-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 11 Mar 2026 20:01:51 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: arm64
Version: 146.0.7680.71-1~deb13u1
Distribution: trixie-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-01) <buildd_arm64-arm-conova-01@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (146.0.7680.71-1~deb13u1) trixie-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2026-3913: Heap buffer overflow in WebML. Reported by Tobias Wienand
     - CVE-2026-3914: Integer overflow in WebML. Reported by cinzinga.
     - CVE-2026-3915: Heap buffer overflow in WebML. Reported by Tobias Wienand
     - CVE-2026-3916: Out of bounds read in Web Speech.
       Reported by Grischa Hauser.
     - CVE-2026-3917: Use after free in Agents. Reported by Syn4pse.
     - CVE-2026-3918: Use after free in WebMCP. Reported by Syn4pse.
     - CVE-2026-3919: Use after free in Extensions. Reported by Huinian Yang
       (@vmth6) of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd
     - CVE-2026-3920: Out of bounds memory access in WebML. Reported by Google.
     - CVE-2026-3921: Use after free in TextEncoding.
       Reported by Pranamya Keshkamat & Cantina.xyz.
     - CVE-2026-3922: Use after free in MediaStream.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-3923: Use after free in WebMIDI.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-3924: Use after free in WindowDialog.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-3925: Incorrect security UI in LookalikeChecks.
       Reported by NDevTK and Alesandro Ortiz.
     - CVE-2026-3926: Out of bounds read in V8. Reported by qymag1c.
     - CVE-2026-3927: Incorrect security UI in PictureInPicture.
       Reported by Barath Stalin K.
     - CVE-2026-3928: Insufficient policy enforcement in Extensions.
       Reported by portsniffer443.
     - CVE-2026-3929: Side-channel information leakage in ResourceTiming.
       Reported by Povcfe of Tencent Security Xuanwu Lab.
     - CVE-2026-3930: Unsafe navigation in Navigation.
       Reported by Povcfe of Tencent Security Xuanwu Lab.
     - CVE-2026-3931: Heap buffer overflow in Skia. Reported by Huinian Yang
       (@vmth6) of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd
     - CVE-2026-3932: Insufficient policy enforcement in PDF.
       Reported by Ayato Shitomi.
     - CVE-2026-3934: Insufficient policy enforcement in ChromeDriver.
       Reported by Povcfe of Tencent Security Xuanwu Lab.
     - CVE-2026-3935: Incorrect security UI in WebAppInstalls.
       Reported by Barath Stalin K.
     - CVE-2026-3936: Use after free in WebView. Reported by Am4deu$.
     - CVE-2026-3937: Incorrect security UI in Downloads.
       Reported by Abhishek Kumar.
     - CVE-2026-3938: Insufficient policy enforcement in Clipboard.
       Reported by vicevirus.
     - CVE-2026-3939: Insufficient policy enforcement in PDF. Reported by NDevTK
     - CVE-2026-3940: Insufficient policy enforcement in DevTools.
       Reported by Jorian Woltjer, Mian, bug_blitzer.
     - CVE-2026-3941: Insufficient policy enforcement in DevTools.
       Reported by Lyra Rebane (rebane2001).
     - CVE-2026-3942: Incorrect security UI in PictureInPicture.
       Reported by Barath Stalin K.
   * d/rules: update rustc version string for new upstream expectations of
     no spaces.
   * d/patches:
     - upstream/disable-unrar.patch: drop, merged upstream.
     - disable/signin.patch: drop part of the patch. This patch should be
       reviewed in the future and coordinated w/ ungoogled-chromium, since
       it originally came from them.
     - disable/glic.patch: add a bunch more glic removals.
     - disable/license-headless-shell.patch: refresh.
     - disable/unrar.patch: refresh.
     - system/rollup.patch: refresh.
     - bookworm/foreach.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: sync from ungoogled-chromium.
     - disable/catapult.patch: update to remove some more catapult deps.
     - fixes/force-rust-nightly.patch: drop, no longer needed.
     - llvm-22/ignore-for-ubsan.patch: add a build fix for a compiler
       flag/feature added to llvm-23.
     - fixes/bytemuck.patch: add rust build fix in bytemuck.
     - llvm-19/clang-19-crash.patch: add build fix; delete code that makes
       clang-19++ crash.
