-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 29 Apr 2026 04:36:38 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: i386
Version: 147.0.7727.137-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) <buildd_amd64-x86-conova-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Closes: 1052440
Changes:
 chromium (147.0.7727.137-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-7363: Use after free in Canvas. Reported by heapracer.
     - CVE-2026-7361: Use after free in iOS. Reported by Google.
     - CVE-2026-7344: Use after free in Accessibility. Reported by Google.
     - CVE-2026-7343: Use after free in Views. Reported by Google.
     - CVE-2026-7333: Use after free in GPU.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7360: Insufficient validation of untrusted input in Compositing.
       Reported by Google.
     - CVE-2026-7359: Use after free in ANGLE. Reported by Google.
     - CVE-2026-7358: Use after free in Animation. Reported by Google.
     - CVE-2026-7334: Use after free in Views. Reported by Batuhan Eşref KOÇ.
     - CVE-2026-7357: Use after free in GPU. Reported by Google.
     - CVE-2026-7356: Use after free in Navigation. Reported by Google.
     - CVE-2026-7354: Out of bounds read and write in Angle. Reported by Google.
     - CVE-2026-7353: Heap buffer overflow in Skia. Reported by Google.
     - CVE-2026-7352: Use after free in Media. Reported by Google.
     - CVE-2026-7351: Race in MHTML. Reported by Google.
     - CVE-2026-7350: Use after free in WebMIDI. Reported by Google.
     - CVE-2026-7349: Use after free in Cast. Reported by Google.
     - CVE-2026-7348: Use after free in Codecs. Reported by Google.
     - CVE-2026-7335: Use after free in media.
       Reported by Jungwoo Lee (@physicube) and Wongi Lee (@_qwerty_po).
     - CVE-2026-7336: Use after free in WebRTC. Reported by Mozilla.
     - CVE-2026-7337: Type Confusion in V8. Reported by q@calif.io.
     - CVE-2026-7347: Use after free in Chromoting. Reported by Google.
     - CVE-2026-7346: Inappropriate implementation in Tint. Reported by Google.
     - CVE-2026-7345: Insufficient validation of untrusted input in Feedback.
       Reported by Google.
     - CVE-2026-7338: Use after free in Cast. Reported by Krace.
     - CVE-2026-7342: Use after free in WebView. Reported by Google.
     - CVE-2026-7341: Use after free in WebRTC. Reported by Google.
     - CVE-2026-7339: Heap buffer overflow in WebRTC.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7340: Integer overflow in ANGLE.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-7355: Use after free in Media. Reported by Google.
 .
   [ Jianfeng Liu ]
   * d/patches:
     - upstream/Fix-GL-native-pixmap-import-support-reset-in-GpuInit.patch:
       Fixes upstream issue https://crbug.com/501115509. This issue is
       introduced in v147, and unfortunately the fix won't get into v147. This
       issue affects both vaapi and v4l2 decoding under ozone wayland.
     - fixes/enable-widevine-on-arm64-linux-platform.patch: Enable widevine
       support on arm64. There is no official support for widevine on arm64
       linux while there are libwidevine binaries extracted from chromeos,
       which can work on linux (closes: #1052440).
Checksums-Sha1:
 6d54408db519c7e237f74b8b7c43f61d047ce888 5308396 chromium-common-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 2ccdb9869409199e2877324ea1dec6185bbdacc3 25356108 chromium-common_147.0.7727.137-1~deb13u1_i386.deb
 829d36f3bc51e4ec3a4fca1978a41084ca3e0ecb 35922416 chromium-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 88b749cd263b40d833cd7ad06ecbdf63d6f30805 7873184 chromium-driver_147.0.7727.137-1~deb13u1_i386.deb
 a7d37fa9293e7b2f0765991c087d36bae75fc490 29664896 chromium-headless-shell-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 0c4ec6dce6f44198af1f20792fb10400a0bd8c95 58723804 chromium-headless-shell_147.0.7727.137-1~deb13u1_i386.deb
 14b4ef163975a5d8e9a9365a892902127d809a77 18988 chromium-sandbox-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 132115e6ae5c7e6dddbb73971b12313a6d915d96 114556 chromium-sandbox_147.0.7727.137-1~deb13u1_i386.deb
