-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 09 Apr 2026 03:34:02 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: armhf
Version: 147.0.7727.55-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-04) <buildd_arm64-arm-conova-04@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Closes: 1132651
Changes:
 chromium (147.0.7727.55-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2026-5858: Heap buffer overflow in WebML.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5859: Integer overflow in WebML. Reported by Anonymous.
     - CVE-2026-5860: Use after free in WebRTC.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5861: Use after free in V8. Reported by 5shain.
     - CVE-2026-5862: Inappropriate implementation in V8. Reported by Google.
     - CVE-2026-5863: Inappropriate implementation in V8. Reported by Google.
     - CVE-2026-5864: Heap buffer overflow in WebAudio. Reported by Syn4pse.
     - CVE-2026-5865: Type Confusion in V8.
       Reported by Project WhatForLunch (@pjwhatforlunch).
     - CVE-2026-5866: Use after free in Media.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5867: Heap buffer overflow in WebML. Reported by Syn4pse.
     - CVE-2026-5868: Heap buffer overflow in ANGLE. Reported by cinzinga.
     - CVE-2026-5869: Heap buffer overflow in WebML.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5870: Integer overflow in Skia. Reported by Google.
     - CVE-2026-5871: Type Confusion in V8. Reported by Google.
     - CVE-2026-5872: Use after free in Blink. Reported by Google.
     - CVE-2026-5873: Out of bounds read and write in V8. Reported by Google.
     - CVE-2026-5874: Use after free in PrivateAI. Reported by Krace.
     - CVE-2026-5875: Policy bypass in Blink.
       Reported by Lyra Rebane (rebane2001).
     - CVE-2026-5876: Side-channel information leakage in Navigation.
       Reported by Lyra Rebane (rebane2001).
     - CVE-2026-5877: Use after free in Navigation.
       Reported by Cassidy Kim(@cassidy6564).
     - CVE-2026-5878: Incorrect security UI in Blink.
       Reported by Shaheen Fazim.
     - CVE-2026-5879: Insufficient validation of untrusted input in ANGLE.
       Reported by parkminchan, working for SSD Labs Korea.
     - CVE-2026-5880: Incorrect security UI in browser UI.
     - CVE-2026-5881: Policy bypass in LocalNetworkAccess. Reported by asnine.
     - CVE-2026-5882: Incorrect security UI in Fullscreen.
     - CVE-2026-5883: Use after free in Media. Reported by sherkito.
     - CVE-2026-5884: Insufficient validation of untrusted input in Media.
       Reported by xmzyshypnc.
     - CVE-2026-5885: Insufficient validation of untrusted input in WebML.
       Reported by Bryan Bernhart.
     - CVE-2026-5886: Out of bounds read in WebAudio.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5887: Insufficient validation of untrusted input in Downloads.
       Reported by daffainfo.
     - CVE-2026-5888: Uninitialized Use in WebCodecs. Reported by Identified by
       the Octane Security Team: Giovanni Vignone, Paolo Gentry,
       Robert van Eijk.
     - CVE-2026-5889: Cryptographic Flaw in PDFium. Reported by mlafon.
     - CVE-2026-5890: Race in WebCodecs. Reported by Casper Woudenberg.
     - CVE-2026-5891: Insufficient policy enforcement in browser UI.
       Reported by Tianyi Hu.
     - CVE-2026-5892: Insufficient policy enforcement in PWAs.
       Reported by Tianyi Hu.
     - CVE-2026-5893: Race in V8. Reported by QYmag1c.
     - CVE-2026-5894: Inappropriate implementation in PDF.
       Reported by Povcfe of Tencent Security Xuanwu Lab.
     - CVE-2026-5895: Incorrect security UI in Omnibox.
       Reported by Renwa Hiwa @RenwaX23.
     - CVE-2026-5896: Policy bypass in Audio.
       Reported by Luan Herrera (@lbherrera_).
