-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 09 Apr 2026 03:34:02 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: arm64
Version: 147.0.7727.55-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-03) <buildd_arm64-arm-conova-03@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Closes: 1132651
Changes:
 chromium (147.0.7727.55-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2026-5858: Heap buffer overflow in WebML.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5859: Integer overflow in WebML. Reported by Anonymous.
     - CVE-2026-5860: Use after free in WebRTC.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5861: Use after free in V8. Reported by 5shain.
     - CVE-2026-5862: Inappropriate implementation in V8. Reported by Google.
     - CVE-2026-5863: Inappropriate implementation in V8. Reported by Google.
     - CVE-2026-5864: Heap buffer overflow in WebAudio. Reported by Syn4pse.
     - CVE-2026-5865: Type Confusion in V8.
       Reported by Project WhatForLunch (@pjwhatforlunch).
     - CVE-2026-5866: Use after free in Media.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5867: Heap buffer overflow in WebML. Reported by Syn4pse.
     - CVE-2026-5868: Heap buffer overflow in ANGLE. Reported by cinzinga.
     - CVE-2026-5869: Heap buffer overflow in WebML.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5870: Integer overflow in Skia. Reported by Google.
     - CVE-2026-5871: Type Confusion in V8. Reported by Google.
     - CVE-2026-5872: Use after free in Blink. Reported by Google.
     - CVE-2026-5873: Out of bounds read and write in V8. Reported by Google.
     - CVE-2026-5874: Use after free in PrivateAI. Reported by Krace.
     - CVE-2026-5875: Policy bypass in Blink.
       Reported by Lyra Rebane (rebane2001).
     - CVE-2026-5876: Side-channel information leakage in Navigation.
       Reported by Lyra Rebane (rebane2001).
     - CVE-2026-5877: Use after free in Navigation.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2026-5878: Incorrect security UI in Blink.
       Reported by Shaheen Fazim.
     - CVE-2026-5879: Insufficient validation of untrusted input in ANGLE.
       Reported by parkminchan, working for SSD Labs Korea.
     - CVE-2026-5880: Incorrect security UI in browser UI.
     - CVE-2026-5881: Policy bypass in LocalNetworkAccess. Reported by asnine.
     - CVE-2026-5882: Incorrect security UI in Fullscreen.
     - CVE-2026-5883: Use after free in Media. Reported by sherkito.
     - CVE-2026-5884: Insufficient validation of untrusted input in Media.
       Reported by xmzyshypnc.
     - CVE-2026-5885: Insufficient validation of untrusted input in WebML.
       Reported by Bryan Bernhart.
     - CVE-2026-5886: Out of bounds read in WebAudio.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5887: Insufficient validation of untrusted input in Downloads.
       Reported by daffainfo.
     - CVE-2026-5888: Uninitialized Use in WebCodecs. Reported by Identified by
       the Octane Security Team: Giovanni Vignone, Paolo Gentry,
       Robert van Eijk.
     - CVE-2026-5889: Cryptographic Flaw in PDFium. Reported by mlafon.
     - CVE-2026-5890: Race in WebCodecs. Reported by Casper Woudenberg.
     - CVE-2026-5891: Insufficient policy enforcement in browser UI.
       Reported by Tianyi Hu.
     - CVE-2026-5892: Insufficient policy enforcement in PWAs.
       Reported by Tianyi Hu.
     - CVE-2026-5893: Race in V8. Reported by QYmag1c.
     - CVE-2026-5894: Inappropriate implementation in PDF.
       Reported by Povcfe of Tencent Security Xuanwu Lab.
     - CVE-2026-5895: Incorrect security UI in Omnibox.
       Reported by Renwa Hiwa @RenwaX23.
     - CVE-2026-5896: Policy bypass in Audio.
       Reported by Luan Herrera (@lbherrera_).
     - CVE-2026-5897: Incorrect security UI in Downloads.
