-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 29 Apr 2026 04:36:38 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: amd64
Version: 147.0.7727.137-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: amd64 Build Daemon (x86-grnet-01) <buildd_amd64-x86-grnet-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Closes: 1052440
Changes:
 chromium (147.0.7727.137-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-7363: Use after free in Canvas. Reported by heapracer.
     - CVE-2026-7361: Use after free in iOS. Reported by Google.
     - CVE-2026-7344: Use after free in Accessibility. Reported by Google.
     - CVE-2026-7343: Use after free in Views. Reported by Google.
     - CVE-2026-7333: Use after free in GPU.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7360: Insufficient validation of untrusted input in Compositing.
       Reported by Google.
     - CVE-2026-7359: Use after free in ANGLE. Reported by Google.
     - CVE-2026-7358: Use after free in Animation. Reported by Google.
     - CVE-2026-7334: Use after free in Views. Reported by Batuhan Eşref KOÇ.
     - CVE-2026-7357: Use after free in GPU. Reported by Google.
     - CVE-2026-7356: Use after free in Navigation. Reported by Google.
     - CVE-2026-7354: Out of bounds read and write in Angle. Reported by Google.
     - CVE-2026-7353: Heap buffer overflow in Skia. Reported by Google.
     - CVE-2026-7352: Use after free in Media. Reported by Google.
     - CVE-2026-7351: Race in MHTML. Reported by Google.
     - CVE-2026-7350: Use after free in WebMIDI. Reported by Google.
     - CVE-2026-7349: Use after free in Cast. Reported by Google.
     - CVE-2026-7348: Use after free in Codecs. Reported by Google.
     - CVE-2026-7335: Use after free in media.
       Reported by Jungwoo Lee (@physicube) and Wongi Lee (@_qwerty_po).
     - CVE-2026-7336: Use after free in WebRTC. Reported by Mozilla.
     - CVE-2026-7337: Type Confusion in V8. Reported by q@calif.io.
     - CVE-2026-7347: Use after free in Chromoting. Reported by Google.
     - CVE-2026-7346: Inappropriate implementation in Tint. Reported by Google.
     - CVE-2026-7345: Insufficient validation of untrusted input in Feedback.
       Reported by Google.
     - CVE-2026-7338: Use after free in Cast. Reported by Krace.
     - CVE-2026-7342: Use after free in WebView. Reported by Google.
     - CVE-2026-7341: Use after free in WebRTC. Reported by Google.
     - CVE-2026-7339: Heap buffer overflow in WebRTC.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7340: Integer overflow in ANGLE.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-7355: Use after free in Media. Reported by Google.
 .
   [ Jianfeng Liu ]
   * d/patches:
     - upstream/Fix-GL-native-pixmap-import-support-reset-in-GpuInit.patch:
       Fixes upstream issue https://crbug.com/501115509. This issue is
       introduced in v147, and unfortunately the fix won't get into v147. This
       issue affects both vaapi and v4l2 decoding under ozone wayland.
     - fixes/enable-widevine-on-arm64-linux-platform.patch: Enable widevine
       support on arm64. There is no official support for widevine on arm64
       linux while there are libwidevine binaries extracted from chromeos,
       which can work on linux (closes: #1052440).
Checksums-Sha1:
 17d518fee2cc9f5d532406d79b31ad8e96c66686 5143672 chromium-common-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 7f349c5393a7bd8cbc847bbaf397871d21a86cd7 25407220 chromium-common_147.0.7727.137-1~deb13u1_amd64.deb
 50724ea42b1a04e29d86d350de47f8ebdc15606e 33146012 chromium-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 c45be1837ab86b73017c491bfd7f88fa4ccea64b 7462588 chromium-driver_147.0.7727.137-1~deb13u1_amd64.deb
 32d151095989c14ec5f3172aee08e893958ff5b3 28040452 chromium-headless-shell-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 03a7accd1717027b5a8fc24322b7d038eb6dd561 62264564 chromium-headless-shell_147.0.7727.137-1~deb13u1_amd64.deb
 7e38caee7426ce6a11b449112b8252ba86a554da 20212 chromium-sandbox-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 602fbcdb1e8b2ec10f288d4d1af39fdf4dc140d0 114692 chromium-sandbox_147.0.7727.137-1~deb13u1_amd64.deb
