www/chromium: update to ***

* 131.0.6778.264
This update includes 4 security fixes. Below, we highlight
fixes that were contributed by external researchers.
Please see the Chrome Security Page for more information.
[$55000][383356864] High CVE-2025-0291: Type Confusion in
V8. Reported by Popax21 on 2024-12-11
We would also like to thank all security researchers that
worked with us during the development cycle to prevent
security bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible
for a wide range of fixes:
[388088544] Various fixes from internal audits, fuzzing and
other initiatives

* 132.0.6834.83
This update includes 16 security fixes. Below, we highlight
fixes that were contributed by external researchers.
Please see the Chrome Security Page for more information.
[$7000][374627491] High CVE-2025-0434: Out of bounds memory
access in V8. Reported by ddme on 2024-10-21
[$7000][379652406] High CVE-2025-0435: Inappropriate
implementation in Navigation. Reported by Alesandro Ortiz
on 2024-11-18
[$3000][382786791] High CVE-2025-0436: Integer overflow in
Skia. Reported by Han Zheng (HexHive) on 2024-12-08
[$2000][378623799] High CVE-2025-0437: Out of bounds read
in Metrics. Reported by Xiantong Hou of Wuheng Lab and
Pisanbao on 2024-11-12
[TBD][384186539] High CVE-2025-0438: Stack buffer overflow
in Tracing. Reported by Han Zheng (HexHive) on 2024-12-15
[$5000][371247941] Medium CVE-2025-0439: Race in Frames.
Reported by Hafiizh on 2024-10-03
[$5000][40067914] Medium CVE-2025-0440: Inappropriate
implementation in Fullscreen. Reported by Umar Farooq on 2023-07-22
[$2000][368628042] Medium CVE-2025-0441: Inappropriate
implementation in Fenced Frames. Reported by someoneverycurious
on 2024-09-21
[$2000][40940854] Medium CVE-2025-0442: Inappropriate
implementation in Payments. Reported by Ahmed ElMasry on 2023-11-08
[$1000][376625003] Medium CVE-2025-0443: Insufficient
data validation in Extensions. Reported by Anonymous on 2024-10-31
[$1000][359949844] Low CVE-2025-0446: Inappropriate
implementation in Extensions. Reported by Hafiizh on 2024-08-15
[$1000][375550814] Low CVE-2025-0447: Inappropriate
implementation in Navigation. Reported by Khiem Tran (@duckhiem)
on 2024-10-25
[$1000][377948403] Low CVE-2025-0448: Inappropriate
implementation in Compositing. Reported by Dahyeon Park on 2024-11-08
We would also like to thank all security researchers that
worked with us during the development cycle to prevent security
bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible
for a wide range of fixes:
[389761478] Various fixes from internal audits, fuzzing and
other initiatives

* 132.0.6834.110
This update includes 3 security fixes. Below, we highlight fixes
that were contributed by external researchers. Please see the
Chrome Security Page for more information.
[$11000][386143468] High CVE-2025-0611: Object corruption in V8.
Reported by 303f06e3 on 2024-12-26
[$8000][385155406] High CVE-2025-0612: Out of bounds memory access
in V8. Reported by Alan Goodman on 2024-12-20

As usual, our ongoing internal security work was responsible for
a wide range of fixes:
[391144311] Various fixes from internal audits, fuzzing and other
initiatives

* 132.0.6834.159
This update includes 2 security fixes. Below, we highlight fixes that
were contributed by external researchers. Please see the
Chrome Security Page for more information.
[$2000][384844003] Medium CVE-2025-0762: Use after free in DevTools.
Reported by Sakana.S on 2024-12-18

As usual, our ongoing internal security work was responsible for a
wide range of fixes:
[392630675] Various fixes from internal audits, fuzzing and other
initiatives

* 133.0.6943.53
This update includes 12 security fixes. Below, we highlight fixes
that were contributed by external researchers. Please see the
Chrome Security Page for more information.
[$7000][390889644] High CVE-2025-0444: Use after free in Skia.
Reported by Francisco Alonso (@revskills) on 2025-01-19
[TBD][392521083] High CVE-2025-0445: Use after free in V8.
Reported by 303f06e3 on 2025-01-27
[$2000][40061026] Medium CVE-2025-0451: Inappropriate implementation
in Extensions API. Reported by Vitor Torres and
Alesandro Ortiz on 2022-09-18

