Multiple critical security vulnerabilities (CVE-2026-3061, CVE-2026-3062, and CVE-2026-3063) in Chromium could lead to arbitrary code execution, denial of service, or information disclosure, with the most severe carrying a CVSS score of 9.8. The affected versions are Google Chrome builds prior to 145.0.7632.116 and 145.0.7632.117. The fixed versions for Debian distributions are 145.0.7632.116-1~deb12u1 for Bookworm and 145.0.7632.116-1~deb13u1 for Trixie.
[SECURITY] [DSA 6151-1] chromium security update To : debian-security-announce@lists.debian.org Subject : [SECURITY] [DSA 6151-1] chromium security update From : Andres Salomon < dilinger@debian.org > Date : Fri, 27 Feb 2026 00:35:51 +0000 Message-id : < [đ] E1vvlpf-000rKO-2E@seger.debian.org > Reply-to : debian-security-announce-request@lists.debian.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6151-1 security@debian.org https://www.debian.org/security/ Andres Salomon February 26, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium CVE ID : CVE-2026-3061 CVE-2026-3062 CVE-2026-3063 Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 145.0.7632.116-1~deb12u1. For the stable distribution (trixie), these problems have been fixed in version 145.0.7632.116-1~deb13u1. We recommend that you upgrade your chromium packages. For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmmg5LwACgkQZF0CR8Nu djfLeA/7BLiJrh4PWRi/f2CqTpzG8/plBr3cpEF0vWvpRuaccn05F/OcgUCCbMhw QiC8JkIfrD/Kj8vhBmYUqTjXGVZGVzQN0feeUwc1AFIS8Jy7axQVQEsWxq9aWYiV val6WwD7qBBg0uEDZgQKa+/eFUO0hnb6+GjB8qd6OP/Xe5KGCEMRvxiMNurazs7E p7dUsYsK0A9x8ZAz4Dro9FWze1TGbRPdCICFuwC0ZHLD8ZIfDyY8Lc/wpKE1vqwo AuhBnkznAm1osnMZZKwCBZrE+LP7F29oM2u9vSVK9y1Thh3K/5u27tg7vq+fpyTd xumK7RrDWWgPdnI3T284R7Tga7i+ZiLUkzbDxysm0ViaBi8R6Q1xICuyDleXgjnZ 24rn3fZtIDnq/fq+ARjapVLyDqZ1/edU2tAYfPzcN+2IjdrImIYUGT6sJAKdyylm adluTaTg99HMQ/rJT42UV8YGME/FixPBG+CsHGjvGOsToyfChhLKcQHUXvwr6Qy5 ec1SekPaii37GBXTOVK6nrND8QFnj7v1KWNOn0UaK62a6x0XXqpoLAe7NcrePNGB p7nPfzix7L+2oYxfxqZb9cG4eGkBRsPDX0PtPGT6qAavAvd/WqcmUbKf4GLzw9TX brGfa/IGEE0Sqsjy4OJPN39o065t2AXfGVXlv/4vvxCVbcNoRTs= =vmtQ -----END PGP SIGNATURE----- Reply to: debian-security-announce@lists.debian.org Andres Salomon (on-list) Andres Salomon (off-list) Prev by Date: [SECURITY] [DSA 6150-1] python-django security update Previous by thread: [SECURITY] [DSA 6150-1] python-django security update Index(es): Date Thread