-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 09 Apr 2026 03:34:02 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: arm64
Version: 147.0.7727.55-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-03) <buildd_arm64-arm-ubc-03@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Closes: 1132651
Changes:
 chromium (147.0.7727.55-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2026-5858: Heap buffer overflow in WebML.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5859: Integer overflow in WebML. Reported by Anonymous.
     - CVE-2026-5860: Use after free in WebRTC.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5861: Use after free in V8. Reported by 5shain.
     - CVE-2026-5862: Inappropriate implementation in V8. Reported by Google.
     - CVE-2026-5863: Inappropriate implementation in V8. Reported by Google.
     - CVE-2026-5864: Heap buffer overflow in WebAudio. Reported by Syn4pse.
     - CVE-2026-5865: Type Confusion in V8.
       Reported by Project WhatForLunch (@pjwhatforlunch).
     - CVE-2026-5866: Use after free in Media.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5867: Heap buffer overflow in WebML. Reported by Syn4pse.
     - CVE-2026-5868: Heap buffer overflow in ANGLE. Reported by cinzinga.
     - CVE-2026-5869: Heap buffer overflow in WebML.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5870: Integer overflow in Skia. Reported by Google.
     - CVE-2026-5871: Type Confusion in V8. Reported by Google.
     - CVE-2026-5872: Use after free in Blink. Reported by Google.
     - CVE-2026-5873: Out of bounds read and write in V8. Reported by Google.
     - CVE-2026-5874: Use after free in PrivateAI. Reported by Krace.
     - CVE-2026-5875: Policy bypass in Blink.
       Reported by Lyra Rebane (rebane2001).
     - CVE-2026-5876: Side-channel information leakage in Navigation.
       Reported by Lyra Rebane (rebane2001).
     - CVE-2026-5877: Use after free in Navigation.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2026-5878: Incorrect security UI in Blink.
       Reported by Shaheen Fazim.
     - CVE-2026-5879: Insufficient validation of untrusted input in ANGLE.
       Reported by parkminchan, working for SSD Labs Korea.
     - CVE-2026-5880: Incorrect security UI in browser UI.
     - CVE-2026-5881: Policy bypass in LocalNetworkAccess. Reported by asnine.
     - CVE-2026-5882: Incorrect security UI in Fullscreen.
     - CVE-2026-5883: Use after free in Media. Reported by sherkito.
     - CVE-2026-5884: Insufficient validation of untrusted input in Media.
       Reported by xmzyshypnc.
     - CVE-2026-5885: Insufficient validation of untrusted input in WebML.
       Reported by Bryan Bernhart.
     - CVE-2026-5886: Out of bounds read in WebAudio.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5887: Insufficient validation of untrusted input in Downloads.
       Reported by daffainfo.
     - CVE-2026-5888: Uninitialized Use in WebCodecs. Reported by Identified by
       the Octane Security Team: Giovanni Vignone, Paolo Gentry,
       Robert van Eijk.
     - CVE-2026-5889: Cryptographic Flaw in PDFium. Reported by mlafon.
     - CVE-2026-5890: Race in WebCodecs. Reported by Casper Woudenberg.
     - CVE-2026-5891: Insufficient policy enforcement in browser UI.
       Reported by Tianyi Hu.
     - CVE-2026-5892: Insufficient policy enforcement in PWAs.
       Reported by Tianyi Hu.
     - CVE-2026-5893: Race in V8. Reported by QYmag1c.
     - CVE-2026-5894: Inappropriate implementation in PDF.
       Reported by Povcfe of Tencent Security Xuanwu Lab.
     - CVE-2026-5895: Incorrect security UI in Omnibox.
       Reported by Renwa Hiwa @RenwaX23.
     - CVE-2026-5896: Policy bypass in Audio.
       Reported by Luan Herrera (@lbherrera_).
     - CVE-2026-5897: Incorrect security UI in Downloads.