     - llvm-19/keyfactory.patch: add build fix for what I suspect is a clang-19
       issue.
     - loongarch64/0018-fix-study-crash.patch: refresh.
     - ppc64le/breakpad/0001-Implement-support-for-ppc64-on-Linux.patch:
       refresh.
     - ppc64le/fixes/fix-study-crash.patch: refresh.
     - llvm-19/clone-traits.patch: add patch to remove a static assertion.
     - llvm-19/octal.patch: add patch to work around 0o666 vs 0666 support.
     - upstream/profile.patch: add header inclusion build fix from upstream.
     - trixie/value-or.patch: move to llvm-19/ directory & also add another
       place that clang-19 gets confused during build.
     - rust-1.85/jxl-features.patch: refresh [trixie, bookworm].
     - rust-1.85/jxl-simd-avx512.patch: update for (numerous) upstream
       changes, and added unsafe{} blocks to the macro definitions to shrink
       this patch in the future [trixie, bookworm].
     - fixes/missing-dep.patch: add patch for dependency-related build failure
       that only happens sometimes.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
       for upstream changes
     - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
 .
   [ Daniel Richard G. ]
   * d/patches:
     - disable/lint.patch: New patch to disable CSS/JS linting tools.
     - bookworm/node18-compat.patch: New patch to fix various compatibility
       issues with nodejs 18 [bookworm].
     - trixie/gn-len.patch: Zap another instance of len() for older GN
       [trixie, bookworm].
Checksums-Sha1:
 333e41621445c9eed23be7324001a5d5a9ef2138 6059992 chromium-common-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 cdd7efb6f2ed5b843ef84c5c123c064a4d8fc95c 33872080 chromium-common_146.0.7680.71-1~deb13u1_arm64.deb
 db83ba9a393607b24cf53b14b7f4cfc18a1d768a 33569076 chromium-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 671db1e0c8bfdd298b0debbf66b1190ae2b57939 6534892 chromium-driver_146.0.7680.71-1~deb13u1_arm64.deb
 302d4bafe77227075a65f601a5854784c59bc4a7 28021352 chromium-headless-shell-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 ffbb955f57648d5c64dc7da3e82b7689724e0f3c 53457316 chromium-headless-shell_146.0.7680.71-1~deb13u1_arm64.deb
 94f57864d43f9804b1dd9270403ff507a192adc3 21084 chromium-sandbox-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 c41243b987cb0955b124fef048c0e03b69002724 111712 chromium-sandbox_146.0.7680.71-1~deb13u1_arm64.deb
 9550da4afd5f1715137421b9ae342375a1749d3f 29278564 chromium-shell-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 1574f5bbc33986d210df91bea28e763a7c8babba 53132152 chromium-shell_146.0.7680.71-1~deb13u1_arm64.deb
 488507d0f213b5c550c587e2ef80006bdca6ed12 30276 chromium_146.0.7680.71-1~deb13u1_arm64-buildd.buildinfo
 88d16196997970484082ab5875455e0f8c5941d3 71033340 chromium_146.0.7680.71-1~deb13u1_arm64.deb
Checksums-Sha256:
 c36f293da67491d3a95ef86c6e310ed3f1684f662cf8b9f0cd68be5ed7dfd5e8 6059992 chromium-common-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 76a7f667debf63b3d85b954977118f35071848375a2cb9f58542a1d0aaffa301 33872080 chromium-common_146.0.7680.71-1~deb13u1_arm64.deb
 de19debf1d762f91310cfb21a0319a916c0b8c29b9cd30c473c38b8ec441eccd 33569076 chromium-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 bd07e88b992c2bef1af8cc82f751d598c39b3489e69abc9a670243b41784cf4f 6534892 chromium-driver_146.0.7680.71-1~deb13u1_arm64.deb
