-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 06 May 2026 16:32:51 -0400 Source: chromium Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym Architecture: i386 Version: 148.0.7778.96-1~deb13u1 Distribution: trixie-security Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) Changed-By: Andres Salomon Description: chromium - web browser chromium-common - web browser - common resources used by the chromium packages chromium-driver - web browser - WebDriver support chromium-headless-shell - web browser - old headless shell chromium-sandbox - web browser - setuid security sandbox for chromium chromium-shell - web browser - minimal shell Changes: chromium (148.0.7778.96-1~deb13u1) trixie-security; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2026-7896: Integer overflow in Blink. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-7897: Use after free in Mobile. Reported by Google. - CVE-2026-7898: Use after free in Chromoting. Reported by Google. - CVE-2026-7899: Out of bounds read and write in V8. Reported by Project WhatForLunch (@pjwhatforlunch). - CVE-2026-7900: Heap buffer overflow in ANGLE. Reported by Anonymous. - CVE-2026-7901: Use after free in ANGLE. Reported by Syn4pse (@ret2happy) - CVE-2026-7902: Out of bounds memory access in V8. Reported by JunYoung Park(@candymate) of KAIST Hacking Lab. - CVE-2026-7903: Integer overflow in ANGLE. Reported by heesun. - CVE-2026-7904: Out of bounds read in Fonts. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-7905: Insufficient validation of untrusted input in Media. Reported by Google. - CVE-2026-7906: Use after free in SVG. Reported by Google. - CVE-2026-7907: Use after free in DOM. Reported by Google. - CVE-2026-7908: Use after free in Fullscreen. Reported by Google. - CVE-2026-7909: Inappropriate implementation in ServiceWorker. Reported by Google. - CVE-2026-7910: Use after free in Views. Reported by Google. - CVE-2026-7911: Use after free in Aura. Reported by Google. - CVE-2026-7912: Integer overflow in GPU. Reported by Google. - CVE-2026-7913: Insufficient policy enforcement in DevTools. Reported by Google. - CVE-2026-7914: Type Confusion in Accessibility. Reported by Google. - CVE-2026-7915: Insufficient data validation in DevTools. Reported by Google. - CVE-2026-7916: Insufficient data validation in InterestGroups. Reported by Google. - CVE-2026-7917: Use after free in Fullscreen. Reported by Google. - CVE-2026-7918: Use after free in GPU. Reported by Google. - CVE-2026-7919: Use after free in Aura. Reported by Google. - CVE-2026-7920: Use after free in Skia. Reported by Google. - CVE-2026-7921: Use after free in Passwords. Reported by Google. - CVE-2026-7922: Use after free in ServiceWorker. Reported by Google. - CVE-2026-7923: Out of bounds write in Skia. Reported by Google. - CVE-2026-7924: Uninitialized Use in Dawn. Reported by Google. - CVE-2026-7925: Use after free in Chromoting. Reported by Google. - CVE-2026-7926: Use after free in PresentationAPI. Reported by anonymous - CVE-2026-7927: Type Confusion in Runtime. Reported by Google. - CVE-2026-7928: Use after free in WebRTC. Reported by Google. - CVE-2026-7929: Use after free in MediaRecording. Reported by Google. - CVE-2026-7930: Insufficient validation of untrusted input in Cookies. Reported by Satoki. - CVE-2026-7931: Insufficient validation of untrusted input in iOS. Reported by Qadhafy Muhammad Tera. - CVE-2026-7932: Insufficient policy enforcement in Downloads. Reported by Povcfe of Tencent Security Xuanwu Lab. - CVE-2026-7933: Out of bounds read in WebCodecs. Reported by heapracer (@heapracer). - CVE-2026-7934: Insufficient validation of untrusted input in Popup Blocker. Reported by Google. - CVE-2026-7935: Inappropriate implementation in Speech. Reported by Qadhafy Muhammad Tera. - CVE-2026-7936: Object lifecycle issue in V8. Reported by Christian Holler. - CVE-2026-7937: Insufficient policy enforcement in DevTools. Reported by lebr0nli of National Yang Ming Chiao Tung University, Dept. of CS, Security and Systems Lab. - CVE-2026-7938: Use after free in CSS. