-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 15 Apr 2026 15:06:40 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: i386
Version: 147.0.7727.101-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) <buildd_amd64-x86-conova-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (147.0.7727.101-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-6296: Heap buffer overflow in ANGLE. Reported by cinzinga.
     - CVE-2026-6297: Use after free in Proxy. Reported by heapracer.
     - CVE-2026-6298: Heap buffer overflow in Skia.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-6299: Use after free in Prerender. Reported by Google.
     - CVE-2026-6358: Use after free in XR. Reported by Jihyeon Jeong
       (Compsec Lab, Seoul National University / Research Intern).
     - CVE-2026-6359: Use after free in Video.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-6300: Use after free in CSS.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-6301: Type Confusion in Turbofan. Reported by qymag1c.
     - CVE-2026-6302: Use after free in Video. Reported by Syn4pse.
     - CVE-2026-6303: Use after free in Codecs. Reported by Google.
     - CVE-2026-6304: Use after free in Graphite. Reported by Google.
     - CVE-2026-6305: Heap buffer overflow in PDFium.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-6306: Heap buffer overflow in PDFium.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-6307: Type Confusion in Turbofan.
       Reported by Project WhatForLunch (@pjwhatforlunch).
     - CVE-2026-6308: Out of bounds read in Media. Reported by Google.
     - CVE-2026-6309: Use after free in Viz. Reported by Google.
     - CVE-2026-6360: Use after free in FileSystem. Reported by asjidkalam.
     - CVE-2026-6310: Use after free in Dawn. Reported by Google.
     - CVE-2026-6311: Uninitialized Use in Accessibility. Reported by Google.
     - CVE-2026-6312: Insufficient policy enforcement in Passwords.
       Reported by Google.
     - CVE-2026-6313: Insufficient policy enforcement in CORS.
       Reported by Google.
     - CVE-2026-6314: Out of bounds write in GPU. Reported by Google.
     - CVE-2026-6315: Use after free in Permissions. Reported by Google.
     - CVE-2026-6316: Use after free in Forms. Reported by Google.
     - CVE-2026-6361: Heap buffer overflow in PDFium. Reported by Google.
     - CVE-2026-6362: Use after free in Codecs.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-6317: Use after free in Cast. Reported by Google.
     - CVE-2026-6363: Type Confusion in V8. Reported by Google.
     - CVE-2026-6318: Use after free in Codecs. Reported by Syn4pse.
     - CVE-2026-6319: Use after free in Payments. Reported by pwn2addr.
     - CVE-2026-6364: Out of bounds read in Skia.
       Reported by Google Threat Intelligence.
Checksums-Sha1:
 ab0102f85106a2fe48f17abf6909bc02f3edc52d 5317012 chromium-common-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 30785f706d6e923ec4e72fb27bfae628418c27f8 25389624 chromium-common_147.0.7727.101-1~deb12u1_i386.deb
 3fa15b980adf09c92353810ea5c36dd0c0f149a5 35898132 chromium-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 47a6a0d765f0064469d6f6523add2c5d231b70e0 7874468 chromium-driver_147.0.7727.101-1~deb12u1_i386.deb
 1e828cf9cec4cad32ac68708e201bd7964d19a59 29649476 chromium-headless-shell-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 27730b2e80d49f1b6867ae4435804d4c2eaa3ef1 58735312 chromium-headless-shell_147.0.7727.101-1~deb12u1_i386.deb
 383ebabdb2d23100f62e2a40fe3a0ef9e2ae7188 17824 chromium-sandbox-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 e2f3110e20491e4950286360b1fd2204f634db1a 115972 chromium-sandbox_147.0.7727.101-1~deb12u1_i386.deb
 de9291192d812270802d193604fad8fd4b9fd3ce 32459796 chromium-shell-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 c7fbafde5942651a3e8e835be604c13dfe1f810f 64113396 chromium-shell_147.0.7727.101-1~deb12u1_i386.deb
