-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 09 Apr 2026 03:34:02 -0400 Source: chromium Architecture: source Version: 147.0.7727.55-1 Distribution: unstable Urgency: high Maintainer: Debian Chromium Team <chromium@packages.debian.org> Changed-By: Andres Salomon <dilinger@debian.org> Closes: 1132651 Changes: chromium (147.0.7727.55-1) unstable; urgency=high . [ Andres Salomon ] * New upstream stable release. - CVE-2026-5858: Heap buffer overflow in WebML. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-5859: Integer overflow in WebML. Reported by Anonymous. - CVE-2026-5860: Use after free in WebRTC. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-5861: Use after free in V8. Reported by 5shain. - CVE-2026-5862: Inappropriate implementation in V8. Reported by Google. - CVE-2026-5863: Inappropriate implementation in V8. Reported by Google. - CVE-2026-5864: Heap buffer overflow in WebAudio. Reported by Syn4pse. - CVE-2026-5865: Type Confusion in V8. Reported by Project WhatForLunch (@pjwhatforlunch). - CVE-2026-5866: Use after free in Media. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-5867: Heap buffer overflow in WebML. Reported by Syn4pse. - CVE-2026-5868: Heap buffer overflow in ANGLE. Reported by cinzinga. - CVE-2026-5869: Heap buffer overflow in WebML. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-5870: Integer overflow in Skia. Reported by Google. - CVE-2026-5871: Type Confusion in V8. Reported by Google. - CVE-2026-5872: Use after free in Blink. Reported by Google. - CVE-2026-5873: Out of bounds read and write in V8. Reported by Google. - CVE-2026-5874: Use after free in PrivateAI. Reported by Krace. - CVE-2026-5875: Policy bypass in Blink. Reported by Lyra Rebane (rebane2001). - CVE-2026-5876: Side-channel information leakage in Navigation. Reported by Lyra Rebane (rebane2001). - CVE-2026-5877: Use after free in Navigation. Reported by Cassidy Kim(@cassidy6564). - CVE-2026-5878: Incorrect security UI in Blink. Reported by Shaheen Fazim. - CVE-2026-5879: Insufficient validation of untrusted input in ANGLE. Reported by parkminchan, working for SSD Labs Korea. - CVE-2026-5880: Incorrect security UI in browser UI. - CVE-2026-5881: Policy bypass in LocalNetworkAccess. Reported by asnine. - CVE-2026-5882: Incorrect security UI in Fullscreen. - CVE-2026-5883: Use after free in Media. Reported by sherkito. - CVE-2026-5884: Insufficient validation of untrusted input in Media. Reported by xmzyshypnc. - CVE-2026-5885: Insufficient validation of untrusted input in WebML. Reported by Bryan Bernhart. - CVE-2026-5886: Out of bounds read in WebAudio. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-5887: Insufficient validation of untrusted input in Downloads. Reported by daffainfo. - CVE-2026-5888: Uninitialized Use in WebCodecs. Reported by Identified by the Octane Security Team: Giovanni Vignone, Paolo Gentry, Robert van Eijk. - CVE-2026-5889: Cryptographic Flaw in PDFium. Reported by mlafon. - CVE-2026-5890: Race in WebCodecs. Reported by Casper Woudenberg. - CVE-2026-5891: Insufficient policy enforcement in browser UI. Reported by