As usual, our ongoing internal security work was responsible for
a wide range of fixes:
[394135363] Various fixes from internal audits, fuzzing and other
initiatives

* 133.0.6943.98
This update includes 4 security fixes. Below, we highlight fixes
that were contributed by external researchers. Please see the
Chrome Security Page for more information.
[$55000][391907159] High CVE-2025-0995: Use after free in V8.
Reported by Popax21 on 2025-01-24
[TBD][391788835] High CVE-2025-0996: Inappropriate implementation
in Browser UI. Reported by yuki yamaoto on 2025-01-23
[TBD][391666328] High CVE-2025-0997: Use after free in Navigation.
Reported by asnine on 2025-01-23
[TBD][386857213] High CVE-2025-0998: Out of bounds memory access
in V8. Reported by Alan Goodman on 2024-12-31

* 133.0.6943.126
This update includes 3 security fixes. Below, we highlight fixes
that were contributed by external researchers. Please see the
Chrome Security Page for more information.
[$11000][394350433] High CVE-2025-0999: Heap buffer overflow in V8.
Reported by Seunghyun Lee (@0x10n) on 2025-02-04
[TBD][383465163] High CVE-2025-1426: Heap buffer overflow in GPU.
Reported by un3xploitable && GF on 2024-12-11
[$4000][390590778] Medium CVE-2025-1006: Use after free in Network.
Reported by Tal Keren, Sam Agranat, Eran Rom, Edouard Bochin,
Adam Hatsir of Palo Alto Networks on 2025-01-18

* 133.0.6943.141
This update includes 1 security fix. Please see the Chrome Security
Page for more information.

As usual, our ongoing internal security work was responsible for a
wide range of fixes:
[399107077]Various fixes from internal audits, fuzzing and other
initiatives

* 134.0.6998.35
This update includes 14 security fixes. Below, we highlight fixes
that were contributed by external researchers. Please see the
Chrome Security Page for more information.
[$7000][397731718] High CVE-2025-1914: Out of bounds read in V8.
Reported by Zhenghang Xiao (@Kipreyyy) and Nan Wang (@eternalsakura13)
on 2025-02-20
[$4000][391114799] Medium CVE-2025-1915: Improper Limitation of a
Pathname to a Restricted Directory in DevTools. Reported by
Topi Lassila on 2025-01-20
[$3000][376493203] Medium CVE-2025-1916: Use after free in Profiles.
Reported by parkminchan, SSD Labs Korea on 2024-10-31
[$2000][329476341] Medium CVE-2025-1917: Inappropriate Implementation
in Browser UI. Reported by Khalil Zhani on 2024-03-14
[$2000][388557904] Medium CVE-2025-1918: Out of bounds read in PDFium.
AReported by asnine on 2025-01-09
[$2000][392375312] Medium CVE-2025-1919: Out of bounds read in Media.
Reported by @Bl1nnnk and @Pisanbao on 2025-01-26
[$1000][387583503] Medium CVE-2025-1921: Inappropriate Implementation
in Media Stream. Reported by Kaiido on 2025-01-04
[$5000][384033062] Low CVE-2025-1922: Inappropriate Implementation in
Selection. Reported by Alesandro Ortiz on 2024-12-14
[$1000][382540635] Low CVE-2025-1923: Inappropriate Implementation in
Permission Prompts. Reported by Khalil Zhani on 2024-12-06

As usual, our ongoing internal security work was responsible for a
wide range of fixes:
[400559715] Various fixes from internal audits, fuzzing and other initiatives

* 134.0.6998.88
This update includes 5 security fixes. Below, we highlight fixes
that were contributed by external researchers. Please see the
Chrome Security Page for more information.
[$7000][398065918] High CVE-2025-1920: Type Confusion in V8.
Reported by Excello s.r.o. on 2025-02-21
[TBD][400052777] High CVE-2025-2135: Type Confusion in V8.
Reported by Zhenghang Xiao (@Kipreyyy) and Nan Wang (@eternalsakura13)
on 2025-03-02
[NA][401059730] High CVE-2025-24201: Out of bounds write in
GPU on Mac. Reported by Apple Security Engineering and
Architecture (SEAR) on 2025-03-05
[$3000][395032416] Medium CVE-2025-2136: Use after free in
Inspector. Reported by Sakana.S on 2025-02-10
[$2000][398999390] Medium CVE-2025-2137: Out of bounds read in V8.
Reported by zeroxiaobai@ on 2025-02-25

Google is aware of reports that an exploit for CVE-2025-24201 exists in the wild.