       Reported by Farras Givari.
     - CVE-2026-5898: Incorrect security UI in Omnibox.
       Reported by saidinahikam032.
     - CVE-2026-5899: Incorrect security UI in History Navigation.
       Reported by Islam Rzayev.
     - CVE-2026-5900: Policy bypass in Downloads.
       Reported by Luan Herrera (@lbherrera_).
     - CVE-2026-5901: Policy bypass in DevTools.
       Reported by Povcfe of Tencent Security Xuanwu Lab.
     - CVE-2026-5902: Race in Media. Reported by Luke Francis.
     - CVE-2026-5903: Policy bypass in IFrameSandbox. Reported by @Ciarands.
     - CVE-2026-5904: Use after free in V8.
       Reported by Zhenpeng (Leo) Lin at depthfirst.
     - CVE-2026-5905: Incorrect security UI in Permissions.
       Reported by daffainfo.
     - CVE-2026-5906: Incorrect security UI in Omnibox.
       Reported by mohamedhesham9173.
     - CVE-2026-5907: Insufficient data validation in Media.
       Reported by Luke Francis.
     - CVE-2026-5908: Integer overflow in Media.
       Reported by Ameen Basha M K & Mohammed Yasar B.
     - CVE-2026-5909: Integer overflow in Media.
       Reported by Mohammed Yasar B & Ameen Basha M K.
     - CVE-2026-5910: Integer overflow in Media.
       Reported by Ameen Basha M K & Mohammed Yasar B.
     - CVE-2026-5911: Policy bypass in ServiceWorkers. Reported by lebr0nli
       of National Yang Ming Chiao Tung University, Dept. of CS, Security
       and Systems Lab.
     - CVE-2026-5912: Integer overflow in WebRTC.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5913: Out of bounds read in Blink.
       Reported by Vitaly Simonovich.
     - CVE-2026-5914: Type Confusion in CSS. Reported by Syn4pse.
     - CVE-2026-5915: Insufficient validation of untrusted input in WebML.
       Reported by ningxin.hu@intel.com.
     - CVE-2026-5918: Inappropriate implementation in Navigation.
       Reported by Google.
     - CVE-2026-5919: Insufficient validation of untrusted input in WebSockets.
       Reported by Richard Belisle.
   * d/patches:
     - upstream/profile.patch: drop, merged upstream.
     - upstream/fix-boringssl-loong64.patch: drop, merged upstream.
     - debianization/clang-version.patch: refresh.
     - disable/signin.patch: refresh.
     - disable/catapult.patch: refresh.
     - disable/unrar.patch: drop, merged upstream.
     - trixie/nodejs-set-intersection.patch: update for upstream refactoring.
     - bookworm/clang19.patch: -fno-lifetime-dse is unsupported. Also move
       to llvm-19 directory.
     - ungoogled/disable-ai.patch: sync from ungoogled-chromium project.
       Also re-add code that creates new tab's search bar (closes: #1132651).
     - debianization/safe-libcxx.patch: add a patch to force building with
       libc++'s LIBCPP_HARDENING_MODE turned on. See
       https://issues.chromium.org/issues/485696265 for the
       (security-related) rationale.
     - llvm-19/static-assert.patch: add another chunk of static_assert()
       removals that clang 19 needs.
     - rust-1.85/image.patch: enable nightly features for image_v0.25
       [trixie, bookworm].
     - bookworm/constexpr.patch: update/refresh for renamed file [bookworm].
   * d/rules:
     - drop "enable_glic=false", as upstream now forces their AI on everyone;
       but we strip it out with ungoogled/disable-ai.patch.
 .
   [ Daniel Richard G. ]
   * d/patches:
     - bookworm/gn-absl.patch: Add visibility specifier to absl/crc:crc32,
       and re-sort the patch to keep the edits organized.
     - trixie/gn-len.patch: Refresh.
