-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 01 Apr 2026 12:42:51 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: arm64
Version: 146.0.7680.177-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-02) <buildd_arm64-arm-ubc-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (146.0.7680.177-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-5272: Heap buffer overflow in GPU.
       Reported by inspector-ambitious.
     - CVE-2026-5273: Use after free in CSS. Reported by Anonymous.
     - CVE-2026-5274: Integer overflow in Codecs.
       Reported by heapracer (@heapracer).
     - CVE-2026-5275: Heap buffer overflow in ANGLE.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5276: Insufficient policy enforcement in WebUSB.
       Reported by Ariel Simon.
     - CVE-2026-5277: Integer overflow in ANGLE.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5278: Use after free in Web MIDI.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5279: Object corruption in V8.
       Reported by Hyeonjun Ahn (@_deayzl).
     - CVE-2026-5280: Use after free in WebCodecs.
       Reported by heapracer (@heapracer).
     - CVE-2026-5281: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-5282: Out of bounds read in WebCodecs.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5283: Inappropriate implementation in ANGLE.
       Reported by sweetchip.
     - CVE-2026-5284: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-5285: Use after free in WebGL.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5286: Use after free in Dawn. Reported by sweetchip.
     - CVE-2026-5287: Use after free in PDF. Reported by Syn4pse.
     - CVE-2026-5288: Use after free in WebView. Reported by Google.
     - CVE-2026-5289: Use after free in Navigation. Reported by Google.
     - CVE-2026-5290: Use after free in Compositing. Reported by Google.
     - CVE-2026-5291: Inappropriate implementation in WebGL.
       Reported by heapracer (@heapracer).
     - CVE-2026-5292: Out of bounds read in WebCodecs. Reported by Google.
   * d/patches:
     - upstream/Fix-blink-compilation-for-platforms-other-than-x86-and-arm.patch:
       drop, merged upstream.
     - ungoogled/disable-ai.patch: resync with u-c.
 .
   [ Daniel Richard G. ]
   * d/copyright: Exclude *.pb (protobuf) binary files.
   * d/patches: Various ungoogled-chromium-related updates.
     - disable/glic.patch: Drop, replaced with disable-ai.patch from the
       ungoogled-chromium project.
     - ungoogled/disable-ai.patch: Import new patch from ungoogled-chromium
       that zaps glic, screen_ai, and various other adjacent AI-based features.
     - ungoogled/disable-mei-preload.patch: Import patch to allow building
       without *.pb files.
     - ungoogled/disable-privacy-sandbox.patch: Update imported patch.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0005-blink-add-audio-vector-support.patch: Fix FBTFS from
       upstream adding vector-accelerated audio delay functions
 .
   [ Jianfeng Liu ]
   * d/patches/upstream:
     - Fix-blink-compilation-for-platforms-other-than-x86-and-arm.patch: Fix
       FBTFS from upstream for blink audio delay function on loong64
Checksums-Sha1:
 98d351783e2ceef07038bd58c40064f2619ca8ab 6077052 chromium-common-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 21c6d00fd2ab356f15ed79d5b8f4be470d589681 33874252 chromium-common_146.0.7680.177-1~deb13u1_arm64.deb
 fbdfa501304afd69d5b07df469dbb13659f68f1c 33531064 chromium-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 8f7cac3080582e475311da6a29190de71e291ee7 6530884 chromium-driver_146.0.7680.177-1~deb13u1_arm64.deb
 7903a7c140980b047bbb7e2eabb545d4422cbd67 28025368 chromium-headless-shell-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 93a896e6fb47b0a6b13bed1786dc14344dbc146a 53466712 chromium-headless-shell_146.0.7680.177-1~deb13u1_arm64.deb
 63d48a51ea2a78e44b6e00760ae791e59986b82e 21096 chromium-sandbox-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 8a16b5d7ab771c4bef23d8960761714358a5befe 112924 chromium-sandbox_146.0.7680.177-1~deb13u1_arm64.deb
