-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 14 Jul 2026 23:16:33 -0400
Source: chromium
Architecture: source
Version: 150.0.7871.124-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: Debian Chromium Team <[email protected]>
Changed-By: Andres Salomon <[email protected]>
Changes:
 chromium (150.0.7871.124-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-15764: Use after free in Ozone. Reported by Google.
     - CVE-2026-15765: Use after free in Ozone. Reported by Google.
     - CVE-2026-15766: Uninitialized Use in Skia. Reported by Google.
     - CVE-2026-15767: Heap buffer overflow in libyuv. Reported by Google.
     - CVE-2026-15768: Insufficient policy enforcement in HTML-in-Canvas.
       Reported by Google.
     - CVE-2026-15769: Insufficient validation of untrusted input in
       Linux Toolkit Theming. Reported by Google.
     - CVE-2026-15770: Uninitialized Use in V8. Reported by Google.
     - CVE-2026-15771: Insufficient validation of untrusted input in Media.
       Reported by Google.
     - CVE-2026-15772: Use after free in GPU. Reported by Google.
     - CVE-2026-15773: Use after free in Core.
       Reported by xinchaotian of Microsoft.
     - CVE-2026-15774: Use after free in Skia. Reported by Google.
     - CVE-2026-15775: Insufficient policy enforcement in V8.
       Reported by [email protected].
     - CVE-2026-15776: Type Confusion in V8.
       Reported by Salvatore Gulizia (nickname: Serotav).
     - CVE-2026-15777: Use after free in UI. Reported by Google.
     - CVE-2026-15778: Insufficient validation of untrusted input in
       Navigation. Reported by Google.
   * d/patches/upstream/libyuv-loongarch-fix-row_lsx.cc-and-row_lasx.cc.patch:
     drop, merged upstream.
Checksums-Sha1:
 437de3381c8e4d0ceef2dd924d4063a825af866f 4099 
chromium_150.0.7871.124-1~deb13u1.dsc
 b4fbd12de7df3afe3e8369f4497a4af6b478837d 941311420 
chromium_150.0.7871.124.orig.tar.xz
 4a3db24b1e6d178a1c00bd8ef2f9562c56d2790c 536788 
chromium_150.0.7871.124-1~deb13u1.debian.tar.xz
 3ad3b6c918b6c20c0fc8111df0964177e723c436 27274 
chromium_150.0.7871.124-1~deb13u1_source.buildinfo
Checksums-Sha256:
 235e810fbbfc073b882d38212537c9da57ce71b11e9257e8a5aab8ce0c24722d 4099 
chromium_150.0.7871.124-1~deb13u1.dsc
 50f06f405618eda4a1d8b7399ad45985cab4eabf2ee9b5adeb80c0397ceb92c1 941311420 
chromium_150.0.7871.124.orig.tar.xz
 cb50051dbffed8c67969a781fb6d3ab31fa78fb026521cb402b66a3fba4b837a 536788 
chromium_150.0.7871.124-1~deb13u1.debian.tar.xz
 2f6aa30a8b9bd7c6f3c412ad41c702c40bc1e75882e8a07844073e09ca2d5132 27274 
chromium_150.0.7871.124-1~deb13u1_source.buildinfo
Files:
 c3c968b4cae2dad14c07bc2138bfe08c 4099 web optional 
chromium_150.0.7871.124-1~deb13u1.dsc
 aca404ee4f0888c74efeb1e62c60bfc4 941311420 web optional 
chromium_150.0.7871.124.orig.tar.xz
 6ef0051e2812db8c8a6e7e0e4abd4b2a 536788 web optional 
chromium_150.0.7871.124-1~deb13u1.debian.tar.xz
 88ee07c618dd033b37510017dda6d292 27274 web optional 
chromium_150.0.7871.124-1~deb13u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmpXTkQUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjcjRw/8DcBwyPTLz+NkBndBEms2pzwZV+Ut
DT2yckJJRRWI7WxtSpDbztE0sFsO9nnXoqSLFMmMToGDgh0yWmlGD+gOZm6K0VXJ
bPQIXzeSJsolHEoSP/9e8DNhKuNYRJkAZkVfwgO/F8akRG42CNpiEfQmPcAIPXzb
jDlFEAv0/IEaBgTV+TgQPrn6Cvv93CXxUfRn8mIUKfi8oLuLAzgnUM2kakrjTDnt
h2mM7ZpLRRAbag1GfYInlhkdkfXMvBcxoyaqQG6RSUDYReysS/G1aeDwiTMuzpFP
HevTXo7wt5H+GB9e7zL3yJfGveMGyUoxkRP8dbw15Byk8kS/QQcaYSVGYtmXTp8D
M0Bq1k5bjBYR9D/zPGwQRIT9MHX/J7svm3TQDIMXTYHuhvjclkUq5MdaOIcvGHWk
ethoaYZS47k/w8/AFog1oLxurob0qdzhOhLmL+qhkgzZjogK/9ct12agfKCaYJHy
lMm9BFRNki5+vy4yES3y+Et45pfQAbKGcntla4GuHEwCiPl0AEQbd/6NCEuOmBZ/
U5wXLiBIJ0wA1AB3RvBtivbTEZRhGdDwN/SWDX0HN5dxXHY8RVIGtzOriVoHZ9AR
QOhBgqj4ktcMrXyzxdSWPZF9+VbB4fI6Xu+B/8oHRIKDECE/TjhjqnYFHhPr7mVn
rF/QzR2lj1I4ETY=
=Z6gN
-----END PGP SIGNATURE-----

Attachment: pgp_DBhMZBNYb.pgp
Description: PGP signature

Reply via email to