     - trixie/gn-module-name.patch: New patch to address older GN not knowing
       about the {{cc_module_name}} substitution [trixie, bookworm].
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh for
       upstream changes
     - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - third_party/0002-regenerate-xnn-buildgn.patch: refresh for upstream
       changes
     - libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: regenerate
 .
   [ Jianfeng Liu ]
   * d/patches/loongarch64:
     - 0024-disable-BROTLI_MODEL-macro-for-some-targets.patch: add upstream
       patch to fix brotil on loong64
Checksums-Sha1:
 0279f2ebfafd4ed9f1688689e1c28a5d99271013 6092788 chromium-common-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 2de821c05cc9f4a5897957b21156b49d7e1013df 29935200 chromium-common_147.0.7727.55-1~deb13u1_arm64.deb
 9a756f14243811ac8b9ab8f2d7243a012778cc1f 33790540 chromium-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 7c32d2c4cd9bb75a0e002227a136657a7483bced 6623776 chromium-driver_147.0.7727.55-1~deb13u1_arm64.deb
 832c2e295ebd895517345e9c4fba1610e598ebdd 28062424 chromium-headless-shell-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 328aa2b4ba10794c8dbbccbf864bccd4dc90cb60 54256696 chromium-headless-shell_147.0.7727.55-1~deb13u1_arm64.deb
 6ff5c4ea19075fb51461722d8c77c20497d7418e 21084 chromium-sandbox-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 087f9678eae85f4563b05632601bd0616bd2d99d 114460 chromium-sandbox_147.0.7727.55-1~deb13u1_arm64.deb
 9da4c2657cebd4b4908f7264040d2746dbab535d 29441352 chromium-shell-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 30a9254a68ac57cd853a914fcb278a0c561dfa1b 53923864 chromium-shell_147.0.7727.55-1~deb13u1_arm64.deb
 b1dba6e0644cfdcb1938cef03af2a29e85b59331 30371 chromium_147.0.7727.55-1~deb13u1_arm64-buildd.buildinfo
 a0fd0c3f498f01f312e270d4c751f0dbe8669d3c 72518984 chromium_147.0.7727.55-1~deb13u1_arm64.deb
Checksums-Sha256:
 1bb41f6fe630eb5bd8aae2833cee36b9171449a14c4eb083a5962502d3663cb2 6092788 chromium-common-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 5b512b387c92b4e7721190fe1a4fbed8abde909325e8008936f235c68275c0f5 29935200 chromium-common_147.0.7727.55-1~deb13u1_arm64.deb
 df14a97a4f622ce13b1d6f86dfd45845c68c85347cfd03cd6603bab73bbcf0ec 33790540 chromium-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 4275f8faa7c386ffbb43165e7ac0ab598ce5be82fae5f11a2cdfde7e4b3989ff 6623776 chromium-driver_147.0.7727.55-1~deb13u1_arm64.deb
 198029385fd1bbb8486463a6cb81154e43c0b736da55ebb90afa212c98b78a27 28062424 chromium-headless-shell-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 da80d8412f5d9e326b9076a3b2e09c9afd4c6a729e470a234a57e1322ec29afb 54256696 chromium-headless-shell_147.0.7727.55-1~deb13u1_arm64.deb
