-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 29 May 2026 11:48:56 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: amd64
Version: 148.0.7778.215-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (148.0.7778.215-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-9872: Out of bounds write in GPU. Reported by cinzinga.
     - CVE-2026-9873: Use after free in Network. Reported by cinzinga.
     - CVE-2026-9874: Use after free in Dawn. Reported by Anonymous.
     - CVE-2026-9875: Out of bounds read in WebGL. Reported by Anonymous.
     - CVE-2026-9876: Use after free in WebGL. Reported by happy2me.
     - CVE-2026-9877: Use after free in ANGLE. Reported by Google.
     - CVE-2026-9878: Use after free in ANGLE. Reported by Google.
     - CVE-2026-9879: Out of bounds write in ANGLE. Reported by Google.
     - CVE-2026-9880: Insufficient validation of untrusted input in WebGL.
       Reported by Google.
     - CVE-2026-9881: Use after free in Bluetooth. Reported by Google.
     - CVE-2026-9882: Integer overflow in ANGLE. Reported by Google.
     - CVE-2026-9883: Use after free in Base. Reported by Google.
     - CVE-2026-9884: Use after free in Browser. Reported by Google.
     - CVE-2026-9885: Insufficient validation of untrusted input in UI.
       Reported by Google.
     - CVE-2026-9886: Use after free in Base. Reported by Google.
     - CVE-2026-9887: Use after free in Proxy. Reported by Google.
     - CVE-2026-9888: Use after free in WebView. Reported by Google.
     - CVE-2026-9889: Out of bounds read and write in Dawn. Reported by Google.
     - CVE-2026-9890: Use after free in XR. Reported by Google.
     - CVE-2026-9891: Use after free in Extensions. Reported by Google.
     - CVE-2026-9892: Inappropriate implementation in Skia. Reported by Google.
     - CVE-2026-9893: Use after free in Skia. Reported by Google.
     - CVE-2026-9894: Use after free in GPU. Reported by tohafrit.
     - CVE-2026-9895: Out of bounds read in GPU.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-9896: Out of bounds write in V8. Reported by 303f06e3.
     - CVE-2026-9897: Use after free in DOM. Reported by Google.
     - CVE-2026-9898: Insufficient validation of untrusted input in GPU.
       Reported by Google.
     - CVE-2026-9899: Use after free in ANGLE. Reported by Google.
     - CVE-2026-9900: Out of bounds write in ANGLE. Reported by Google.
     - CVE-2026-9901: Use after free in ANGLE. Reported by Google.
     - CVE-2026-9902: Use after free in Accessibility. Reported by Google.
     - CVE-2026-9903: Insufficient validation of untrusted input in
       Site Isolation. Reported by Google.
     - CVE-2026-9904: Use after free in ANGLE. Reported by Google.
     - CVE-2026-9905: Use after free in Accessibility. Reported by Google.
     - CVE-2026-9906: Out of bounds write in GPU. Reported by Google.
     - CVE-2026-9907: Out of bounds read in Dawn. Reported by Google.
     - CVE-2026-9908: Out of bounds read in ANGLE. Reported by Google.
     - CVE-2026-9909: Integer overflow in Skia. Reported by Google.
     - CVE-2026-9910: Out of bounds memory access in ANGLE. Reported by Google.
     - CVE-2026-9911: Integer overflow in ANGLE. Reported by Google.
     - CVE-2026-9912: Inappropriate implementation in GPU. Reported by Google.
     - CVE-2026-9913: Inappropriate implementation in ANGLE. Reported by Google
     - CVE-2026-9914: Insufficient validation of untrusted input in ANGLE.
       Reported by Google.
     - CVE-2026-9915: Heap buffer overflow in ANGLE. Reported by Google.
     - CVE-2026-9916: Out of bounds write in ANGLE. Reported by Google.
     - CVE-2026-9917: Uninitialized Use in WebGL. Reported by Google.
     - CVE-2026-9918: Inappropriate implementation in Tint. Reported by Google.