Tianyi Hu. - CVE-2026-5892: Insufficient policy enforcement in PWAs. Reported by Tianyi Hu. - CVE-2026-5893: Race in V8. Reported by QYmag1c. - CVE-2026-5894: Inappropriate implementation in PDF. Reported by Povcfe of Tencent Security Xuanwu Lab. - CVE-2026-5895: Incorrect security UI in Omnibox. Reported by Renwa Hiwa @RenwaX23. - CVE-2026-5896: Policy bypass in Audio. Reported by Luan Herrera (@lbherrera_). - CVE-2026-5897: Incorrect security UI in Downloads. Reported by Farras Givari. - CVE-2026-5898: Incorrect security UI in Omnibox. Reported by saidinahikam032. - CVE-2026-5899: Incorrect security UI in History Navigation. Reported by Islam Rzayev. - CVE-2026-5900: Policy bypass in Downloads. Reported by Luan Herrera (@lbherrera_). - CVE-2026-5901: Policy bypass in DevTools. Reported by Povcfe of Tencent Security Xuanwu Lab. - CVE-2026-5902: Race in Media. Reported by Luke Francis. - CVE-2026-5903: Policy bypass in IFrameSandbox. Reported by @Ciarands. - CVE-2026-5904: Use after free in V8. Reported by Zhenpeng (Leo) Lin at depthfirst. - CVE-2026-5905: Incorrect security UI in Permissions. Reported by daffainfo. - CVE-2026-5906: Incorrect security UI in Omnibox. Reported by mohamedhesham9173. - CVE-2026-5907: Insufficient data validation in Media. Reported by Luke Francis. - CVE-2026-5908: Integer overflow in Media. Reported by Ameen Basha M K & Mohammed Yasar B. - CVE-2026-5909: Integer overflow in Media. Reported by Mohammed Yasar B & Ameen Basha M K. - CVE-2026-5910: Integer overflow in Media. Reported by Ameen Basha M K & Mohammed Yasar B. - CVE-2026-5911: Policy bypass in ServiceWorkers. Reported by lebr0nli of National Yang Ming Chiao Tung University, Dept. of CS, Security and Systems Lab. - CVE-2026-5912: Integer overflow in WebRTC. Reported by c6eed09fc8b174b0f3eebedcceb1e792. - CVE-2026-5913: Out of bounds read in Blink. Reported by Vitaly Simonovich. - CVE-2026-5914: Type Confusion in CSS. Reported by Syn4pse. - CVE-2026-5915: Insufficient validation of untrusted input in WebML. Reported by ningxin.hu@intel.com. - CVE-2026-5918: Inappropriate implementation in Navigation. Reported by Google. - CVE-2026-5919: Insufficient validation of untrusted input in WebSockets. Reported by Richard Belisle. * d/patches: - upstream/profile.patch: drop, merged upstream. - upstream/fix-boringssl-loong64.patch: drop, merged upstream. - debianization/clang-version.patch: refresh. - disable/signin.patch: refresh. - disable/catapult.patch: refresh. - disable/unrar.patch: drop, merged upstream. - trixie/nodejs-set-intersection.patch: update for upstream refactoring. - bookworm/clang19.patch: -fno-lifetime-dse is unsupported. Also move to llvm-19 directory. - ungoogled/disable-ai.patch: sync from ungoogled-chromium project. Also re-add code that creates new tab's search bar (closes: #1132651). - debianization/safe-libcxx.patch: add a patch to force building with libc++'s LIBCPP_HARDENING_MODE turned on. See https://issues.chromium.org/issues/485696265 for the (security-related) rationale. - llvm-19/static-assert.patch: add another chunk of static_assert() removals that clang 19 