-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 06 May 2026 16:32:51 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: amd64
Version: 148.0.7778.96-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-csail-01) <buildd_amd64-x86-csail-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (148.0.7778.96-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2026-7896: Integer overflow in Blink.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7897: Use after free in Mobile. Reported by Google.
     - CVE-2026-7898: Use after free in Chromoting. Reported by Google.
     - CVE-2026-7899: Out of bounds read and write in V8.
       Reported by Project WhatForLunch (@pjwhatforlunch).
     - CVE-2026-7900: Heap buffer overflow in ANGLE. Reported by Anonymous.
     - CVE-2026-7901: Use after free in ANGLE. Reported by Syn4pse (@ret2happy)
     - CVE-2026-7902: Out of bounds memory access in V8.
       Reported by JunYoung Park(@candymate) of KAIST Hacking Lab.
     - CVE-2026-7903: Integer overflow in ANGLE. Reported by heesun.
     - CVE-2026-7904: Out of bounds read in Fonts.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7905: Insufficient validation of untrusted input in Media.
       Reported by Google.
     - CVE-2026-7906: Use after free in SVG. Reported by Google.
     - CVE-2026-7907: Use after free in DOM. Reported by Google.
     - CVE-2026-7908: Use after free in Fullscreen. Reported by Google.
     - CVE-2026-7909: Inappropriate implementation in ServiceWorker.
       Reported by Google.
     - CVE-2026-7910: Use after free in Views. Reported by Google.
     - CVE-2026-7911: Use after free in Aura. Reported by Google.
     - CVE-2026-7912: Integer overflow in GPU. Reported by Google.
     - CVE-2026-7913: Insufficient policy enforcement in DevTools.
       Reported by Google.
     - CVE-2026-7914: Type Confusion in Accessibility. Reported by Google.
     - CVE-2026-7915: Insufficient data validation in DevTools.
       Reported by Google.
     - CVE-2026-7916: Insufficient data validation in InterestGroups.
       Reported by Google.
     - CVE-2026-7917: Use after free in Fullscreen. Reported by Google.
     - CVE-2026-7918: Use after free in GPU. Reported by Google.
     - CVE-2026-7919: Use after free in Aura. Reported by Google.
     - CVE-2026-7920: Use after free in Skia. Reported by Google.
     - CVE-2026-7921: Use after free in Passwords. Reported by Google.
     - CVE-2026-7922: Use after free in ServiceWorker. Reported by Google.
     - CVE-2026-7923: Out of bounds write in Skia. Reported by Google.
     - CVE-2026-7924: Uninitialized Use in Dawn. Reported by Google.
     - CVE-2026-7925: Use after free in Chromoting. Reported by Google.
     - CVE-2026-7926: Use after free in PresentationAPI. Reported by anonymous
     - CVE-2026-7927: Type Confusion in Runtime. Reported by Google.
     - CVE-2026-7928: Use after free in WebRTC. Reported by Google.
     - CVE-2026-7929: Use after free in MediaRecording. Reported by Google.
     - CVE-2026-7930: Insufficient validation of untrusted input in Cookies.
       Reported by Satoki.
     - CVE-2026-7931: Insufficient validation of untrusted input in iOS.
       Reported by Qadhafy Muhammad Tera.
     - CVE-2026-7932: Insufficient policy enforcement in Downloads.
       Reported by Povcfe of Tencent Security Xuanwu Lab.
     - CVE-2026-7933: Out of bounds read in WebCodecs.
       Reported by heapracer (@heapracer).
     - CVE-2026-7934: Insufficient validation of untrusted input in
       Popup Blocker. Reported by Google.
     - CVE-2026-7935: Inappropriate implementation in Speech.
       Reported by Qadhafy Muhammad Tera.
     - CVE-2026-7936: Object lifecycle issue in V8. Reported by Christian Holler.
     - CVE-2026-7937: Insufficient policy enforcement in DevTools. Reported by
       lebr0nli of National Yang Ming Chiao Tung University, Dept. of CS,
       Security and Systems Lab.
     - CVE-2026-7938: Use after free in CSS.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7939: Inappropriate implementation in SanitizerAPI.
       Reported by s3zer0.
     - CVE-2026-7940: Use after free in V8. Reported by sakana.
     - CVE-2026-7941: Insufficient validation of untrusted input in Mobile.
       Reported by Adithya Kotian.
     - CVE-2026-7942: Integer overflow in ANGLE. Reported by Google.