     - CVE-2026-9919: Out of bounds read in WebGL. Reported by Google.
     - CVE-2026-9920: Uninitialized Use in GPU. Reported by Google.
     - CVE-2026-9921: Uninitialized Use in WebGL. Reported by Google.
     - CVE-2026-9922: Use after free in GPU. Reported by Google.
     - CVE-2026-9923: Use after free in Skia. Reported by Google.
     - CVE-2026-9924: Heap buffer overflow in ANGLE. Reported by Google.
     - CVE-2026-9925: Use after free in ANGLE. Reported by Google.
     - CVE-2026-9926: Heap buffer overflow in ANGLE. Reported by Google.
     - CVE-2026-9927: Use after free in ANGLE. Reported by Google.
     - CVE-2026-9928: Out of bounds read in ANGLE.
       Reported by Jeff Muizelaar - Mozilla.
     - CVE-2026-9929: Inappropriate implementation in WebGL. Reported by Google
     - CVE-2026-9930: Out of bounds write in Dawn. Reported by Google.
     - CVE-2026-9931: Use after free in GPU. Reported by Google.
     - CVE-2026-9932: Use after free in ANGLE. Reported by Google.
     - CVE-2026-9933: Use after free in Input. Reported by Google.
     - CVE-2026-9934: Use after free in Aura. Reported by Google.
     - CVE-2026-9935: Uninitialized Use in ANGLE. Reported by Google.
     - CVE-2026-9936: Use after free in GFX. Reported by Google.
     - CVE-2026-9937: Use after free in UI. Reported by Google.
     - CVE-2026-9938: Inappropriate implementation in V8. Reported by Google.
     - CVE-2026-9939: Heap buffer overflow in WebCodecs. Reported by Google.
     - CVE-2026-9940: Heap buffer overflow in ANGLE. Reported by Google.
     - CVE-2026-9941: Use after free in ANGLE. Reported by Google.
     - CVE-2026-9942: Uninitialized Use in ANGLE. Reported by Google.
     - CVE-2026-9943: Out of bounds read in WebGL. Reported by Google.
     - CVE-2026-9944: Uninitialized Use in ANGLE. Reported by Google.
     - CVE-2026-9945: Use after free in Media. Reported by Google.
     - CVE-2026-9946: Use after free in ANGLE. Reported by Google.
     - CVE-2026-9947: Use after free in XML. Reported by Google.
     - CVE-2026-9948: Use after free in Views. Reported by Google.
     - CVE-2026-9949: Use after free in Core. Reported by Google.
     - CVE-2026-9950: Insufficient validation of untrusted input in iOS.
       Reported by Google.
     - CVE-2026-9951: Use after free in UI. Reported by Google.
     - CVE-2026-9952: Use after free in WebAudio. Reported by Google.
     - CVE-2026-9953: Out of bounds read in ANGLE. Reported by Google.
     - CVE-2026-9954: Use after free in TabStrip.
       Reported by yueliu of Microsoft.
     - CVE-2026-9955: Inappropriate implementation in iOS. Reported by Google.
     - CVE-2026-9956: Use after free in iOS. Reported by Google.
     - CVE-2026-9957: Use after free in PDF. Reported by Google.
     - CVE-2026-9958: Use after free in PDFium. Reported by Google.
     - CVE-2026-9959: Race in WebRTC. Reported by Google.
     - CVE-2026-9960: Integer overflow in PDFium. Reported by Google.
     - CVE-2026-9961: Use after free in SurfaceCapture. Reported by Google.
     - CVE-2026-9962: Use after free in WebRTC. Reported by Google.
     - CVE-2026-9963: Uninitialized Use in iOS. Reported by Google.
     - CVE-2026-9964: Use after free in Bluetooth. Reported by Google.
     - CVE-2026-9965: Out of bounds write in ANGLE. Reported by Google.
     - CVE-2026-9966: Integer overflow in XML. Reported by Google.
     - CVE-2026-9967: Out of bounds write in GPU. Reported by Google.