 5d3fad94ae4c9b5c321b9abe3d34fb941bd37b982b6dd6ac87f481fbe0d5e959 21084 chromium-sandbox-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 73528aeb8386f9f1be270173ac0645e3ae645c19880e9038941e98efd303b748 114460 chromium-sandbox_147.0.7727.55-1~deb13u1_arm64.deb
 8409bd847970582d9cd89d4c9f1066c00ae5eb5e7da5926433c22d73cf87aebd 29441352 chromium-shell-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 2e22ec9776c0752fe94f05a8e24753c9fd8520774812cd3db462922635ccc759 53923864 chromium-shell_147.0.7727.55-1~deb13u1_arm64.deb
 5f6a330ecf656233e0fe039a31e0c03a529ab7135fc3b5210b3582f9c25e9305 30371 chromium_147.0.7727.55-1~deb13u1_arm64-buildd.buildinfo
 e3bc6de4be6a1fcc02ea5a6c348586a70839e58ac329221f99ee0cc15b61aa73 72518984 chromium_147.0.7727.55-1~deb13u1_arm64.deb
Files:
 0bf07733e4a2620fa6eafcc5b9e0f903 6092788 debug optional chromium-common-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 918909814fe48fa3c292472ec0408283 29935200 web optional chromium-common_147.0.7727.55-1~deb13u1_arm64.deb
 143942aea61b1882090634a887e61e20 33790540 debug optional chromium-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 cc7ebbc8b5cf0f0154f55bc62a206eda 6623776 web optional chromium-driver_147.0.7727.55-1~deb13u1_arm64.deb
 cd0e2788fb3fc45f8aed6bc119038d2f 28062424 debug optional chromium-headless-shell-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 06fe66d82636413f99cafef144ff8876 54256696 web optional chromium-headless-shell_147.0.7727.55-1~deb13u1_arm64.deb
 03115fcae70e4f683315ae612d3fc4d3 21084 debug optional chromium-sandbox-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 b2591974a400035bd697d1194009c87b 114460 web optional chromium-sandbox_147.0.7727.55-1~deb13u1_arm64.deb
 58ee6862f54ccb9778664a5374017672 29441352 debug optional chromium-shell-dbgsym_147.0.7727.55-1~deb13u1_arm64.deb
 f3c630e05443f9bff53abfac445903ef 53923864 web optional chromium-shell_147.0.7727.55-1~deb13u1_arm64.deb
 c45788c3c10f9a32b21ec6c3956d5c32 30371 web optional chromium_147.0.7727.55-1~deb13u1_arm64-buildd.buildinfo
 14aa8fdaf75d9e1e60ea04f443b4e87f 72518984 web optional chromium_147.0.7727.55-1~deb13u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE2kd8oHy+LXk/nybqvzDqKQSGl8UFAmnYy88ACgkQvzDqKQSG
l8UfpBAAlZ2b+geA1onZb2CS26oljgE5kXEODapRJV9t79VWC8NqMKVPkfFJzRDV
5uNDUK8ukI+1L3IYjTQZtNMW4KlEGdtjLX73zt/+/bTDVn3yyx1e7eTbEL6Us5It
sVjqScJz63LAgemeVKp4q8YwtOaBqOx1+vzlbZ7b8tI3ceQPi4HNVNRdT/plms2a
yMJKUR6XmrqREC8Qi30fdwnWJ7RHxx5/BVN+UVoqwQa7qR/mLHbkm4v23f5wqSWJ
MOZEcI0POI2fI7hrCxonP2fvC6WaZi207uF/JrDUgyzoHCsp+ZOCKr5mTCCl2+Sx
BU+hrL+EkNZjdC8VPiRdRDdKiksjCcWHbZi+3+O2aeOnko82mv4Qsjjtp3o1ADOc
DhzO6z3049NR0omt7yTIrWB7pSi+of8ouVqVr1duWTGK7sJNOCtfnNuNh7SWW7Jj
1BGm4LnZ6+q/wCNXkk/pLu1DimxLoM3lpo1om0bCDt1IsUyjxhemqHEMNXd3tEby
5kVnxufO43BZjcqDRkvdqrsUGugNk//aW8daoUxTIapUqDrdMHtAcZCy2Xs8cfsP
limVnTej5up+UrBRgxGqE/2P1E6qF5Jap5ha48y+a6OJ7M6obi6SBd5fcrj4jI2N
EA1JEd7mKeSS0IP9Wz3gI+rL0lMFI3vMx1pQlXAcfPjQroTvG50=
=alWR
-----END PGP SIGNATURE-----