-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 29 Apr 2026 04:36:38 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: ppc64el
Version: 147.0.7727.137-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-01) <buildd_ppc64el-ppc64el-osuosl-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Closes: 1052440
Changes:
 chromium (147.0.7727.137-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-7363: Use after free in Canvas. Reported by heapracer.
     - CVE-2026-7361: Use after free in iOS. Reported by Google.
     - CVE-2026-7344: Use after free in Accessibility. Reported by Google.
     - CVE-2026-7343: Use after free in Views. Reported by Google.
     - CVE-2026-7333: Use after free in GPU.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7360: Insufficient validation of untrusted input in Compositing.
       Reported by Google.
     - CVE-2026-7359: Use after free in ANGLE. Reported by Google.
     - CVE-2026-7358: Use after free in Animation. Reported by Google.
     - CVE-2026-7334: Use after free in Views. Reported by Batuhan Eşref KOÇ.
     - CVE-2026-7357: Use after free in GPU. Reported by Google.
     - CVE-2026-7356: Use after free in Navigation. Reported by Google.
     - CVE-2026-7354: Out of bounds read and write in Angle. Reported by Google.
     - CVE-2026-7353: Heap buffer overflow in Skia. Reported by Google.
     - CVE-2026-7352: Use after free in Media. Reported by Google.
     - CVE-2026-7351: Race in MHTML. Reported by Google.
     - CVE-2026-7350: Use after free in WebMIDI. Reported by Google.
     - CVE-2026-7349: Use after free in Cast. Reported by Google.
     - CVE-2026-7348: Use after free in Codecs. Reported by Google.
     - CVE-2026-7335: Use after free in media.
       Reported by Jungwoo Lee (@physicube) and Wongi Lee (@_qwerty_po).
     - CVE-2026-7336: Use after free in WebRTC. Reported by Mozilla.
     - CVE-2026-7337: Type Confusion in V8. Reported by q@calif.io.
     - CVE-2026-7347: Use after free in Chromoting. Reported by Google.
     - CVE-2026-7346: Inappropriate implementation in Tint. Reported by Google.
     - CVE-2026-7345: Insufficient validation of untrusted input in Feedback.
       Reported by Google.
     - CVE-2026-7338: Use after free in Cast. Reported by Krace.
     - CVE-2026-7342: Use after free in WebView. Reported by Google.
     - CVE-2026-7341: Use after free in WebRTC. Reported by Google.
     - CVE-2026-7339: Heap buffer overflow in WebRTC.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7340: Integer overflow in ANGLE.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-7355: Use after free in Media. Reported by Google.
 .
   [ Jianfeng Liu ]
   * d/patches:
     - upstream/Fix-GL-native-pixmap-import-support-reset-in-GpuInit.patch:
       Fixes upstream issue https://crbug.com/501115509. This issue is
       introduced in v147, and unfortunately the fix won't get into v147. This
       issue affects both vaapi and v4l2 decoding under ozone wayland.
     - fixes/enable-widevine-on-arm64-linux-platform.patch: Enable widevine
       support on arm64. There is no official support for widevine on arm64
       linux while there are libwidevine binaries extracted from chromeos,
       which can work on linux (closes: #1052440).
Checksums-Sha1:
 24a139276c2e7ae059326eaf017ef163e32c90c5 5753068 chromium-common-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 b04fdf3cb6b2c8891b6f8768d1fe469569c528b3 31214412 chromium-common_147.0.7727.137-1~deb13u1_ppc64el.deb
 f18495a41f1ed66f613444c15700f11ae6f1e2e7 30003800 chromium-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 63d68b7028228c8b7bbda48251311212338cceb5 7256592 chromium-driver_147.0.7727.137-1~deb13u1_ppc64el.deb
 f8869824d2c6b36753ec8c7a97249477e3a9c372 24756584 chromium-headless-shell-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 bbb271677e4ef89cd6c61b33ad5140dbf5f39049 58728212 chromium-headless-shell_147.0.7727.137-1~deb13u1_ppc64el.deb
 f569f2ca91a36b50bc6baa056d6c092d7d7ab068 20336 chromium-sandbox-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 3396a81e1c20e3339452dd2b4647e95594316fc9 114804 chromium-sandbox_147.0.7727.137-1~deb13u1_ppc64el.deb