 eb19a71663dda3f845eece7b61cbe534759b4fe9 29282708 chromium-shell-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 d3647ccdba9bd9814baa9d42cc89012057f1ec65 53138792 chromium-shell_146.0.7680.177-1~deb13u1_arm64.deb
 86dfa0c7149e95fb4f7f4b220f8c5f78b7f397b4 30366 chromium_146.0.7680.177-1~deb13u1_arm64-buildd.buildinfo
 d3e83ac12c7c60d11a378ad37ac680646bb1ebd4 70900500 chromium_146.0.7680.177-1~deb13u1_arm64.deb
Checksums-Sha256:
 4478d03677bbfd957f3b1a8fe9d608f2b223b6fb4ad6d261b85bb3b8a22b8896 6077052 chromium-common-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 e22f75f6dfa6bb3b75be20584f8fa529517746b31e64b00142f811f415027a20 33874252 chromium-common_146.0.7680.177-1~deb13u1_arm64.deb
 12d8a983e340a7c5a3412aa76cabfbfcba164efafe4d23e846c3a14809c91581 33531064 chromium-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 66ce8dbfa0c40120c500fa6ce3618e0d4d9c43198a09008080e48a44adc68a79 6530884 chromium-driver_146.0.7680.177-1~deb13u1_arm64.deb
 9eabcc10688ace8c2793d3eb542fd362ef25c8dfabb84d7a1ab83ccb697cc60f 28025368 chromium-headless-shell-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 e9a27250c2b8cf9645a2a198cae4cc414dbc82b9f419279f043a4d43bb7f2930 53466712 chromium-headless-shell_146.0.7680.177-1~deb13u1_arm64.deb
 c6adff99994bb85d84603ad71bca87a0778fe1b90e4f7c250426ad42a4021c66 21096 chromium-sandbox-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 14cf05506e0b89908cda1644f65931884ef4002c00b20cbdb3495ee2fa018394 112924 chromium-sandbox_146.0.7680.177-1~deb13u1_arm64.deb
 f033bc0ef3a860d492f7aa4945b005dcad1f70b436ddbb856b000dd7c053bf4c 29282708 chromium-shell-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 ef05e31e1f5864f6e33fb06a5c5ba60557dd425deea7a61e43c634f07199f9f1 53138792 chromium-shell_146.0.7680.177-1~deb13u1_arm64.deb
 2bac5d5675a8b969013f69dcb6d7eb9fe17ddca04bb3b8c6ead20081eebba688 30366 chromium_146.0.7680.177-1~deb13u1_arm64-buildd.buildinfo
 99880aecb716fa1b7d10eb8d94748d3c8830fad9ff74632e84e50a4a3d474ee8 70900500 chromium_146.0.7680.177-1~deb13u1_arm64.deb
Files:
 f3c7de252ec22a873edaae1de50d3413 6077052 debug optional chromium-common-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 2f2f608b3bc72411c973df3690277845 33874252 web optional chromium-common_146.0.7680.177-1~deb13u1_arm64.deb
 548effeda1c0e2715ddf00679cb0123f 33531064 debug optional chromium-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 20c0064a3198a3b42408421b5f923188 6530884 web optional chromium-driver_146.0.7680.177-1~deb13u1_arm64.deb
 4ee8ffcb21a2da0a28ae8988fbbd74e4 28025368 debug optional chromium-headless-shell-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 c37d2283d1ba5200f7f308269423ca85 53466712 web optional chromium-headless-shell_146.0.7680.177-1~deb13u1_arm64.deb
 32d345fa2e37c435ef43afbab07da4a3 21096 debug optional chromium-sandbox-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 f98d53662fe0eb177cf42090fe87a3d3 112924 web optional chromium-sandbox_146.0.7680.177-1~deb13u1_arm64.deb
 e7f8c378d4757cc615fa9e3e6c17c7b8 29282708 debug optional chromium-shell-dbgsym_146.0.7680.177-1~deb13u1_arm64.deb
 989354f007546ea7f3f32c1116676937 53138792 web optional chromium-shell_146.0.7680.177-1~deb13u1_arm64.deb
 cd58cae0b1b50e7ccede741cffc1087b 30366 web optional chromium_146.0.7680.177-1~deb13u1_arm64-buildd.buildinfo
 5a9331e5794c45a90268f87d8efeb84f 70900500 web optional chromium_146.0.7680.177-1~deb13u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEJkN0BnKzGWWW6tS+G5VHrWJmwgcFAmnOpk0ACgkQG5VHrWJm
wgdwTQ//XQk9flMQJxFaryMhCcFc6ZlHCBLNwaHI6cHgyRljSl14H/NMQjUhUqFK
nt2PchXmQpDfvfU/vhSUoFkJVs4yxXvQgF6PYXg01SJtTRy7kCRPW20v7LUs6qE9
0xOHAq6Uwi/VbhYxHSJZMcK7jttvmCBrP/FuDx9J0Czu3JIgNezea4VviEjXEB/S
bi9xLcglEiz8zj2yEVs3RqJvVDGJgb1T6buU0W8RM7M88wcYxaxSmvCkTqxTnOjh
2x6l22Ox5H97MEw1g+vjMiWmVIYnImiGuKRYCfuLRbKRmqVre/vqDoM1kA2TB7L/
HH4gL4UR3uVrUdzzHepU4IdfG76Y4kSeD7zpYoB8ZkMk8mttwWl+6Vg/21FaU7lM
qOi/o0AdYshUisGetfwDMNzUxWB+ob75GB+32tfVK6UHRIj3FTFTt4j4mVxg9aNe
8T5/sBm00gXrbkRoME9zSmTro2ecGxopR7fDeXKHP0gDJ15EbeTcE6xdJ7HbDa0f
lvWj235PZOCYtcwzEgl3PkkKKzFmprXqenFAfNy/g7TIZsg4ojC6JD8DaO0IcPg5
dXImo8bB6aE3RYPJN1vfCFJR7dEgqjFURhVitrWLxpsCeZfndq+eiTZgR0CVsWgK
Vhb8MP9IGx8b70zQWajfJQRD4aTPeUByOhcPdSRa/qv8RcJnfe4=
=fh8a
-----END PGP SIGNATURE-----