 4d060dadec368b4d13ecfe79a91e454ecea1bc8a 29568868 chromium-shell-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 827174f113d83687e9cc0aea2efefd1f00b3a79b 61702452 chromium-shell_147.0.7727.137-1~deb13u1_amd64.deb
 a282ee16fbc08b495c4fe58b719c76536f98b33f 30437 chromium_147.0.7727.137-1~deb13u1_amd64-buildd.buildinfo
 51e447e7c809bdbb54ebf5be760adfc830bce7a2 84368484 chromium_147.0.7727.137-1~deb13u1_amd64.deb
Checksums-Sha256:
 31cecab31daa1add12f5b75197920d9499e2e413cdb87db3a8668743afcd8fbd 5143672 chromium-common-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 99de6e3e0dfb1bab0bd2ec7f60c25276682b70eee43a49cef68fe82ebe396945 25407220 chromium-common_147.0.7727.137-1~deb13u1_amd64.deb
 e153754ffb531e2ec7d7420e09381e3b227479fe50ea3753009125a3cee1a7d0 33146012 chromium-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 edef381f03dfa7e15c9215ab778f3dfe026d8c872e3fe88155e56930bec0d301 7462588 chromium-driver_147.0.7727.137-1~deb13u1_amd64.deb
 89bade3fd92206d724996ba773de023cf1f3bf24c53d21df996e61387b1efc3c 28040452 chromium-headless-shell-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 48b536979302668b8f9da8ebdf10efc9fb41a0e1621be9c578b98565fea26edd 62264564 chromium-headless-shell_147.0.7727.137-1~deb13u1_amd64.deb
 1c77143a579a644d25e1e21e05265d149d96b0d7d0b1a1bc979ac9b8d32c6286 20212 chromium-sandbox-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 1ff3c9c1c6a7f4ddd9857a7044d77ef0db73ce4a0257f462ce4ec897cb1baddf 114692 chromium-sandbox_147.0.7727.137-1~deb13u1_amd64.deb
 9c1c4aa20fd5ed96eb58f00e4ce93e110e502a3aec4f2a2d054ad42ecd327b72 29568868 chromium-shell-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 11755e931a99571a38d723543ec654e9a3706594cf28bfe895d1364fa817e22b 61702452 chromium-shell_147.0.7727.137-1~deb13u1_amd64.deb
 70532103b3232b1a0974efab664ac744d7945e8ca1c0a9609c6fae94152ee439 30437 chromium_147.0.7727.137-1~deb13u1_amd64-buildd.buildinfo
 79ccc8aec4a0104bab65bbcc8ba121cb8a23292b553c7f0451574da29161e4d4 84368484 chromium_147.0.7727.137-1~deb13u1_amd64.deb
Files:
 e64edaa20d1b24313c939da5249e6cb8 5143672 debug optional chromium-common-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 f2091e3dbc9afc9e3a3a7f2861b00f22 25407220 web optional chromium-common_147.0.7727.137-1~deb13u1_amd64.deb
 183c7a2d9843958fdb0944d1bbb739c6 33146012 debug optional chromium-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 320eac45a6b643161fdac202ae5d6794 7462588 web optional chromium-driver_147.0.7727.137-1~deb13u1_amd64.deb
 d35f9b6614816562f7652ca386db10ca 28040452 debug optional chromium-headless-shell-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 4cabfeebcfdbd67c763d12ea7a658eaf 62264564 web optional chromium-headless-shell_147.0.7727.137-1~deb13u1_amd64.deb
 bcfb542a82e211bd8301868558f95cc9 20212 debug optional chromium-sandbox-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 1500c9653dee86bc95f7b9ad4b53aaed 114692 web optional chromium-sandbox_147.0.7727.137-1~deb13u1_amd64.deb
 728712b7608221b1d25dbdd14d72e867 29568868 debug optional chromium-shell-dbgsym_147.0.7727.137-1~deb13u1_amd64.deb
 73c6ec1f8fbf52317b3b724ed66d4a14 61702452 web optional chromium-shell_147.0.7727.137-1~deb13u1_amd64.deb
 08ae985ecd4c039e6eef1a66e31ad57a 30437 web optional chromium_147.0.7727.137-1~deb13u1_amd64-buildd.buildinfo
 8541f4e17ae451322958e186dd7926b4 84368484 web optional chromium_147.0.7727.137-1~deb13u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEPAUaMA0H0rOy6qBWf2INRiCdaWIFAmn0RKQACgkQf2INRiCd
aWLRTQ//RZwyIgpWCa3l2MCKM/q+wLK0LMJpEKPs0SYeVoMof3wBAZFPV5dBFhy7
Cg+qSx4FuQ6+nO8M2HUMBwSvfSmh+yxQUNjvhpPLkqi8I2U99Xl47pJtYUWpBUGZ
nvgYVEEMydSiAWL2f86PuG1ZBFe0OnQ7EpJC3KfMDbeu0xyvF1nvg9ZL2MBtFE3J
prugPbho5eE5xjDTpsAm7bEuZfJFh14wMvwzEZTdmjvQYu8oYP9/QDaUYylHxVe7
P/orKNlajBn6pXhWtLUJboPouFd+Isk2K2k+SXQ7/r6fOdlTlw6fT7SSz0PNx8Ze
mqdWjFNwmUXnIY+NFot0Modsq1KxVDDoiVq94Mt5Ell524s0msHVW1XojF7qsfvE
Cm9X+eXEorO20Y61cRBm+WhC5JlQLjs3UvWNiIROj4cjH2rgamN3qum/mcj8l32o
D0T+8KtyfzOwq2qG7K7yf8JwW4wg1JGa9lHm1f1bCm2waKtGAsaiBTuNIvz1G251
16AUUt+QvEKEysSXjbyEJE0nQ2a4B97mf/t66raETLPEPd9XjdYtnRc9ffoLKZgT
DLh3ebMWJJsMG6+FZ85EPPfG++rFDXgmHWdc3YYdK7hkoLXp56rhEElG6CsFTxJT
wtCQYzIcRWJFjWLkhe5w68gGdov6GETBc5WiMNJrCDlfHcOoxyU=
=8mCN
-----END PGP SIGNATURE-----