-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 11 Mar 2026 20:01:51 -0400
Source: chromium
Binary: chromium chromium-common chromium-common-dbgsym chromium-dbgsym chromium-driver chromium-headless-shell chromium-headless-shell-dbgsym chromium-sandbox chromium-sandbox-dbgsym chromium-shell chromium-shell-dbgsym
Architecture: ppc64el
Version: 146.0.7680.71-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: ppc64el Build Daemon (ppc64el-conova-02) <buildd_ppc64el-ppc64el-conova-02@buildd.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
Description:
 chromium   - web browser
 chromium-common - web browser - common resources used by the chromium packages
 chromium-driver - web browser - WebDriver support
 chromium-headless-shell - web browser - old headless shell
 chromium-sandbox - web browser - setuid security sandbox for chromium
 chromium-shell - web browser - minimal shell
Changes:
 chromium (146.0.7680.71-1~deb12u1) bookworm-security; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2026-3913: Heap buffer overflow in WebML. Reported by Tobias Wienand
     - CVE-2026-3914: Integer overflow in WebML. Reported by cinzinga.
     - CVE-2026-3915: Heap buffer overflow in WebML. Reported by Tobias Wienand
     - CVE-2026-3916: Out of bounds read in Web Speech.
       Reported by Grischa Hauser.
     - CVE-2026-3917: Use after free in Agents. Reported by Syn4pse.
     - CVE-2026-3918: Use after free in WebMCP. Reported by Syn4pse.
     - CVE-2026-3919: Use after free in Extensions. Reported by Huinian Yang
       (@vmth6) of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd
     - CVE-2026-3920: Out of bounds memory access in WebML. Reported by Google.
     - CVE-2026-3921: Use after free in TextEncoding.
       Reported by Pranamya Keshkamat & Cantina.xyz.
     - CVE-2026-3922: Use after free in MediaStream.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-3923: Use after free in WebMIDI.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-3924: Use after free in WindowDialog.
       Reported by c6eed09fc8b174b0f3eebedcceb1e792.
     - CVE-2026-3925: Incorrect security UI in LookalikeChecks.
       Reported by NDevTK and Alesandro Ortiz.
     - CVE-2026-3926: Out of bounds read in V8. Reported by qymag1c.
     - CVE-2026-3927: Incorrect security UI in PictureInPicture.
       Reported by Barath Stalin K.
     - CVE-2026-3928: Insufficient policy enforcement in Extensions.
       Reported by portsniffer443.
     - CVE-2026-3929: Side-channel information leakage in ResourceTiming.
       Reported by Povcfe of Tencent Security Xuanwu Lab.
     - CVE-2026-3930: Unsafe navigation in Navigation.
       Reported by Povcfe of Tencent Security Xuanwu Lab.
     - CVE-2026-3931: Heap buffer overflow in Skia. Reported by Huinian Yang
       (@vmth6) of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd
     - CVE-2026-3932: Insufficient policy enforcement in PDF.
       Reported by Ayato Shitomi.
     - CVE-2026-3934: Insufficient policy enforcement in ChromeDriver.
       Reported by Povcfe of Tencent Security Xuanwu Lab.
     - CVE-2026-3935: Incorrect security UI in WebAppInstalls.
       Reported by Barath Stalin K.
     - CVE-2026-3936: Use after free in WebView. Reported by Am4deu$.
     - CVE-2026-3937: Incorrect security UI in Downloads.
       Reported by Abhishek Kumar.
     - CVE-2026-3938: Insufficient policy enforcement in Clipboard.
       Reported by vicevirus.
     - CVE-2026-3939: Insufficient policy enforcement in PDF. Reported by NDevTK
     - CVE-2026-3940: Insufficient policy enforcement in DevTools.
       Reported by Jorian Woltjer, Mian, bug_blitzer.
     - CVE-2026-3941: Insufficient policy enforcement in DevTools.
       Reported by Lyra Rebane (rebane2001).
     - CVE-2026-3942: Incorrect security UI in PictureInPicture.
       Reported by Barath Stalin K.
   * d/rules: update rustc version string for new upstream expectations of
     no spaces.
   * d/patches:
     - upstream/disable-unrar.patch: drop, merged upstream.
     - disable/signin.patch: drop part of the patch. This patch should be
       reviewed in the future and coordinated w/ ungoogled-chromium, since
       it originally came from them.
     - disable/glic.patch: add a bunch more glic removals.
     - disable/license-headless-shell.patch: refresh.
     - disable/unrar.patch: refresh.
     - system/rollup.patch: refresh.
     - bookworm/foreach.patch: refresh.
     - ungoogled/disable-privacy-sandbox.patch: sync from ungoogled-chromium.