     - CVE-2026-5897: Incorrect security UI in Downloads.
       Reported by Farras Givari.
     - CVE-2026-5898: Incorrect security UI in Omnibox.
       Reported by saidinahikam032.
     - CVE-2026-5899: Incorrect security UI in History Navigation.
       Reported by Islam Rzayev.
     - CVE-2026-5900: Policy bypass in Downloads.
       Reported by Luan Herrera (@lbherrera_).
     - CVE-2026-5901: Policy bypass in DevTools.
       Reported by Povcfe of Tencent Security Xuanwu Lab.
     - CVE-2026-5902: Race in Media. Reported by Luke Francis.
     - CVE-2026-5903: Policy bypass in IFrameSandbox. Reported by @Ciarands.
     - CVE-2026-5904: Use after free in V8.
       Reported by Zhenpeng (Leo) Lin at depthfirst.
     - CVE-2026-5905: Incorrect security UI in Permissions.
       Reported by daffainfo.
     - CVE-2026-5906: Incorrect security UI in Omnibox.
       Reported by mohamedhesham9173.
     - CVE-2026-5907: Insufficient data validation in Media.
       Reported by Luke Francis.
     - CVE-2026-5908: Integer overflow in Media.
       Reported by Ameen Basha M K & Mohammed Yasar B.
     - CVE-2026-5909: Integer overflow in Media.
       Reported by Mohammed Yasar B & Ameen Basha M K.
     - CVE-2026-5910: Integer overflow in Media.
       Reported by Ameen Basha M K & Mohammed Yasar B.
     - CVE-2026-5911: Policy bypass in ServiceWorkers. Reported by lebr0nli
       of National Yang Ming Chiao Tung University, Dept. of CS, Security
       and Systems Lab.
     - CVE-2026-5912: Integer overflow in WebRTC.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5913: Out of bounds read in Blink.
       Reported by Vitaly Simonovich.
     - CVE-2026-5914: Type Confusion in CSS. Reported by Syn4pse.
     - CVE-2026-5915: Insufficient validation of untrusted input in WebML.
       Reported by ningxin.hu@intel.com.
     - CVE-2026-5918: Inappropriate implementation in Navigation.
       Reported by Google.
     - CVE-2026-5919: Insufficient validation of untrusted input in WebSockets.
       Reported by Richard Belisle.
   * d/patches:
     - upstream/profile.patch: drop, merged upstream.
     - upstream/fix-boringssl-loong64.patch: drop, merged upstream.
     - debianization/clang-version.patch: refresh.
     - disable/signin.patch: refresh.
     - disable/catapult.patch: refresh.
     - disable/unrar.patch: drop, merged upstream.
     - trixie/nodejs-set-intersection.patch: update for upstream refactoring.
     - bookworm/clang19.patch: -fno-lifetime-dse is unsupported. Also move
       to llvm-19 directory.
     - ungoogled/disable-ai.patch: sync from ungoogled-chromium project.
       Also re-add code that creates new tab's search bar (closes: #1132651).
     - debianization/safe-libcxx.patch: add a patch to force building with
       libc++'s LIBCPP_HARDENING_MODE turned on. See
       https://issues.chromium.org/issues/485696265 for the
       (security-related) rationale.
     - llvm-19/static-assert.patch: add another chunk of static_assert()
       removals that clang 19 needs.
     - rust-1.85/image.patch: enable nightly features for image_v0.25
       [trixie, bookworm].
     - bookworm/constexpr.patch: update/refresh for renamed file [bookworm].
   * d/rules:
     - drop "enable_glic=false", as upstream now forces their AI on everyone;
       but we strip it out with ungoogled/disable-ai.patch.
 .
   [ Daniel Richard G. ]
   * d/patches:
     - bookworm/gn-absl.patch: Add visibility specifier to absl/crc:crc32,
       and re-sort the patch to keep the edits organized.
