-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 01 Apr 2026 12:42:51 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: i386
Version: 146.0.7680.177-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) <buildd_amd64-x86-ubc-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (146.0.7680.177-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-5272: Heap buffer overflow in GPU.
       Reported by inspector-ambitious.
     - CVE-2026-5273: Use after free in CSS. Reported by Anonymous.
     - CVE-2026-5274: Integer overflow in Codecs.
       Reported by heapracer (@heapracer).
     - CVE-2026-5275: Heap buffer overflow in ANGLE.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5276: Insufficient policy enforcement in WebUSB.
       Reported by Ariel Simon.
     - CVE-2026-5277: Integer overflow in ANGLE.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5278: Use after free in Web MIDI.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5279: Object corruption in V8.
       Reported by Hyeonjun Ahn (@_deayzl).
     - CVE-2026-5280: Use after free in WebCodecs.
       Reported by heapracer (@heapracer).
     - CVE-2026-5281: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-5282: Out of bounds read in WebCodecs.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5283: Inappropriate implementation in ANGLE.
       Reported by sweetchip.
     - CVE-2026-5284: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-5285: Use after free in WebGL.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5286: Use after free in Dawn. Reported by sweetchip.
     - CVE-2026-5287: Use after free in PDF. Reported by Syn4pse.
     - CVE-2026-5288: Use after free in WebView. Reported by Google.
     - CVE-2026-5289: Use after free in Navigation. Reported by Google.
     - CVE-2026-5290: Use after free in Compositing. Reported by Google.
     - CVE-2026-5291: Inappropriate implementation in WebGL.
       Reported by heapracer (@heapracer).
     - CVE-2026-5292: Out of bounds read in WebCodecs. Reported by Google.
   * d/patches:
     - upstream/Fix-blink-compilation-for-platforms-other-than-x86-and-arm.patch:
       drop, merged upstream.
     - ungoogled/disable-ai.patch: resync with u-c.
 .
   [ Daniel Richard G. ]
   * d/copyright: Exclude *.pb (protobuf) binary files.
   * d/patches: Various ungoogled-chromium-related updates.
     - disable/glic.patch: Drop, replaced with disable-ai.patch from the
       ungoogled-chromium project.
     - ungoogled/disable-ai.patch: Import new patch from ungoogled-chromium
       that zaps glic, screen_ai, and various other adjacent AI-based features.
     - ungoogled/disable-mei-preload.patch: Import patch to allow building
       without *.pb files.
     - ungoogled/disable-privacy-sandbox.patch: Update imported patch.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0005-blink-add-audio-vector-support.patch: Fix FBTFS from
       upstream adding vector-accelerated audio delay functions
 .
   [ Jianfeng Liu ]
   * d/patches/upstream:
     - Fix-blink-compilation-for-platforms-other-than-x86-and-arm.patch: Fix
       FBTFS from upstream for blink audio delay function on loong64
Checksums-Sha1:
 683fc1026b9e9fdaa2f193f4c90dc67e5226c68a 5180816 chromium-common-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 5510847cf209e836191b4a0593de7cade7dc2e5f 29362852 chromium-common_146.0.7680.177-1~deb13u1_i386.deb
 d18f94ffa4b036cf997b62cf3f744a052697fee5 35554076 chromium-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 ba57b4cdb1ec2fed8257487c58e2afd9e07567ad 7779480 chromium-driver_146.0.7680.177-1~deb13u1_i386.deb
 ae2ac64b91591e1994bbb67df60a6fecab4741ac 29517864 chromium-headless-shell-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 bbba625e2dc8700cbd42713aebe1a48f9ebdb81c 58144228 chromium-headless-shell_146.0.7680.177-1~deb13u1_i386.deb
 d9c6a9dec211a65f7749c66c08f25399ec8bdbdd 18980 chromium-sandbox-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 62dd492b187476dec197e1d2efff0f4a65402a51 112028 chromium-sandbox_146.0.7680.177-1~deb13u1_i386.deb
