-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 29 Apr 2026 04:36:38 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: ppc64el
Version: 147.0.7727.137-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: ppc64el Build Daemon (ppc64el-conova-01) <buildd_ppc64el-ppc64el-conova-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Closes: 1052440
Changes:
 chromium (147.0.7727.137-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-7363: Use after free in Canvas. Reported by heapracer.
     - CVE-2026-7361: Use after free in iOS. Reported by Google.
     - CVE-2026-7344: Use after free in Accessibility. Reported by Google.
     - CVE-2026-7343: Use after free in Views. Reported by Google.
     - CVE-2026-7333: Use after free in GPU.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7360: Insufficient validation of untrusted input in Compositing.
       Reported by Google.
     - CVE-2026-7359: Use after free in ANGLE. Reported by Google.
     - CVE-2026-7358: Use after free in Animation. Reported by Google.
     - CVE-2026-7334: Use after free in Views. Reported by Batuhan Eşref KOÇ.
     - CVE-2026-7357: Use after free in GPU. Reported by Google.
     - CVE-2026-7356: Use after free in Navigation. Reported by Google.
     - CVE-2026-7354: Out of bounds read and write in Angle. Reported by Google.
     - CVE-2026-7353: Heap buffer overflow in Skia. Reported by Google.
     - CVE-2026-7352: Use after free in Media. Reported by Google.
     - CVE-2026-7351: Race in MHTML. Reported by Google.
     - CVE-2026-7350: Use after free in WebMIDI. Reported by Google.
     - CVE-2026-7349: Use after free in Cast. Reported by Google.
     - CVE-2026-7348: Use after free in Codecs. Reported by Google.
     - CVE-2026-7335: Use after free in media.
       Reported by Jungwoo Lee (@physicube) and Wongi Lee (@_qwerty_po).
     - CVE-2026-7336: Use after free in WebRTC. Reported by Mozilla.
     - CVE-2026-7337: Type Confusion in V8. Reported by q@calif.io.
     - CVE-2026-7347: Use after free in Chromoting. Reported by Google.
     - CVE-2026-7346: Inappropriate implementation in Tint. Reported by Google.
     - CVE-2026-7345: Insufficient validation of untrusted input in Feedback.
       Reported by Google.
     - CVE-2026-7338: Use after free in Cast. Reported by Krace.
     - CVE-2026-7342: Use after free in WebView. Reported by Google.
     - CVE-2026-7341: Use after free in WebRTC. Reported by Google.
     - CVE-2026-7339: Heap buffer overflow in WebRTC.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-7340: Integer overflow in ANGLE.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-7355: Use after free in Media. Reported by Google.
 .
   [ Jianfeng Liu ]
   * d/patches:
     - upstream/Fix-GL-native-pixmap-import-support-reset-in-GpuInit.patch:
       Fixes upstream issue https://crbug.com/501115509. This issue is
       introduced in v147, and unfortunately the fix won't get into v147. This
       issue affects both vaapi and v4l2 decoding under ozone wayland.
     - fixes/enable-widevine-on-arm64-linux-platform.patch: Enable widevine
       support on arm64. There is no official support for widevine on arm64
       linux while there are libwidevine binaries extracted from chromeos,
       which can work on linux (closes: #1052440).
Checksums-Sha1:
 b49e8200696f1bc24fa9b765997c46064edea5ba 6039376 chromium-common-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 32deba74fb535fcc5c68a3da58e639e64d5b19b1 32158336 chromium-common_147.0.7727.137-1~deb12u1_ppc64el.deb
 7e557f0a7e88ce0038f8df359ecc35cc7b7303c0 32023408 chromium-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 614c6b463d9120d03a0f06656505f11e3169d150 7747772 chromium-driver_147.0.7727.137-1~deb12u1_ppc64el.deb
 da43996cdf68b504f23c9f7745207d5f68ca3fe5 25443360 chromium-headless-shell-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 3d100559a65f658b4c0fd881a1150fadb60630c2 55879560 chromium-headless-shell_147.0.7727.137-1~deb12u1_ppc64el.deb
 fdae258a2c0566364db4a193763bc37cc218d434 19252 chromium-sandbox-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 b3050b1455ba6a75993438a2b28bab804a2fe730 116924 chromium-sandbox_147.0.7727.137-1~deb12u1_ppc64el.deb
