-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 29 May 2026 11:48:56 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: i386 Version: 148.0.7778.215-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: i386 Build Daemon (x86-grnet-01) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-headless-shell - web browser - old headless shell chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (148.0.7778.215-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream security release. - CVE-2026-9872: Out of bounds write in GPU. Reported by cinzinga. - CVE-2026-9873: Use after free in Network. Reported by cinzinga. - CVE-2026-9874: Use after free in Dawn. Reported by Anonymous. - CVE-2026-9875: Out of bounds read in WebGL. Reported by Anonymous. - CVE-2026-9876: Use after free in WebGL. Reported by happy2me. - CVE-2026-9877: Use after free in ANGLE. Reported by Google. - CVE-2026-9878: Use after free in ANGLE. Reported by Google. - CVE-2026-9879: Out of bounds write in ANGLE. Reported by Google. - CVE-2026-9880: Insufficient validation of untrusted input in WebGL. Reported by Google. - CVE-2026-9881: Use after free in Bluetooth. Reported by Google. - CVE-2026-9882: Integer overflow in ANGLE. Reported by Google. - CVE-2026-9883: Use after free in Base. Reported by Google. - CVE-2026-9884: Use after free in Browser. Reported by Google. - CVE-2026-9885: Insufficient validation of untrusted input in UI. Reported by Google. - CVE-2026-9886: Use after free in Base. Reported by Google. - CVE-2026-9887: Use after free in Proxy. Reported by Google. - CVE-2026-9888: Use after free in WebView. Reported by Google. - CVE-2026-9889: Out of bounds read and write in Dawn. Reported by Google. - CVE-2026-9890: Use after free in XR. Reported by Google. - CVE-2026-9891: Use after free in Extensions. Reported by Google. - CVE-2026-9892: Inappropriate implementation in Skia. Reported by Google. - CVE-2026-9893: Use after free in Skia. Reported by Google. - CVE-2026-9894: Use after free in GPU. Reported by tohafrit. - CVE-2026-9895: Out of bounds read in GPU. Reported by 86ac1f1587b71893ed2ad792cd7dde32. - CVE-2026-9896: Out of bounds write in V8. Reported by 303f06e3. - CVE-2026-9897: Use after free in DOM. Reported by Google. - CVE-2026-9898: Insufficient validation of untrusted input in GPU. Reported by Google. - CVE-2026-9899: Use after free in ANGLE. Reported by Google. - CVE-2026-9900: Out of bounds write in ANGLE. Reported by Google. - CVE-2026-9901: Use after free in ANGLE. Reported by Google. - CVE-2026-9902: Use after free in Accessibility. Reported by Google. - CVE-2026-9903: Insufficient validation of untrusted input in Site Isolation. Reported by Google. - CVE-2026-9904: Use after free in ANGLE. Reported by Google. - CVE-2026-9905: Use after free in Accessibility. Reported by Google. - CVE-2026-9906: Out of bounds write in GPU. Reported by Google. - CVE-2026-9907: Out of bounds read in Dawn. Reported by Google. - CVE-2026-9908: Out of bounds read in ANGLE. Reported by Google. - CVE-2026-9909: Integer overflow in Skia. Reported by Google. - CVE-2026-9910: Out of bounds memory access in ANGLE. Reported by Google. - CVE-2026-9911: