-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 01 Apr 2026 12:42:51 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: armhf
Version: 146.0.7680.177-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-03) <buildd_arm64-arm-conova-03@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (146.0.7680.177-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-5272: Heap buffer overflow in GPU.
       Reported by inspector-ambitious.
     - CVE-2026-5273: Use after free in CSS. Reported by Anonymous.
     - CVE-2026-5274: Integer overflow in Codecs.
       Reported by heapracer (@heapracer).
     - CVE-2026-5275: Heap buffer overflow in ANGLE.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5276: Insufficient policy enforcement in WebUSB.
       Reported by Ariel Simon.
     - CVE-2026-5277: Integer overflow in ANGLE.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5278: Use after free in Web MIDI.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5279: Object corruption in V8.
       Reported by Hyeonjun Ahn (@_deayzl).
     - CVE-2026-5280: Use after free in WebCodecs.
       Reported by heapracer (@heapracer).
     - CVE-2026-5281: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-5282: Out of bounds read in WebCodecs.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5283: Inappropriate implementation in ANGLE.
       Reported by sweetchip.
     - CVE-2026-5284: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-5285: Use after free in WebGL.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5286: Use after free in Dawn. Reported by sweetchip.
     - CVE-2026-5287: Use after free in PDF. Reported by Syn4pse.
     - CVE-2026-5288: Use after free in WebView. Reported by Google.
     - CVE-2026-5289: Use after free in Navigation. Reported by Google.
     - CVE-2026-5290: Use after free in Compositing. Reported by Google.
     - CVE-2026-5291: Inappropriate implementation in WebGL.
       Reported by heapracer (@heapracer).
     - CVE-2026-5292: Out of bounds read in WebCodecs. Reported by Google.
   * d/patches:
     - upstream/Fix-blink-compilation-for-platforms-other-than-x86-and-arm.patch:
       drop, merged upstream.
     - ungoogled/disable-ai.patch: resync with u-c.
 .
   [ Daniel Richard G. ]
   * d/copyright: Exclude *.pb (protobuf) binary files.
   * d/patches: Various ungoogled-chromium-related updates.
     - disable/glic.patch: Drop, replaced with disable-ai.patch from the
       ungoogled-chromium project.
     - ungoogled/disable-ai.patch: Import new patch from ungoogled-chromium
       that zaps glic, screen_ai, and various other adjacent AI-based features.
     - ungoogled/disable-mei-preload.patch: Import patch to allow building
       without *.pb files.
     - ungoogled/disable-privacy-sandbox.patch: Update imported patch.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0005-blink-add-audio-vector-support.patch: Fix FBTFS from
       upstream adding vector-accelerated audio delay functions
 .
   [ Jianfeng Liu ]
   * d/patches/upstream:
     - Fix-blink-compilation-for-platforms-other-than-x86-and-arm.patch: Fix
       FBTFS from upstream for blink audio delay function on loong64
Checksums-Sha1:
 71db13bcab1c39a2480b51267f6eed0108298401 5595448 chromium-common-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 714191a1be8a96fa3b71f617488c9b2d9e7fe1f5 29155188 chromium-common_146.0.7680.177-1~deb13u1_armhf.deb
 a72ba74d40aa61749e998aa3a2e26b8f3b90641c 34837952 chromium-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 59708b5decf3a63d2abae8ce64d61258c58b7028 7100460 chromium-driver_146.0.7680.177-1~deb13u1_armhf.deb
 6e9f359ed47dd008ec3201a8b384e8396c19ca5c 27335040 chromium-headless-shell-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 b0847e18124a4f75c31d7925d6068328ba5741a6 53495032 chromium-headless-shell_146.0.7680.177-1~deb13u1_armhf.deb
 9cf5b3cacd8b3a2b3b8e5c49926d01ec009e0efc 19268 chromium-sandbox-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 66ee1c98f5d5ef0567eaffa8df9071de99a29514 111800 chromium-sandbox_146.0.7680.177-1~deb13u1_armhf.deb
