-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 29 Apr 2026 04:36:38 -0400
Source: chromium
Binary: chromium-l10n
Architecture: all
Version: 147.0.7727.137-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) <buildd_amd64-x86-grnet-03@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium-l10n - web browser - language packs
Closes: 1052440
Changes:
 chromium (147.0.7727.137-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-7363: Use after free in Canvas. Reported by heapracer.
     - CVE-2026-7361: Use after free in iOS. Reported by Google.
     - CVE-2026-7344: Use after free in Accessibility. Reported by Google.
     - CVE-2026-7343: Use after free in Views. Reported by Google.
     - CVE-2026-7333: Use after free in GPU.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7360: Insufficient validation of untrusted input in Compositing.
       Reported by Google.
     - CVE-2026-7359: Use after free in ANGLE. Reported by Google.
     - CVE-2026-7358: Use after free in Animation. Reported by Google.
     - CVE-2026-7334: Use after free in Views. Reported by Batuhan Eşref KOÇ.
     - CVE-2026-7357: Use after free in GPU. Reported by Google.
     - CVE-2026-7356: Use after free in Navigation. Reported by Google.
     - CVE-2026-7354: Out of bounds read and write in Angle. Reported by Google.
     - CVE-2026-7353: Heap buffer overflow in Skia. Reported by Google.
     - CVE-2026-7352: Use after free in Media. Reported by Google.
     - CVE-2026-7351: Race in MHTML. Reported by Google.
     - CVE-2026-7350: Use after free in WebMIDI. Reported by Google.
     - CVE-2026-7349: Use after free in Cast. Reported by Google.
     - CVE-2026-7348: Use after free in Codecs. Reported by Google.
     - CVE-2026-7335: Use after free in media.
       Reported by Jungwoo Lee (@physicube) and Wongi Lee (@_qwerty_po).
     - CVE-2026-7336: Use after free in WebRTC. Reported by Mozilla.
     - CVE-2026-7337: Type Confusion in V8. Reported by q@calif.io.
     - CVE-2026-7347: Use after free in Chromoting. Reported by Google.
     - CVE-2026-7346: Inappropriate implementation in Tint. Reported by Google.
     - CVE-2026-7345: Insufficient validation of untrusted input in Feedback.
       Reported by Google.
     - CVE-2026-7338: Use after free in Cast. Reported by Krace.
     - CVE-2026-7342: Use after free in WebView. Reported by Google.
     - CVE-2026-7341: Use after free in WebRTC. Reported by Google.
     - CVE-2026-7339: Heap buffer overflow in WebRTC.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7340: Integer overflow in ANGLE.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-7355: Use after free in Media. Reported by Google.
 .
   [ Jianfeng Liu ]
   * d/patches:
     - upstream/Fix-GL-native-pixmap-import-support-reset-in-GpuInit.patch:
       Fixes upstream issue https://crbug.com/501115509. This issue is
       introduced in v147, and unfortunately the fix won't get into v147. This
       issue affects both vaapi and v4l2 decoding under ozone wayland.
     - fixes/enable-widevine-on-arm64-linux-platform.patch: Enable widevine
       support on arm64. There is no official support for widevine on arm64
       linux while there are libwidevine binaries extracted from chromeos,
       which can work on linux (closes: #1052440).
Checksums-Sha1:
 7158e79e4d190f7863bcb911c069cbf37e56c46b 8827160 chromium-l10n_147.0.7727.137-1~deb12u1_all.deb
 fbe32385b56dfb2858856e8edf6c4908b20f8129 26896 chromium_147.0.7727.137-1~deb12u1_all-buildd.buildinfo
Checksums-Sha256:
 9fe0906e28971e2c5ca97611e65e343c5859b3a6a4b23cc2a30ef8f58dcaf131 8827160 chromium-l10n_147.0.7727.137-1~deb12u1_all.deb
 905cacadac2c8c0d37af8d1b2e93c05b047b9151a82f860a921fc07b7dd29c9d 26896 chromium_147.0.7727.137-1~deb12u1_all-buildd.buildinfo
Files:
 2e59f8a7103b923f765e5023ea2145d2 8827160 localization optional chromium-l10n_147.0.7727.137-1~deb12u1_all.deb
 bec00aa3203c6adcb0ec67fd728513de 26896 web optional chromium_147.0.7727.137-1~deb12u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE5ZI1lXv5WjhHIVjsN8Ugyu9dQiQFAmn0AxcACgkQN8Ugyu9d
QiQSzhAArTBKFwTuA2C0oNYOcJoU1pyLJw+07KhKxFlCJEmN1suiOoxpD9sGrIKX
t4Ivcra1ocgd/3r7lsapXev/iOMu1+0CRPuHc+pTCBJyKV0RicZ3oPkW77QH11Fb
dFWLlV4LmeVZMNf7rhwHQtX9oZuRtkmvXnRbB4kInTHeU1CqwLrNyaa5VCoiYImJ
FcU9StG53P18YOk9shp+TYMauLlZR9+EjR961L0tC8QhrHA5WhIiOPt/ZPzAD/XX
Lyulrwug3DjwkGCRw/gSPKX+HJSKKfsAgNkeEAchoGtGp8XZzJoN6ixAwuCHhR+R
rO+3oZIqp8h4wdcJdoys5HYF26eEC9LheIFdiaxMo0iShKEYJhmDJL7ZtbnlKOtj
yvBxAmFtMxzoE2B57PV4GdTRC793HAflv7hhmLL6CHAlypK4D9qpdNytnn+7n/IS
/kfJDdlZTjFey+61JWDjVj+G9NcUeNYMHyb2jgKHhVedOmiinD3YtPU37lJT8zS/
0q+LXmG3vHO6fqrP+LJWvH5TvKXW50BZkSsZUUqHKtd0t8VlEg9AXcPIIYedkXcJ
AIISF+AgwBiLRxZH+FXUPj84dEidMEi10oAbmIQuk+pmxfM9CQHE4YNtBnIClXgh
qQ+eC4HyHSK1vOMiC/Xxcmu5ubZpQG/3Cr8tMWg86Ubn/iw0W0w=
=7fr6
-----END PGP SIGNATURE-----