Reported by Google.
     - CVE-2026-8582: Object lifecycle issue in Dawn. Reported by Google.
     - CVE-2026-8583: Insufficient policy enforcement in WebXR.
       Reported by Google.
     - CVE-2026-8584: Inappropriate implementation in Views. Reported by Google
     - CVE-2026-8585: Inappropriate implementation in Media. Reported by Google
     - CVE-2026-8586: Inappropriate implementation in Chromoting.
       Reported by Google.
     - CVE-2026-8587: Use after free in Extensions.
       Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab.
   * rust-1.85/file_as_c_str.patch: fix build on non-x86 archs, as char*
     signed-ness is apparently different there versus arm & ppc64 [trixie,
     bookworm].
Checksums-Sha1:
 aa734a1be8119ac53a98581bffb943c1a34d7e15 6135500 chromium-common-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 19e97c6861199a4b48a28ab24545b9280d306495 30260840 chromium-common_148.0.7778.167-1~deb13u1_arm64.deb
 e906eda6e894e5fff0a98db766e5419ffd84b3ff 34709316 chromium-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 10767e6458796d5559cdf8605108a4be545efc85 6669176 chromium-driver_148.0.7778.167-1~deb13u1_arm64.deb
 37150424d703798cdc012b3f287b18635930ac5b 28976684 chromium-headless-shell-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 398a7a6f8888b3c1d1efa6024ad15d7dd04a30a4 54866300 chromium-headless-shell_148.0.7778.167-1~deb13u1_arm64.deb
 0da88eeef832f0ce7a089ce8b8b7eee06f09ed49 21088 chromium-sandbox-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 4b11204183cb93b0e9688a400897331e6e3a5bd4 118668 chromium-sandbox_148.0.7778.167-1~deb13u1_arm64.deb
 16c62e6f7cd468b058fe3f280889fb7735a55ee3 30412748 chromium-shell-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 1d52d03a5554793b0d65572bc0180c31988a49cc 54692548 chromium-shell_148.0.7778.167-1~deb13u1_arm64.deb
 c7f5777e6dcfb7dc85abc2d01f9dbc95cae7dd57 30518 chromium_148.0.7778.167-1~deb13u1_arm64-buildd.buildinfo
 8594a3dc6398a03f1d3fd9af63b83babca72fe80 73453784 chromium_148.0.7778.167-1~deb13u1_arm64.deb
Checksums-Sha256:
 de8973c4ad8f583e29f8f159aff7844caf588f92da36a03654c6f7464a346cbe 6135500 chromium-common-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 d879f57c64e306e5bce2438ec4b99ee094c74e59446782105d94434138ce7e27 30260840 chromium-common_148.0.7778.167-1~deb13u1_arm64.deb
 94e24d718e1a3fc0afb5c04a044be464e69ca6b636275715537f7f703ae1be7a 34709316 chromium-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 4d51b592327736ea92604b85924060565af834e650a1f3e330479a9ff351eb20 6669176 chromium-driver_148.0.7778.167-1~deb13u1_arm64.deb
 056c8f764fe2170fd521dca6239d9e8dafb40446e57ce291f83fcb5c35377fed 28976684 chromium-headless-shell-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 b8ae5eb6d3db7e38ce61e478dca058270917b121aed3f334588be486a25ba32a 54866300 chromium-headless-shell_148.0.7778.167-1~deb13u1_arm64.deb