Integer overflow in ANGLE. Reported by Google. - CVE-2026-9912: Inappropriate implementation in GPU. Reported by Google. - CVE-2026-9913: Inappropriate implementation in ANGLE. Reported by Google - CVE-2026-9914: Insufficient validation of untrusted input in ANGLE. Reported by Google. - CVE-2026-9915: Heap buffer overflow in ANGLE. Reported by Google. - CVE-2026-9916: Out of bounds write in ANGLE. Reported by Google. - CVE-2026-9917: Uninitialized Use in WebGL. Reported by Google. - CVE-2026-9918: Inappropriate implementation in Tint. Reported by Google. - CVE-2026-9919: Out of bounds read in WebGL. Reported by Google. - CVE-2026-9920: Uninitialized Use in GPU. Reported by Google. - CVE-2026-9921: Uninitialized Use in WebGL. Reported by Google. - CVE-2026-9922: Use after free in GPU. Reported by Google. - CVE-2026-9923: Use after free in Skia. Reported by Google. - CVE-2026-9924: Heap buffer overflow in ANGLE. Reported by Google. - CVE-2026-9925: Use after free in ANGLE. Reported by Google. - CVE-2026-9926: Heap buffer overflow in ANGLE. Reported by Google. - CVE-2026-9927: Use after free in ANGLE. Reported by Google. - CVE-2026-9928: Out of bounds read in ANGLE. Reported by Jeff Muizelaar - Mozilla. - CVE-2026-9929: Inappropriate implementation in WebGL. Reported by Google - CVE-2026-9930: Out of bounds write in Dawn. Reported by Google. - CVE-2026-9931: Use after free in GPU. Reported by Google. - CVE-2026-9932: Use after free in ANGLE. Reported by Google. - CVE-2026-9933: Use after free in Input. Reported by Google. - CVE-2026-9934: Use after free in Aura. Reported by Google. - CVE-2026-9935: Uninitialized Use in ANGLE. Reported by Google. - CVE-2026-9936: Use after free in GFX. Reported by Google. - CVE-2026-9937: Use after free in UI. Reported by Google. - CVE-2026-9938: Inappropriate implementation in V8. Reported by Google. - CVE-2026-9939: Heap buffer overflow in WebCodecs. Reported by Google. - CVE-2026-9940: Heap buffer overflow in ANGLE. Reported by Google. - CVE-2026-9941: Use after free in ANGLE. Reported by Google. - CVE-2026-9942: Uninitialized Use in ANGLE. Reported by Google. - CVE-2026-9943: Out of bounds read in WebGL. Reported by Google. - CVE-2026-9944: Uninitialized Use in ANGLE. Reported by Google. - CVE-2026-9945: Use after free in Media. Reported by Google. - CVE-2026-9946: Use after free in ANGLE. Reported by Google. - CVE-2026-9947: Use after free in XML. Reported by Google. - CVE-2026-9948: Use after free in Views. Reported by Google. - CVE-2026-9949: Use after free in Core. Reported by Google. - CVE-2026-9950: Insufficient validation of untrusted input in iOS. Reported by Google. - CVE-2026-9951: Use after free in UI. Reported by Google. - CVE-2026-9952: Use after free in WebAudio. Reported by Google. - CVE-2026-9953: Out of bounds read in ANGLE. Reported by Google. - CVE-2026-9954: Use after free in TabStrip. Reported by yueliu of Microsoft. - CVE-2026-9955: Inappropriate implementation in iOS. Reported by Google. - CVE-2026-9956: Use after free in iOS. Reported by Google. - CVE-2026-9957: Use after free in PDF. Reported by Google. - CVE-2026-9958: Use after free in PDFium. Reported