-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 10 Jul 2026 01:45:42 -0400 Source: chromium Architecture: source Version: 150.0.7871.114-1~deb13u1 Distribution: trixie-security Urgency: high Maintainer: Debian Chromium Team <[email protected]> Changed-By: Andres Salomon <[email protected]> Changes: chromium (150.0.7871.114-1~deb13u1) trixie-security; urgency=high . [ Andres Salomon ] * New upstream security release. - CVE-2026-15112: Use after free in Ozone. Reported by Google. - CVE-2026-15129: Use after free in Views. Reported by Google. - CVE-2026-15132: Uninitialized Use in V8. Reported by Pierre Langlois from Arm. - CVE-2026-15133: Use after free in InterestGroups. Reported by Jihyeon Jeong (Compsec Lab, Seoul National University / Research Intern). - CVE-2026-15108: Integer overflow in Extensions API. Reported by Google. - CVE-2026-15109: Uninitialized Use in ANGLE. Reported by Google. - CVE-2026-15110: Use after free in Extensions. Reported by Google. - CVE-2026-15111: Use after free in Views. Reported by Google. - CVE-2026-15113: Use after free in Autofill. Reported by Google. - CVE-2026-15114: Out of bounds read and write in Codecs. Reported by Google. - CVE-2026-15115: Insufficient validation of untrusted input in WebAppInstalls. Reported by Google. - CVE-2026-15116: Use after free in Actor. Reported by Google. - CVE-2026-15117: Use after free in Payments. Reported by Google. - CVE-2026-15118: Use after free in Input. Reported by Google. - CVE-2026-15119: Inappropriate implementation in GetUserMedia. Reported by Google. - CVE-2026-15120: Use after free in Core. Reported by Google. - CVE-2026-15121: Use after free in WebRTC. Reported by Google. - CVE-2026-15122: Insufficient validation of untrusted input in Codecs. Reported by Google. - CVE-2026-15123: Insufficient data validation in DOM. Reported by Google - CVE-2026-15124: Insufficient policy enforcement in Passwords. Reported by Google. - CVE-2026-15125: Inappropriate implementation in Forms. Reported by Google. - CVE-2026-15126: Use after free in Forms. Reported by Google. - CVE-2026-15127: Inappropriate implementation in WebGL. Reported by Google. - CVE-2026-15128: Inappropriate implementation in Forms. Reported by Google. - CVE-2026-15130: Insufficient policy enforcement in Navigation. Reported by Google. - CVE-2026-15107: Use after free in IndexedDB. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab. - CVE-2026-15131: Insufficient data validation in Navigation. Reported by Google. Checksums-Sha1: e2a7980335e587fb49b04c52d836185ce702a73d 4099 chromium_150.0.7871.114-1~deb13u1.dsc c2c182e9cc5cfe314511c0c9eea26df406edc4a8 941382260 chromium_150.0.7871.114.orig.tar.xz c9170ad6d44dccc7442b3e9175466ea0a916b5bb 537680 chromium_150.0.7871.114-1~deb13u1.debian.tar.xz c08c786f0fdb4437094858df22b319397a9759bf 27274 chromium_150.0.7871.114-1~deb13u1_source.buildinfo Checksums-Sha256: e94f0977555f700e24e40849bbde80121b581ccdcb6a311302b168ae19417c28 4099 chromium_150.0.7871.114-1~deb13u1.dsc 962917b028794a608ac57c260312e8a1c47ee244c5f88d585fa4645383593453 941382260 chromium_150.0.7871.114.orig.tar.xz 686d14960d823670fa6794975bdbbe63c5d8070be1f596056643cc10906655c2 537680 chromium_150.0.7871.114-1~deb13u1.debian.tar.xz 9249a1bfa891e01339cf76591d9ed46ceba97987da49b694296663c87c49183d 27274 chromium_150.0.7871.114-1~deb13u1_source.buildinfo Files: df1de34aca01db6a1136f39dc7ad7e7b 4099 web optional chromium_150.0.7871.114-1~deb13u1.dsc 84472f0596f14b31b83e88a698f2f9cd 941382260 web optional chromium_150.0.7871.114.orig.tar.xz 435c9f54463542d674dbe537ad903a40 537680 web optional chromium_150.0.7871.114-1~deb13u1.debian.tar.xz e38f22c336698e5ccd00259c1638fc1c 27274 web optional chromium_150.0.7871.114-1~deb13u1_source.buildinfo
-----BEGIN PGP SIGNATURE----- iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmpROBQUHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8Nudjd75BAAu/cGxJuREWK2vWbFolu61EN0aLgL 0XlM1dZWadBEa0NH1uGO4E7m+7Gn/v1kCpGrwaF7UYMGneJjGRvQhsUBbphRfqWR I3jTuDl6Szygl37h0bLrs34oikCrzsNzt4GTWTZe2mpv/pNt5jwOQth8ZJ6gD5Ct eMePqHGQqzXs4/aj3tlKGrhY7XwcS7lllL0g9FdYK5pEoJJbK28axlmNpCbefNDR w0YSthvyW4q166IBgYFX2Xxkj70zqhBy668Y45OB/HlAZJElr86M2LbqSr/07AN+ +igN1PigsZ7udahgaLBFFn1pvHaGCnFMZDZUx/GUAhzN+pAKL7Z/siPPonbVxwzm UFPwV7pbvx08q1atTjfldLiI5VdRMYqasWpqy0xoO7qnxEUUEZ6BWDJ8kTLQ66nu rnWKGAWK6VQY6+9HDlmUe6jJjs8WKx7rDJWp8WIUwodC5iBG+LP+dSs+3uAfKuVF N3xvy1GJuISkvErxKgpx8/N1sWNmiRZYjt7FgYZx0saLyGtxC6MJsuIwv+BjMSbW ppzr6OnTWEoHQQAVybGeds1R3CB8L5yp2+bb11XJPQx4OSYuuG9UGtk8i9694aNi ji4btu3tC3R6NF7y4IV8WTmSNYre/NCnmtCXmQ5ZnWPyb/bEjbbJgZfvEgiYDES6 t31BlY71fwaeDv4= =Wasy -----END PGP SIGNATURE-----
pgplTqBdqnT3W.pgp
Description: PGP signature

