-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 09 Jun 2026 04:00:45 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: ppc64el
Version: 149.0.7827.102-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: ppc64el Build Daemon (ppc64el-conova-02) <buildd_ppc64el-ppc64el-conova-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (149.0.7827.102-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-11628: Use after free in Ozone. Reported by Google.
     - CVE-2026-11629: Use after free in Ozone. Reported by Google.
     - CVE-2026-11630: Use after free in File Input. Reported by Google.
     - CVE-2026-11631: Use after free in Aura. Reported by Google.
     - CVE-2026-11632: Use after free in TabStrip. Reported by Google.
     - CVE-2026-11633: Use after free in Bluetooth. Reported by Google.
     - CVE-2026-11634: Use after free in Gamepad. Reported by Google.
     - CVE-2026-11635: Use after free in Bluetooth. Reported by Google.
     - CVE-2026-11636: Use after free in Autofill. Reported by Google.
     - CVE-2026-11637: Use after free in Views. Reported by Google.
     - CVE-2026-11638: Use after free in Printing. Reported by Google.
     - CVE-2026-11639: Use after free in Compositing. Reported by Google.
     - CVE-2026-11640: Integer overflow in libyuv. Reported by Google.
     - CVE-2026-11641: Use after free in Bluetooth. Reported by Google.
     - CVE-2026-11642: Use after free in Web Apps. Reported by Google.
     - CVE-2026-11643: Use after free in Proxy. Reported by Google.
     - CVE-2026-11644: Use after free in Views. Reported by Google.
     - CVE-2026-11645: Out of bounds memory access in V8. Reported by 303f06e3
     - CVE-2026-11646: Use after free in ViewTransitions.
       Reported by Quac Tran.
     - CVE-2026-11647: Use after free in Printing. Reported by Google.
     - CVE-2026-11648: Use after free in FullScreen.
       Reported by Mihnea Nicolau.
     - CVE-2026-11649: Use after free in V8. Reported by Google.
     - CVE-2026-11650: Use after free in V8. Reported by Google.
     - CVE-2026-11651: Use after free in Network. Reported by Google.
     - CVE-2026-11652: Use after free in Extensions. Reported by Google.
     - CVE-2026-11653: Insufficient validation of untrusted input in
       Extensions. Reported by Google.
     - CVE-2026-11654: Use after free in CameraCapture. Reported by Google.
     - CVE-2026-11655: Integer overflow in Media. Reported by Google.
     - CVE-2026-11656: Use after free in ServiceWorker. Reported by Google.
     - CVE-2026-11657: Use after free in Payments. Reported by Google.
     - CVE-2026-11658: Insufficient validation of untrusted input in
       Extensions. Reported by Google.
     - CVE-2026-11659: Insufficient validation of untrusted input in UI.
       Reported by Google.
     - CVE-2026-11660: Insufficient validation of untrusted input in
       New Tab Page. Reported by Google.
     - CVE-2026-11661: Use after free in Views. Reported by Google.
     - CVE-2026-11662: Type Confusion in Bindings. Reported by Google.
     - CVE-2026-11663: Use after free in Skia. Reported by Google.
     - CVE-2026-11664: Use after free in Payments. Reported by Google.
     - CVE-2026-11665: Out of bounds read in Dawn. Reported by Google.
     - CVE-2026-11666: Insufficient validation of untrusted input in Input.
       Reported by Google.
     - CVE-2026-11667: Out of bounds read in WebRTC. Reported by Google.
     - CVE-2026-11668: Uninitialized Use in Codecs. Reported by Google.
     - CVE-2026-11669: Integer overflow in Media. Reported by Google.
     - CVE-2026-11670: Use after free in PDF. Reported by Google.
     - CVE-2026-11671: Use after free in Navigation. Reported by Google.
     - CVE-2026-11672: Out of bounds write in GPU. Reported by Google.
     - CVE-2026-11673: Use after free in InterestGroups. Reported by Google.
     - CVE-2026-11674: Use after free in Guest View. Reported by Google.
     - CVE-2026-11675: Insufficient validation of untrusted input in Skia.
       Reported by Google.
     - CVE-2026-11676: Insufficient validation of untrusted input in Dawn.
       Reported by Google.
     - CVE-2026-11677: Race in Network. Reported by Google.
     - CVE-2026-11678: Integer overflow in libyuv. Reported by Google.
     - CVE-2026-11679: Use after free in Codecs. Reported by Google.
     - CVE-2026-11680: Use after free in Media. Reported by Google.
     - CVE-2026-11681: Use after free in Ozone. Reported by Google.
     - CVE-2026-11682: Insufficient validation of untrusted input in Views.
