Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
959c1ee7 by Moritz Muehlenhoff at 2026-07-01T12:43:39+02:00
some chromium issues affect skia and ffmpeg
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -418,6 +418,7 @@ CVE-2026-13780 (Insufficient validation of untrusted input
in ANGLE in Google Ch
CVE-2026-13781 (Insufficient validation of untrusted input in Skia in Google
Chrome pr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-13782 (Use after free in Browser in Google Chrome prior to
150.0.7871.47 allo ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
@@ -535,6 +536,7 @@ CVE-2026-13819 (Out of bounds read in ANGLE in Google
Chrome on Mac prior to 150
CVE-2026-13820 (Out of bounds read in Skia in Google Chrome on Mac prior to
150.0.7871 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-13821 (Use after free in Canvas in Google Chrome prior to
150.0.7871.47 allow ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
@@ -598,6 +600,7 @@ CVE-2026-13840 (Insufficient policy enforcement in Canvas
in Google Chrome prior
CVE-2026-13841 (Integer overflow in Skia in Google Chrome prior to
150.0.7871.47 allow ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-13842 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
@@ -649,6 +652,7 @@ CVE-2026-13857 (Inappropriate implementation in Geometry in
Google Chrome prior
CVE-2026-13858 (Out of bounds read in FFmpeg in Google Chrome prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
+ - ffmpeg <unfixed>
CVE-2026-13859 (Inappropriate implementation in ANGLE in Google Chrome prior
to 150.0. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
@@ -730,6 +734,7 @@ CVE-2026-13884 (Integer overflow in Chromecast in Google
Chrome prior to 150.0.7
CVE-2026-13885 (Use after free in Skia in Google Chrome on Android prior to
150.0.7871 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-13886 (Insufficient policy enforcement in Isolated Web Apps in Google
Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
@@ -988,6 +993,7 @@ CVE-2026-13970 (Uninitialized Use in Media in Google Chrome
prior to 150.0.7871.
CVE-2026-13971 (Uninitialized Use in Skia in Google Chrome prior to
150.0.7871.47 allo ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-13972 (Inappropriate implementation in Paint in Google Chrome prior
to 150.0. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/959c1ee71b6236d7b331188282bdea7dc63deb01
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/959c1ee71b6236d7b331188282bdea7dc63deb01
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits