-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 17 Jun 2026 01:14:44 -0400
Source: chromium
Binary: chromium-l10n
Architecture: all
Version: 149.0.7827.155-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium-l10n - web browser - language packs
Changes:
 chromium (149.0.7827.155-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-12437: Use after free in WebShare. Reported by Google.
     - CVE-2026-12438: Inappropriate implementation in WebView.
       Reported by Google.
     - CVE-2026-12439: Use after free in Digital Credentials.
       Reported by Google.
     - CVE-2026-12440: Use after free in DigitalCredentials. Reported by Google
     - CVE-2026-12441: Use after free in File Input. Reported by Google.
     - CVE-2026-12442: Use after free in Passwords. Reported by Google.
     - CVE-2026-12443: Use after free in Web Authentication. Reported by Google
     - CVE-2026-12444: Out of bounds read in Chromoting. Reported by Google.
     - CVE-2026-12445: Use after free in Extensions. Reported by Google.
     - CVE-2026-12446: Insufficient data validation in Passwords.
       Reported by Google.
     - CVE-2026-12447: Heap buffer overflow in WebRTC. Reported by Google.
     - CVE-2026-12448: Inappropriate implementation in WebView.
       Reported by Google.
     - CVE-2026-12449: Use after free in Chromoting. Reported by Google.
     - CVE-2026-12450: Inappropriate implementation in Media.
       Reported by Zhixin Tu.
     - CVE-2026-12451: Use after free in DigitalCredentials. Reported by Google
     - CVE-2026-12452: Use after free in Downloads. Reported by Google.
     - CVE-2026-12453: Insufficient validation of untrusted input in Input.
       Reported by Google.
     - CVE-2026-12454: Race in Safe Browsing. Reported by Google.
     - CVE-2026-12455: Use after free in Tab Strip. Reported by Google.
     - CVE-2026-12456: Insufficient validation of untrusted input in
       Extensions. Reported by Google.
     - CVE-2026-12457: Insufficient data validation in Extensions.
       Reported by Google.
     - CVE-2026-12458: Incorrect security UI in Passwords. Reported by Google.
     - CVE-2026-12459: Inappropriate implementation in Serial.
       Reported by Google.
     - CVE-2026-12460: Insufficient policy enforcement in File System Access.
       Reported by Google.
     - CVE-2026-12461: Out of bounds read in WebRTC. Reported by Google.
     - CVE-2026-12462: Use after free in Media. Reported by Google.
     - CVE-2026-12463: Inappropriate implementation in Views.
       Reported by Google.
     - CVE-2026-12464: Use after free in Browser. Reported by Google.
     - CVE-2026-12465: Insufficient validation of untrusted input in Metrics.
       Reported by Google.
     - CVE-2026-12466: Heap buffer overflow in WebRTC. Reported by Google.
     - CVE-2026-12467: Use after free in Extensions. Reported by Google.
     - CVE-2026-12468: Inappropriate implementation in Updater.
       Reported by Google.
     - CVE-2026-12469: Uninitialized Use in GPU. Reported by Google.
Checksums-Sha1:
 2190d02cbd2a27d840d1ba011f29ea09cc432e1d 8969400 chromium-l10n_149.0.7827.155-1~deb12u1_all.deb
 9f285dacee789b4f3441a1d07b88b1155eb5d64a 26986 chromium_149.0.7827.155-1~deb12u1_all-buildd.buildinfo
Checksums-Sha256:
 f68c53dfa44cd6fc23aea550006c8513f8d77aa977a81813c5da34f01bb79192 8969400 chromium-l10n_149.0.7827.155-1~deb12u1_all.deb
 89c7798bd5b2659d759be1bad325b5b16cd2c341acbe459d2b473627b6a4292b 26986 chromium_149.0.7827.155-1~deb12u1_all-buildd.buildinfo
Files:
 6ac550cd47362da896f879882111e61f 8969400 localization optional chromium-l10n_149.0.7827.155-1~deb12u1_all.deb
 40ca26cde2cd3e1cbc98960aa0d661e2 26986 web optional chromium_149.0.7827.155-1~deb12u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE81O8NL+3kjBAqEvLmgPNRvTf/zcFAmo0NIEACgkQmgPNRvTf
/zfJCw/+MjdV7ZGXuQna12IfFZZvzwumCfU05WDxdkNff8ENS+Q6M550gOwcf09m
yKoHIRnkT5mn81n1MHax2jvLNu01SuIi/92SWUmUaRo6NYr5iVclaa4R3qrikGJ1
oy2RV5MeQO5LptgiRZXzzG3UH4eUVdwP2v3GNID7KGsvZ42DuqvcirQgpIbqUWhE
/CQLp2emPspVLaWlPyw/XRuzMudNJq0gB3IVLwg4Vk+s4mi+OY1764A+IaCtZzvQ
6Vol7H9F/nT3a+eiNJMx24UkQ+M8EkUr0C5J3NIMjn+rQ3W8UZmsURXyE43pglMQ
xMBbRQ1CpwgcbX7M1giSlwdxxpY2EXfdXgKXtRKIcUvPjuU8VY3B33yLHQD70NfL
VzRuzP1fhahMC/i9nB8KMpwZHzRQbG4SY6P7atMMHaorscKZbsFDdjXFXTJsMKW1
6I2/CPUUu6C7wj51+IhK7BuXghy4e9wNjuI3yXYhTDm3XKShIjxOqAEFyaD6gUEz
9RXyRBGOTmH2iPPXFO/xEciqyQ963w8CQ+0vdtSH0z0R923UKF0AkrN5xiYNHb3D
+E8lySZQsW0MBBL6NVxQ/hdkSfX4znEp4rV+L6+LGB6Jh+nMMcrKhFgURW85hhrX
8JQvVNO5b+GKZSXfcU2kTGL7csyfNkOr/iEMSW9LQPcOxYMzFu4=
=wR+s
-----END PGP SIGNATURE-----