     - CVE-2026-7943: Insufficient validation of untrusted input in ANGLE.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-7944: Insufficient validation of untrusted input
       in Persistent Cache. Reported by Google.
     - CVE-2026-7945: Insufficient validation of untrusted input in COOP.
       Reported by Google.
     - CVE-2026-7946: Insufficient policy enforcement in WebUI.
       Reported by Google.
     - CVE-2026-7947: Insufficient validation of untrusted input in Network.
       Reported by Google.
     - CVE-2026-7948: Race in Chromoting. Reported by Google.
     - CVE-2026-7949: Out of bounds read in Skia. Reported by Google.
     - CVE-2026-7950: Out of bounds read and write in GFX. Reported by Google.
     - CVE-2026-7951: Out of bounds write in WebRTC.
       Reported by soft.connect.fr.
     - CVE-2026-7952: Insufficient policy enforcement in Extensions.
       Reported by Google.
     - CVE-2026-7953: Insufficient validation of untrusted input in Omnibox.
       Reported by Google.
     - CVE-2026-7954: Race in Shared Storage. Reported by Google.
     - CVE-2026-7955: Uninitialized Use in GPU. Reported by Google.
     - CVE-2026-7956: Use after free in Navigation. Reported by Google.
     - CVE-2026-7957: Out of bounds write in Media. Reported by Google.
     - CVE-2026-7958: Inappropriate implementation in ServiceWorker.
       Reported by Google.
     - CVE-2026-7959: Inappropriate implementation in Navigation.
       Reported by Google.
     - CVE-2026-7960: Race in Speech. Reported by Google.
     - CVE-2026-7961: Insufficient validation of untrusted input in Permissions
       Reported by Google.
     - CVE-2026-7962: Insufficient policy enforcement in DirectSockets.
       Reported by Google.
     - CVE-2026-7963: Inappropriate implementation in ServiceWorker.
       Reported by Google.
     - CVE-2026-7964: Insufficient validation of untrusted input in FileSystem.
       Reported by Google.
     - CVE-2026-7965: Insufficient validation of untrusted input in DevTools.
       Reported by Google.
     - CVE-2026-7966: Insufficient validation of untrusted input
       in SiteIsolation. Reported by Google.
     - CVE-2026-7967: Insufficient validation of untrusted input in Navigation.
       Reported by Google.
     - CVE-2026-7968: Insufficient validation of untrusted input in CORS.
       Reported by Google.
     - CVE-2026-7969: Integer overflow in Network. Reported by Google.
     - CVE-2026-7970: Use after free in TopChrome. Reported by Google.
     - CVE-2026-7971: Inappropriate implementation in ORB. Reported by Google.
     - CVE-2026-7972: Uninitialized Use in GPU. Reported by Google.
     - CVE-2026-7973: Integer overflow in Dawn. Reported by Google.
     - CVE-2026-7974: Use after free in Blink. Reported by Google.
     - CVE-2026-7975: Use after free in DevTools. Reported by Google.
     - CVE-2026-7976: Use after free in Views. Reported by Google.
     - CVE-2026-7977: Inappropriate implementation in Canvas.
       Reported by Google.
     - CVE-2026-7978: Inappropriate implementation in Companion.
       Reported by Google.
     - CVE-2026-7979: Inappropriate implementation in Media. Reported by Google
     - CVE-2026-7980: Use after free in WebAudio. Reported by Google.
     - CVE-2026-7981: Out of bounds read in Codecs. Reported by Google.
     - CVE-2026-7982: Uninitialized Use in WebCodecs. Reported by Google.
     - CVE-2026-7983: Out of bounds read in Dawn. Reported by Google.
     - CVE-2026-7984: Use after free in ReadingMode. Reported by Google.
     - CVE-2026-7985: Use after free in GPU. Reported by Google.
     - CVE-2026-7986: Insufficient policy enforcement in Autofill.
       Reported by Google.
     - CVE-2026-7987: Use after free in WebRTC. Reported by Google.
     - CVE-2026-7988: Type Confusion in WebRTC. Reported by Google.
     - CVE-2026-7989: Insufficient data validation in DataTransfer.
       Reported by Google.
     - CVE-2026-7990: Insufficient validation of untrusted input in Updater.
       Reported by Google.
     - CVE-2026-7991: Use after free in UI. Reported by Google.
     - CVE-2026-7992: Insufficient validation of untrusted input in UI.
       Reported by Google.
     - CVE-2026-7993: Insufficient validation of untrusted input in Payments.