       Reported by Farras Givari.
     - CVE-2026-5898: Incorrect security UI in Omnibox.
       Reported by saidinahikam032.
     - CVE-2026-5899: Incorrect security UI in History Navigation.
       Reported by Islam Rzayev.
     - CVE-2026-5900: Policy bypass in Downloads.
       Reported by Luan Herrera (@lbherrera_).
     - CVE-2026-5901: Policy bypass in DevTools.
       Reported by Povcfe of Tencent Security Xuanwu Lab.
     - CVE-2026-5902: Race in Media. Reported by Luke Francis.
     - CVE-2026-5903: Policy bypass in IFrameSandbox. Reported by @Ciarands.
     - CVE-2026-5904: Use after free in V8.
       Reported by Zhenpeng (Leo) Lin at depthfirst.
     - CVE-2026-5905: Incorrect security UI in Permissions.
       Reported by daffainfo.
     - CVE-2026-5906: Incorrect security UI in Omnibox.
       Reported by mohamedhesham9173.
     - CVE-2026-5907: Insufficient data validation in Media.
       Reported by Luke Francis.
     - CVE-2026-5908: Integer overflow in Media.
       Reported by Ameen Basha M K & Mohammed Yasar B.
     - CVE-2026-5909: Integer overflow in Media.
       Reported by Mohammed Yasar B & Ameen Basha M K.
     - CVE-2026-5910: Integer overflow in Media.
       Reported by Ameen Basha M K & Mohammed Yasar B.
     - CVE-2026-5911: Policy bypass in ServiceWorkers. Reported by lebr0nli
       of National Yang Ming Chiao Tung University, Dept. of CS, Security
       and Systems Lab.
     - CVE-2026-5912: Integer overflow in WebRTC.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5913: Out of bounds read in Blink.
       Reported by Vitaly Simonovich.
     - CVE-2026-5914: Type Confusion in CSS. Reported by Syn4pse.
     - CVE-2026-5915: Insufficient validation of untrusted input in WebML.
       Reported by ningxin.hu@intel.com.
     - CVE-2026-5918: Inappropriate implementation in Navigation.
       Reported by Google.
     - CVE-2026-5919: Insufficient validation of untrusted input in WebSockets.
       Reported by Richard Belisle.
   * d/patches:
     - upstream/profile.patch: drop, merged upstream.
     - upstream/fix-boringssl-loong64.patch: drop, merged upstream.
     - debianization/clang-version.patch: refresh.
     - disable/signin.patch: refresh.
     - disable/catapult.patch: refresh.
     - disable/unrar.patch: drop, merged upstream.
     - trixie/nodejs-set-intersection.patch: update for upstream refactoring.
     - bookworm/clang19.patch: -fno-lifetime-dse is unsupported. Also move
       to llvm-19 directory.
     - ungoogled/disable-ai.patch: sync from ungoogled-chromium project.
       Also re-add code that creates new tab's search bar (closes: #1132651).
     - debianization/safe-libcxx.patch: add a patch to force building with
       libc++'s LIBCPP_HARDENING_MODE turned on. See
       https://issues.chromium.org/issues/485696265 for the
       (security-related) rationale.
     - llvm-19/static-assert.patch: add another chunk of static_assert()
       removals that clang 19 needs.
     - rust-1.85/image.patch: enable nightly features for image_v0.25
       [trixie, bookworm].
     - bookworm/constexpr.patch: update/refresh for renamed file [bookworm].
   * d/rules:
     - drop "enable_glic=false", as upstream now forces their AI on everyone;
       but we strip it out with ungoogled/disable-ai.patch.
 .
   [ Daniel Richard G. ]
   * d/patches:
     - bookworm/gn-absl.patch: Add visibility specifier to absl/crc:crc32,
       and re-sort the patch to keep the edits organized.
     - trixie/gn-len.patch: Refresh.