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-7939: Inappropriate implementation in SanitizerAPI. Reported by s3zer0. - CVE-2026-7940: Use after free in V8. Reported by sakana. - CVE-2026-7941: Insufficient validation of untrusted input in Mobile. Reported by Adithya Kotian. - CVE-2026-7942: Integer overflow in ANGLE. Reported by Google. - CVE-2026-7943: Insufficient validation of untrusted input in ANGLE. Reported by 86ac1f1587b71893ed2ad792cd7dde32. - CVE-2026-7944: Insufficient validation of untrusted input in Persistent Cache. Reported by Google. - CVE-2026-7945: Insufficient validation of untrusted input in COOP. Reported by Google. - CVE-2026-7946: Insufficient policy enforcement in WebUI. Reported by Google. - CVE-2026-7947: Insufficient validation of untrusted input in Network. Reported by Google. - CVE-2026-7948: Race in Chromoting. Reported by Google. - CVE-2026-7949: Out of bounds read in Skia. Reported by Google. - CVE-2026-7950: Out of bounds read and write in GFX. Reported by Google. - CVE-2026-7951: Out of bounds write in WebRTC. Reported by soft.connect.fr. - CVE-2026-7952: Insufficient policy enforcement in Extensions. Reported by Google. - CVE-2026-7953: Insufficient validation of untrusted input in Omnibox. Reported by Google. - CVE-2026-7954: Race in Shared Storage. Reported by Google. - CVE-2026-7955: Uninitialized Use in GPU. Reported by Google. - CVE-2026-7956: Use after free in Navigation. Reported by Google. - CVE-2026-7957: Out of bounds write in Media. Reported by Google. - CVE-2026-7958: Inappropriate implementation in ServiceWorker. Reported by Google. - CVE-2026-7959: Inappropriate implementation in Navigation. Reported by Google. - CVE-2026-7960: Race in Speech. Reported by Google. - CVE-2026-7961: Insufficient validation of untrusted input in Permissions Reported by Google. - CVE-2026-7962: Insufficient policy enforcement in DirectSockets. Reported by Google. - CVE-2026-7963: Inappropriate implementation in ServiceWorker. Reported by Google. - CVE-2026-7964: Insufficient validation of untrusted input in FileSystem. Reported by Google. - CVE-2026-7965: Insufficient validation of untrusted input in DevTools. Reported by Google. - CVE-2026-7966: Insufficient validation of untrusted input in SiteIsolation. Reported by Google. - CVE-2026-7967: Insufficient validation of untrusted input in Navigation. Reported by Google. - CVE-2026-7968: Insufficient validation of untrusted input in CORS. Reported by Google. - CVE-2026-7969: Integer overflow in Network. Reported by Google. - CVE-2026-7970: Use after free in TopChrome. Reported by Google. - CVE-2026-7971: Inappropriate implementation in ORB. Reported by Google. - CVE-2026-7972: Uninitialized Use in GPU. Reported by Google. - CVE-2026-7973: Integer overflow in Dawn. Reported by Google. - CVE-2026-7974: Use after free in Blink. Reported by Google. - CVE-2026-7975: Use after free in DevTools. Reported by Google. - CVE-2026-7976: Use after free in Views. Reported by Google. - CVE-2026-7977: Inappropriate implementation in Canvas. Reported by Google. - CVE-2026-7978: Inappropriate implementation in Companion. Reported by Google. - CVE-2026-7979: Inappropriate implementation in Media. Reported by Google - CVE-2026-7980: Use after free in WebAudio. Reported by Google. - CVE-2026-7981: Out of bounds