by Google. - CVE-2026-9959: Race in WebRTC. Reported by Google. - CVE-2026-9960: Integer overflow in PDFium. Reported by Google. - CVE-2026-9961: Use after free in SurfaceCapture. Reported by Google. - CVE-2026-9962: Use after free in WebRTC. Reported by Google. - CVE-2026-9963: Uninitialized Use in iOS. Reported by Google. - CVE-2026-9964: Use after free in Bluetooth. Reported by Google. - CVE-2026-9965: Out of bounds write in ANGLE. Reported by Google. - CVE-2026-9966: Integer overflow in XML. Reported by Google. - CVE-2026-9967: Out of bounds write in GPU. Reported by Google. - CVE-2026-9968: Integer overflow in V8. Reported by Google. - CVE-2026-9969: Insufficient validation of untrusted input in ANGLE. Reported by Google. - CVE-2026-9970: Use after free in WebGL. Reported by TFGC. - CVE-2026-9971: Inappropriate implementation in iOS. Reported by Google. - CVE-2026-9972: Uninitialized Use in Gamepad. Reported by Google. - CVE-2026-9973: Out of bounds write in V8. Reported by amyb of OpenAI. - CVE-2026-9974: Out of bounds write in GPU. Reported by Google. - CVE-2026-9975: Out of bounds read and write in ANGLE. Reported by Google - CVE-2026-9976: Inappropriate implementation in USB. Reported by Google. - CVE-2026-9977: Insufficient validation of untrusted input in WebShare. Reported by Google. - CVE-2026-9978: Use after free in Glic. Reported by Google. - CVE-2026-9979: Insufficient validation of untrusted input in Input. Reported by Google. - CVE-2026-9980: Insufficient validation of untrusted input in Printing. Reported by Google. - CVE-2026-9981: Inappropriate implementation in Skia. Reported by Google. - CVE-2026-9982: Insufficient validation of untrusted input in ANGLE. Reported by Google. - CVE-2026-9983: Type Confusion in Skia. Reported by Google. - CVE-2026-9984: Use after free in UI. Reported by Google. - CVE-2026-9985: Insufficient validation of untrusted input in Media. Reported by Google. - CVE-2026-9986: Insufficient validation of untrusted input in OptimizationGuide. Reported by Google. - CVE-2026-9987: Insufficient validation of untrusted input in WebAppInstalls. Reported by Google. - CVE-2026-9988: Use after free in WebRTC. Reported by Google. - CVE-2026-9989: Inappropriate implementation in Media. Reported by Google - CVE-2026-9990: Use after free in WebAppInstalls. Reported by Google. - CVE-2026-9991: Inappropriate implementation in Media. Reported by Google - CVE-2026-9992: Use after free in Network. Reported by Google. - CVE-2026-9993: Use after free in Views. Reported by Google. - CVE-2026-9994: Use after free in Core. Reported by Google. - CVE-2026-9995: Use after free in WebXR. Reported by Google. - CVE-2026-9996: Out of bounds read in WebRTC. Reported by Google. - CVE-2026-9997: Use after free in Input. Reported by Google. - CVE-2026-9998: Integer overflow in Skia. Reported by Google. - CVE-2026-9999: Inappropriate implementation in ANGLE. Reported by Google - CVE-2026-10000: Use after free in Passwords. Reported by Google. - CVE-2026-10001: Use after free in PerformanceManager. Reported by Google - CVE-2026-10002: Use after free in PDFium. Reported by Google. - CVE-2026-10003: Use after