-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 12 Jun 2026 17:27:35 -0400 Source: chromium Binary: chromium-l10n Architecture: all Version: 149.0.7827.114-1~deb12u1 Distribution: bookworm-security Urgency: high Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Andres Salomon Description: chromium-l10n - web browser - language packs Changes: chromium (149.0.7827.114-1~deb12u1) bookworm-security; urgency=high . [ Andres Salomon ] * New upstream security release. - CVE-2026-12007: Use after free  Core. Reported by Google. - CVE-2026-12008: Use after free  DigitalCredentials. Reported by Google. - CVE-2026-12009: Insufficient validation of untrusted input Accessibility. Reported by Google. - CVE-2026-12010: Heap buffer overflow  GPU. Reported by Google. - CVE-2026-12011: Use after free  WebMIDI. Reported by Google. - CVE-2026-12012: Use after free  Network. Reported by Google. - CVE-2026-12013: Use after free  Media. Reported by Henock Habte, Independent Security Researcher. - CVE-2026-12014: Use after free  Cast. Reported by Google. - CVE-2026-12015: Use after free  Autofill. Reported by Google. - CVE-2026-12016: Insufficient validation of untrusted input  DevTools. Reported by Google. - CVE-2026-12017: Insufficient validation of untrusted input Extensions. Reported by Google. - CVE-2026-12018: Inappropriate implementation  Mojo. Reported by Google. - CVE-2026-12019: Out of bounds write  Codecs. Reported by Google. - CVE-2026-12020: Use after free  Autofill. Reported by Google. - CVE-2026-12022: Race  Safe Browsing. Reported by Google. - CVE-2026-12023: Use after free  GPU. Reported by Google. - CVE-2026-12024: Insufficient policy enforcement  DevTools. Reported by Google. - CVE-2026-12025: Insufficient validation of untrusted input  Network. Reported by Google. - CVE-2026-12026: Out of bounds read  Video. Reported by Google. - CVE-2026-12027: Insufficient policy enforcement  Headless. Reported by Google. - CVE-2026-12028: Use after free  GPU. Reported by Google. - CVE-2026-12029: Use after free  Video. Reported by Google. - CVE-2026-12030: Heap buffer overflow  GPU. Reported by Google. - CVE-2026-12031: Inappropriate implementation  Views. Reported by Google - CVE-2026-12032: Inappropriate implementation  Passwords. Reported by Google. - CVE-2026-12033: Out of bounds read  VideoCapture. Reported by Google. - CVE-2026-12034: Insufficient validation of untrusted input  Linux Toolkit Theming. Reported by Google. - CVE-2026-12035: Use after free  Views. Reported by Google. Checksums-Sha1: 2c0bc4c552c8bfb8f6a337b855c7f50fe81e9aed 8956260 chromium-l10n_149.0.7827.114-1~deb12u1_all.deb dc368ad4ad10b56fc5d977c9eac5284facb68143 26978 chromium_149.0.7827.114-1~deb12u1_all-buildd.buildinfo Checksums-Sha256: 0293a865465a901fabdc2edddf042cec2d1317bcc519f592f2dad6c987864c59 8956260 chromium-l10n_149.0.7827.114-1~deb12u1_all.deb 42d6906e8ac2d34a035ea7db01a5783f6f766ad9f70f9240c9bdac14cca32195 26978 chromium_149.0.7827.114-1~deb12u1_all-buildd.buildinfo Files: 996df278cb76e0bb17285d25b4fa0a94 8956260 localization optional chromium-l10n_149.0.7827.114-1~deb12u1_all.deb 5692e9eae7b163f78821233d48a38ac7 26978 web optional chromium_149.0.7827.114-1~deb12u1_all-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE81O8NL+3kjBAqEvLmgPNRvTf/zcFAmotoukACgkQmgPNRvTf /zfy6Q/9Fq4Vv1txDED1J/GWoTGp9Witx+W+YxvTYtJx/y1v4DBA2qEzu+Wp/U/3 qej+otKWEXvEpOuWEq7z+0k2afaXx47gI2TtAiXHkmejz3kiCmPq5RUGiGg8HMw8 fiM6FF2BCclMLpP9XI4LICNO1XNOeRTVX0U9kQ1YrlceHtOpKXKsoJfeTn9k3OHm utIhPHV5qTZlRuhjD1t1VCugd/YTGWFiNZiO2BiCGxZnJCLRyZZhjnVqYaTYPxUc 71MFDjlgWHWvPZR+gjttVWNG2+MhS4GlSXdwsxJknlF5kFvixSzjbYf7ONP+oMHM +8GsUiReGN5Uk071VKbfKjd0rBK2SGesgUKp9sBD7+gY4zkUc1tMWk/2Xya9DRZK DatZOgzRDDww9pH6/yIR0InsXuCWMbWGoEURAYzzObql5s6Exival2d3YwAwuY5W HuTxNaZJPBeFniYDeIfBhqZN4G3rPB5h4t5ifsDc4dH705qr74rvTpU74TOIXNAQ 56vt/oeeWz+ZmHNp6k3V350bcyXR+jx96/Wkkxx/BiMJTb8PdF6mLkg832PHB8x8 v8IlgWYeNSN6SLlchkvng+GG5Ror5CYfcHFBspOPIxhvdss93JGDK+c/1fxmc17T z8hy/J2uJuZgj4oJ+MZpxQpo3g30a70QHcEe7KPzsIeam7bPgVM= =NNeA -----END PGP SIGNATURE-----