     - disable/catapult.patch: update to remove some more catapult deps.
     - fixes/force-rust-nightly.patch: drop, no longer needed.
     - llvm-22/ignore-for-ubsan.patch: add a build fix for a compiler
       flag/feature added to llvm-23.
     - fixes/bytemuck.patch: add rust build fix in bytemuck.
     - llvm-19/clang-19-crash.patch: add build fix; delete code that makes
       clang-19++ crash.
     - llvm-19/keyfactory.patch: add build fix for what I suspect is a clang-19
       issue.
     - loongarch64/0018-fix-study-crash.patch: refresh.
     - ppc64le/breakpad/0001-Implement-support-for-ppc64-on-Linux.patch:
       refresh.
     - ppc64le/fixes/fix-study-crash.patch: refresh.
     - llvm-19/clone-traits.patch: add patch to remove a static assertion.
     - llvm-19/octal.patch: add patch to work around 0o666 vs 0666 support.
     - upstream/profile.patch: add header inclusion build fix from upstream.
     - trixie/value-or.patch: move to llvm-19/ directory & also add another
       place that clang-19 gets confused during build.
     - rust-1.85/jxl-features.patch: refresh [trixie, bookworm].
     - rust-1.85/jxl-simd-avx512.patch: update for (numerous) upstream
       changes, and added unsafe{} blocks to the macro definitions to shrink
       this patch in the future [trixie, bookworm].
     - fixes/missing-dep.patch: add patch for dependency-related build failure
       that only happens sometimes.
 .
   [ Timothy Pearson ]
   * d/patches/ppc64le:
     - third_party/0001-Add-PPC64-support-for-boringssl.patch: refresh
       for upstream changes
     - third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
 .
   [ Daniel Richard G. ]
   * d/patches:
     - disable/lint.patch: New patch to disable CSS/JS linting tools.
     - bookworm/node18-compat.patch: New patch to fix various compatibility
       issues with nodejs 18 [bookworm].
     - trixie/gn-len.patch: Zap another instance of len() for older GN
       [trixie, bookworm].
Checksums-Sha1:
 60422b5a16c2519c742ad77f5d93bafb19e65ee0 5940760 chromium-common-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 cb06731a0e25684e1a9c81c418cce3fc15280c40 36266960 chromium-common_146.0.7680.71-1~deb12u1_ppc64el.deb
 0ef08ffb4454a05249ae93ee9b21c88015cc6332 31708504 chromium-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 0701dca83657de5b9552c12d14b1718e25463d86 7654884 chromium-driver_146.0.7680.71-1~deb12u1_ppc64el.deb
 7cb9610dfd4d228733284aa223447b891af22d07 25299088 chromium-headless-shell-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 798f40e455e8aeced01df7c7caa9157d8e544a31 55525056 chromium-headless-shell_146.0.7680.71-1~deb12u1_ppc64el.deb
 f30d1258a59378962a1d5e06a93538a88e50e3df 19252 chromium-sandbox-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 a267aa26e1c10ea40e9dab29b79aae3c8a0f14ce 113168 chromium-sandbox_146.0.7680.71-1~deb12u1_ppc64el.deb
 8c6ed8d9e34cc29afd40a637f4fde969e03dbd44 27401948 chromium-shell-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 4467cd9479554fd834537af1edb192ba3dafa876 60493284 chromium-shell_146.0.7680.71-1~deb12u1_ppc64el.deb
 56441cdb3bc50f63f0005a747cc46ce9d9ad494b 30298 chromium_146.0.7680.71-1~deb12u1_ppc64el-buildd.buildinfo
 265564c3a08d4c0b1c1904190cd490bbb809fff8 72447436 chromium_146.0.7680.71-1~deb12u1_ppc64el.deb
Checksums-Sha256:
 c54acb77de561e46147472fe193b6260185be3061943815f36825b5c877c9921 5940760 chromium-common-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 283a05d2d93662a72f58d8be46b612efe1a36fc968da84c68879557f140358ba 36266960 chromium-common_146.0.7680.71-1~deb12u1_ppc64el.deb
