-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 29 Apr 2026 04:36:38 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: amd64
Version: 147.0.7727.137-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Closes: 1052440
Changes:
 chromium (147.0.7727.137-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-7363: Use after free in Canvas. Reported by heapracer.
     - CVE-2026-7361: Use after free in iOS. Reported by Google.
     - CVE-2026-7344: Use after free in Accessibility. Reported by Google.
     - CVE-2026-7343: Use after free in Views. Reported by Google.
     - CVE-2026-7333: Use after free in GPU.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7360: Insufficient validation of untrusted input in Compositing.
       Reported by Google.
     - CVE-2026-7359: Use after free in ANGLE. Reported by Google.
     - CVE-2026-7358: Use after free in Animation. Reported by Google.
     - CVE-2026-7334: Use after free in Views. Reported by Batuhan Eşref KOÇ.
     - CVE-2026-7357: Use after free in GPU. Reported by Google.
     - CVE-2026-7356: Use after free in Navigation. Reported by Google.
     - CVE-2026-7354: Out of bounds read and write in Angle. Reported by Google.
     - CVE-2026-7353: Heap buffer overflow in Skia. Reported by Google.
     - CVE-2026-7352: Use after free in Media. Reported by Google.
     - CVE-2026-7351: Race in MHTML. Reported by Google.
     - CVE-2026-7350: Use after free in WebMIDI. Reported by Google.
     - CVE-2026-7349: Use after free in Cast. Reported by Google.
     - CVE-2026-7348: Use after free in Codecs. Reported by Google.
     - CVE-2026-7335: Use after free in media.
       Reported by Jungwoo Lee (@physicube) and Wongi Lee (@_qwerty_po).
     - CVE-2026-7336: Use after free in WebRTC. Reported by Mozilla.
     - CVE-2026-7337: Type Confusion in V8. Reported by q@calif.io.
     - CVE-2026-7347: Use after free in Chromoting. Reported by Google.
     - CVE-2026-7346: Inappropriate implementation in Tint. Reported by Google.
     - CVE-2026-7345: Insufficient validation of untrusted input in Feedback.
       Reported by Google.
     - CVE-2026-7338: Use after free in Cast. Reported by Krace.
     - CVE-2026-7342: Use after free in WebView. Reported by Google.
     - CVE-2026-7341: Use after free in WebRTC. Reported by Google.
     - CVE-2026-7339: Heap buffer overflow in WebRTC.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7340: Integer overflow in ANGLE.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-7355: Use after free in Media. Reported by Google.
 .
   [ Jianfeng Liu ]
   * d/patches:
     - upstream/Fix-GL-native-pixmap-import-support-reset-in-GpuInit.patch:
       Fixes upstream issue https://crbug.com/501115509. This issue is
       introduced in v147, and unfortunately the fix won't get into v147. This
       issue affects both vaapi and v4l2 decoding under ozone wayland.
     - fixes/enable-widevine-on-arm64-linux-platform.patch: Enable widevine
       support on arm64. There is no official support for widevine on arm64
       linux while there are libwidevine binaries extracted from chromeos,
       which can work on linux (closes: #1052440).
Checksums-Sha1:
 ed8082ede0d7e65158f1948d9c5187f133c5e21d 5442900 chromium-common-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 5a914609cd9b558deaf1f325094c2c8a429a38bb 25365176 chromium-common_147.0.7727.137-1~deb12u1_amd64.deb
 120c9aaf8ecfde03e427e7de7472fc6067a36e70 35669084 chromium-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 99b697d027b3053971346740b48be22aae89adc7 7526832 chromium-driver_147.0.7727.137-1~deb12u1_amd64.deb
 d28fbbce9a89069d3c1a1f61049febdb50d5460b 29462388 chromium-headless-shell-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 83809bebd55a74d44e884e9476146be34bc1e206 57203164 chromium-headless-shell_147.0.7727.137-1~deb12u1_amd64.deb
 4f479a943db065f27b92d72378c85d4b61e9af48 19296 chromium-sandbox-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 c7871e613c298dfd367f33b7c5614ff1c4f5b224 116796 chromium-sandbox_147.0.7727.137-1~deb12u1_amd64.deb