 4598c4b9d24b4221edb81e9294031d864e763392 30404 chromium_147.0.7727.101-1~deb12u1_i386-buildd.buildinfo
 7a7a43391ef88ff66f49d1e4a452dd1ef2224b3e 76808856 chromium_147.0.7727.101-1~deb12u1_i386.deb
Checksums-Sha256:
 277c11f267c6108758175413d0eb7f2ca5e52ea046d84becc7cd789aa56bb052 5317012 chromium-common-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 95b0786aba78f83155685a4ceb2bd3882e1ff4130af0c19a0935bd5743908353 25389624 chromium-common_147.0.7727.101-1~deb12u1_i386.deb
 72bb1d2616909dc4163ee7ef246bb0ae1a4452c15e3a9c75390c676c51bc519b 35898132 chromium-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 89087b73318461c56b4b76301be7c7565b6bb819840305b99f7b540c0ade2dd1 7874468 chromium-driver_147.0.7727.101-1~deb12u1_i386.deb
 1a3eecca5946fe0ce6d7bcb80a1b5fbb665a2dae262fa62fe56c641a7f4f4c04 29649476 chromium-headless-shell-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 fb4add378eb8ae5fbc4467d63ffce1dc5abc82d6b1f90cfc6795dbe9b69d171a 58735312 chromium-headless-shell_147.0.7727.101-1~deb12u1_i386.deb
 66244989b83f5a4a5967063764e439cef167845d916743f21cff1d4c418feefc 17824 chromium-sandbox-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 08d066195cc02eb900a29d77d84fa34513e1640bcb8f73c5d8487dfa6c6677a9 115972 chromium-sandbox_147.0.7727.101-1~deb12u1_i386.deb
 99f073f1d94fff76ca0aaef17518961c5d583309ba78e5bec5f8b6526d784a24 32459796 chromium-shell-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 e73d516f4f2a6bdcde3f08258b30caae495ebacaddafa195b103e59eb031badb 64113396 chromium-shell_147.0.7727.101-1~deb12u1_i386.deb
 d4827d0067157a5f244f044f1ff983327a985cf571dcd4770f2bd9801f1bf30f 30404 chromium_147.0.7727.101-1~deb12u1_i386-buildd.buildinfo
 28331866e219d1e31e0e2e6e8c476738ade233131df8036740d3a8de2548b767 76808856 chromium_147.0.7727.101-1~deb12u1_i386.deb
Files:
 7e5375f8d05a38b1be17d3fb9a156b7b 5317012 debug optional chromium-common-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 5c14483d8ffbae969ba5ffa380714ebf 25389624 web optional chromium-common_147.0.7727.101-1~deb12u1_i386.deb
 eb137e5fc7819188fc62e599df10e7aa 35898132 debug optional chromium-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 aa3a9394fe81fe45767aadfb6e3f2c0d 7874468 web optional chromium-driver_147.0.7727.101-1~deb12u1_i386.deb
 bf696df9c834cbe08688384f5d5c1b27 29649476 debug optional chromium-headless-shell-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 bcb76c4434de93e47bf1405e79566caf 58735312 web optional chromium-headless-shell_147.0.7727.101-1~deb12u1_i386.deb
 0b2648785ab618cabd1b964146d2b82e 17824 debug optional chromium-sandbox-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 b0f0d08c5d63307267f378e542678cc3 115972 web optional chromium-sandbox_147.0.7727.101-1~deb12u1_i386.deb
 d6541a39dbd02d671af64f149f1bef4a 32459796 debug optional chromium-shell-dbgsym_147.0.7727.101-1~deb12u1_i386.deb
 e571c76230208161a78c5d985e52bd4c 64113396 web optional chromium-shell_147.0.7727.101-1~deb12u1_i386.deb
 893d831f054eef1f82be7d8ef7d4970c 30404 web optional chromium_147.0.7727.101-1~deb12u1_i386-buildd.buildinfo
 eae8dc5f494db44b162803df18be7342 76808856 web optional chromium_147.0.7727.101-1~deb12u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE+i/sCsF3puL4e7qIGNGWmfrqILEFAmnh4WUACgkQGNGWmfrq
ILHg9w//W0PdD73LiVNuPYzSpS9Rxdp8pz7ufAyw9VJDNLDvD7E75aHcQCzan9BK
bnsyNLiCGNrLBi5tpdM8qEThOnj1ABV9Mz2XYChJlYluSxjj/8IlOl3gsfw2ZgS7
aViRfVCyqkATbtZsvUR/eZtgx+jSmN2bUZ+sfw0fUTkj6ZpQvuayaufVhWhGM9Kd
HX9pm6N7lR7c7888FtXLXzFEB5V58tvHm0SrbtlW0ZFbgYNBHppjNCyqq2QlDsA0
u39/YVjgJ8FYF9fBxrHoaTEDUJWG51CmoEs+vekQ91b5Zo6rCV83z5JZp4GA+jZ1
KSsJ6bwRI9596e86uIc83ZrinEQyV4q8ZfSg09nAxSbu8ZGoc9UOEsrpcFbjqdol
QWvtF3u2v02zeNJqNxEVMMsiBeOSeoqIC5fpWAqjMBZruhRCLyaQsibLEGVLLP9F
xQiGgA49ZaUdFhjcTc0N3SgxBfT0PUNQTmvZrMJotT65WYjAc0eaVY0ff0hDDDMB
zVQvVynBdAsaW26wMFzUrNJH2eeZqXJ/undK7gKc9w9U6wfbzB4zjyibbOad4P3c
B00O3+Bv1f9VhX1j+w1xISAW41CEjiT0KKRYGF5vHiSqk2uAI0n+x1EV9sxCo9Eq
EyP/2Yt9qY5ziQau6Jf/XfmZOTIghtyzTodv35eUStgD78hKAPo=
=AALH
-----END PGP SIGNATURE-----