       Reported by Google.
     - CVE-2026-7994: Inappropriate implementation in Chromoting.
       Reported by Google.
     - CVE-2026-7995: Out of bounds read in AdFilter. Reported by Google.
     - CVE-2026-7996: Insufficient validation of untrusted input in SSL.
       Reported by heesun.
     - CVE-2026-7997: Insufficient validation of untrusted input in Updater.
       Reported by ochkofficial.
     - CVE-2026-7998: Insufficient validation of untrusted input in Dialog.
       Reported by Tianyi Hu.
     - CVE-2026-7999: Inappropriate implementation in V8.
       Reported by Taisic Yun (@taisic) of Theori.
     - CVE-2026-8000: Insufficient validation of untrusted input
       in ChromeDriver. Reported by Ryan Jupp - HAAO.
     - CVE-2026-8001: Use after free in Printing.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-8002: Use after free in Audio. Reported by Google.
     - CVE-2026-8003: Insufficient validation of untrusted input in TabGroups.
       Reported by Google.
     - CVE-2026-8004: Insufficient policy enforcement in DevTools.
       Reported by Google.
     - CVE-2026-8005: Insufficient validation of untrusted input in Cast.
       Reported by Google.
     - CVE-2026-8006: Insufficient policy enforcement in DevTools.
       Reported by Google.
     - CVE-2026-8007: Insufficient validation of untrusted input in Cast.
       Reported by Google.
     - CVE-2026-8008: Inappropriate implementation in DevTools.
       Reported by Google.
     - CVE-2026-8009: Inappropriate implementation in Cast. Reported by Google.
     - CVE-2026-8010: Insufficient validation of untrusted input
       in SiteIsolation. Reported by Google.
     - CVE-2026-8011: Insufficient policy enforcement in Search.
       Reported by Google.
     - CVE-2026-8012: Inappropriate implementation in MHTML. Reported by Google
     - CVE-2026-8013: Insufficient validation of untrusted input in FedCM.
       Reported by Google.
     - CVE-2026-8014: Inappropriate implementation in Preload.
       Reported by Google.
     - CVE-2026-8015: Inappropriate implementation in Media. Reported by Google
     - CVE-2026-8016: Use after free in WebRTC. Reported by Google.
     - CVE-2026-8017: Side-channel information leakage in Media.
       Reported by Google.
     - CVE-2026-8018: Insufficient policy enforcement in DevTools.
       Reported by Google.
     - CVE-2026-8019: Insufficient policy enforcement in WebApp.
       Reported by Google.
     - CVE-2026-8020: Uninitialized Use in GPU. Reported by Google.
     - CVE-2026-8021: Script injection in UI. Reported by Google.
     - CVE-2026-8022: Inappropriate implementation in MHTML. Reported by Google
   * d/copyright:
     - drop gperf binary that upstream now includes.
     - update for dropping of "khronos" from opengl paths.
   * d/rules:
     - copy gperf binary from /usr/bin into build tree.
     - set webnn_use_litert=false.
   * d/clean:
     - update for harfbuzz-ng to harfbuzz rename.
   * d/patches:
     - upstream/Fix-GL-native-pixmap-import-support-reset-in-GpuInit.patch:
       drop, merged upstream.
     - disable/lint.patch: refresh.
     - trixie/nodejs-set-intersection.patch: refresh for file rename.
     - ungoogled/disable-ai.patch: sync from u-c.
     - trixie/gn-inputs.patch, trixie/gn-inputs2.patch: add patches to
       revert gn "inputs" usage, which isn't supported by our older
       generate-ninja package.
     - llvm-22/ignore-for-ubsan.patch: add another bit to remove the same
       unsupported compiler flag.
     - llvm-19/iota.patch: add build fix for missing std::ranges::iota().
     - upstream/turboshaft.patch: add build fix pulled from (v8) upstream
       for value_or() type ambiguity.
     - trixie/revert-v8-sanitize.patch: add patch to revert v8 gn-related
       changes that cause the build to fail w/ older gn.
     - llvm-19/raw-ref-map-find.patch: add patch to work around older
       clang-19 std::map::find() limitation.
     - rust-1.85/jxl-features.patch: refresh for new version [trixie,
       bookworm].
     - rust-1.85/jxl-simd-avx512.patch: refresh for new version, and also
       drop large portions of this patch that add unsafe{} to macro calls
       (since I already added an unsafe block in the macro definition).
       And mark more functions as unsafe [trixie, bookworm].