     - CVE-2026-9968: Integer overflow in V8. Reported by Google.
     - CVE-2026-9969: Insufficient validation of untrusted input in ANGLE.
       Reported by Google.
     - CVE-2026-9970: Use after free in WebGL. Reported by TFGC.
     - CVE-2026-9971: Inappropriate implementation in iOS. Reported by Google.
     - CVE-2026-9972: Uninitialized Use in Gamepad. Reported by Google.
     - CVE-2026-9973: Out of bounds write in V8. Reported by amyb of OpenAI.
     - CVE-2026-9974: Out of bounds write in GPU. Reported by Google.
     - CVE-2026-9975: Out of bounds read and write in ANGLE. Reported by Google
     - CVE-2026-9976: Inappropriate implementation in USB. Reported by Google.
     - CVE-2026-9977: Insufficient validation of untrusted input in WebShare.
       Reported by Google.
     - CVE-2026-9978: Use after free in Glic. Reported by Google.
     - CVE-2026-9979: Insufficient validation of untrusted input in Input.
       Reported by Google.
     - CVE-2026-9980: Insufficient validation of untrusted input in Printing.
       Reported by Google.
     - CVE-2026-9981: Inappropriate implementation in Skia. Reported by Google.
     - CVE-2026-9982: Insufficient validation of untrusted input in ANGLE.
       Reported by Google.
     - CVE-2026-9983: Type Confusion in Skia. Reported by Google.
     - CVE-2026-9984: Use after free in UI. Reported by Google.
     - CVE-2026-9985: Insufficient validation of untrusted input in Media.
       Reported by Google.
     - CVE-2026-9986: Insufficient validation of untrusted input in
       OptimizationGuide. Reported by Google.
     - CVE-2026-9987: Insufficient validation of untrusted input in
       WebAppInstalls. Reported by Google.
     - CVE-2026-9988: Use after free in WebRTC. Reported by Google.
     - CVE-2026-9989: Inappropriate implementation in Media. Reported by Google
     - CVE-2026-9990: Use after free in WebAppInstalls. Reported by Google.
     - CVE-2026-9991: Inappropriate implementation in Media. Reported by Google
     - CVE-2026-9992: Use after free in Network. Reported by Google.
     - CVE-2026-9993: Use after free in Views. Reported by Google.
     - CVE-2026-9994: Use after free in Core. Reported by Google.
     - CVE-2026-9995: Use after free in WebXR. Reported by Google.
     - CVE-2026-9996: Out of bounds read in WebRTC. Reported by Google.
     - CVE-2026-9997: Use after free in Input. Reported by Google.
     - CVE-2026-9998: Integer overflow in Skia. Reported by Google.
     - CVE-2026-9999: Inappropriate implementation in ANGLE. Reported by Google
     - CVE-2026-10000: Use after free in Passwords. Reported by Google.
     - CVE-2026-10001: Use after free in PerformanceManager. Reported by Google
     - CVE-2026-10002: Use after free in PDFium. Reported by Google.
     - CVE-2026-10003: Use after free in Views. Reported by Google.
     - CVE-2026-10004: Insufficient validation of untrusted input in Passwords.
       Reported by Google.
     - CVE-2026-10005: Use after free in WebAppInstalls. Reported by Google.
     - CVE-2026-10006: Race in WebAudio. Reported by Google.
     - CVE-2026-10007: Use after free in SVG. Reported by Google.
     - CVE-2026-10008: Uninitialized Use in GPU. Reported by Google.
     - CVE-2026-10009: Integer overflow in Skia. Reported by Google.
     - CVE-2026-10010: Inappropriate implementation in Input.
       Reported by Google.
     - CVE-2026-10011: Inappropriate implementation in Skia. Reported by Google
     - CVE-2026-10012: Use after free in Skia. Reported by Google.
     - CVE-2026-10013: Use after free in WebCodecs. Reported by Google.
     - CVE-2026-10014: Use after free in WebMIDI. Reported by Google.
     - CVE-2026-10015: Integer overflow in WTF. Reported by Google.