free in Views. Reported by Google. - CVE-2026-10004: Insufficient validation of untrusted input in Passwords. Reported by Google. - CVE-2026-10005: Use after free in WebAppInstalls. Reported by Google. - CVE-2026-10006: Race in WebAudio. Reported by Google. - CVE-2026-10007: Use after free in SVG. Reported by Google. - CVE-2026-10008: Uninitialized Use in GPU. Reported by Google. - CVE-2026-10009: Integer overflow in Skia. Reported by Google. - CVE-2026-10010: Inappropriate implementation in Input. Reported by Google. - CVE-2026-10011: Inappropriate implementation in Skia. Reported by Google - CVE-2026-10012: Use after free in Skia. Reported by Google. - CVE-2026-10013: Use after free in WebCodecs. Reported by Google. - CVE-2026-10014: Use after free in WebMIDI. Reported by Google. - CVE-2026-10015: Integer overflow in WTF. Reported by Google. - CVE-2026-10016: Use after free in DOM. Reported by pwn2addr. - CVE-2026-10017: Out of bounds read in Headless. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-10018: Integer overflow in ANGLE. Reported by Rahul Raj. - CVE-2026-10019: Integer overflow in ANGLE. Reported by Mufeed VH from Winfunc Research (winfunc.com). - CVE-2026-10020: Insufficient validation of untrusted input in Skia. Reported by Google. - CVE-2026-10021: Insufficient validation of untrusted input in USB. Reported by Google. - CVE-2026-10022: Type Confusion in V8. Reported by ggwhyp. Checksums-Sha1: 0395e08926cd525d6ff25a88e2d9fbda537c6aa3 5309404 chromium-common-dbgsym_148.0.7778.215-1~deb12u1_i386.deb 35374aa4bc0cdc0a75939ddb2bcc705ede470886 25740020 chromium-common_148.0.7778.215-1~deb12u1_i386.deb db2adc876b98aea5e03ff2f416f061e678af2286 36117540 chromium-dbgsym_148.0.7778.215-1~deb12u1_i386.deb 2af798f00a4d1a1f95ed69d87da96aefc57b4289 7935720 chromium-driver_148.0.7778.215-1~deb12u1_i386.deb 1a1dc2aae7193ce9e18421be13871f38551eb351 29768976 chromium-headless-shell-dbgsym_148.0.7778.215-1~deb12u1_i386.deb dbeb279350c5e7d1d868fa34dbf7cada1c32630a 59262928 chromium-headless-shell_148.0.7778.215-1~deb12u1_i386.deb d0977ef7b80bc59e6a40cdf4ae464f29f5333ba5 17824 chromium-sandbox-dbgsym_148.0.7778.215-1~deb12u1_i386.deb df6a975b6415b4882b857a0135366a2ffcae961a 121108 chromium-sandbox_148.0.7778.215-1~deb12u1_i386.deb 40867b6c4f4ffa6ed3ff352171e1c1313dfb0581 32603612 chromium-shell-dbgsym_148.0.7778.215-1~deb12u1_i386.deb b2792d80f7863bd6d0f36a3fc2865473bf3d0ac6 64921884 chromium-shell_148.0.7778.215-1~deb12u1_i386.deb e4c27cdd725f1cb27a8a00e09051f803a1446ce2 30470 chromium_148.0.7778.215-1~deb12u1_i386-buildd.buildinfo 5754145c131507c3d7be4363e318d2de93374c49 77596752 chromium_148.0.7778.215-1~deb12u1_i386.deb Checksums-Sha256: d2110f8c88f92e715f7c7990033bff63645e21f0be85fda8e3f5303ab426e2d1 5309404 chromium-common-dbgsym_148.0.7778.215-1~deb12u1_i386.deb 06df3536cb49a370680f4dba4d6ff315a4d6ef0e29fc99ac3b000964dcb3e3c7 25740020 chromium-common_148.0.7778.215-1~deb12u1_i386.deb 5b054b15a6d786cd784c719e740cde0a7f0633a764cab6901dcb09e9376e13bd 36117540 chromium-dbgsym_148.0.7778.215-1~deb12u1_i386.deb 6dc69ddd979814c78d7525c5f49eecb9246b3f916ea77f63df2fe4b268939850 7935720 chromium-driver_148.0.7778.215-1~deb12u1_i386.deb 