-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 01 Apr 2026 12:42:51 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: amd64
Version: 146.0.7680.177-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-csail-01) <buildd_amd64-x86-csail-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (146.0.7680.177-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-5272: Heap buffer overflow in GPU.
       Reported by inspector-ambitious.
     - CVE-2026-5273: Use after free in CSS. Reported by Anonymous.
     - CVE-2026-5274: Integer overflow in Codecs.
       Reported by heapracer (@heapracer).
     - CVE-2026-5275: Heap buffer overflow in ANGLE.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5276: Insufficient policy enforcement in WebUSB.
       Reported by Ariel Simon.
     - CVE-2026-5277: Integer overflow in ANGLE.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5278: Use after free in Web MIDI.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5279: Object corruption in V8.
       Reported by Hyeonjun Ahn (@_deayzl).
     - CVE-2026-5280: Use after free in WebCodecs.
       Reported by heapracer (@heapracer).
     - CVE-2026-5281: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-5282: Out of bounds read in WebCodecs.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5283: Inappropriate implementation in ANGLE.
       Reported by sweetchip.
     - CVE-2026-5284: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-5285: Use after free in WebGL.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-5286: Use after free in Dawn. Reported by sweetchip.
     - CVE-2026-5287: Use after free in PDF. Reported by Syn4pse.
     - CVE-2026-5288: Use after free in WebView. Reported by Google.
     - CVE-2026-5289: Use after free in Navigation. Reported by Google.
     - CVE-2026-5290: Use after free in Compositing. Reported by Google.
     - CVE-2026-5291: Inappropriate implementation in WebGL.
       Reported by heapracer (@heapracer).
     - CVE-2026-5292: Out of bounds read in WebCodecs. Reported by Google.
   * d/patches:
     - upstream/Fix-blink-compilation-for-platforms-other-than-x86-and-arm.patch:
       drop, merged upstream.
     - ungoogled/disable-ai.patch: resync with u-c.
 .
   [ Daniel Richard G. ]
   * d/copyright: Exclude *.pb (protobuf) binary files.
   * d/patches: Various ungoogled-chromium-related updates.
     - disable/glic.patch: Drop, replaced with disable-ai.patch from the
       ungoogled-chromium project.
     - ungoogled/disable-ai.patch: Import new patch from ungoogled-chromium
       that zaps glic, screen_ai, and various other adjacent AI-based features.
     - ungoogled/disable-mei-preload.patch: Import patch to allow building
       without *.pb files.
     - ungoogled/disable-privacy-sandbox.patch: Update imported patch.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0005-blink-add-audio-vector-support.patch: Fix FBTFS from
       upstream adding vector-accelerated audio delay functions
 .
   [ Jianfeng Liu ]
   * d/patches/upstream:
     - Fix-blink-compilation-for-platforms-other-than-x86-and-arm.patch: Fix
       FBTFS from upstream for blink audio delay function on loong64
Checksums-Sha1:
 b2c40a6e257e5930518efd987503a8f87f165e1a 5388632 chromium-common-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 89223007e8b0034a39af6566f6a63373ef931cc8 29249344 chromium-common_146.0.7680.177-1~deb12u1_amd64.deb
 9a20d076a554e607e7a9d15fd6109c19741ba53c 35305940 chromium-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 2ebe51311cf56761017711175bd02180e39134d5 7445268 chromium-driver_146.0.7680.177-1~deb12u1_amd64.deb
 a741f0177bef0df4d5977f381fb7bf28bfaaad3e 29329828 chromium-headless-shell-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 af2f5c7fa5517dc6571e2c69ce9b0fffd710a90c 56580260 chromium-headless-shell_146.0.7680.177-1~deb12u1_amd64.deb
 63019fe9f5029b71cb28b7c05e7f0060edaf52be 19296 chromium-sandbox-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 24a459bb940b2cbe57cf44e39f51877680797a5f 114196 chromium-sandbox_146.0.7680.177-1~deb12u1_amd64.deb
