Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f4c20cce by Moritz Muehlenhoff at 2026-06-17T10:12:32+02:00
new chromium issues

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -601,71 +601,104 @@ CVE-2026-22313 (The device has a webserver that exposes 
a REST API authenticated
 CVE-2026-22312 (The device has a webserver that exposes a REST API 
authenticated with  ...)
        TODO: check
 CVE-2026-12469 (Uninitialized Use in GPU in Google Chrome on Android prior to 
149.0.78 ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12468 (Race in Updater in Google Chrome on Mac prior to 
149.0.7827.155 allowe ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12467 (Use after free in Extensions in Google Chrome prior to 
149.0.7827.155  ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12466 (Heap buffer overflow in WebRTC in Google Chrome on Windows 
prior to 14 ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12465 (Object lifecycle issue in Metrics in Google Chrome prior to 
149.0.7827 ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12464 (Use after free in Browser in Google Chrome prior to 
149.0.7827.155 all ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12463 (Inappropriate implementation in Views in Google Chrome on 
Linux prior  ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12462 (Use after free in Media in Google Chrome prior to 
149.0.7827.155 allow ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12461 (Out of bounds read in WebRTC in Google Chrome on Windows prior 
to 149. ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12460 (Insufficient policy enforcement in File System Access in 
Google Chrome ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12459 (Inappropriate implementation in Serial in Google Chrome prior 
to 149.0 ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12458 (Inappropriate implementation in Passwords in Google Chrome 
prior to 14 ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12457 (Inappropriate implementation in Extensions in Google Chrome 
prior to 1 ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12456 (Inappropriate implementation in Extensions in Google Chrome 
prior to 1 ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12455 (Use after free in Tab Strip in Google Chrome prior to 
149.0.7827.155 a ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12454 (Race in Safe Browsing in Google Chrome on Mac prior to 
149.0.7827.155  ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12453 (Insufficient validation of untrusted input in Input in Google 
Chrome p ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12452 (Use after free in Downloads in Google Chrome on Android prior 
to 149.0 ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12451 (Use after free in DigitalCredentials in Google Chrome prior to 
149.0.7 ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12450 (Inappropriate implementation in Media in Google Chrome prior 
to 149.0. ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12449 (Use after free in Chromoting in Google Chrome on Windows prior 
to 149. ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12448 (Inappropriate implementation in WebView in Google Chrome on 
Android pr ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12447 (Heap buffer overflow in WebRTC in Google Chrome prior to 
149.0.7827.15 ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12446 (Inappropriate implementation in Passwords in Google Chrome 
prior to 14 ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12445 (Use after free in Extensions in Google Chrome prior to 
149.0.7827.155  ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12444 (Out of bounds read in Chromoting in Google Chrome on Windows 
prior to  ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12443 (Use after free in Web Authentication in Google Chrome prior to 
149.0.7 ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12442 (Use after free in Passwords in Google Chrome on Android prior 
to 149.0 ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12441 (Use after free in File Input in Google Chrome on Linux prior 
to 149.0. ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12440 (Use after free in DigitalCredentials in Google Chrome on 
Windows prior ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12439 (Use after free in Digital Credentials in Google Chrome prior 
to 149.0. ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12438 (Inappropriate implementation in WebView in Google Chrome on 
Android pr ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12437 (Use after free in WebShare in Google Chrome on Windows prior 
to 149.0. ...)
-       TODO: check
+       - chromium <unfixed>
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-12425 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
        NOT-FOR-US: Palo Alto Networks
 CVE-2026-12360 (The JetEngine plugin for WordPress is vulnerable to SQL 
injection in a ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -20,6 +20,8 @@ atril
 --
 botan3 (aron)
 --
+chromium (dilinger)
+--
 cups
 --
 dulwich



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4c20ccef1a8d2aa99d91ee5f55ba626aed800de

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4c20ccef1a8d2aa99d91ee5f55ba626aed800de
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to