Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <>
Subject: Accepted chromium 146.0.7680.164-1~deb12u1 (source) into oldstable-security
Date: Wed, 25 Mar 2026 07:44:56 +0000
Signed by: Andres Salomon <dilinger@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 23 Mar 2026 21:26:56 -0400
Source: chromium
Architecture: source
Version: 146.0.7680.164-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (146.0.7680.164-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-4673: Heap buffer overflow in WebAudio.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-4674: Out of bounds read in CSS. Reported by Syn4pse.
     - CVE-2026-4675: Heap buffer overflow in WebGL.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-4676: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-4677: Out of bounds read in WebAudio.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-4678: Use after free in WebGPU. Reported by Google.
     - CVE-2026-4679: Integer overflow in Fonts.
       Reported by GF, Un3xploitable Of DeadSec.
     - CVE-2026-4680: Use after free in FedCM. Reported by Shaheen Fazim.
Checksums-Sha1:
 13408a9e5d10532e58001ea77ccea405c66f54bb 4068 chromium_146.0.7680.164-1~deb12u1.dsc
 81568bbb0ee129752f5f284021a07ea56001cd1a 786076372 chromium_146.0.7680.164.orig.tar.xz
 195e318914953ecbc2b205a7040b71ad2c78b111 8557492 chromium_146.0.7680.164-1~deb12u1.debian.tar.xz
 73a73e66b7f63557cd848d4349b679a6cb2481ca 26842 chromium_146.0.7680.164-1~deb12u1_source.buildinfo
Checksums-Sha256:
 ad310be1950afbd17f52ba9120ffde063c41084d1cf5fe99c2269ee5707e2970 4068 chromium_146.0.7680.164-1~deb12u1.dsc
 c59484b91103cbf1751799f86e37f02aad179a2f34933b8887ffe05a55d2c8e3 786076372 chromium_146.0.7680.164.orig.tar.xz
 34a7b0fd31584c56144c2af83dec8e78a8bae1302f3a8dab0b2500f1eac62d90 8557492 chromium_146.0.7680.164-1~deb12u1.debian.tar.xz
 65065d28c36ee72a8c7e775cb80a5a92133b4b02990ac7b263b92cca8662f731 26842 chromium_146.0.7680.164-1~deb12u1_source.buildinfo
Files:
 27a0591d5bb379a0e992566ebe1e0e96 4068 web optional chromium_146.0.7680.164-1~deb12u1.dsc
 f5a8a6a5e83b01ff359ae4a651668dd8 786076372 web optional chromium_146.0.7680.164.orig.tar.xz
 988e43c4275bcd377c7d245ca461b430 8557492 web optional chromium_146.0.7680.164-1~deb12u1.debian.tar.xz
 a33f522a48afad7d36b72d3f4ec37bac 26842 web optional chromium_146.0.7680.164-1~deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmnCsqIUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjcjIg//XS5R35E1OFlcAZmjpyOXAftq0vvp
0t8yg/QZFtHIfUOUv0O/A+bgYKfUAt54daP5YbfEbUBU1t4Yl9bfFi+zm27gEe2I
11uA6iMnSrOVzmykX8ErD4/QJORkhO2We4JZwbITJaFrvcZPJp2z1t0pOrO9AUwv
zETnPGliE7QNrsVdTXUigtCaoqpw8gNeuGO7UKcQ/g4JxvSaWcXn4yfFXT3qyffN
JtxR9UqhMATy01SE5b/6MOUWsclu+Yggifno6I7zjlH6hpiD2DLHFonYyvdAUqlh
eB/Y82jlAhpq9l1nnuDnIURnE0dOGNxVtxSwxE5vvrh2dqqfFr4CUS3y7FJO5yMv
IMcs1KXiuXcmoxCw2B8szemFv1P2PnuNmn7+u+T1+PPAyX+1fC4zlHlOZf5QRg/H
Y0W52W7gCFxf/gLyw6h/33oVQ+qMJvnGG/WGMx86af3bf5PnvqxS2Rcdg+5hO5Q9
720FCQkdqF2HrtXyiuPvRNJN/peXv5M15Q6c6hpz+G6gUWAmqRFMRBGgxsFM4Fla
jrfk5mJ9pWPCkOZaCThAUdTSJX20YSoE8A0NF/GTz8Errw05coj1SzXYH6FBFSvT
2XTV4xBo2X9MSAClCx9tId1qBlXlVSTW2G9RDeMyx4uOIcnLAO+4yQUaPJz5uXBu
r3kDF3dUtpVPCDI=
=ydcj
-----END PGP SIGNATURE-----
News for package chromium