needs. - rust-1.85/image.patch: enable nightly features for image_v0.25 [trixie, bookworm]. - bookworm/constexpr.patch: update/refresh for renamed file [bookworm]. * d/rules: - drop "enable_glic=false", as upstream now forces their AI on everyone; but we strip it out with ungoogled/disable-ai.patch. . [ Daniel Richard G. ] * d/patches: - bookworm/gn-absl.patch: Add visibility specifier to absl/crc:crc32, and re-sort the patch to keep the edits organized. - trixie/gn-len.patch: Refresh. - trixie/gn-module-name.patch: New patch to address older GN not knowing about the {{cc_module_name}} substitution [trixie, bookworm]. . [ Timothy Pearson ] * d/patches/ppc64le: - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh for upstream changes - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch: refresh for upstream changes - third_party/0002-regenerate-xnn-buildgn.patch: refresh for upstream changes - libaom/0001-Add-pregenerated-config-for-libaom-on-ppc64.patch: regenerate . [ Jianfeng Liu ] * d/patches/loongarch64: - 0024-disable-BROTLI_MODEL-macro-for-some-targets.patch: add upstream patch to fix brotil on loong64 Checksums-Sha1: 5d4158acf4065c9c05233b6f55e73e6cca588c9d 4058 chromium_147.0.7727.55-1.dsc e3c79ac96fbb326aa4b304fbe7727ca0e80f6f9b 790744280 chromium_147.0.7727.55.orig.tar.xz 4d1990e7e31ca7070d6ae293710f4bbfa3e1fa85 478504 chromium_147.0.7727.55-1.debian.tar.xz a919defdf8554fa2c449d63a9027dad367123773 27943 chromium_147.0.7727.55-1_source.buildinfo Checksums-Sha256: 73f5289c14377841e964575b447f5cd5672bff849d6605ad2ed643616682c05d 4058 chromium_147.0.7727.55-1.dsc dc70bd5309c46c4e6ebcb040d41c14335c177cf73c9cdded2319506b2f3689ba 790744280 chromium_147.0.7727.55.orig.tar.xz 967cf7af1868c81c1ceaba85c481a8b43afc47a2aa7c7bd1ad4c5fea06f233a0 478504 chromium_147.0.7727.55-1.debian.tar.xz 25fefaab57fa204a24cce808f65ac44b6aae61a0855b9d80fa27183a0264d1f0 27943 chromium_147.0.7727.55-1_source.buildinfo Files: 56db6505223ae3d6753e1dfa29862220 4058 web optional chromium_147.0.7727.55-1.dsc 065046e90698275a229e560c6318b27d 790744280 web optional chromium_147.0.7727.55.orig.tar.xz 95fb9c1277b3b28673ac7ff4fd7fcde6 478504 web optional chromium_147.0.7727.55-1.debian.tar.xz 18330bf044df4b3a692df71cc4653d31 27943 web optional chromium_147.0.7727.55-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmnXuIsUHGRpbGluZ2Vy QGRlYmlhbi5vcmcACgkQZF0CR8NudjeCCg//ar18YuFd9yYReP3k2limyqsNtizT 5axut7NQuzRmG4FO3XmutD3hVn3Pxn86Bwnyo7lS3CqzHZggS6XcE3riE5ggL4hE 5coSd+eofxbn7EBgsbLtxjNsZuyxyzIFrUPc7+4GA9Z5rAHil28A+FpEW89M1At4 yDKZTp2rud6H0RBCTy8g1EpOofcuhwIKmgiOTHGWQdIfuJgq9me5vQSCkc+tPIGR UKVBnwKwMFpKcB292OPXdfoeFu0r00hOb+ICq5lb3alLHYNLitYDm4T47tn0ikId eZa6JbUHeYXyVA9HXQsmT/kprYXvnsNK7Wbe0jFGmIZ6iCa4liU4WIUHx6AqqiVD +UOIUmIwNL8vHJlzRi1ik25O/CDhwpagS5JCrDqy7VQepCyfGjUe0iFdPgCdZ1l6 ws4hE24BH48VB0XW8e739pWQOuZC/gx2glW8uhytu/7CkNzlEJdTMj6vSTo/TnTW o2FZkWRi+CYmTaL1h2h9nJFpdrLTAQCCwqbTazgbtg2l/c86XSaPflZ7LwBD6OMK J2+vIjxwyr0x28a4w7lCodneshx3/UM9q4DF3fnYdZhTDEpTtUbytsf1fnw1Ffva DLH1tkkVM8fVfYtetwNtpz5lnqpBMP/3X+pxHtcu7gSrLp48owDu4IJnIjZjvQm3 n3ITckRJKPCiQbQ= =YLQ+ -----END PGP SIGNATURE-----
