[Git][security-tracker-team/security-tracker][master] libskia bug

Sun Apr 26 19:49:16 BST 2026


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
99c63cb7 by Moritz Muehlenhoff at 2026-04-26T20:48:54+02:00
libskia bug

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5361,7 +5361,7 @@ CVE-2026-6364 (Out of bounds read in Skia in Google Chrome prior to 147.0.7727.1
 	{DSA-6214-1}
 	- chromium 147.0.7727.101-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
-	- libskia <unfixed>
+	- libskia <unfixed> (bug #1134991)
 CVE-2026-6319 (Use after free in Payments in Google Chrome on Android prior to 147.0. ...)
 	{DSA-6214-1}
 	- chromium 147.0.7727.101-1
@@ -5474,7 +5474,7 @@ CVE-2026-6298 (Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727
 	{DSA-6214-1}
 	- chromium 147.0.7727.101-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
-	- libskia <unfixed>
+	- libskia <unfixed> (bug #1134991)
 CVE-2026-6297 (Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allow ...)
 	{DSA-6214-1}
 	- chromium 147.0.7727.101-1
@@ -8762,7 +8762,7 @@ CVE-2026-5870 (Integer overflow in Skia in Google Chrome prior to 147.0.7727.55
 	{DSA-6205-1}
 	- chromium 147.0.7727.55-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
-	- libskia <unfixed>
+	- libskia <unfixed> (bug #1134991)
 CVE-2026-5869 (Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55  ...)
 	{DSA-6205-1}
 	- chromium 147.0.7727.55-1
@@ -98328,7 +98328,7 @@ CVE-2025-35451 (PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras
 CVE-2025-32320 (In System UI, there is a possible way to view other users' images due  ...)
 	NOT-FOR-US: Android
 CVE-2025-32318 (In Skia, there is a possible out of bounds write due to a heap buffer  ...)
-	- libskia <undetermined>
+	- libskia <unfixed> (bug #1134991)
 CVE-2025-32317 (In App Widget, there is a possible Information Disclosure due to a con ...)
 	NOT-FOR-US: Android
 CVE-2025-32316 (In gralloc4, there is a possible out of bounds write due to a missing  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99c63cb7b18850d1fda85121af5e890134049d3d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99c63cb7b18850d1fda85121af5e890134049d3d
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260426/a8953fbe/attachment.htm>