     - trixie/adler1.patch: refresh [trixie, bookworm].
     - trixie/rust-is-multiple-of.patch: refresh & move to rust-1.85/
       directory [trixie, bookworm].
     - rust-1.85/file_as_c_str.patch: add patch to work around lack of
       std::panic::file_as_c_str() [trixie, bookworm].
     - rust-1.85/mojo-features.patch: add patch to enable some newer
       rust features in mojom parser [trixie, bookworm].
     - rust-1.85/zip8.patch: add patch to enable some newer rust features
       in zip [trixie, bookworm].
     - bookworm/constexpr.patch: refresh for moved file [bookworm].
     - bookworm/dav1d-drop-hdr.patch: refresh [bookworm].
     - bookworm/eslint.patch: drop, no longer needed [bookworm].
     - ungoogled/remove-navigation-source-param.patch: add patch from u-c
       to drop the "&source=chrome.ob" that shows up when you search for
       something via omnibox.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0002-regenerate-xnn-buildgn.patch refresh for upstream
       changes
     - third_party/skia-vsx-instructions.patch: refresh for upstream changes
     - fixes/fix-different-data-layouts.patch: refresh for upstream changes
 .
   [ Jianfeng Liu ]
   * d/patches/loongarch64:
     - 0004-loong64-sandbox-sandbox-linux-Update-syscall-helpers.patch: Refresh
       for upstream changes
     - 0024-disable-BROTLI_MODEL-macro-for-some-targets.patch: Drop, merged
       upstream
 .
   [ Daniel Richard G. ]
   * d/patches/llvm-19/clang19.patch: Also drop -Wlifetime-safety-permissive
     flag from v8 build, as clang-19 (and 20) doesn't recognize it.
Checksums-Sha1:
 344735551672e36f9dfac332007f5e9b0f87fb72 5192420 chromium-common-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 e9fee0faf188803be7483c15f1a1f89256305235 25703932 chromium-common_148.0.7778.96-1~deb13u1_amd64.deb
 12722a1b79c030b9fb3470b12649cf0ba84618e7 33204984 chromium-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 7e7cb866cb9f24d471e79a32a94d6313bcf8a5cd 7525732 chromium-driver_148.0.7778.96-1~deb13u1_amd64.deb
 981ef9564254bfa50a254ce83ce832566fde02b6 28144892 chromium-headless-shell-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 a6c62f59063efa76c98ab37f86c0effff268eb5e 62848304 chromium-headless-shell_148.0.7778.96-1~deb13u1_amd64.deb
 561344e6809d588c9b85c2ddd451f4bced2dafa0 20212 chromium-sandbox-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 e998a2cc8e573bf00ea2c035b122996fbdd5040b 116888 chromium-sandbox_148.0.7778.96-1~deb13u1_amd64.deb
 53483329d057a0df9579b77b1bf911e96402f82a 29721772 chromium-shell-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 a000fd7578c85e153cc1520145d7308e0e7ed0a9 62477148 chromium-shell_148.0.7778.96-1~deb13u1_amd64.deb
 c279569b51d9047d87c3663e2987c52f46a95a50 30418 chromium_148.0.7778.96-1~deb13u1_amd64-buildd.buildinfo
 14e83cc513ec8484fb8c3c340bb1eae0504ec33c 85158596 chromium_148.0.7778.96-1~deb13u1_amd64.deb
Checksums-Sha256:
 f467c26324cd07a7c5e4710ffc815601de996fe21e05e19e5676439ebbdcf223 5192420 chromium-common-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 9a0a21b1c800af0022fd8f66994d12bd248f50bd60cc6796bbef76d645f7e4a3 25703932 chromium-common_148.0.7778.96-1~deb13u1_amd64.deb
 093f80f807308515ce6820c5c6a076bb5adf71810a2c8919dc433d1792bdebf7 33204984 chromium-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 2c24afc7d96bd84fe416340570c0a18af19b0c69bd20b2d914b40d71380d474d 7525732 chromium-driver_148.0.7778.96-1~deb13u1_amd64.deb