 066f37e3c8e1b2b0840e88e5724d1f17713c1088 25615440 chromium-shell-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 edf48a242ad4a40fcd655ecc24140ec489332ac5 58541492 chromium-shell_147.0.7727.137-1~deb13u1_ppc64el.deb
 c7214c8dab23273349abff48964ec2b3da3ab662 30386 chromium_147.0.7727.137-1~deb13u1_ppc64el-buildd.buildinfo
 c212c9a754daaaafb2874bb325f83f171cb2f363 79620536 chromium_147.0.7727.137-1~deb13u1_ppc64el.deb
Checksums-Sha256:
 4e3c8d85f5e3ca18dce4f7dfd8aaa804e38a1870545637bd0849de04c0d8d0c2 5753068 chromium-common-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 84e48a2e60e0bb10ab1aca32d215973d544ac7b4cb4d5845b5de7d3a9387c197 31214412 chromium-common_147.0.7727.137-1~deb13u1_ppc64el.deb
 5e346344a36eef2e3d5dbe6b3343a48d30ba2cd152253d188ee29d1aebad16f3 30003800 chromium-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 ae0e8091a1d5fe5f6bdf78136c67bd01c341f2f19420a0a128b4308b51a82938 7256592 chromium-driver_147.0.7727.137-1~deb13u1_ppc64el.deb
 018c63fbf6308eb45989354785db1564cc8930015e20629c84bf8dad50664d40 24756584 chromium-headless-shell-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 10ad69b66f064ad6ad6c5d1b7e461cae92031b6231a70748e684de7d35dbe71a 58728212 chromium-headless-shell_147.0.7727.137-1~deb13u1_ppc64el.deb
 8d43c0526ba88eadbfec288cec45ce3b0c5b89b1fb6f5c4dbb5f4930f0dbcd88 20336 chromium-sandbox-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 500322a8f7870f2130fd325675bbc994827ab16e271e34a38eac7eea90934bae 114804 chromium-sandbox_147.0.7727.137-1~deb13u1_ppc64el.deb
 c6ac8d2b24d5ca1201bef52b43ae8a3547d3b83d3fc3030e360b3868c0bb91f1 25615440 chromium-shell-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 90c58f00350e3044496a85cea03d84615c4c70a99916c0bec49e0f32508804fd 58541492 chromium-shell_147.0.7727.137-1~deb13u1_ppc64el.deb
 3046e0282410e3d864397724d66fa2995469ed3152855d0839ae2174deeb6df1 30386 chromium_147.0.7727.137-1~deb13u1_ppc64el-buildd.buildinfo
 2056ad4b04eb6f675c49c1302c411ea0ea5723d5f99b6e38cfd94ad4e7da00fd 79620536 chromium_147.0.7727.137-1~deb13u1_ppc64el.deb
Files:
 4f17cfca1b2ec27e1635433fe9cb1027 5753068 debug optional chromium-common-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 222f1dc1535b8a87ecce969650016b6d 31214412 web optional chromium-common_147.0.7727.137-1~deb13u1_ppc64el.deb
 140e5d5e2818a526ed1a0bed017aff72 30003800 debug optional chromium-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 3f6e18d77a188679a955f39c9e4e7dac 7256592 web optional chromium-driver_147.0.7727.137-1~deb13u1_ppc64el.deb
 37797513f8095e38b0d25dda0c911eea 24756584 debug optional chromium-headless-shell-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 1b8f0803b0e6fb1b45d95f5061dceb54 58728212 web optional chromium-headless-shell_147.0.7727.137-1~deb13u1_ppc64el.deb
 c02a14a11426de72941f479972448378 20336 debug optional chromium-sandbox-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 24aab54530ddb0e7a0103d77b6f885c8 114804 web optional chromium-sandbox_147.0.7727.137-1~deb13u1_ppc64el.deb
 f777438f5998c12ddf736e4a6a2ada7d 25615440 debug optional chromium-shell-dbgsym_147.0.7727.137-1~deb13u1_ppc64el.deb
 9b770551156043fd57dda67ac39538db 58541492 web optional chromium-shell_147.0.7727.137-1~deb13u1_ppc64el.deb
 94fa9f2b8a837896e917b8875ba49761 30386 web optional chromium_147.0.7727.137-1~deb13u1_ppc64el-buildd.buildinfo
 15eb894cad276b3a803cebf62862c741 79620536 web optional chromium_147.0.7727.137-1~deb13u1_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEGHWM+bJZRznwgySGOrVShFbIMGEFAmn1yukACgkQOrVShFbI
MGEpEg/+No+aVhMUfp03ChPfPStcXyQ2FL7UVup0sHJgOjAg+7h7ani9fMLEfsk1
vM5DmZWS6f3NTCsf0CWKpPJkZRsopyblJ0y3G0Brjq2YpxNBaHBIcj8xRK6h6Wo4
VU8b3SuDw7wBX2X/aNka8hb06CucYZri/Kvn+XdFSXzZzIxXrM9pkndg7KYYu+n6
MLabrBI3At3aXNy8xgvccy/YSZ1IUoESrKWxSfjN6YTYCftYK0QLjbmACk1v1Toh
K2bFqJBGZt7uEF2kTVP24d5XCC9bBA3chU4hwJOmqk06D7couhd5TWBhK3Yw5QkR
nP3WjypOIR2LAFV8p7Nk7SPBqUiQh0PgEVR7RBD4rPOpa3ALKKD59kNs1QRCrA33
wx/0lJ3NBLCXBlcBX6zc9ymw/h5wQ7KBP9AxGVLtx75aNQbvleylrLh4xQB6Vysi
scDl6YJVO9UB1oGQUFURCvMlIBcHFmYL/rfwxvgmIMDFCFNFySBTkeLeloxcOb05
wpCP6um0JAXn+yezebDq/1+XnMcfmrBua9SoqLRx2tbIrG8nrPrAo6gIqRMsB3CF
vJbQWGlKWQ0G3eYen0g9+Q1g/vZ1UAfRprFRTTywW7Ey0AT0NC3wmkuFlWwsVQJs
LsCns08DddQoMwHCNztq4pEWk94p218fN3y9er3vroS7rO29qZU=
=eGRF
-----END PGP SIGNATURE-----