     - trixie/gn-len.patch: Refresh.
     - trixie/gn-module-name.patch: New patch to address older GN not knowing
       about the {{cc_module_name}} substitution [trixie, bookworm].
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh for
       upstream changes
     - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - third_party/0002-regenerate-xnn-buildgn.patch: refresh for upstream
       changes
     - libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: regenerate
 .
   [ Jianfeng Liu ]
   * d/patches/loongarch64:
     - 0024-disable-BROTLI_MODEL-macro-for-some-targets.patch: add upstream
       patch to fix brotil on loong64
Checksums-Sha1:
 8b2fa98ea33dc8c637d81f63f055ce2795ae876c 5718948 chromium-common-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 8d6752851153e036bcaeb6e7885f74bc456e33de 25112524 chromium-common_147.0.7727.55-1~deb13u1_armhf.deb
 e6ab0a253f57ecbabc80e955a0892c8509e257e1 35171404 chromium-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 6fc668944788052bf10978f524c2140a5334b6f1 7169628 chromium-driver_147.0.7727.55-1~deb13u1_armhf.deb
 c67927bebca35d3b759f15f8e8a719ba5b094270 27496060 chromium-headless-shell-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 204722a8679296b3be2a50d80c14e40facb350b5 53959556 chromium-headless-shell_147.0.7727.55-1~deb13u1_armhf.deb
 e65bd1afb33729c3155d15f77160783f5b1d7afb 19252 chromium-sandbox-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 718d40afb43bc666ce801acc913b5589d602f6c2 113296 chromium-sandbox_147.0.7727.55-1~deb13u1_armhf.deb
 6b4f2d2b0134d0e8739653c770c83e4b3a839774 29823144 chromium-shell-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 3e2e2a97728c8fadd7d9bb7bd10b2905e4ce0e47 58993648 chromium-shell_147.0.7727.55-1~deb13u1_armhf.deb
 7ea34b2daba9518aac72ec22248ed37b491df9cb 30277 chromium_147.0.7727.55-1~deb13u1_armhf-buildd.buildinfo
 19f057fb21e109d00631fca3b478615b8b3f1e54 70745584 chromium_147.0.7727.55-1~deb13u1_armhf.deb
Checksums-Sha256:
 c6fc8f52b763c30792c949bf2aaf9e1aa31ce7fd113e1ddf72b5bd1de78180f3 5718948 chromium-common-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 bfe79d23ed6951c664b25a0e18efbcbb7cfb862f1056e84781bfcb50cf2248a0 25112524 chromium-common_147.0.7727.55-1~deb13u1_armhf.deb
 07ecc87bbeb7ccf5d7918fa9ef5f656e8fd1d562b4d97e8d75a891a66e98322d 35171404 chromium-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 33736517e63c1de646887dba787b61f11d3ae41ae6f2ef8a7a2704c63deaa8d4 7169628 chromium-driver_147.0.7727.55-1~deb13u1_armhf.deb
 fda7dfd44532661b25a8be02229a1117dd6c64df47e22b9688c3b6d640602c7b 27496060 chromium-headless-shell-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 a5dd08a039748f3d86ba520cf24736c1b91739c7926ccca358d8aa66ff20e5a0 53959556 chromium-headless-shell_147.0.7727.55-1~deb13u1_armhf.deb