 c4c73704f64e690490b00c5f4fcc51e6027123f965aaa7bea8371985cd5d29f4 28021352 chromium-headless-shell-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 741e006204fbd442c18b5cfb17e0caebf975942ebf8874cd97dadc3736f5d668 53457316 chromium-headless-shell_146.0.7680.71-1~deb13u1_arm64.deb
 1ba02325459ee6ec4edb71b5002951d1b24fe4017f68af7e106e6474112b2a66 21084 chromium-sandbox-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 d6a71bd65dd3fe22bc7a6efe656a3d034c1861d9b78f637d128c5787d9628fd9 111712 chromium-sandbox_146.0.7680.71-1~deb13u1_arm64.deb
 890fc4c72618c40c366d18a4590224e9b657d38441edc241ed4767560902c7ea 29278564 chromium-shell-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 1a5cb2e0d4625e4cdd979916683cdecea0684e01b8a9daced3c5b1c4947d8eb6 53132152 chromium-shell_146.0.7680.71-1~deb13u1_arm64.deb
 d1a6f5047bc3337ac4405980461622e90ddf196503bd083a0c9bddf7fcfcbc9b 30276 chromium_146.0.7680.71-1~deb13u1_arm64-buildd.buildinfo
 e983520015a01faed8234d2948e55f49ed67384b6fbc1e78ca56271ba6c0c082 71033340 chromium_146.0.7680.71-1~deb13u1_arm64.deb
Files:
 92b49d0d5edabb182b7c0795a1ab63a0 6059992 debug optional chromium-common-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 f247532d3ef99f824e55dedf49f10fcb 33872080 web optional chromium-common_146.0.7680.71-1~deb13u1_arm64.deb
 588d045f5666fd8de9dd6ee6847b1b90 33569076 debug optional chromium-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 76dfa93ee4c53bc4d235138b84beeafd 6534892 web optional chromium-driver_146.0.7680.71-1~deb13u1_arm64.deb
 e9626d81f08984bee3e3b62aaeb2a252 28021352 debug optional chromium-headless-shell-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 0360791fa974538ea1d3cbce92452479 53457316 web optional chromium-headless-shell_146.0.7680.71-1~deb13u1_arm64.deb
 f48a861968bdbf5a348ed7c3d793ca18 21084 debug optional chromium-sandbox-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 79647481cfa460318869e0ea178db3a5 111712 web optional chromium-sandbox_146.0.7680.71-1~deb13u1_arm64.deb
 ca55d535194b3dd54c8894e8de6a7c98 29278564 debug optional chromium-shell-dbgsym_146.0.7680.71-1~deb13u1_arm64.deb
 e5b46458f2685939419a8c73c3fb60ac 53132152 web optional chromium-shell_146.0.7680.71-1~deb13u1_arm64.deb
 b946ab913829efc9b13b5367ab282f78 30276 web optional chromium_146.0.7680.71-1~deb13u1_arm64-buildd.buildinfo
 11ae65d3d173f551104639a8f337f1e7 71033340 web optional chromium_146.0.7680.71-1~deb13u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEO4qAQUSIo2p/kVRf8U6eOZMpj68FAmmzAlAACgkQ8U6eOZMp
j69cgQ/+PIENUR1HFG+3Nj4ukGLWMjWBEke0svz7D/fszXYSbZTA68ntEQRz/vWF
SGlFrQJAnln6vLa9I+GNwzPpVoOtnqKydxFS0xnJiJLkp3WEtO0kmjJVU9MOR2tr
wgRrKrry6WFDgGSp87cE83nVPHLmp/vTMRUX/48HXzQadpFB/ykznEW0IRSj8RTs
qGm2ZnskSaePdxsG3lzEYcQp8iL1CSPHGY0AxrJaZBeZ0ZQ8rU7L4IbVn1kfkgal
jqmYHmM+BWbTiPEoKBm8eMIfRiexmf6Y8YJfrq76u66Xg+7njQVEc8BjdpIJ0mWW
2NS4AfRDboI6xWuXWWPKwqDteJ9mYtm9vRyRHKCgDJGGsHODHKHATcljUAitXxTk
h51CgoyavprCG4V1YP/Vdv2bvzKsKR5iCYoZtajT1sVXsk+UUQnsePVH49s7sjmi
C4u4UJBobfz9uJ0DGfkBEDLFQcM+zSIzNoaTEiaRMYGTfpcmP66CF25IG08LpA7r
NxpWJEpYBB2MdsXq9ocBOSkKktwbnSR8maunsMEgmQoP1LF9R942u+R0Ui8D+aw5
ZkY2cin4BNWW4rEgdb9ntWtcOl77KuxiORddOKiicN9KvE24g/fMueX8lfs99xNv
vAymbUD8+HrROyYQgGDm10Lmlm9xVf+suUuGD0Li/yDPag1HfHw=
=bHf8
-----END PGP SIGNATURE-----