     - CVE-2026-10016: Use after free in DOM. Reported by pwn2addr.
     - CVE-2026-10017: Out of bounds read in Headless.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-10018: Integer overflow in ANGLE. Reported by Rahul Raj.
     - CVE-2026-10019: Integer overflow in ANGLE.
       Reported by Mufeed VH from Winfunc Research (winfunc.com).
     - CVE-2026-10020: Insufficient validation of untrusted input in Skia.
       Reported by Google.
     - CVE-2026-10021: Insufficient validation of untrusted input in USB.
       Reported by Google.
     - CVE-2026-10022: Type Confusion in V8. Reported by ggwhyp.
Checksums-Sha1:
 891e3cb106aecaf26c06a3cb41d22cfacf2b7334 5520744 chromium-common-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 256dd90cd4cd3e643d8d83e03615e9ace87349d4 25726548 chromium-common_148.0.7778.215-1~deb12u1_amd64.deb
 0952d637be9d2911ee509a57ef374a58e243f671 35896808 chromium-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 8fd66c521ad967b25d1b6bf388937f7746a46c2d 7580480 chromium-driver_148.0.7778.215-1~deb12u1_amd64.deb
 8a602cc59312f401c94df12f20ae7214565d4bbf 29585668 chromium-headless-shell-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 d67002711d15fa01460239505ff87ee703436edb 57630592 chromium-headless-shell_148.0.7778.215-1~deb12u1_amd64.deb
 29b3a9c5947aac4ece5f847925387cc752c735f4 19308 chromium-sandbox-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 cdb6e46b1b9c9d28ca359cd103703ecb5c0da2e2 121204 chromium-sandbox_148.0.7778.215-1~deb12u1_amd64.deb
 cf7be9b8ee1f4de9310e6bab3f538de868ba2651 32430348 chromium-shell-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 e4d9136d656c7c7431a1dff01b199c201ee815b1 63130460 chromium-shell_148.0.7778.215-1~deb12u1_amd64.deb
 3ab05aa7c65a57a825154028b7ec183c00ba6ca0 30472 chromium_148.0.7778.215-1~deb12u1_amd64-buildd.buildinfo
 f31ae62fb413593f90d5768395148b86c371d828 75085252 chromium_148.0.7778.215-1~deb12u1_amd64.deb
Checksums-Sha256:
 659fc8f6f1bf004f105d6b63eaea09e9a439ab68b113775dc036a5209dda9072 5520744 chromium-common-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 62fcea1b49f08b923e18b71c771f1bcc3880a8015cda826851f4d27107819d32 25726548 chromium-common_148.0.7778.215-1~deb12u1_amd64.deb
 b8397a4c664a7279f3a8631d6b083aeb7999b792db84f978fe71322f1a67f89c 35896808 chromium-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 63498e5d5d936e03a971e33248ab955df5b9f6a78378ee25cf82bbd7abd6da8e 7580480 chromium-driver_148.0.7778.215-1~deb12u1_amd64.deb
 43521d9530602d40f3885fcd6ad03e4c7e944592ad1b6a5f7bf3c0c2cb3239a9 29585668 chromium-headless-shell-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 d021476fe74f23f063f6669930d0a98bf554baffc2aee01a96edc5fa52d0cc3d 57630592 chromium-headless-shell_148.0.7778.215-1~deb12u1_amd64.deb