 efc37a9845b37ccd6f4b172fd18c7ea1e8b1ad26 29654028 chromium-shell-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 0dc165f918350a9a1795fb8cc2d261d873bd781c 58429768 chromium-shell_146.0.7680.177-1~deb13u1_armhf.deb
 1412eff05f2bd89c54a2cac24cd78922211f2cb0 30272 chromium_146.0.7680.177-1~deb13u1_armhf-buildd.buildinfo
 9fd97fb400ed70406f4b87c35793c5f22336abc4 69604836 chromium_146.0.7680.177-1~deb13u1_armhf.deb
Checksums-Sha256:
 9b1669d68c58530a4fe326497cd2ab61476f1d58e2e1445ca0c7331c01f25da0 5595448 chromium-common-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 40c492e1654622425ebc17b04e51bffa96c37843cd23fa6bcf23ea2174594b61 29155188 chromium-common_146.0.7680.177-1~deb13u1_armhf.deb
 46297c1151779c65d291577ccf3c58eaad734c2df5d765900935c7e5c4b8ace2 34837952 chromium-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 9482b6069266634828efb67fe6d0718014e2db77550eb4e700239ee6b02cc724 7100460 chromium-driver_146.0.7680.177-1~deb13u1_armhf.deb
 76096cadebe01cdd44bddceca8c305d67c6b01ecdcef425d412c4ef9b98a28fc 27335040 chromium-headless-shell-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 bbc7e633c7df67ec930b2f1202c2da694aeaafcbad2d896357308110aca0aed8 53495032 chromium-headless-shell_146.0.7680.177-1~deb13u1_armhf.deb
 8d613c2bd5d114734196b9284b4c65680c51da67577c59749bca06fe76cd0af8 19268 chromium-sandbox-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 fe40c5c040aa278240580b5fe29ede7251512150d7ce597eac74269dc65e8fdd 111800 chromium-sandbox_146.0.7680.177-1~deb13u1_armhf.deb
 068feeb53fcbd944b8d7c94a38aeb0970a2a1b535be5ccd65194c0977fddca30 29654028 chromium-shell-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 2d64bff02d731629c315bdd0b6cac3d34ca64dcf75d94444bc17ed018ebcf5e9 58429768 chromium-shell_146.0.7680.177-1~deb13u1_armhf.deb
 e54aff7f08d6b6ae9c812a4ca5913338b1ca9dea22b99b6f2fa006029da353f0 30272 chromium_146.0.7680.177-1~deb13u1_armhf-buildd.buildinfo
 a0ec0415370e2d5995658f62c24e5a627a32663e96f12d2ab3993841a7f635a2 69604836 chromium_146.0.7680.177-1~deb13u1_armhf.deb
Files:
 ece6b92cfa544ebaec061f8da6431df6 5595448 debug optional chromium-common-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 e82571586d0736bd2e7670f41b6c8231 29155188 web optional chromium-common_146.0.7680.177-1~deb13u1_armhf.deb
 6dff8e657c363f8feba8ce5692fbfde8 34837952 debug optional chromium-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 e49d1df5e85be2be918520185b3c96ad 7100460 web optional chromium-driver_146.0.7680.177-1~deb13u1_armhf.deb
 900d05eae778b15db84dac085eb88763 27335040 debug optional chromium-headless-shell-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 5695f3e7cfaa06e02d5861655739cb69 53495032 web optional chromium-headless-shell_146.0.7680.177-1~deb13u1_armhf.deb
 e35b7087eab90abc59afab90eab55d87 19268 debug optional chromium-sandbox-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 5a8b3bb7a7468b0629f8c1c0518e9d72 111800 web optional chromium-sandbox_146.0.7680.177-1~deb13u1_armhf.deb
 af0e0c6ce6888198c4640ff43f75d614 29654028 debug optional chromium-shell-dbgsym_146.0.7680.177-1~deb13u1_armhf.deb
 0c431852194ad3397b48706cfa14c19a 58429768 web optional chromium-shell_146.0.7680.177-1~deb13u1_armhf.deb
 39854e43a8a9ed9f4b01521e8f0fcc90 30272 web optional chromium_146.0.7680.177-1~deb13u1_armhf-buildd.buildinfo
 d65859d31760476c156f5cfda85839b4 69604836 web optional chromium_146.0.7680.177-1~deb13u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEElFiH1oZRZh1t4FSiXVp1sEH/1mIFAmnOpcwACgkQXVp1sEH/
1mL97xAAtCeAZEOVR/W827vWTW1C+EPAU2OnewK8gv09YHUnKJtk+2werkpZe77M
kCnFtURb60BKbtziDaKYe8wFxGNY750VtekWT1namqsJO1RR3tFESwL38t6DaOb4
vQraXpoZUQ32nNmN5k4zJMxOfYD5zrC3VP9l/RHSBV9+Npj7RAjRffqR1ULJs2h9
9zSiNSZF1pnU9tjuHI3kGdlcbyNPfacuhWzK+EYuKKwQe7TttNhglYZQ6HKCZesF
i8dBDCiPDqgx+F0qsloECbSMSFVjzk+JOavqcBYt8p/htEMYCcPo8RhX+a6UVNSA
hLNrlsnmiaOmiX5dOhPj0g7b/aNiffLma/uDV8mSo1hOWqZLwkUNkn5KzCg6Vus+
sepZiNf9xTifDU6kvaSZxWb1f1HSQX85zPZZLCPQBqRzBu+qFYUL1fpfKX9MfS3U
w9EfJuV8KNfLKIX54PuvdjxzY8r+HRyCvyup7m+dru3CojBHgVqB/wPAcPjIoJGy
1dpc9tsirRpBIO39Pi1nNUvvc4wSMPk8tTaqJCghi5/FqcXrzAcoox2uulPUqR92
NShaDNLiJ49MWmDnEU+3eFndiwhLwP4bk52cpvVVd2QKs8P5kpy4gMsv7rhpZrzP
1XZIm25xjAC22RstYwkHK35NHcrrc2D5tNovdAOB2b1HfHVKBBk=
=bVvR
-----END PGP SIGNATURE-----