-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 01 Apr 2026 12:42:51 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: amd64
Version: 146.0.7680.177-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (146.0.7680.177-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-5272: Heap buffer overflow in GPU.
       Reported by inspector-ambitious.
     - CVE-2026-5273: Use after free in CSS. Reported by Anonymous.
     - CVE-2026-5274: Integer overflow in Codecs.
       Reported by heapracer (@heapracer).
     - CVE-2026-5275: Heap buffer overflow in ANGLE.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5276: Insufficient policy enforcement in WebUSB.
       Reported by Ariel Simon.
     - CVE-2026-5277: Integer overflow in ANGLE.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5278: Use after free in Web MIDI.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5279: Object corruption in V8.
       Reported by Hyeonjun Ahn (@_deayzl).
     - CVE-2026-5280: Use after free in WebCodecs.
       Reported by heapracer (@heapracer).
     - CVE-2026-5281: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-5282: Out of bounds read in WebCodecs.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5283: Inappropriate implementation in ANGLE.
       Reported by sweetchip.
     - CVE-2026-5284: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-5285: Use after free in WebGL.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5286: Use after free in Dawn. Reported by sweetchip.
     - CVE-2026-5287: Use after free in PDF. Reported by Syn4pse.
     - CVE-2026-5288: Use after free in WebView. Reported by Google.
     - CVE-2026-5289: Use after free in Navigation. Reported by Google.
     - CVE-2026-5290: Use after free in Compositing. Reported by Google.
     - CVE-2026-5291: Inappropriate implementation in WebGL.
       Reported by heapracer (@heapracer).
     - CVE-2026-5292: Out of bounds read in WebCodecs. Reported by Google.
   * d/patches:
     - upstream/Fix-blink-compilation-for-platforms-other-than-x86-and-arm.patch:
       drop, merged upstream.
     - ungoogled/disable-ai.patch: resync with u-c.
 .
   [ Daniel Richard G. ]
   * d/copyright: Exclude *.pb (protobuf) binary files.
   * d/patches: Various ungoogled-chromium-related updates.
     - disable/glic.patch: Drop, replaced with disable-ai.patch from the
       ungoogled-chromium project.
     - ungoogled/disable-ai.patch: Import new patch from ungoogled-chromium
       that zaps glic, screen_ai, and various other adjacent AI-based features.
     - ungoogled/disable-mei-preload.patch: Import patch to allow building
       without *.pb files.
     - ungoogled/disable-privacy-sandbox.patch: Update imported patch.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0005-blink-add-audio-vector-support.patch: Fix FBTFS from
       upstream adding vector-accelerated audio delay functions
 .
   [ Jianfeng Liu ]
   * d/patches/upstream:
     - Fix-blink-compilation-for-platforms-other-than-x86-and-arm.patch: Fix
       FBTFS from upstream for blink audio delay function on loong64
Checksums-Sha1:
 c65835a87d721e39f27de1580a96522c995d17db 5108600 chromium-common-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 46cefaf0e3492fa1c666a18ef0c559a4f93aef19 29236888 chromium-common_146.0.7680.177-1~deb13u1_amd64.deb
 dba6b517d241e0ad8221a684d3575a96e6ce5e45 32969080 chromium-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 4416813fd992abd1a39cada16e789c05e28a48ff 7353780 chromium-driver_146.0.7680.177-1~deb13u1_amd64.deb
 09c58ac7314a15650f1ed961da968112036a717a 28067816 chromium-headless-shell-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 2be83dea1a9cde4fd8eff3eb339579974bdc2288 61333672 chromium-headless-shell_146.0.7680.177-1~deb13u1_amd64.deb
 151659d386a3cb6e27f7466463aa48b40e1e05ff 20220 chromium-sandbox-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 f177ca541350ea08c7c5496f5fbdca0fb181ea70 112140 chromium-sandbox_146.0.7680.177-1~deb13u1_amd64.deb
 6ac92f28d8c0ed0ced5bdfbcede46827eb1f2363 29452976 chromium-shell-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 c3d950b2fed09fcbdadd09436cde9d9ae43627d3 60756496 chromium-shell_146.0.7680.177-1~deb13u1_amd64.deb