     - trixie/gn-module-name.patch: New patch to address older GN not knowing
       about the {{cc_module_name}} substitution [trixie, bookworm].
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh for
       upstream changes
     - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - third_party/0002-regenerate-xnn-buildgn.patch: refresh for upstream
       changes
     - libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: regenerate
 .
   [ Jianfeng Liu ]
   * d/patches/loongarch64:
     - 0024-disable-BROTLI_MODEL-macro-for-some-targets.patch: add upstream
       patch to fix brotil on loong64
Checksums-Sha1:
 f7806a51ca1f6a3aaa8b46be566a4a053bd30043 6362440 chromium-common-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 18c723bdec7df20818b91c792a55638d75c0f871 30136680 chromium-common_147.0.7727.55-1~deb12u1_arm64.deb
 b9663097633a987c42c9e35b4ff9097a0e6763d0 36536420 chromium-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 2dacc9c23db5a1e82c279d4f035f24415a28e8d0 6720880 chromium-driver_147.0.7727.55-1~deb12u1_arm64.deb
 d02039fce96da2fe1d33cf9c45077b63dcd22027 29624216 chromium-headless-shell-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 1a399b6bf31b21aa5cf8cfe93a8568fa189b3c1c 50441868 chromium-headless-shell_147.0.7727.55-1~deb12u1_arm64.deb
 d98e37bb869fdab44d2c953d0e297df2bf491cf2 20252 chromium-sandbox-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 ea28fe33c33c95c8a5440a8e5d0bbe6d0bced2ef 116444 chromium-sandbox_147.0.7727.55-1~deb12u1_arm64.deb
 b4872f03c70a5b18d78dd1c4b2d494789daed97a 31927344 chromium-shell-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 b0737e9aa56c21b124b4a5cff6fccf275c940860 55104828 chromium-shell_147.0.7727.55-1~deb12u1_arm64.deb
 3eb78aa81b83b53e80648f4b7617f16eb22ac432 30352 chromium_147.0.7727.55-1~deb12u1_arm64-buildd.buildinfo
 9738d1bdd5fb9277a067185fe7b5befee23bb7d4 64631612 chromium_147.0.7727.55-1~deb12u1_arm64.deb
Checksums-Sha256:
 b666e136d9952d29900a14a624e42ff1aa9734012dc1274be149cb87ce59b111 6362440 chromium-common-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 95bc5af38d291e97388ebabd5644909df26a8e0aecbb4465b4efb07b95355afe 30136680 chromium-common_147.0.7727.55-1~deb12u1_arm64.deb
 22d2c3c63dcf6f7bb63d14b4cf14c8bec0f5d8f979578d4d454e9fad6c269697 36536420 chromium-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 143b51279439f8b9675c542dfcb94f0d461ab198888a665261fd2fe13deaf22a 6720880 chromium-driver_147.0.7727.55-1~deb12u1_arm64.deb
 ab16572e3b42ec894fcaaa5fe4c277afc85944f872d92a9e0fed90405bef9214 29624216 chromium-headless-shell-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 f4e0b54ec484f79002fbb6128d9dfc7c07183d18f6e6c07bfb95e7ad18d722a6 50441868 chromium-headless-shell_147.0.7727.55-1~deb12u1_arm64.deb