 1e1655944fc79fa09e43ec0a794b38fd00224b7d 32477484 chromium-shell-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 ce5dc56ceade0c099ad531b8d5793a4c6d561371 64094184 chromium-shell_147.0.7727.137-1~deb13u1_i386.deb
 521f0f74f614ad2f1894fe20ca0907936e1a35cb 30359 chromium_147.0.7727.137-1~deb13u1_i386-buildd.buildinfo
 a03ae4b1188254954914084575576cda3cb9d92a 76832312 chromium_147.0.7727.137-1~deb13u1_i386.deb
Checksums-Sha256:
 28a5655a51944df2670a68fe53f0d93914ec6d50aeeb0fb84c30f408837fb9d5 5308396 chromium-common-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 4b56a492f78c1c40e9ce6a8d5a47b16d6d07722cc6becc16b4a90371ddbf283d 25356108 chromium-common_147.0.7727.137-1~deb13u1_i386.deb
 101a4bffa8bd1208be720dd3ed9eb342012b1450fd36534e9237222a8502ac27 35922416 chromium-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 543a97be3d191f294c0ebdb476aa87bfa6e5827012e164af2e698aed00f22c40 7873184 chromium-driver_147.0.7727.137-1~deb13u1_i386.deb
 33494a7ecfa8026c0b53bdfe5f56326725405a072edb7dc39ebbbd739e84a2a5 29664896 chromium-headless-shell-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 75f8446a86171494816d2406991f9ed2c54d2282baefce30be674b27b8fdaed0 58723804 chromium-headless-shell_147.0.7727.137-1~deb13u1_i386.deb
 342346a92d718fb1f592769791adfb1818f2e1062ee15bc0db364d7a0fd9953d 18988 chromium-sandbox-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 6471a3b7074ba436b484235daf774b6598b7635ada51347bf6a8d8104336849a 114556 chromium-sandbox_147.0.7727.137-1~deb13u1_i386.deb
 c3457265f8cf930aded2a758ae01b693ecb07c2ccd81fcce2bac5dadfb13097a 32477484 chromium-shell-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 e18e069ccd1fe74372dd77e4cae85c470b49c6bf8f40814e435ae433c35f9280 64094184 chromium-shell_147.0.7727.137-1~deb13u1_i386.deb
 26f85259004a0bc3eacca50cb97b9c021bcfb407cf12039dc18840c92086b023 30359 chromium_147.0.7727.137-1~deb13u1_i386-buildd.buildinfo
 7f87e65061bb19e3bb6a256cb5f3326535726dd09b21db4e7d3712b2ab4ae8ea 76832312 chromium_147.0.7727.137-1~deb13u1_i386.deb
Files:
 1d605e75e4202122cfe631b64b92aae2 5308396 debug optional chromium-common-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 e106ca2a31d7fda3899bc25fa38f34b6 25356108 web optional chromium-common_147.0.7727.137-1~deb13u1_i386.deb
 10a5e66cb5e4c272ae1004bc7c2a41d3 35922416 debug optional chromium-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 b3fd713decd53eb8c25a5de90b6eb80e 7873184 web optional chromium-driver_147.0.7727.137-1~deb13u1_i386.deb
 ebc21128bf86a548e7f43474b6b369cb 29664896 debug optional chromium-headless-shell-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 36788c4d5ad88e3703556d5fb6460b72 58723804 web optional chromium-headless-shell_147.0.7727.137-1~deb13u1_i386.deb
 11a842266671eb1655b061b4610ac654 18988 debug optional chromium-sandbox-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 6133bede7eea10917c4ecfcc780fcd6d 114556 web optional chromium-sandbox_147.0.7727.137-1~deb13u1_i386.deb
 d8cef52a45ab41a98f8d3b815496e1c0 32477484 debug optional chromium-shell-dbgsym_147.0.7727.137-1~deb13u1_i386.deb
 a12d2d18702e5d04d3038b5929c279ad 64094184 web optional chromium-shell_147.0.7727.137-1~deb13u1_i386.deb
 fc91b918dc630198f4e9e5bc04e5ee6a 30359 web optional chromium_147.0.7727.137-1~deb13u1_i386-buildd.buildinfo
 34f436f44fdf047b68b10c44fba360f1 76832312 web optional chromium_147.0.7727.137-1~deb13u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE+i/sCsF3puL4e7qIGNGWmfrqILEFAmn0VaQACgkQGNGWmfrq
ILELGw//f37ooUiUk3WRy3ZZevVfGroyq120Bhr8+cD8u7XJWXxFMTeOWAWSi6tL
zgkt3bBN/vpEgnPLidCj+3pz49iNf8ki4rQWl4N5Uxq/tVJa4sT4QBVxFbNCAf1u
2tFnGWlJQI94uIYpNm7Ta8nS/02ZFof4ehQswY5os1t1d0nlb4Qp162yfzqss+dH
C+5W/LpgWTADlsN/Tl8S04vmEnh6EyC2Faq9g9FoEV4m8UEomlGsfUGvB7fdOAEp
g76RcY5oRaugLtFNqLVrAO2TCWKtfVxqKT3oN8hCgVOhV6ObLpQiW5eqHYkQDssg
3r/8+o2kpL/CkR8+WJoYJQW/ONUwhpSeknIwgoY+IL2LJJ83KFZPLLEFrPgwCckz
TQkk0rFyiZ/5LM0ylnrI2uLDmnBjJzV1JKfqq0YhpnN/5pm0Uaf3Ypi1XPV5LqZ/
TkpwW5AAWcdEoBf0+J+LDzJfXwtf0Ec3xZDLUppr5aTKLMxYBg2YKIyFl1RapIFp
9szqnplEBMUd88AQQOLGuNvX1Za3Ez3cKvcRklnW6ZKut1r2lA8n81Yp6e1nY2ui
ZAdO/rYzEqWV3ExVtZy3q4FIfjfrq9/lxPSlpj+HvQQ9zMJlhNB1TwWxKOM1UI+h
qw4CX0m8db4BBnGFYWnIKmT34hi8etpWpiHle6Kk7cH3k11yk74=
=1X9L
-----END PGP SIGNATURE-----