read in Codecs. Reported by Google. - CVE-2026-7982: Uninitialized Use in WebCodecs. Reported by Google. - CVE-2026-7983: Out of bounds read in Dawn. Reported by Google. - CVE-2026-7984: Use after free in ReadingMode. Reported by Google. - CVE-2026-7985: Use after free in GPU. Reported by Google. - CVE-2026-7986: Insufficient policy enforcement in Autofill. Reported by Google. - CVE-2026-7987: Use after free in WebRTC. Reported by Google. - CVE-2026-7988: Type Confusion in WebRTC. Reported by Google. - CVE-2026-7989: Insufficient data validation in DataTransfer. Reported by Google. - CVE-2026-7990: Insufficient validation of untrusted input in Updater. Reported by Google. - CVE-2026-7991: Use after free in UI. Reported by Google. - CVE-2026-7992: Insufficient validation of untrusted input in UI. Reported by Google. - CVE-2026-7993: Insufficient validation of untrusted input in Payments. Reported by Google. - CVE-2026-7994: Inappropriate implementation in Chromoting. Reported by Google. - CVE-2026-7995: Out of bounds read in AdFilter. Reported by Google. - CVE-2026-7996: Insufficient validation of untrusted input in SSL. Reported by heesun. - CVE-2026-7997: Insufficient validation of untrusted input in Updater. Reported by ochkofficial. - CVE-2026-7998: Insufficient validation of untrusted input in Dialog. Reported by Tianyi Hu. - CVE-2026-7999: Inappropriate implementation in V8. Reported by Taisic Yun (@taisic) of Theori. - CVE-2026-8000: Insufficient validation of untrusted input in ChromeDriver. Reported by Ryan Jupp - HAAO. - CVE-2026-8001: Use after free in Printing. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-8002: Use after free in Audio. Reported by Google. - CVE-2026-8003: Insufficient validation of untrusted input in TabGroups. Reported by Google. - CVE-2026-8004: Insufficient policy enforcement in DevTools. Reported by Google. - CVE-2026-8005: Insufficient validation of untrusted input in Cast. Reported by Google. - CVE-2026-8006: Insufficient policy enforcement in DevTools. Reported by Google. - CVE-2026-8007: Insufficient validation of untrusted input in Cast. Reported by Google. - CVE-2026-8008: Inappropriate implementation in DevTools. Reported by Google. - CVE-2026-8009: Inappropriate implementation in Cast. Reported by Google. - CVE-2026-8010: Insufficient validation of untrusted input in SiteIsolation. Reported by Google. - CVE-2026-8011: Insufficient policy enforcement in Search. Reported by Google. - CVE-2026-8012: Inappropriate implementation in MHTML. Reported by Google - CVE-2026-8013: Insufficient validation of untrusted input in FedCM. Reported by Google. - CVE-2026-8014: Inappropriate implementation in Preload. Reported by Google. - CVE-2026-8015: Inappropriate implementation in Media. Reported by Google - CVE-2026-8016: Use after free in WebRTC. Reported by Google. - CVE-2026-8017: Side-channel information leakage in Media. Reported by Google. - CVE-2026-8018: Insufficient policy enforcement in DevTools. Reported by Google. - CVE-2026-8019: Insufficient policy enforcement in WebApp. Reported by Google. - CVE-2026-8020: Uninitialized Use in GPU. Reported by Google. - CVE-2026-8021: Script injection in UI. Reported by Google. - CVE-2026-8022: Inappropriate implementation in MHTML. Reported by Google * d/copyright: - drop gperf binary that upstream now includes. - update for dropping of "khronos" from opengl paths. * d/rules: - copy gperf binary from /usr/bin into build tree. - set webnn_use_litert=false. * d/clean: - update for harfbuzz-ng to harfbuzz rename. * d/patches: - upstream/Fix-GL-native-pixmap-import-support-reset-in-GpuInit.patch: drop, merged upstream. - disable/lint.patch: