Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
959c1ee7 by Moritz Muehlenhoff at 2026-07-01T12:43:39+02:00
some chromium issues affect skia and ffmpeg

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -418,6 +418,7 @@ CVE-2026-13780 (Insufficient validation of untrusted input 
in ANGLE in Google Ch
 CVE-2026-13781 (Insufficient validation of untrusted input in Skia in Google 
Chrome pr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
+       - libskia <unfixed>
 CVE-2026-13782 (Use after free in Browser in Google Chrome prior to 
150.0.7871.47 allo ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
@@ -535,6 +536,7 @@ CVE-2026-13819 (Out of bounds read in ANGLE in Google 
Chrome on Mac prior to 150
 CVE-2026-13820 (Out of bounds read in Skia in Google Chrome on Mac prior to 
150.0.7871 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
+       - libskia <unfixed>
 CVE-2026-13821 (Use after free in Canvas in Google Chrome prior to 
150.0.7871.47 allow ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
@@ -598,6 +600,7 @@ CVE-2026-13840 (Insufficient policy enforcement in Canvas 
in Google Chrome prior
 CVE-2026-13841 (Integer overflow in Skia in Google Chrome prior to 
150.0.7871.47 allow ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
+       - libskia <unfixed>
 CVE-2026-13842 (Inappropriate implementation in Chrome for iOS in Google 
Chrome on iOS ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
@@ -649,6 +652,7 @@ CVE-2026-13857 (Inappropriate implementation in Geometry in 
Google Chrome prior
 CVE-2026-13858 (Out of bounds read in FFmpeg in Google Chrome prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
+       - ffmpeg <unfixed>
 CVE-2026-13859 (Inappropriate implementation in ANGLE in Google Chrome prior 
to 150.0. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
@@ -730,6 +734,7 @@ CVE-2026-13884 (Integer overflow in Chromecast in Google 
Chrome prior to 150.0.7
 CVE-2026-13885 (Use after free in Skia in Google Chrome on Android prior to 
150.0.7871 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
+       - libskia <unfixed>
 CVE-2026-13886 (Insufficient policy enforcement in Isolated Web Apps in Google 
Chrome  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
@@ -988,6 +993,7 @@ CVE-2026-13970 (Uninitialized Use in Media in Google Chrome 
prior to 150.0.7871.
 CVE-2026-13971 (Uninitialized Use in Skia in Google Chrome prior to 
150.0.7871.47 allo ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
+       - libskia <unfixed>
 CVE-2026-13972 (Inappropriate implementation in Paint in Google Chrome prior 
to 150.0. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/959c1ee71b6236d7b331188282bdea7dc63deb01

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/959c1ee71b6236d7b331188282bdea7dc63deb01
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to