       Reported by Google.
     - CVE-2026-11683: Use after free in WebCodecs. Reported by Google.
     - CVE-2026-11684: Insufficient policy enforcement in Network.
       Reported by Google.
     - CVE-2026-11685: Insufficient data validation in MediaCapture.
       Reported by Google.
     - CVE-2026-11686: Insufficient validation of untrusted input in Dawn.
       Reported by Google.
     - CVE-2026-11687: Use after free in Dawn. Reported by Google.
     - CVE-2026-11688: Object lifecycle issue in SVG. Reported by Google.
     - CVE-2026-11689: Insufficient validation of untrusted input in
       Passwords. Reported by Google.
     - CVE-2026-11690: Out of bounds read and write in Media.
       Reported by Google.
     - CVE-2026-11691: Insufficient validation of untrusted input in
       New Tab Page. Reported by Google.
     - CVE-2026-11692: Use after free in Read Anything. Reported by Google.
     - CVE-2026-11693: Inappropriate implementation in Plugins.
       Reported by Google.
     - CVE-2026-11694: Use after free in ServiceWorker. Reported by Google.
     - CVE-2026-11695: Inappropriate implementation in Passwords.
       Reported by Google.
     - CVE-2026-11696: Uninitialized Use in Video. Reported by Google.
     - CVE-2026-11697: Insufficient validation of untrusted input in UI.
       Reported by Google.
     - CVE-2026-11698: Use after free in Bluetooth. Reported by Google.
     - CVE-2026-11699: Use after free in Bluetooth. Reported by Google.
     - CVE-2026-11700: Use after free in Tracing. Reported by Google.
     - CVE-2026-11701: Insufficient validation of untrusted input in Guest
       View. Reported by Google.
   * d/patches:
     - fixes/arm-logging.patch: add patch to hopefully fix build failure
       on arm*.
     - loongarch64/0024-fix-libyuv-lsx.patch: refresh.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - 0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: refresh for
       upstream changes
     - core/baseline-isa-3-0.patch: refresh
Checksums-Sha1:
 b1d7c1222dab09dd309319aeaf33f3b5ab60b92a 5807980 chromium-common-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 4f5c28ce6657fec7a9bdb39b37d89d22b97f7014 32117112 chromium-common_149.0.7827.102-1~deb13u1_ppc64el.deb
 45ee9df06eec421daa0822a381d8c45f06bc34a2 30129760 chromium-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 9051038aad89c13e8ebc9ad5039df467fb1ec2ae 7470288 chromium-driver_149.0.7827.102-1~deb13u1_ppc64el.deb
 c12ebb80f744b32c6dfd5fb487aecbdcd19f982a 24823836 chromium-headless-shell-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 61f5b383c81cf74ee7fedcc5d9e746ba2af5ec74 59798088 chromium-headless-shell_149.0.7827.102-1~deb13u1_ppc64el.deb
 c77e5a14f87708e3860e8eec266bd1072d225532 20332 chromium-sandbox-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 646bd069156170ecf39977c279678eab8d020226 125368 chromium-sandbox_149.0.7827.102-1~deb13u1_ppc64el.deb
 e9e61573aec1a98fb0febe2d649306b3aa7efbb4 25828228 chromium-shell-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 7d02fb0e580c141e9827f702467dcfd950835dbb 59845204 chromium-shell_149.0.7827.102-1~deb13u1_ppc64el.deb
 7df7b1174eb348eaae9e62d6c7ba934da4761e26 30613 chromium_149.0.7827.102-1~deb13u1_ppc64el-buildd.buildinfo
 6d1daee302c41dfacf31cb358d12f9e50d4e17fb 81056116 chromium_149.0.7827.102-1~deb13u1_ppc64el.deb
Checksums-Sha256:
 d1e61fd63ab458d4aaea733215d2cdd8c90db786e2149d9efc685e0e8d142f98 5807980 chromium-common-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 2a6d196daeebce79ec1fb46e15707691f0c9deeb9215d3b4d7e0761218807d89 32117112 chromium-common_149.0.7827.102-1~deb13u1_ppc64el.deb