refresh. - trixie/nodejs-set-intersection.patch: refresh for file rename. - ungoogled/disable-ai.patch: sync from u-c. - trixie/gn-inputs.patch, trixie/gn-inputs2.patch: add patches to revert gn "inputs" usage, which isn't supported by our older generate-ninja package. - llvm-22/ignore-for-ubsan.patch: add another bit to remove the same unsupported compiler flag. - llvm-19/iota.patch: add build fix for missing std::ranges::iota(). - upstream/turboshaft.patch: add build fix pulled from (v8) upstream for value_or() type ambiguity. - trixie/revert-v8-sanitize.patch: add patch to revert v8 gn-related changes that cause the build to fail w/ older gn. - llvm-19/raw-ref-map-find.patch: add patch to work around older clang-19 std::map::find() limitation. - rust-1.85/jxl-features.patch: refresh for new version [trixie, bookworm]. - rust-1.85/jxl-simd-avx512.patch: refresh for new version, and also drop large portions of this patch that add unsafe{} to macro calls (since I already added an unsafe block in the macro definition). And mark more functions as unsafe [trixie, bookworm]. - trixie/adler1.patch: refresh [trixie, bookworm]. - trixie/rust-is-multiple-of.patch: refresh & move to rust-1.85/ directory [trixie, bookworm]. - rust-1.85/file_as_c_str.patch: add patch to work around lack of std::panic::file_as_c_str() [trixie, bookworm]. - rust-1.85/mojo-features.patch: add patch to enable some newer rust features in mojom parser [trixie, bookworm]. - rust-1.85/zip8.patch: add patch to enable some newer rust features in zip [trixie, bookworm]. - bookworm/constexpr.patch: refresh for moved file [bookworm]. - bookworm/dav1d-drop-hdr.patch: refresh [bookworm]. - bookworm/eslint.patch: drop, no longer needed [bookworm]. - ungoogled/remove-navigation-source-param.patch: add patch from u-c to drop the "&source=chrome.ob" that shows up when you search for something via omnibox. . [ Timothy Pearson ] * d/patches/ppc64le: - third_party/0002-regenerate-xnn-buildgn.patch refresh for upstream changes - third_party/skia-vsx-instructions.patch: refresh for upstream changes - fixes/fix-different-data-layouts.patch: refresh for upstream changes . [ Jianfeng Liu ] * d/patches/loongarch64: - 0004-loong64-sandbox-sandbox-linux-Update-syscall-helpers.patch: Refresh for upstream changes - 0024-disable-BROTLI_MODEL-macro-for-some-targets.patch: Drop, merged upstream . [ Daniel Richard G. ] * d/patches/llvm-19/clang19.patch: Also drop -Wlifetime-safety-permissive flag from v8 build, as clang-19 (and 20) doesn't recognize it. Checksums-Sha1: 70408e6a14c3a2865a558fd9c3cb091d4b90df64 5337192 chromium-common-dbgsym_148.0.7778.96-1~deb13u1_i386.deb 1ae988ebdc49eb990fae450b4ad21d30968bf3bf 25679500 chromium-common_148.0.7778.96-1~deb13u1_i386.deb 98d8d1bbb18f72c3e1aed682931c71a47923e5a7 36133804 chromium-dbgsym_148.0.7778.96-1~deb13u1_i386.deb 54b52da77763d2152b2b5d6b072869569bf41400 7934916 chromium-driver_148.0.7778.96-1~deb13u1_i386.deb 7caa0a732f76db66465e935a6788c964ab15c213 29783544 chromium-headless-shell-dbgsym_148.0.7778.96-1~deb13u1_i386.deb be01be3a7a96bb2167da0e1375b24fda21446059 59225188 chromium-headless-shell_148.0.7778.96-1~deb13u1_i386.deb ed01840edbf502bf9628ab75a3a4ea6169509254 18988 chromium-sandbox-dbgsym_148.0.7778.96-1~deb13u1_i386.deb 22ad20daa42b564d1d739a0321ed1b8d201fcd4c 116740 chromium-sandbox_148.0.7778.96-1~deb13u1_i386.deb 586aa78d3f2d1601282cdfe6b827f12e91cec9d8 32634188 chromium-shell-dbgsym_148.0.7778.96-1~deb13u1_i386.deb 3a254c0804eafb1ca093f29cb8ad2fafa58611f4 64885180 chromium-shell_148.0.7778.96-1~deb13u1_i386.deb 631c5b3d9bf33f78100a6ffb975b1e5b0b8a199d 30340 chromium_148.0.7778.96-1~deb13u1_i386-buildd.buildinfo 5a8081031e1c0f4a48cc3e3148d5aa30bd98995d 