 c86fe5abd55b48e6cfe88e743cd329ee9d2d21df32b89bf9efbc2ff87189536f 19308 chromium-sandbox-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 76d70b030fedf2a12a133e35ff404f5d211637b853a24d28c171cff2386969b4 121204 chromium-sandbox_148.0.7778.215-1~deb12u1_amd64.deb
 0e4eac235a8ece07875ff1e85e61b3ebe0587b5d3afb1c5b3ad037287f33f9f1 32430348 chromium-shell-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 91ef9e134acbbbdbac62b8842fd48cb7fced60b90e1e1afc08c2c17e77841c0b 63130460 chromium-shell_148.0.7778.215-1~deb12u1_amd64.deb
 e9fe2d694f00f8a2db1aaaada324332eee6a4f2591ae933a55f6e2f9d9876f73 30472 chromium_148.0.7778.215-1~deb12u1_amd64-buildd.buildinfo
 dc1391a7f17306d78bb703531725348aa57632f983c78da9e6407d76712454ce 75085252 chromium_148.0.7778.215-1~deb12u1_amd64.deb
Files:
 fd1c99190fc554ec22da301ebe2cc377 5520744 debug optional chromium-common-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 d926ddaf4561f08090d3dac565b7eef6 25726548 web optional chromium-common_148.0.7778.215-1~deb12u1_amd64.deb
 0289d2e0376f4e373d6587de1f70c8b9 35896808 debug optional chromium-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 9bfd2f11407f7323d64f35c0a71f2452 7580480 web optional chromium-driver_148.0.7778.215-1~deb12u1_amd64.deb
 34154e13f554ddaad327d4e15cde8ee8 29585668 debug optional chromium-headless-shell-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 5a4e1f41d11af98faa13ca8cf8cf23ac 57630592 web optional chromium-headless-shell_148.0.7778.215-1~deb12u1_amd64.deb
 bc39e7e8457aa4a6b9ea1ebf239144ea 19308 debug optional chromium-sandbox-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 5243f11d6889b0ac7b7da1d9a9a5b3b1 121204 web optional chromium-sandbox_148.0.7778.215-1~deb12u1_amd64.deb
 4a4a52d518641462e858f747ec611778 32430348 debug optional chromium-shell-dbgsym_148.0.7778.215-1~deb12u1_amd64.deb
 70fbe754868ef3d54270a5081e87b437 63130460 web optional chromium-shell_148.0.7778.215-1~deb12u1_amd64.deb
 53dfa45ab9f105381e9c9c6d22919657 30472 web optional chromium_148.0.7778.215-1~deb12u1_amd64-buildd.buildinfo
 6bf63c17054a7275b551a5f75d5e3539 75085252 web optional chromium_148.0.7778.215-1~deb12u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7cQ9mRD4+dWjjrb6PkCWRKsh20cFAmodTFYACgkQPkCWRKsh
20f9ThAAp5JmiRcviCMVIDUM8nJjuVzmhMC1g4gPZ6LtRRCOi1fpGHvLSjuREEdT
M5TQinuKaRLAwp1RF9t3tSkRndRjvNMxVz9AZq5tyOD41YeGI5AFxYX86yGtEUiE
3hZ6+7akSfQrjLVkR9oXadlbRyg2ffQoPt0vwCyP6BYY0ch96IGwZ9fWMMdfmpzD
UtuSw36g2ITCjv0hqwxLXBmo6URDkkWbBQRwoZrZURRDz4Tgj+7AGcMkoIwfkp9T
TSm0V2TNoQjDCUqp6rzA3bcaLJJ9AekThZ1QazVtNjGEn/fJgqxuYNn8d5Oeyghi
AY80VW+sWlL9QT9hBaw9rHUj1tlDWfKsfWjEmLRt7u9rlTXMQUv4U9/aGppRL5op
uXT+6V139rE8gZ/5w2IM+1x7MvGLaYiP6/yZoBeAVXDFuLBQYC7smQd9reFVQ4e5
5p6txetsWZpc0Uk8Lnby7zt+d2obxNTNKqNovKpVCiH0/53TCTbACmWJXdto8vhB
OQS3wywb+O2W9JdziCBwwbKZj3JVDnejgE61534D0GZkfQwMBf7rV/mKoLO4hls/
BpaZla3esy6KUUhUE/CmvRbw2QaV7rOli5B6wVJaVoEvzwaalC0h610qaaZbegXE
+H9LUHEej5f6+BI7Jw5YbF02b+hFWKZ4Ev7A5BOXuq3mqKsLhdY=
=JoSU
-----END PGP SIGNATURE-----