* 134.0.6998.117
This update includes 2 security fixes. Below, we highlight fixes
that were contributed by external researchers. Please see the
Chrome Security Page for more information.
[TBD][401029609] Critical CVE-2025-2476: Use after free in Lens.
Reported by SungKwon Lee of Enki Whitehat on 2025-03-05

As usual, our ongoing internal security work was responsible for a
wide range of fixes:
[404324707] Various fixes from internal audits, fuzzing and other initiatives

* 134.0.6998.165
This update doesn't include security fix.

* 135.0.7049.52
This update includes 13 security fixes. Below, we highlight fixes
that were contributed by external researchers. Please see the
Chrome Security Page for more information.
[$10000][376491759] Medium CVE-2025-3067: Inappropriate implementation
in Custom Tabs. Reported by Philipp Beer (TU Wien) on 2024-10-31
[$2000][401823929] Medium CVE-2025-3068: Inappropriate implementation
in Intents. Reported by Simon Rawet on 2025-03-09
[$1000][40060076] Medium CVE-2025-3069: Inappropriate implementation in
Extensions. Reported by NDevTK on 2022-06-26
[$1000][40086360] Medium CVE-2025-3070: Insufficient validation of
untrusted input in Extensions. Reported by Anonymous on 2017-01-01
[$2000][40051596] Low CVE-2025-3071: Inappropriate implementation in
Navigations. Reported by David Erceg on 2020-02-23
[$1000][362545037] Low CVE-2025-3072: Inappropriate implementation in
Custom Tabs. Reported by Om Apip on 2024-08-27
[$500][388680893] Low CVE-2025-3073: Inappropriate implementation in
Autofill. Reported by Hafiizh on 2025-01-09
[$500][392818696] Low CVE-2025-3074: Inappropriate implementation in
Downloads. Reported by Farras Givari on 2025-01-28

As usual, our ongoing internal security work was responsible for a
wide range of fixes:
[407621901]Various fixes from internal audits, fuzzing and other initiatives

* 135.0.7049.84
This update includes 2 security fixes. Below, we highlight fixes that
were contributed by external researchers. Please see the Chrome Security
Page for more information.
[$4000][405140652] High CVE-2025-3066: Use after free in Site Isolation.
Reported by Sven Dysthe (@svn-dys) on 2025-03-21

As usual, our ongoing internal security work was responsible for a
wide range of fixes:
[409114118] Various fixes from internal audits, fuzzing and other initiatives

* 135.0.7049.95
This update includes 2 security fixes. Below, we highlight fixes
that were contributed by external researchers. Please see the
Chrome Security Page for more information.
[TBD][409619251] Critical CVE-2025-3619: Heap buffer overflow
in Codecs. Reported by Elias Hohl on 2025-04-09
[TBD][405292639] High CVE-2025-3620: Use after free in USB.
Reported by @retsew0x01 on 2025-03-21

* 135.0.7049.114
This update includes 1 security fix. Please see the Chrome Security Page
for more information.
Our ongoing internal security work was responsible for a wide range of fixes:
[412443038] Various fixes from internal audits, fuzzing and other initiatives

* 136.0.7103.59
This update includes 8 security fixes. Below, we highlight fixes
that were contributed by external researchers. Please see the
Chrome Security Page for more information.
[$5000][409911705] High CVE-2025-4096: Heap buffer overflow in HTML.
Reported by Anonymous on 2025-04-11
[$2000][409342999] Medium CVE-2025-4050: Out of bounds memory access
in DevTools. Reported by Anonymous on 2025-04-09
[$2000][404000989] Medium CVE-2025-4051: Insufficient data validation
in DevTools. Reported by Daniel Fröjdendahl on 2025-03-16
[$1000][401927528] Low CVE-2025-4052: Inappropriate implementation
in DevTools. Reported by vanillawebdev on 2025-03-10

As usual, our ongoing internal security work was responsible for a
wide range of fixes:
[414433561]Various fixes from internal audits, fuzzing and other initiatives

* 136.0.7103.92
This update includes 2 security fixes. Below, we highlight fixes
that were contributed by external researchers. Please see the
Chrome Security Page for more information.
[$7000][412057896] Medium CVE-2025-4372: Use after free in WebAudio.
Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2025-04-20

As usual, our ongoing internal security work was responsible for a
wide range of fixes:
[415837391] Various fixes from internal audits, fuzzing and other initiatives