 7a8f246161a07a84df1b7a8b46423cbce687aa08c95133e81a1f07e23f434be8 28144892 chromium-headless-shell-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 0814796d22588222abe644fa617cb592f6d5b98ba728f94978fb9100a82ddf36 62848304 chromium-headless-shell_148.0.7778.96-1~deb13u1_amd64.deb
 362ea09a622839a100614efac58932b7a6f0541e77c82567e3c56883ee2a4542 20212 chromium-sandbox-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 342c11a8ef2720462186f7ab27d248c3efe84d21d2925e0a5f9a1db79249ef64 116888 chromium-sandbox_148.0.7778.96-1~deb13u1_amd64.deb
 40ad0bde56ba795100247909cdb05653cca86239bb0ffcded3c3a237d847b4a3 29721772 chromium-shell-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 c6aa42678c5c5bf2a2ccd861591cc0cf0c7ad3327d5e6b0177be7d9256c793ea 62477148 chromium-shell_148.0.7778.96-1~deb13u1_amd64.deb
 22c1303b7f293bf4367e38e26bef4717b15959ef4846462517f4e237b37c79a6 30418 chromium_148.0.7778.96-1~deb13u1_amd64-buildd.buildinfo
 53a2774463eed06ed8fb0b596648416f6c75eefd1eb313dc9c1b4ab92259d581 85158596 chromium_148.0.7778.96-1~deb13u1_amd64.deb
Files:
 4b8210f56a0b7724f29aafa756edc30a 5192420 debug optional chromium-common-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 cf7d3de8a6190cec223250a7a71473cc 25703932 web optional chromium-common_148.0.7778.96-1~deb13u1_amd64.deb
 dc00409634d4487816711b1fe2d8f4b9 33204984 debug optional chromium-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 527a8b1153a1137f18719e6dcd49b243 7525732 web optional chromium-driver_148.0.7778.96-1~deb13u1_amd64.deb
 57c7ff1e164e3e7cf5dc38c44c0f0cea 28144892 debug optional chromium-headless-shell-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 6f65ecc13223be91c76aec109742ce1a 62848304 web optional chromium-headless-shell_148.0.7778.96-1~deb13u1_amd64.deb
 4de5c2ff248e72f2608c48e7b362e576 20212 debug optional chromium-sandbox-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 39f691ebe1fffd79cfa3230731363458 116888 web optional chromium-sandbox_148.0.7778.96-1~deb13u1_amd64.deb
 494f4e7e7e5d7fd0eec19d25d82b694c 29721772 debug optional chromium-shell-dbgsym_148.0.7778.96-1~deb13u1_amd64.deb
 34814b0693581044266d6b5ebf8318ff 62477148 web optional chromium-shell_148.0.7778.96-1~deb13u1_amd64.deb
 8e3888b923fdcec605c34af09e61a3c7 30418 web optional chromium_148.0.7778.96-1~deb13u1_amd64-buildd.buildinfo
 df74c10a78da736b1e53711e676d2d79 85158596 web optional chromium_148.0.7778.96-1~deb13u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBDWXQb2umOtH4DRpYg9P9sm2dfEFAmn8fE0ACgkQYg9P9sm2
dfEmDRAAwlamv1+/LZNVGuBrxq3tD3lpNemdv2tod5LgCQPHffXxAuoCQ2XCof/D
0eYiBSXfmbv7Ytq8ntejfnxb1BRyrcHTUDoc/CIP2F3fpIgLcQo7clg0cbe2utys
Jf4V8qac+ijOLOw34zSvfXXwucsZSheN02KaQdO/zftyZwaPWr5HkVe+i0QUNvcS
iFXX0sFL61PvmPRv5AALFu19rrZNDOrnXOB8orpg1Xv382zPBQbvLrf0co84slY0
QwXySg7vTPACd1FGpTMwNcHemfQ/gBHlFczba96wy4gyGpU+FVIZsJaPH4ZcbU9c
VG/O2mmHI6cdXs+mhN3Kx1tj1ZSlYYq+rNUmuk23Xh6+kVwAqXQGH8nhW52z8nOd
Ss4TqJzbo1l1DhwWa2jsYDPZuqn2egrxRxifT2s6JN2UYuzlkMuce6Wsg4kOSu2b
JRvv1A8LnkgZwkSjeItxvEKdXZRr/s9FRJEjWenfgjuikdt5+ry5JMUrXgG7Z/XZ
kgW7bzSXWf3H3iAA/n0kXNcC/JsTxq7PVi2OkEvs2IN3ie6UecnaV4RYen+4v4Ar
fKRnEFfjIYwbvkihDY31pBVZUB/Ink24LuQ0leYyl65c4KDi9dRoLOaAYnWA5FFF
1TyEiu3KdIqM+woonbrtV5wy4HhhR9gvdTjaf8KWXnPEdCRRoyg=
=vdf6
-----END PGP SIGNATURE-----