 1df0c6b358569adc231a223d109ed7386c1318e0be2ff78612ff64e625444334 30129760 chromium-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 195d71bcf66dd27e64d84ffc864fd24fcb122166f5e53534a014142d318f95dd 7470288 chromium-driver_149.0.7827.102-1~deb13u1_ppc64el.deb
 4e5a74ec341de4779e4d5305fdb419aeac9bf8969ba86ae53b2ade2253d52269 24823836 chromium-headless-shell-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 0b1fcec0b46bb75e68395f31e2905cce5a19e1cd1e874803934aa8082d8a9fcc 59798088 chromium-headless-shell_149.0.7827.102-1~deb13u1_ppc64el.deb
 8749d36b8a9a03d5c8e253bbf5cc7cabceff9398d1f7cf4e33af42b62fdfe71f 20332 chromium-sandbox-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 ababd6a776a86a6661d699b31dac453b4ab9b2325273443268ccf35353351689 125368 chromium-sandbox_149.0.7827.102-1~deb13u1_ppc64el.deb
 603191cc179ab81816aff7ab8ce0e261730d3861128fd76652eb67c799bab514 25828228 chromium-shell-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 e0792c36b9f802d36f75d16498a7899f63489258119a794f57b14caa7bcd96e8 59845204 chromium-shell_149.0.7827.102-1~deb13u1_ppc64el.deb
 5be14129f52b1c024b3a278750ab0da3442f6681a43c10012ead94b3422bbf72 30613 chromium_149.0.7827.102-1~deb13u1_ppc64el-buildd.buildinfo
 ffd402a21e7c243236ddadaf4833424343a5f73d2bebf58017d6d1eb37acb84b 81056116 chromium_149.0.7827.102-1~deb13u1_ppc64el.deb
Files:
 e265774523e6ca7825af380af4eb7c63 5807980 debug optional chromium-common-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 cdacca34097837f7c8a9f9c3ad2354a8 32117112 web optional chromium-common_149.0.7827.102-1~deb13u1_ppc64el.deb
 17965319b75b5dce66814ef5e2cea603 30129760 debug optional chromium-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 802525c311e12885c6d1a00f6a496751 7470288 web optional chromium-driver_149.0.7827.102-1~deb13u1_ppc64el.deb
 06240476715e138d312c9bc469bab077 24823836 debug optional chromium-headless-shell-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 8d83f97132ed4460856ccaba332e5a8d 59798088 web optional chromium-headless-shell_149.0.7827.102-1~deb13u1_ppc64el.deb
 b68f1b4948cd2039b81e0335b5336738 20332 debug optional chromium-sandbox-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 c867d3f9356fa32dc8710b315b22c117 125368 web optional chromium-sandbox_149.0.7827.102-1~deb13u1_ppc64el.deb
 8f194097ef4e823c7510e025d228aabe 25828228 debug optional chromium-shell-dbgsym_149.0.7827.102-1~deb13u1_ppc64el.deb
 78c431ae3d13263781763eebc4c0e50e 59845204 web optional chromium-shell_149.0.7827.102-1~deb13u1_ppc64el.deb
 aef01a47202244e8fd034c734a3c52ea 30613 web optional chromium_149.0.7827.102-1~deb13u1_ppc64el-buildd.buildinfo
 7262a20819ebb4eff5d6bb1162882969 81056116 web optional chromium_149.0.7827.102-1~deb13u1_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEySUEQfg5pZeb/U372FRWNm40e2YFAmop+mIACgkQ2FRWNm40
e2YZ+g/9E2v2Ckq9SiNfB+gZFqiAS6HFI1rW02HRpDper4AXOcCoifapZSLuw3tY
dv3K0qDNVauOpBF0FG9PBpJz5JzxH6KAMsyYRJSisPRDLySKsO4I5JofJehLrYCA
NxS0GNnNvTrttaPhVFHE/WmQhdVGUyuUru5n4obVZv1YK0yrktAAInQumIl3x52c
u4XXU15A4EGdQY5lCfYOc9LSA9TJE6Feuv1Sk7PbFqX1xFqzRNTAXcZSLS5AVSit
pfuOuMst10G14HADk/sxkgEwBswms+QVGnE0Z5f6eIylGBBB28+7vZfHJ9mCZfSK
ONi+1RxpFWev2//miC9zdA8oI9Xr4mamT/nd6ekr8YdLC/GIwRvj58dMd9zxzdRM
DhibdDAyJ9/d6s1zIarqAZO7pEMBLts3Va8Nj7/ROalxZYP0DZFD1rHPYSvt+Uvx
kbMvNEKBelfGQkJTzq2Lj/tTNptpFfmzJ2Bi/99iMFvxBfblbqwmWfC1zDeO52o9
a29JOoj8lxOnS9owwiGgvVvk3/9C8XArL9qZUIEJD/ojomhAw/p2peMb3wcjCz3Y
fPsob6VFKLXk3trs7cTLl1Rv+mcT30esNxWS0IRxGzCDhl0dd/ttC9FelHQYtZPQ
mFIldT26nWLXtUQeMMwZixUmRWru3apog93ouzI9h0KKrqzFeyg=
=3lcD
-----END PGP SIGNATURE-----