 9bc5480a22f826e4a1ffddc8ab023cd7972ff4538fe9cd18b2443eed97691f77 31708504 chromium-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 fed694f50d089d565a4f15965ef41e2b1cb2fbe48941d1a534c618d71c5e9557 7654884 chromium-driver_146.0.7680.71-1~deb12u1_ppc64el.deb
 13be9ec9d4edeeb6889f91a5c6ecb487120d485bbb075edbed4ca28bfc427c42 25299088 chromium-headless-shell-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 9a831e7219e4567f17be3afae5ac88a0e04bebcca76c749ad43d9536b700dc75 55525056 chromium-headless-shell_146.0.7680.71-1~deb12u1_ppc64el.deb
 f0c3db14c328c0bfb1ebd553fec4e06e1cafded94c7052ebb4d84bfde6aa4d7f 19252 chromium-sandbox-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 6965ea61f788f5b1251efe84b0c28e5561492567cd033a4592aad6de2b75a0ed 113168 chromium-sandbox_146.0.7680.71-1~deb12u1_ppc64el.deb
 f70be4c3c80f1bd370bdb621e6c823c38f12230b962dca683fa549215ea97f7b 27401948 chromium-shell-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 718623ab7eef095fda73d311f721b57f4542dc9e0d02a0cd5a160d4ee6ae10f9 60493284 chromium-shell_146.0.7680.71-1~deb12u1_ppc64el.deb
 747f89405a0f02fba12be218bab2a295f5935346ae34130b899475d516b24619 30298 chromium_146.0.7680.71-1~deb12u1_ppc64el-buildd.buildinfo
 68a3517afd2ce3e7fe503a36408bad0093dff3dcbad582ca3e3e77878f5ce9a2 72447436 chromium_146.0.7680.71-1~deb12u1_ppc64el.deb
Files:
 60a4937a8b3f38e0a13b7885988542d6 5940760 debug optional chromium-common-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 39bc49fee1cec75719f4998cf18d5a72 36266960 web optional chromium-common_146.0.7680.71-1~deb12u1_ppc64el.deb
 ba567b293ab0e9fc75151a7920604ebe 31708504 debug optional chromium-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 21b6bee07762e7158ef7d7cdd558c065 7654884 web optional chromium-driver_146.0.7680.71-1~deb12u1_ppc64el.deb
 89d578f2745cb18eae5ddb079ebecc4c 25299088 debug optional chromium-headless-shell-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 44098a162f47e53767c2a6cc3ed2be7f 55525056 web optional chromium-headless-shell_146.0.7680.71-1~deb12u1_ppc64el.deb
 96a295643126ba8ab214429c5f4efe77 19252 debug optional chromium-sandbox-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 39e50fd213c36cf176859c3863d3c674 113168 web optional chromium-sandbox_146.0.7680.71-1~deb12u1_ppc64el.deb
 ed70f9594e22a92bee239406221933f3 27401948 debug optional chromium-shell-dbgsym_146.0.7680.71-1~deb12u1_ppc64el.deb
 cad9cdccdad12653ba453444825521a9 60493284 web optional chromium-shell_146.0.7680.71-1~deb12u1_ppc64el.deb
 c51d92d12008a7d470d8a86a3cab38eb 30298 web optional chromium_146.0.7680.71-1~deb12u1_ppc64el-buildd.buildinfo
 72c4f577b3d6aec668125896ffee659a 72447436 web optional chromium_146.0.7680.71-1~deb12u1_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEySUEQfg5pZeb/U372FRWNm40e2YFAmmzKlwACgkQ2FRWNm40
e2aC5xAAjjYVYJDDh1mjbQfPX1qKSoIr65e1HkEJuCs31eV3WXzxqik/9R9NqO6p
cehH1WQ9wfkFcsE4bQaFYEbpDRN8lvMILWBhJlFvIxZd2PlQBA/RwbB3SLAQkkOn
1ipmbbyHvT5vDD4ji3Ic9q2Tf7LfBh88eOmyPIwYnMFBsLIYlOIYsRV5Wf6Yfmpr
6107v3cJZ8L4DLB909J+tkUGk7CXswsCDcJtkw25LSsMStaJQrEPAfCweHbgdxQ3
Iom2QP/SNoUcfwCUdbRPLE5lZwonOU3REkLXki+Iu7hHuiil485PusITD2nXnBuR
+IQOPcumsEUIumLZm3WhbO+w8OV02EfUvOpHHa3sL3b+KRg2p2R8+t7uI7X6wi5q
kPi4ifZnCqsiDJHn6D/dkRz+0UFKvzCT69UEMOzA+Cp9LlfERakOQtE/OO7YjbEd
5gxtTu614WFbgz5cZrrklHHKwsgcIAvx8ugv3eqJTPz03FtupVMAvq5zPIiBzu6m
BeBixCdLd7SfhFShT0EQIYdwKPK1IDAadCkX59fEMtCdCOTA9aikj+vSlEnyADNv
7jsNaATEs5SzDWBG82OAIRGqnaEcBDXcexIlXs2hbXdQ4u7ezD0zRXU3G0oE/+/1
PB+oDI0+niIaAdi1VzLe6O0FZ8KgxjcIfRl5c6/OZQxANYNroRU=
=JFpc
-----END PGP SIGNATURE-----