2545b75e1f43b7d238ed265f4e5912b3ed254bb6ff0018e3b32969e653d7668d 29768976 chromium-headless-shell-dbgsym_148.0.7778.215-1~deb12u1_i386.deb 8ff380ff63006a518181cb5330a2dfd7148f11a0f3d7843ae5f6a934c5efcedc 59262928 chromium-headless-shell_148.0.7778.215-1~deb12u1_i386.deb 1c6c4230d45c2cbf4e79db2c9db51aee93e5148776e244dc78de88dd282ee78c 17824 chromium-sandbox-dbgsym_148.0.7778.215-1~deb12u1_i386.deb d0268518a1cdb5dcdd2edd7fd3350e1d59a3af814c2f81b8a514820875c6fe09 121108 chromium-sandbox_148.0.7778.215-1~deb12u1_i386.deb 2cfdfbe1a8ea1b077b230f125d8fb271cd5969e925c740d4f284d0659c57f4e1 32603612 chromium-shell-dbgsym_148.0.7778.215-1~deb12u1_i386.deb d894fec4fe173467653ccc4d93afaf9cc1feb8039edde475c0c1d36adc25a647 64921884 chromium-shell_148.0.7778.215-1~deb12u1_i386.deb 6825dd2e9756933d20eae957de57c31978bfafadf8edc1cfd27e679a1ea835f6 30470 chromium_148.0.7778.215-1~deb12u1_i386-buildd.buildinfo 326d7f0f3ea53cf65e336c6dcf95644f1a4ca89821bff04d1db5a4aec032d508 77596752 chromium_148.0.7778.215-1~deb12u1_i386.deb Files: 1d9f27eaf43329f6e375372c6c351fc9 5309404 debug optional chromium-common-dbgsym_148.0.7778.215-1~deb12u1_i386.deb d504831bfb87f41e0592a3e1c0907b47 25740020 web optional chromium-common_148.0.7778.215-1~deb12u1_i386.deb bc86381dd5676a46b61d9b1ea19f1d47 36117540 debug optional chromium-dbgsym_148.0.7778.215-1~deb12u1_i386.deb 838748c4683bd8f521fbe10cead4458f 7935720 web optional chromium-driver_148.0.7778.215-1~deb12u1_i386.deb 3734c750a80e6e16c821d6b3c4fe0615 29768976 debug optional chromium-headless-shell-dbgsym_148.0.7778.215-1~deb12u1_i386.deb d355344ad469aff9e56867b5a9b28085 59262928 web optional chromium-headless-shell_148.0.7778.215-1~deb12u1_i386.deb 0610d260b283f143d339670d6d380756 17824 debug optional chromium-sandbox-dbgsym_148.0.7778.215-1~deb12u1_i386.deb fe74980da5acc359ef2c68fefd542ced 121108 web optional chromium-sandbox_148.0.7778.215-1~deb12u1_i386.deb 602a48da11ab50c6258472adbd970b4c 32603612 debug optional chromium-shell-dbgsym_148.0.7778.215-1~deb12u1_i386.deb d01ea20c1249e291d4d5379e1ca81711 64921884 web optional chromium-shell_148.0.7778.215-1~deb12u1_i386.deb e855c1420aefcdd33a0c7a7fb5782c1c 30470 web optional chromium_148.0.7778.215-1~deb12u1_i386-buildd.buildinfo 0f5ae3b1e6db8aab79e9073d96b68e42 77596752 web optional chromium_148.0.7778.215-1~deb12u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEPAUaMA0H0rOy6qBWf2INRiCdaWIFAmodZFMACgkQf2INRiCd aWIP/g/+OQI/to62FTgLK2G3D8Kk+ttb8YGOqyMmQF2OwRZe+g1XJ1YqT0V4p0Mj 0zUcq+SfU6kTngh26pagaOpcfdfVmPEpJrD+alaexPHnYRtiVCapV3hHB4P0MFh7 lwtLm31MqzChPVYJ2KL9YsblG0tGCsngygUSplkIiAXR4AV6DzL7wnlduZrnRwM3 dTyV+wERiPkUojeZ3hLpmjiObxrY1d2LQEzCtv9xtg8CYsxuSooZTysdFw4tkOPG wgmeEXcBgtzukNDoBBiYuhEpRStBRZJoiDCyncAPjx1YoXeP37jl7Dq0sFwN9lwm x12VqcSMqSvEebGBRBrE3DC7+nRbWtk9h9cA705hh+onoWRdjjgvK/cG259hixdP iJkuyV6Cq9oe8kp3wpXU6P3Qua7a0yMkJ3iQShc8N2ONRQPpB6cmWpeQC0v32Hxe Ra78CuL6GQpK0SCKuN8j2COj+slsnhMWvjuiR2v96eoNf/2Jz/LJUi+9Ht+7OB0h zHByukP7pxKiyCd1ye+KY/A5RfU5JJQCBLUDvvU6t9p4Br8BS4yu5UZ/AoVHObOI 6zb1RPMSfJUF1ow7sscOuykoONdr4vBFylB9uHENPLgwn/gAma/FbBff8GPc3NYB PM49DRPKfouW/HV22JzYZDvUhKAB8YATkAaKkByKFvI/nQeBMNE= =cXF3 -----END PGP SIGNATURE-----