Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <>
Subject: Accepted chromium 146.0.7680.164-1~deb13u1 (source) into stable-security
Date: Wed, 25 Mar 2026 07:45:08 +0000
Signed by: Andres Salomon <dilinger@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 23 Mar 2026 21:26:56 -0400
Source: chromium
Architecture: source
Version: 146.0.7680.164-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: Debian Chromium Team <chromium@packages.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Changes:
 chromium (146.0.7680.164-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream security release.
     - CVE-2026-4673: Heap buffer overflow in WebAudio.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-4674: Out of bounds read in CSS. Reported by Syn4pse.
     - CVE-2026-4675: Heap buffer overflow in WebGL.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-4676: Use after free in Dawn.
       Reported by 86ac1f1587b71893ed2ad792cd7dde32.
     - CVE-2026-4677: Out of bounds read in WebAudio.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-4678: Use after free in WebGPU. Reported by Google.
     - CVE-2026-4679: Integer overflow in Fonts.
       Reported by GF, Un3xploitable Of DeadSec.
     - CVE-2026-4680: Use after free in FedCM. Reported by Shaheen Fazim.
Checksums-Sha1:
 2935c6d1c157af09b467c23d2dd9f1ad9c9ccaaf 4099 chromium_146.0.7680.164-1~deb13u1.dsc
 81568bbb0ee129752f5f284021a07ea56001cd1a 786076372 chromium_146.0.7680.164.orig.tar.xz
 c0308c802b0e6b98920a4614919442ba0b0af685 468108 chromium_146.0.7680.164-1~deb13u1.debian.tar.xz
 298f6f5702097eabd53e0e5071b86200363beb5e 26801 chromium_146.0.7680.164-1~deb13u1_source.buildinfo
Checksums-Sha256:
 86958ba7aa1f607ef31dc1c83775efc6a8b8c250eb33914a1b98e5cccc7b9dd5 4099 chromium_146.0.7680.164-1~deb13u1.dsc
 c59484b91103cbf1751799f86e37f02aad179a2f34933b8887ffe05a55d2c8e3 786076372 chromium_146.0.7680.164.orig.tar.xz
 a94d6ecb27859d2df51c7b33f8d68ecde4b14871684496a997f367997e279701 468108 chromium_146.0.7680.164-1~deb13u1.debian.tar.xz
 bee197b777ca25dc4ce4d861a31725d7ce0f463c7856d58673b2d46d80e02362 26801 chromium_146.0.7680.164-1~deb13u1_source.buildinfo
Files:
 66ce2af36685eae95e777d0be91f8042 4099 web optional chromium_146.0.7680.164-1~deb13u1.dsc
 f5a8a6a5e83b01ff359ae4a651668dd8 786076372 web optional chromium_146.0.7680.164.orig.tar.xz
 1395156837f15c78df039b04a00dde79 468108 web optional chromium_146.0.7680.164-1~deb13u1.debian.tar.xz
 96a4be35275ffd5a54a8bd20fe8fbfc5 26801 web optional chromium_146.0.7680.164-1~deb13u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmnCrSMUHGRpbGluZ2Vy
QGRlYmlhbi5vcmcACgkQZF0CR8NudjfhKA/9EDI1Q0JkpgqQg4xnDk4eZhDbQGJ7
QmmcUPpqoLrjgyvnFhh/sTeZqWHo37k1hmfAVeXtgiOzDU/+dHCRTfEGPf3hZRhD
XSplslbm5L/E7FIn5FFitRLxY64vO+ZzteXOby/ZPXLHSBm81H8KGFY5YDyZ7YKe
EXYOvYyBvwwwd7wvhTt8SSw+NCFKIX+lDsiLe8w9IoBNh1L2re08cZZZ6qDoljN2
QsqcKEPNJiuMX2GFz8uvCcyCOmV7zrU2/BYxlWOqq60t7D5/KdoDi9i3b8X3ABtY
yoZr80lTFRdld+uy2WGX/NHR7rihn0sugCmQp2WaMCgR5nwF0PyRZcqzzUhjbb81
8s7oa/jo1/6HYNFG8CBWa+HVE5/rU9dOfqZ1/lIUGaqe6vCJvAQ9+8DAHxxhZMCT
yITgpOo9LdZdIjffFGLrwrpcEIu+Q8i/Zatz52DG6SILcdmkAyODFXch2UfwPYqE
o5x1QICghdViX6eAjEAP4qhhrO10A2wK/aOUm9LY/vOke16v2/nVzqQdw7fdwmcJ
cr4c1TofUD/LKDUmcVu0x+UGWKWcS+zpamtyT5J60IYm1N6vS1+2kxpDHi4cXGTW
DTnX0AOYlTSAgL90wd4s0/ZQECvidCfzStAkD9UM833rANdBLa8D4sTKz2Uxyn1J
4gRaHmRRWVcZQQo=
=5yR1
-----END PGP SIGNATURE-----
News for package chromium