 7e4fd1aef5ba0a982cad41df73fd2047ad4f06c8258348e70bb77046d8589c10 20252 chromium-sandbox-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 c68f9fcdb8fb3b01b425635c7be936e454bb9736dd5d7e53d494aa957b182ab6 116444 chromium-sandbox_147.0.7727.55-1~deb12u1_arm64.deb
 46a5b32d340992e5657267591abcd5b34ad5c04d40a611de88fb4434f332098f 31927344 chromium-shell-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 29f0b6e55eb355ba28c9082dc2f87796adb81c26fa9cc3849853aa05319678b8 55104828 chromium-shell_147.0.7727.55-1~deb12u1_arm64.deb
 25f6b70b5e38487a36d8d7e34e72fc07fad7e931031c6197c1da1a2f93a66932 30352 chromium_147.0.7727.55-1~deb12u1_arm64-buildd.buildinfo
 28d250278c1dc9c2be687464e22d858d9efb75c1b3b7c067d92e4fdfd40a8e22 64631612 chromium_147.0.7727.55-1~deb12u1_arm64.deb
Files:
 1968832c2f7ea72cda1a13f17645b573 6362440 debug optional chromium-common-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 0e0178c519a51fdc6695aa63073cb3c4 30136680 web optional chromium-common_147.0.7727.55-1~deb12u1_arm64.deb
 905efdb9ea8af9dc246a3005ec320c5b 36536420 debug optional chromium-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 1eb02a7995b15d9b784307b4b206141d 6720880 web optional chromium-driver_147.0.7727.55-1~deb12u1_arm64.deb
 b7104f7c9164a5ce4b5d4f6d633668f5 29624216 debug optional chromium-headless-shell-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 4b5c7ffd1bf9242ddcf0374c9dae413b 50441868 web optional chromium-headless-shell_147.0.7727.55-1~deb12u1_arm64.deb
 c72deb965d258896ac3d4d01ed07354a 20252 debug optional chromium-sandbox-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 ad023d052c8a016c69ac260c1bae8df9 116444 web optional chromium-sandbox_147.0.7727.55-1~deb12u1_arm64.deb
 e6d52e1961aa8e238d5fcd4810975b9b 31927344 debug optional chromium-shell-dbgsym_147.0.7727.55-1~deb12u1_arm64.deb
 dee8e8ea1f02cff6e93590e07023b519 55104828 web optional chromium-shell_147.0.7727.55-1~deb12u1_arm64.deb
 61426f36221b7fd5dfc951154e6e1a72 30352 web optional chromium_147.0.7727.55-1~deb12u1_arm64-buildd.buildinfo
 5bb93ab5f6179834e7a70fe8f18172ac 64631612 web optional chromium_147.0.7727.55-1~deb12u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEElFiH1oZRZh1t4FSiXVp1sEH/1mIFAmnY39IACgkQXVp1sEH/
1mKx3g/7BCw9WcaG2Bbb5hs8FuYQRFCihGozVeIIggfIXmL1dl4omtuxuyPrm9m8
IaBtbgBneK/huvYDXWNWDDfOF6pu1Bwo48SSH6zBn7AbxYLRKk5uYbzZcQ5dOItB
7IoJqEe8486Z8enRbVUwIKrIEceR6mjSidUTwNWxRRrPAqiSr4tjOWmuv8eqZgii
hfv+Q7Ttd0gEhzSHd4eStkw8owZjND2pCKwj758Oml8zVmV6v9//GL1FsTth67Sb
SwnTSN9zZNsDiNypUatk3qs6cpQ1eo9yDEGjAf/NhMTztYzey3z1RT34vqnGISDW
pcbaZ5RpQfujqV6iT2rHz9A/B16FPClw0Uq3jol40/ci5Smg8Z9L3nnssZOJZAGY
daorlJUYjc8g0qvYlFK/zI8cBo3/8woS8OJRk3fJflvjUSjthc4XV/aBR07zBgpX
R7YNQy9salxHX6o5fXxcvq9crBRw9AHTZkEQlmdNEG9bWahZIRFUjQewXTGWDonb
Nt/gjFfFAtKx1vj1/aoFOdkrTOt+4oDVVYVaVZxl8e5ZmhTE4isxY49VSpswTozh
dzKiJjzQW9zWrRHJDews4p6sg4MnmuWbBjdyxV+1JfWnxMryY9vHFf2JSh1omuDM
rsOGstTOQh0QHwTYoxEJ0eu3eRSUIDpMF3EJnBJbO67v3VU34uE=
=Eqo8
-----END PGP SIGNATURE-----