 732e39e90cec64b5c08eb53b79a4be3cca95f545 27576764 chromium-shell-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 92b9c5d206fc20e2fa987cfe7dbcb8dcb3035e99 60876404 chromium-shell_147.0.7727.137-1~deb12u1_ppc64el.deb
 7ae5070ac37cb77d2598a3b9f70db65a50ec4363 30349 chromium_147.0.7727.137-1~deb12u1_ppc64el-buildd.buildinfo
 e9df49bc51e5cf759bfad50e89bc627fd8ee00dd 73255524 chromium_147.0.7727.137-1~deb12u1_ppc64el.deb
Checksums-Sha256:
 062c86a34e16cae619331a9a5112b7b48ba1a56c15a20a7edd98ab506e2424ba 6039376 chromium-common-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 8755adcdce67d00abeda802ddd710ae846b2011b54b7c8959f269ea2d7e19897 32158336 chromium-common_147.0.7727.137-1~deb12u1_ppc64el.deb
 71a25429e61664c592e77348724acf0cb790aa33f39c6bc014078919777d6039 32023408 chromium-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 c2e0ba705cc327658650ee429aed20319a7ed1a2d19aa52e016b6d0dea2df1d5 7747772 chromium-driver_147.0.7727.137-1~deb12u1_ppc64el.deb
 246258c2e9201e8695043d066e0fbd69ac19c5450ac7dccf16950f0345b714fa 25443360 chromium-headless-shell-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 6e2f24d850595c3c7519a4be94bbca9f96311d8fc5e124994c6b0efc07ce71eb 55879560 chromium-headless-shell_147.0.7727.137-1~deb12u1_ppc64el.deb
 4cd9a75a97313f5ea34e20770d7a212e2fdef76652d5e97d684f5edf57cc54ea 19252 chromium-sandbox-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 ae287db54b3b3b58a1a11494d3665705c752c5b9c9bd993774ef74dd0b8a1bb5 116924 chromium-sandbox_147.0.7727.137-1~deb12u1_ppc64el.deb
 cc67db9c64dc12ea7b056e105f6acbd4467acbee48145ba7e5c7fa0c36f23766 27576764 chromium-shell-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 46e4a1413062d5d1bd33548840135d74c7f877609a3d32886e249e362f6d6078 60876404 chromium-shell_147.0.7727.137-1~deb12u1_ppc64el.deb
 37f99f315a00153f27ad6eb85669ee29b26b86f49293d49c276164ca8ca64f4c 30349 chromium_147.0.7727.137-1~deb12u1_ppc64el-buildd.buildinfo
 eaa42875f302539d76bab9c8aa9104f566b4fba828c15d5b9fbc1ca294490eeb 73255524 chromium_147.0.7727.137-1~deb12u1_ppc64el.deb
Files:
 a2b93156496f8a723bb306ab6c3505a6 6039376 debug optional chromium-common-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 715a78037ad70c4799ce0472b4347fe8 32158336 web optional chromium-common_147.0.7727.137-1~deb12u1_ppc64el.deb
 23e580d5b931b5d20878b7bc2604c7d5 32023408 debug optional chromium-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 4471021ee789082ce63b5fb7cf5a626e 7747772 web optional chromium-driver_147.0.7727.137-1~deb12u1_ppc64el.deb
 70cb9b2e7d971d765602576d1acae7c4 25443360 debug optional chromium-headless-shell-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 db92068bdcd08f405d46d46dc06defaa 55879560 web optional chromium-headless-shell_147.0.7727.137-1~deb12u1_ppc64el.deb
 dc5538efdd9d018f3609554fae6399b7 19252 debug optional chromium-sandbox-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 3b1f8d9cf5a3e89716890173f88fc798 116924 web optional chromium-sandbox_147.0.7727.137-1~deb12u1_ppc64el.deb
 da6b855cb40ba9a1da6f83fe2416d0f7 27576764 debug optional chromium-shell-dbgsym_147.0.7727.137-1~deb12u1_ppc64el.deb
 12146d75e79a8546b402711e13a59e44 60876404 web optional chromium-shell_147.0.7727.137-1~deb12u1_ppc64el.deb
 4a095b219950b81fadaa4511adfac314 30349 web optional chromium_147.0.7727.137-1~deb12u1_ppc64el-buildd.buildinfo
 254191d41b676d30c1ca0ebabfa2af9f 73255524 web optional chromium_147.0.7727.137-1~deb12u1_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEDoRc43uRWMOoIqIgDNLUPhbmg7MFAmn1spUACgkQDNLUPhbm
g7P+5w//XTqmnxxE5BSF5XCOlirgvV+wC8t8Ub4Ctlr24Pga+dDsDGhMRr0ahxbV
rDt/gy2K1ryGO8hA3kDkVfvG4++2o3PXZtW+1cxHX0Olo15KPk5EyXrAjXdxs1ht
qrhyPuWhTfsqJX3Kw+hhvZsFXbvOdXXAgJ5s8ve3Leway3k+pKEImzvHyZd/9FkZ
9SE1aUOEzHLOWQj5APiWRkUV5ZL4SiU+uZBBtZRfjX6s/01q3d6FkHOsqAegiAH1
fUHOthFNyU35JH+MgS2S1w8Adfvyj9Z6p9Bd0HWRTjU2uy8jiKDDXl42OT3zPvuQ
JufgRpe0IsbGvsYBsX7uc1YU982ElVEF5ik745C8K66q7bycN5/hN8ih7KM3Cclo
Rks6LPoTWGAA/8ijD6Rj9hBd/ehBRCamXPM01nYeOsnfdOZDLLDvsbPOInynIJRK
1EcFQD1CBd6jD9hyirQwEA7TwHEkmGhrRYAY60gAsa9OfPC1vGJkmtdoceT2g2/k
Hz8nmi2V+1olEt7mHMem8smZ4P8dIoqm6oi8vCSCH5ybYZMEfWh/FdN7iSJbniKP
Na4NHKqDLqgncq05zzXgjXC+GqJPQpYJmRtYK+JNzqMaTe5ojCTvL5q50YxZXfsd
LSJN6R/f13xdjTNE0TyAkBWoDtRbK/lp/iTx2JI0J8xo2ACC0Qs=
=2sFt
-----END PGP SIGNATURE-----