 63644bedf8cbb52e4db8a05252f330dc33ec6bd9 32280728 chromium-shell-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 1caeff95a995f9ff897d05778b320d8967a99bcb 62393732 chromium-shell_147.0.7727.137-1~deb12u1_amd64.deb
 8d496ec450ddfd76b3d1d6655a114b7029e436d6 30422 chromium_147.0.7727.137-1~deb12u1_amd64-buildd.buildinfo
 4010e32687d008ddbac70db0b8e8cfb42e3200b0 74353656 chromium_147.0.7727.137-1~deb12u1_amd64.deb
Checksums-Sha256:
 f02225c4399ba77325a2d2bf49865744393947853486a32cb77c25fe45284c7c 5442900 chromium-common-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 a7014dff1be6c36d210ffab694b3ed49048c468c77744d6c03270612b43318bb 25365176 chromium-common_147.0.7727.137-1~deb12u1_amd64.deb
 82f788dcac0ef00dafd71356e701b06aaf31bdf94a5311d41f8488fcbe04d1fd 35669084 chromium-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 d905ca654b551b4491ea20f03c12c5a78b9e0dce5d67b78af59b4cc243a797c4 7526832 chromium-driver_147.0.7727.137-1~deb12u1_amd64.deb
 def93b118e139f2e6db4c527cc41179c23a0a943fbb4bf0c27b3aa5193305066 29462388 chromium-headless-shell-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 f91e813ae584bac97c1cc360f275d4fe264867dbd63aac71440f21bb94693339 57203164 chromium-headless-shell_147.0.7727.137-1~deb12u1_amd64.deb
 da57fc5bb0df54d0397f744c7886ce9137ab1534860a95081d4d09852df86d53 19296 chromium-sandbox-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 4e9df847752e2e6185c86a63d4dc018c478339841b2d580ac5c7a69173e2e4f9 116796 chromium-sandbox_147.0.7727.137-1~deb12u1_amd64.deb
 1d385c968da44143a1f88a38fe23fb8097149c564980eca66dd52eb65dd42386 32280728 chromium-shell-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 eeb5ada3698ed891d9fbbb09e6cdc243ad7d6e793a7172ca30637d56d4faec2a 62393732 chromium-shell_147.0.7727.137-1~deb12u1_amd64.deb
 55cf8b48d2a33c9c3ed723a7e4461d11860a9d9ca07734e5f6d639676c3e1ef3 30422 chromium_147.0.7727.137-1~deb12u1_amd64-buildd.buildinfo
 5543295fe529fd7942ff75082ca2abcdd851ec1e1e6996db901ded1b7579488a 74353656 chromium_147.0.7727.137-1~deb12u1_amd64.deb
Files:
 fc9884582f21a427537fcf91c98765f8 5442900 debug optional chromium-common-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 aa38aa168f3b750db1a706a32e943f27 25365176 web optional chromium-common_147.0.7727.137-1~deb12u1_amd64.deb
 5fb6298d156c6cd9fc62eea26f966473 35669084 debug optional chromium-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 f41ba58c3da388c5c7a750bb62a7a779 7526832 web optional chromium-driver_147.0.7727.137-1~deb12u1_amd64.deb
 1b9346836e538e87479cfa269e5bac1b 29462388 debug optional chromium-headless-shell-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 3c6fe9528d3e0f771325ea3676fd5f0f 57203164 web optional chromium-headless-shell_147.0.7727.137-1~deb12u1_amd64.deb
 cada851ba51540ec47e521e512757fa4 19296 debug optional chromium-sandbox-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 8dc5031e5a1780cccd1b67733a83479f 116796 web optional chromium-sandbox_147.0.7727.137-1~deb12u1_amd64.deb
 e1b41bbf3f7634bdae338f13dfe72567 32280728 debug optional chromium-shell-dbgsym_147.0.7727.137-1~deb12u1_amd64.deb
 51217e0cb70019ee91ad70e766775ce8 62393732 web optional chromium-shell_147.0.7727.137-1~deb12u1_amd64.deb
 b6c75498c3bf56567a1af5a0300d4447 30422 web optional chromium_147.0.7727.137-1~deb12u1_amd64-buildd.buildinfo
 559b55f56cf21c89fa3aabb90c859551 74353656 web optional chromium_147.0.7727.137-1~deb12u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmtr4KUMaso2EQ6NrTwt/65ON6zcFAmn0FiQACgkQTwt/65ON
6zf2Fw/9FkdZTVG8QE7vvZsFEsywysHMKfmLrmrb11m2AAJ5nSoqFAc1iDqpJ92m
p1nPbPmvLDv+WkYfr6HCwIxmSEUCm/bSxd0B4CznZUFp/CwDc5IaDUkuq8KxCIBk
a7ubla4sPIUcj4mN/ig9SUoMh3OD/w4WXouSsRd+W+3Hm49E59MyGjB1Gq8/1/in
y2ngycIv5RsEsG58ME61kzBpruqxPHtHJmzsFfTkJZvzXyFr3eA4M6iA6K/G/0HN
ZPzMu73EKtAUHmykYpJSILRK7ULcxxiQWHswoAmVJsYA+CoJBIEHv3ZSD+9O9UVU
YIRA515uNCSrtCsllfD3RsbSmlyQM+B7sZnkXZ4M2CnynmlK119sz/KTUKgnfshW
AN7OjiYV2+idt6zVJVJOVhps/PYMEnghwy22LJVQh36uHDySNwzmX4Rvk78x6dIr
b5ED0pbc50iahrE4VLAruq8XEgVxm/z3J8z9DpgJuPxVf+4upLHYSAplYLcgv3n1
zSy3i0BeWPQpqnN+L4Mgm79rg4njqm8RpNP7Mn69rM0p/pKikMaQ6DoiMjXx6ZCG
zZkC8DIcPiBPFoPDQ1AsFwkKL7nwT2UxOVzwNIwMZxd9BV611f7aZmfbew0F9SKj
7+q8/UtSYbHeRSp9u8nmA2CGZiIbnPdEk0WSewVj5DFxegPziW0=
=DIus
-----END PGP SIGNATURE-----