 4aeec3ce87377e5d0bdbe61bc3604832ccee6eff5d3b4ff2de28acc5c8b018af 21088 chromium-sandbox-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 f4bbf96841c3a56758bf7ad74bfe31ea60a6eaf281ccb1ebb57f6f3e55daba27 118668 chromium-sandbox_148.0.7778.167-1~deb13u1_arm64.deb
 c181ff8b498d18783e2d121622803e8edc4c2808ced3215b562b14d82c098c48 30412748 chromium-shell-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 3fc22c01a10aae81d5bb726144f890da8aefe734272c34c25b50d2e97637a172 54692548 chromium-shell_148.0.7778.167-1~deb13u1_arm64.deb
 18dba67a9ab168d0d43a7f54521c9df18ca85d8eb6b45c0b182045fed0895b2b 30518 chromium_148.0.7778.167-1~deb13u1_arm64-buildd.buildinfo
 5a958efb64b2335a2fe842053c5b07f59d28c79f763a460986f0f7c384d5c42d 73453784 chromium_148.0.7778.167-1~deb13u1_arm64.deb
Files:
 f0036934119888ceb7c1e84657693e81 6135500 debug optional chromium-common-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 e6ca999b79d1959a5fcf3db66e42c248 30260840 web optional chromium-common_148.0.7778.167-1~deb13u1_arm64.deb
 01a51a2f815293a83e08e274f90cb31f 34709316 debug optional chromium-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 a781bf7d6a45ac138472f411bc04794e 6669176 web optional chromium-driver_148.0.7778.167-1~deb13u1_arm64.deb
 eaaf6c2edc7e641db08cd66492bb701c 28976684 debug optional chromium-headless-shell-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 0728839c46ba81ecf3bb7965f9f6fd84 54866300 web optional chromium-headless-shell_148.0.7778.167-1~deb13u1_arm64.deb
 6ddddd607b8758c2b35664b172834e6f 21088 debug optional chromium-sandbox-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 1a794a6f23fea34e24613ab5abeca277 118668 web optional chromium-sandbox_148.0.7778.167-1~deb13u1_arm64.deb
 fac4a9f4100ebf38d5adfc45b33e7fbb 30412748 debug optional chromium-shell-dbgsym_148.0.7778.167-1~deb13u1_arm64.deb
 3003492be9087a91145af30c03e98908 54692548 web optional chromium-shell_148.0.7778.167-1~deb13u1_arm64.deb
 fa446af5919a03b4d38ba79acd40c788 30518 web optional chromium_148.0.7778.167-1~deb13u1_arm64-buildd.buildinfo
 975eb81da0601258525382127aae4aff 73453784 web optional chromium_148.0.7778.167-1~deb13u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEElFiH1oZRZh1t4FSiXVp1sEH/1mIFAmoHEMcACgkQXVp1sEH/
1mKU+g//XW09gnZo4082Z9yBEUTtCo+Q0beTYnBF17SOCd+8Hj4zUYjCyIAjENgx
tzyqQeeJnJFKHxe5lq+cK8/x8JGyXP7aJRzRGIttsBnq1MO2I4F14/ZiM2VA1uYl
KxkOUA310bVR9CqKKMkAGmdCl57JTeytD+1bYogsTD66zkvEW11f3HLvDTjF8ZnF
ctAOaMr/+g6UV11tKDCqGwKeGxJkAF2TrjyzYaV4V4s6kJDIkXOsF53OAzvPg9+2
x51hB0QPZYYYirj9eYqsCYo/IvKJFV15H9a+d66kajDCErbFmOxUMmXc1fv17KRm
fstQ3MepDX9ZOwIOHGBRohTtW7u7s9m8VGMHT/vy+72yPbpM9wsctQYBjYuf4hVQ
BMSDGSM9/9F5Vav8NGuEAVwJCwEoQkmiF+Fp2S3RsILl5uKZH64kPTLU2eNV48v1
Fh++45ZHUwTZaN8PliaORIyAVAjXZHW+WLiD8PF44tmTgl+GC2m+MXnWTDf1Zi/D
OX4dh8xmlk4FIbVVvVnGCFeVQv7MMvMaA/FF3mDAmeDNVZ/AnEvamzKr++4yfIVH
CUNuXYvydP8hTkm5q+CZrTL2PjJvlN5/Z2brdnfQg5yQJ0KGMg5DXbWYP2PUDsut
ivmtEydIFf954+evFnWkxbRybSE7cFsrCZHK6FNUBWnq/MN2cPE=
=WFca
-----END PGP SIGNATURE-----