77596548 chromium_148.0.7778.96-1~deb13u1_i386.deb Checksums-Sha256: d6298a142bcaa7e14cb8fe4a6aa9f63c75d345786413f66278e7508fc506eb85 5337192 chromium-common-dbgsym_148.0.7778.96-1~deb13u1_i386.deb ceb3074b2a62222e4ce6382c2397c106dd3c80e7e3ab12b162e57959561643fb 25679500 chromium-common_148.0.7778.96-1~deb13u1_i386.deb 5630ff81ce53daab8d626419c89f90539470597ac4f865dbabe6b7e35a8f557a 36133804 chromium-dbgsym_148.0.7778.96-1~deb13u1_i386.deb e0a65497b90e1ca1e3d5f72409f89da73321d62e4a5fc74d7daff7bd963de557 7934916 chromium-driver_148.0.7778.96-1~deb13u1_i386.deb 15e5884d48b4fae096f2ee2ec80df6e454fc1493b2db767e2359150d2a7f90c9 29783544 chromium-headless-shell-dbgsym_148.0.7778.96-1~deb13u1_i386.deb 0322eaff91b2896d1392de530843d0690b82e4fd9cbd7d0b35f8c6b516ab01ed 59225188 chromium-headless-shell_148.0.7778.96-1~deb13u1_i386.deb d200a8ecb0ee40bc88fba597d19fc5af33edce97861467aade599bd4042348ea 18988 chromium-sandbox-dbgsym_148.0.7778.96-1~deb13u1_i386.deb 8a19412b4646e4bea2838d99f5acb273fc353f26afdce5f2fb69291a3a547d30 116740 chromium-sandbox_148.0.7778.96-1~deb13u1_i386.deb 8964a2719d433166e1b76d26d81ac1bd139525281dd166894e500e0f94b2bb19 32634188 chromium-shell-dbgsym_148.0.7778.96-1~deb13u1_i386.deb 5b53560f0a50eca0f7ddff0f810175ecc79b260fcca378fcf88e099e610f5908 64885180 chromium-shell_148.0.7778.96-1~deb13u1_i386.deb c657d5a5d1a9f4c97c8612cfa554f0de7c7a710754da00b1e4b988076edd5f86 30340 chromium_148.0.7778.96-1~deb13u1_i386-buildd.buildinfo 4b9f69ceb77eca1ade0e90abb053298a07e4e20cf6df66e4cb845406ca6a0b9e 77596548 chromium_148.0.7778.96-1~deb13u1_i386.deb Files: a1e45a6cc54575bdf0a0c0364d74a223 5337192 debug optional chromium-common-dbgsym_148.0.7778.96-1~deb13u1_i386.deb ea07b6114f6c7a7a81bbcc3cc76fc463 25679500 web optional chromium-common_148.0.7778.96-1~deb13u1_i386.deb d881b6fd0bff2805a6826a759f1f2d5e 36133804 debug optional chromium-dbgsym_148.0.7778.96-1~deb13u1_i386.deb 75b7019d342cff2a54eccab8ec2feaaf 7934916 web optional chromium-driver_148.0.7778.96-1~deb13u1_i386.deb 88011ebfd891d27eacbc83d98193b1ca 29783544 debug optional chromium-headless-shell-dbgsym_148.0.7778.96-1~deb13u1_i386.deb 4c78e7b03051a872d2aad3c291b90658 59225188 web optional chromium-headless-shell_148.0.7778.96-1~deb13u1_i386.deb 3a37a08dfe792d9247ebcdbff1171d30 18988 debug optional chromium-sandbox-dbgsym_148.0.7778.96-1~deb13u1_i386.deb dd4f5f854527db6dd0bfb9bcf4144542 116740 web optional chromium-sandbox_148.0.7778.96-1~deb13u1_i386.deb 489cb377023fa03c5e2401b3ce7a64a8 32634188 debug optional chromium-shell-dbgsym_148.0.7778.96-1~deb13u1_i386.deb ea0824e28d6f64d0820c207e8123ef49 64885180 web optional chromium-shell_148.0.7778.96-1~deb13u1_i386.deb f9574bf1a0bcaff5138c891ef86da631 30340 web optional chromium_148.0.7778.96-1~deb13u1_i386-buildd.buildinfo 182095cffc57dc864e7cf82f897c946b 77596548 web optional chromium_148.0.7778.96-1~deb13u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7cQ9mRD4+dWjjrb6PkCWRKsh20cFAmn8k9oACgkQPkCWRKsh 20drQA/8Dc3X1Jh2GJIkRCq3NV3OcwTcCXvVtVfv03LhKLYqFTO7wsFowE8iD6qi dJ9c/Df+Tr21oU0aR+f1kxXcH7stFy3XtnlAFMbFtjIKuYR+Nv8RZ87R+RAcKEw4 rSQN31ykeTbdXUT15X9aJYnJglyJTMR+1Fd//0+oU5olSbKDV4/8ARKcRZfGRHoq UnKJK3uFL6JH21rPXR3I2XBlJoyC4IonCpK1yFBle6m0FFNthb6DpDRjPpyeVGez O4i8/a/VlVOqL1gxQ72fDFBLIm7wQr3V2K99jSOdGcIqJhkV6w9FnBXItkt5Swxb cjoCdEiBX1ZIGx8/hTZ8+J/KxVj1pDBc0dLUr9nOXlX2ShvBdGUGsiIy0n8jguqF x7XX/KjROKX7EB46M4gxU7bWpa4j1KuHh5OTD952+N8Q6i902fuTMk52o2u5k6ts oVPKhTBCJ2yQU5hGltGY+JexnIxlKg8qZM2cT83G9V+ce0/VJUYr6gjTHlFjK6Ph e7X7M62yReg/3b6/Iaxug9o8qgDLVWQUTcuCNWPt52sA3Lm8AUHECMsmWq8HULaa H2HJBqS4uZDqyIeNa6EWd/95nY35eUlIFK9KeMjn8G8MlyD5f6aGSiX+x8eJ+OU2 L2gfXRdsGLo/HnJK/56TgfooTny6CCjHIMAr+MZl8cTHh/k9Yi0= =HGR4 -----END PGP SIGNATURE-----