 0d7d75662ad688f4af859c94d930d0a0e9ac9d50 32298892 chromium-shell-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 15c3d97a69b3c64ab3075c070b5db71fe3241274 63397932 chromium-shell_146.0.7680.177-1~deb13u1_i386.deb
 07bab1fa55f7f38b84efd4542aff5721733da469 30319 chromium_146.0.7680.177-1~deb13u1_i386-buildd.buildinfo
 60829e17baeeae08d9bd83f9fd55e5c14db52772 75404620 chromium_146.0.7680.177-1~deb13u1_i386.deb
Checksums-Sha256:
 852c90f4bc55e81a74f4c775f2a81014cee31569f98f1d95b847a028b423e32e 5180816 chromium-common-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 67132db22d5c130a5066a6cb1270b05c1de7fa3e1d45f5e32a713a63ede6b11b 29362852 chromium-common_146.0.7680.177-1~deb13u1_i386.deb
 43af8333d22ac98752e3fb517986e5dd4578a7f6dbd0c075308bd0030cbc1c9e 35554076 chromium-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 7da986537eb66f3a531caef72d314df2aa13bb338e6af53290b88a221a36e98d 7779480 chromium-driver_146.0.7680.177-1~deb13u1_i386.deb
 7f18f4c473e4d5b57c6176bfce312b010a61619968079f60744eedee3467deeb 29517864 chromium-headless-shell-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 53db009c6aadb655d2aaac8df36c02dcd07d3d546bc64c7d2d117e272e11661a 58144228 chromium-headless-shell_146.0.7680.177-1~deb13u1_i386.deb
 6f2f629c3aa5a40b7c2a7a251f3a8bc954b29bd416c4e02bc5c224e262a2a32b 18980 chromium-sandbox-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 903008477d7b31c65da6e175d8a625017c49fcd3f62b45059df1e659de6c2121 112028 chromium-sandbox_146.0.7680.177-1~deb13u1_i386.deb
 22d1896ddfbd400e95c3408282216eda5270babcee2b062e51415e43b3c86abe 32298892 chromium-shell-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 3fbe8cc2d0636844f058c5e4a2159c52e9847bc9b1b97fa30e4f0e235cf88a33 63397932 chromium-shell_146.0.7680.177-1~deb13u1_i386.deb
 c7c21edae5646f31bfc5327118854585515f774debb668508f58d8bfde9afc07 30319 chromium_146.0.7680.177-1~deb13u1_i386-buildd.buildinfo
 95cd8b2754d10e637ed99ae4b33b15dddc1d3b4d132939be821866892164f2f2 75404620 chromium_146.0.7680.177-1~deb13u1_i386.deb
Files:
 e569a0f4ba85ea6302f9f5867c46c44c 5180816 debug optional chromium-common-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 f7381a06ac40dfab6611f51354f2afcd 29362852 web optional chromium-common_146.0.7680.177-1~deb13u1_i386.deb
 4e9d33db29b90655adf1b4798cc6452e 35554076 debug optional chromium-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 d88cbcc687bf777ba47e6b61c3577555 7779480 web optional chromium-driver_146.0.7680.177-1~deb13u1_i386.deb
 ccbc4cca471f4f122148ccab75a32e8b 29517864 debug optional chromium-headless-shell-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 a4584d6264491dbfeeed8612c35d9e4e 58144228 web optional chromium-headless-shell_146.0.7680.177-1~deb13u1_i386.deb
 17b6c3ea22bbfa1f9e499629a3c3d7fb 18980 debug optional chromium-sandbox-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 a4d94e225f1e00e63d748e1e059f3f79 112028 web optional chromium-sandbox_146.0.7680.177-1~deb13u1_i386.deb
 0a1e074bdb17c350f83bd90f2d0a4403 32298892 debug optional chromium-shell-dbgsym_146.0.7680.177-1~deb13u1_i386.deb
 5a5f9c31426cd6d9cdfe7b9c7ba53313 63397932 web optional chromium-shell_146.0.7680.177-1~deb13u1_i386.deb
 c736c346e783c17b2cc235043a284b66 30319 web optional chromium_146.0.7680.177-1~deb13u1_i386-buildd.buildinfo
 9538ba895e895f8e6fa77a41def80430 75404620 web optional chromium_146.0.7680.177-1~deb13u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEb5EwsJvHBEjqIJYIbheoBegwXLIFAmnOylsACgkQbheoBegw
XLKaqQ/+O7CU9VCzD/M7qkkFviGODMrQ8fAMQMk1hVM3q1FlfP2Qdg9SlutzxnU3
AkqV4IZ7vAbFQyywu0mcUwojnTxviAABy09geAhokuBnMBouCECWCVvBgebIRfXh
PauzGAo+tUz3WmeprNotnL3VCWnKQzO+y7G7pGjyeRWh/o9TvIs7ekNXVktX9jHW
TuL3R4BMh+TBZylwE+sujfuIrIdjor6g1F/djGDy/7It7Rmzh0e2pVHtmSrXWA+7
+S5U13bS0yjge8Qgt5zcfK4vssNSTxEQIrfdOS3rIDnr5ou4udm6o0I/bx8fnwDC
0rq0FJyAIBlzvzBrmRxKovod4EtHtDXlifzvhydYF5/7e9XTeZl/ePVPPnD9f5yB
gdMgpukHZAT8t9ekuACuf7nx1muNfmE4O6jxFF6ug+x8qCTP6dz+9nsuAMsJoKO0
mtTPn1DCFJv8JktptdMfY1NAtxohm1RzVoxvSUtX4U3fXnw9mo4rVLVPQDFRKVlW
GKUR8xpXSnZUW0A+8Dal35jNXSFB51wFBun5r+YwV+9qHT1C7jZkuMVTXYGIRspl
/yBJ9rrFj5WZIUaTwcBTiXVwrVEbYqwoWPJZnvpSFVfJNY4hE8QwjHsUTm4cw7RN
EE94ORjNWlM29I+Lgia4o4sDuwdrIanJoRblH9mAOEd7HNLk0nk=
=iteD
-----END PGP SIGNATURE-----