 b15f407c66c596e929d3e632cbd2d6f6a9ab82e07764cce443818fbade40e3d1 19252 chromium-sandbox-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 0fb77f4e9fff53467ca9aaeb87b58d88f746c9b094fc0364160e08b2e7f0750c 113296 chromium-sandbox_147.0.7727.55-1~deb13u1_armhf.deb
 69f28cb687c44128fd762ea77ff0605d09824005905b56bf5d6f38bde59f8391 29823144 chromium-shell-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 bdeb8730cefff63ea4c79672e8cc75ae5261d0462bb1cecb44730a2c0d4b50a8 58993648 chromium-shell_147.0.7727.55-1~deb13u1_armhf.deb
 ab70fae4aa7228c5295d6330010c964a03909b5e125f53bbd84a81b575313b28 30277 chromium_147.0.7727.55-1~deb13u1_armhf-buildd.buildinfo
 56701e9b2d77323d982c7cfe60e64f3009f003e0abcdeae1ee92ac10f629c411 70745584 chromium_147.0.7727.55-1~deb13u1_armhf.deb
Files:
 4160b79675672eebac2331d178cbc45d 5718948 debug optional chromium-common-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 cf5a01491647f3d2708828d1ce1cab9b 25112524 web optional chromium-common_147.0.7727.55-1~deb13u1_armhf.deb
 c6e07b5c682e2493c8687bcaca1e0616 35171404 debug optional chromium-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 4a9a468bad705723648990fe1968901c 7169628 web optional chromium-driver_147.0.7727.55-1~deb13u1_armhf.deb
 13663cd5a35e0d926330a3e9277978c1 27496060 debug optional chromium-headless-shell-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 24da36e76945e5deaa99f84a888cf989 53959556 web optional chromium-headless-shell_147.0.7727.55-1~deb13u1_armhf.deb
 1c6b8995c643885ca85a4c8007726bc8 19252 debug optional chromium-sandbox-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 1d380a051753bb67fb5246c21986905d 113296 web optional chromium-sandbox_147.0.7727.55-1~deb13u1_armhf.deb
 8b1c9fdba71d413f843b123f533e3944 29823144 debug optional chromium-shell-dbgsym_147.0.7727.55-1~deb13u1_armhf.deb
 00ef2e4f11153aabbbc1b74cdc791ace 58993648 web optional chromium-shell_147.0.7727.55-1~deb13u1_armhf.deb
 43040be52c083768670dbd34a9572df0 30277 web optional chromium_147.0.7727.55-1~deb13u1_armhf-buildd.buildinfo
 c5a9c62615757ee12bcca423ae1db2b5 70745584 web optional chromium_147.0.7727.55-1~deb13u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEYxmcRLDHP0tCCM0oScpU3dYulLgFAmnY1qMACgkQScpU3dYu
lLhhtQ/8DKJ27t44Dp6sC+pCh32BNUL8mkscMNKriLCCg/TzO9DfhYg3NBncKlY3
mBYSmPN7E22h/XveZDBR9BiHoUbSYWc5fJaSuv5FI/4bqQiq8kWI0tHj637stglM
D74iRla4/gEnqHw+LA9ZuMuAkauFBPSaw4x1WDb4D+2iDoyHDYSQfK0voKite6pG
0exEwmHo3CbidZGdIyKKC6YvCTydkCCvDkNyN9ktVPFuLYaCPRjKtfPafpW3fPUf
kNlrJ58PETBZHNGZ7IZEusvKPhxfEUkEHbaYKECjFhS0rg371HWBiC9cMLE7L9OW
V7N3S+lFiDnul3lGSmzoNZUVXpshcGMRkejCOQEGcET5jPQ/zzUd9swKU1Yml5cs
9d8EYC0qOxLfREuXL3L45eRIuYgc95j+y0y3QOBwfPActmWQFttknWjGlpsavrsY
PiVCEkz5y/nGjD4tHK5JhwYyAl5S0c80K51WxNrafuqwAZWpLgHnaUVG2FejBTki
1dKfSwFc+yu7yAxBXC9jRSaFpizegIakxObs8k/cz80G5CWaQBxe6pXPhiBuMasW
0mcUufDm+IH1p9WbFK/y6ErdDQ6mHW8Q635SSySkyq6tCaLzi7VNZUVL4rC8QdSh
+gJbLTl2ME066i+LoWNuPmziAVQuYHzsKcTMuwEuNlehLjs/7/E=
=n6L+
-----END PGP SIGNATURE-----