 560dbe21ab9b11c36ba8b160c580c71450aa1a5b 32104552 chromium-shell-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 6ba3e5406b5e2a588add226d68dc72beb4b921e5 61627372 chromium-shell_146.0.7680.177-1~deb12u1_amd64.deb
 3971ceb6e63cf37ae3bf3917e094de5dc49ad32d 30422 chromium_146.0.7680.177-1~deb12u1_amd64-buildd.buildinfo
 a381d154026084d86c3545c3a2ae8a80717d1563 72824988 chromium_146.0.7680.177-1~deb12u1_amd64.deb
Checksums-Sha256:
 1b70fdeebb63c193d7d372b10bf4c0844af70861527540ad8f7efece9c9bea21 5388632 chromium-common-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 b65e141210f7485f10a13ce67711eea5a16e71409ba37f63ec3e1274b7f408e2 29249344 chromium-common_146.0.7680.177-1~deb12u1_amd64.deb
 c485fa75b4abe3533b913bb7f332d76079b760da6989b8751a4ed454ab77ffbd 35305940 chromium-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 3128cb0e863444d682216b139bd70b3807ad12c3257f3a62bac46775e9b08880 7445268 chromium-driver_146.0.7680.177-1~deb12u1_amd64.deb
 f9517135c8027fd883ce8b94b6d5f8bc1c808ac90f4b411c7f67a0566e7dd103 29329828 chromium-headless-shell-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 8976fef55be0812ff7673e9548a2935170009e6307e1c06872ab13cc7ee65982 56580260 chromium-headless-shell_146.0.7680.177-1~deb12u1_amd64.deb
 39f0a7093fb3b2826d256a9073cb097664a41d205276d88298b069d057006257 19296 chromium-sandbox-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 15ab1c9b026455a9cbc8bcc9d4e1e5007920fdbffb9af09119ae9d29fd66b2fc 114196 chromium-sandbox_146.0.7680.177-1~deb12u1_amd64.deb
 a7e8081e051be012e0541879062b593e55fee52854b160c89cc6ac62d756c53d 32104552 chromium-shell-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 359dbbf78f28ea39055fc05bfd25760629b178e2a406e24586d4e6ffadc4266d 61627372 chromium-shell_146.0.7680.177-1~deb12u1_amd64.deb
 23d169d256bb5755f9c8abd0267f777da5eb9b3f94ab4a34cc8d9e71e5ce0100 30422 chromium_146.0.7680.177-1~deb12u1_amd64-buildd.buildinfo
 308d2085631753222747259a6e1a0bf369089a0428900934ea16b72f97fd6584 72824988 chromium_146.0.7680.177-1~deb12u1_amd64.deb
Files:
 8026172d43c4c7739906acccda113f2c 5388632 debug optional chromium-common-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 b69d0d799c89ed5c15263a8775c8e8c4 29249344 web optional chromium-common_146.0.7680.177-1~deb12u1_amd64.deb
 4f4bb36bddd3f6db549b47c4f0253599 35305940 debug optional chromium-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 e46b299e7d3558870d95c8b04c180c52 7445268 web optional chromium-driver_146.0.7680.177-1~deb12u1_amd64.deb
 e4dcf7db0f438dad3cbdef448ad9b877 29329828 debug optional chromium-headless-shell-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 f66b4ce79841f31957f373f2cfa72ec6 56580260 web optional chromium-headless-shell_146.0.7680.177-1~deb12u1_amd64.deb
 5d7242cd641b21c39ad54d66168bf810 19296 debug optional chromium-sandbox-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 491d5354569b31b28c65fe57f65e497a 114196 web optional chromium-sandbox_146.0.7680.177-1~deb12u1_amd64.deb
 1640ee50296af694d1cfe2b0acb1952c 32104552 debug optional chromium-shell-dbgsym_146.0.7680.177-1~deb12u1_amd64.deb
 3483bcced79fc23dc65b4d6c7fd34959 61627372 web optional chromium-shell_146.0.7680.177-1~deb12u1_amd64.deb
 6e7868a0b9893741e4b7a9d469074814 30422 web optional chromium_146.0.7680.177-1~deb12u1_amd64-buildd.buildinfo
 9c8eb35b3eb63b93083e7dbee1ce00d6 72824988 web optional chromium_146.0.7680.177-1~deb12u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBDWXQb2umOtH4DRpYg9P9sm2dfEFAmnO160ACgkQYg9P9sm2
dfE4VBAA0aSXq1IVPM5HMLBoWwZzd9naN5Iw+xVwjEQTtD0RkM64Iwrg3425d5kY
EWuK6KG7S3sEzpVL9QFkLuJQ0xQ2AIBBw7bAj4hZ/zKv38hLvs5vbhRBdGUkm8po
t1IYgpn0wZTtx+kzfKqHHESmHhDiyuV6dnR8Ff2adQyP1KZFiUscCneM4niSw733
MD7lmePzDx7tG2YsRzFx2SaW5+Vdcg1EaiQVFGArlJpnSn7iI/1tOXsstK6JzPMT
flHSX3vVZoQbt9/40RzTRoWOPx88MAWBP8KCmMm4C9rbiMJdihls0jxgI3ZxMfTb
RMUDHVNYDbQ4vMou5DiZJExAUNaf4T4dJ+h9xA+s/y42MZrHJ0Lt2SooF6qGL1+Z
VLwToXQb8So5X+x/aAs9pHbT40AtZuL2QZCUYw1V4VqHcEe9/5macKuEq9OW5Gt8
mAbzVws7JLiXhMjDuHacIJ61DVjpLOrajdVgAcxjcsq/Aaoxn0KiiCJ3T2NlP5Qo
QLyaLXx/tsaGzp0bMu7qi0Dit07iKWZ61zVdhDg0O24KqYiy2bojZbBEPn5IB/PI
IpalzyAEU6p8bpBUjNHTfRIfNJw+m9SJjRw7Xft2Qy3ABehHNYzz+Xw85KbyHYp9
X9rRp2HhffUBjFDYHoQRYA5eKsOH25QvpPUEcpTHzys31LU0ue8=
=PB2z
-----END PGP SIGNATURE-----