 3556876fef54b1746ade74cacacc9766db57e5d5 30397 chromium_146.0.7680.177-1~deb13u1_amd64-buildd.buildinfo
 d172bf3576cdfd6b687dd9da20fcf12eba0307d3 82289732 chromium_146.0.7680.177-1~deb13u1_amd64.deb
Checksums-Sha256:
 37a10714608f8c49fdcc8a26c664776704ee20e6c77e2c09987bad13efb4b9de 5108600 chromium-common-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 1137d60bf12175b9d9135da43d5d75a9b353e2b96aacd8275717d4cee00a6ac1 29236888 chromium-common_146.0.7680.177-1~deb13u1_amd64.deb
 5da4666dd1e09d8e4c687b38c458128a97f4c504b2ffc0e7d5daa5feafdda6f3 32969080 chromium-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 d254f6828486adba495872ad316cbf7941fd4ad1822770e2c1d10a1980fdd67c 7353780 chromium-driver_146.0.7680.177-1~deb13u1_amd64.deb
 72b2e8a8bf6410f8e5b0ce2a1e356913608133d6076af17433e54c921ce0cf89 28067816 chromium-headless-shell-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 24ed8f06d8a2c95f6ae7e6b115651a3cb0c90a9b0ed6845bbabf499d7fedc208 61333672 chromium-headless-shell_146.0.7680.177-1~deb13u1_amd64.deb
 a6390488eca877faac948d08a8f433ead15b0feab88ecdae365b8c02b3ca0b25 20220 chromium-sandbox-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 999e1baf6e32a40bdf42d1f189081b19f6ad51833e5d69cd36a051993deb5e1a 112140 chromium-sandbox_146.0.7680.177-1~deb13u1_amd64.deb
 6ab4fcf2f42d987935692ddd011746eed2b5a72a3339a94b845bf855c15301dc 29452976 chromium-shell-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 5930e8ab565bca0e8e79d12f8463ec44da6c5c3b8ca1796e4f69810d13ceb459 60756496 chromium-shell_146.0.7680.177-1~deb13u1_amd64.deb
 7cafde614a74338d4656b8406910d3492771fe2ad87565b93fb17942c7e423a5 30397 chromium_146.0.7680.177-1~deb13u1_amd64-buildd.buildinfo
 0d6f6b667828a8912bb43dffb3c2e9102456f034bb10bf0fd6c6bbbd099eb792 82289732 chromium_146.0.7680.177-1~deb13u1_amd64.deb
Files:
 1903e7d0a12bc77bc7f7a7da2680f81b 5108600 debug optional chromium-common-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 70b578272ff4b3d88840358b04e73220 29236888 web optional chromium-common_146.0.7680.177-1~deb13u1_amd64.deb
 d9e58f38141970d003b8f18c8a8ebe39 32969080 debug optional chromium-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 ce4c831119a5767f2f2dbd2ffebbad64 7353780 web optional chromium-driver_146.0.7680.177-1~deb13u1_amd64.deb
 fee0d74752abf064c09cbfb6324dab74 28067816 debug optional chromium-headless-shell-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 265515d7a41e47766b78c62b9017fd8f 61333672 web optional chromium-headless-shell_146.0.7680.177-1~deb13u1_amd64.deb
 64c7812ed8fc12f4d842f8778a7e8d8a 20220 debug optional chromium-sandbox-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 7aefe66d013e70bf776b27167402df27 112140 web optional chromium-sandbox_146.0.7680.177-1~deb13u1_amd64.deb
 73df1e6240aa3d09b34a4557f155194e 29452976 debug optional chromium-shell-dbgsym_146.0.7680.177-1~deb13u1_amd64.deb
 76764fa461300c58c58b5d9e834659a8 60756496 web optional chromium-shell_146.0.7680.177-1~deb13u1_amd64.deb
 72c9589c292270419ac5c995cc44039e 30397 web optional chromium_146.0.7680.177-1~deb13u1_amd64-buildd.buildinfo
 d41b3dea192c6994c97e40039b24e8ae 82289732 web optional chromium_146.0.7680.177-1~deb13u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmtr4KUMaso2EQ6NrTwt/65ON6zcFAmnOq9sACgkQTwt/65ON
6ze0oQ/+OozoxlyB7+tGR79hX2gnmgw825iGklTJztaFmrc8x9eT5aD8vt2RcbI5
AIOdzLlrDZp9Nutb6UjwaElEMLyBlnwZxVc3kUKcTon+VlaOUfp3gMeO1TRYMdlD
Z7vqAIWm9h8LMTd3db9RBjCocZpzyEieGRlc3NJtWH/hqrYF20rUa4mpaT7+QobR
U+2Kq3DAP9z519kwR8zfORB1y77tBdri+CYE4YaOuUQmBR4K/FBo2kCZE/4jhU4Y
PW/ibabx/TEn9u9v3mixSwcolR+3fjAkhYHV8KMkPQNqtE/Q5iaC10m/hbrOSMC+
XzH2ZUnB3C8Jjxw92bwAz1PzLvix+Sle+2uii9Yz1vOhLOuE/UPtGdW8AyTp94m3
y40BMNRMc8TSLGkbnMTMBjI1mYr/t69rqB21PHA56eR749/3UsrAG/nRi0CuToDz
stiFVi0MjrtbM6Y0rBZcTBaa5sRGD1uYh9o0TYvupJJ5ravdtvGyhM4tx/fw468Y
PWszyghQJU75jn1/z7b7Djw97We8zkWRBL1Q0AIbcBRWGmXj0QvVOXZsV2/2C42X
PC5Z+2wVbOOEqJarIpqLGk2IuS/AuF6TT93MqFp5QtcRF2WlkLuvti6V+EnM+zaw
hWajs/Tw5M+yaXM8BgW2k9ukpN+CgzAGxFevGxmCiU/EI/mfp2c=
=rqLH
-----END PGP SIGNATURE-----