Accepted chromium 145.0.7632.45-1 (source) into unstable

Debian FTP Masters Thu, 12 Feb 2026 17:34:25 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 12 Feb 2026 19:35:48 -0500
Source: chromium
Architecture: source
Version: 145.0.7632.45-1
Distribution: unstable
Urgency: high
Maintainer: Debian Chromium Team <[email protected]>
Changed-By: Andres Salomon <[email protected]>
Changes:
 chromium (145.0.7632.45-1) unstable; urgency=high
 .
   [ Andres Salomon ]
   * New upstream stable release.
     - CVE-2026-2313: Use after free in CSS. Reported by Han Zheng (HexHive),
       Wenhao Fang (University of St. Andrews), and Qinying Wang (HexHive).
     - CVE-2026-2314: Heap buffer overflow in Codecs. Reported by Google.
     - CVE-2026-2315: Inappropriate implementation in WebGPU.
       Reported by Google.
     - CVE-2026-2316: Insufficient policy enforcement in Frames.
       Reported by Luan Herrera (@lbherrera_).
     - CVE-2026-2317: Inappropriate implementation in Animation.
       Reported by Brendan Draper.
     - CVE-2026-2318: Inappropriate implementation in PictureInPicture.
       Reported by Shaheen Fazim.
     - CVE-2026-2319: Race in DevTools. Reported by Anonymous.
     - CVE-2026-2320: Inappropriate implementation in File input.
       Reported by Alesandro Ortiz.
     - CVE-2026-2321: Use after free in Ozone. Reported by Google.
     - CVE-2026-2322: Inappropriate implementation in File input.
       Reported by Robbe Van Roey | PinkDraconian.
     - CVE-2026-2323: Inappropriate implementation in Downloads.
       Reported by Hafiizh.
   * d/copyright:
     - delete third_party/litert/src, Google's new WebAI thing.
     - delete esbuild directory so we can use debian's esbuild.
     - delete new rollup binary rollup-linux-x64-gnu.
   * d/rules:
     - build with webnn_use_tflite=false to fix build.
     - disable building a bunch more unit tests.
     - copy esbuild libs and binary from the system.
   * d/control:
     - build-dep on libpthreadpool-dev.
     - build-dep on esbuild.
   * d/patches:
     - CVE-2026-1861.patch: drop, merged upstream.
     - CVE-2026-1862.patch: drop, merged upstream.
     - upstream/fix-rk3588-v4l2-av1-decoder.patch: drop, merged upstream.
     - debianization/manpage.patch: refresh.
     - debianization/rustc-bootstrap.patch: refresh.
     - fixes/armhf-no-thumb.patch: rework patch due to upstream dropping
       non-thumb.
     - disable/tests.patch: refresh.
     - disable/signin.patch: refresh.
     - disable/catapult.patch: refresh.
     - disable/widevine-cdm-cu.patch: refresh.
     - upstream/disable-unrar.patch: add upstream fix for disabling unrar.
     - trixie/gn-string-hash.patch: add a workaround for older gn missing
       string_hash() function.
     - disable/enterprise-tests.patch: add patch to fix build error
       related to building unnecessary unit tests.
     - system/rollup.patch: update for upstream changes around switching
       some rollup calls to esbuild and away from rollup-wasm.
     - llvm-19/static-assert.patch: add build fixes specific to clang-19.
     - disable/unrar.patch: add another build fix for deleting unrar.
 .
   [ Timothy Pearson ]
   * d/patches:
     - patches/fixes/swiftshader-dependencies.patch: Fix SwiftShader include
       dependencies
   * d/patches/ppc64le:
     - ppc64le/third_party/0001-Add-PPC64-support-for-boringssl.patch: Remove
       obsolete Clang 7 workaround and refresh for upstream changes
     - 
ppc64le/third_party/0002-third_party-libvpx-Remove-bad-ppc64-config.patch:
       refresh for upstream changes
     - ppc64le/third_party/0002-regenerate-xnn-buildgn.patch: Regenerate from
       upstream sources
     - 
ppc64le/third_party/0001-Force-baseline-POWER8-AltiVec-VSX-CPU-features-when-.pa:
       refresh for upstream changes
     - ppc64le/fixes/fix-page-allocator-overflow.patch: Refresh for upstream
       changes
     - 
ppc64le/third_party/0003-third_party-ffmpeg-Add-ppc64-generated-config.patch:
       Regenerate from upstream sources
     - ppc64le/sandbox/0009-sandbox-ignore-byte-span-error.patch: Work around 
upstream
       byte_span_from_ref issues
 .
   [ Jianfeng Liu ]
   * d/patches:
     - loongarch64/0012-sandbox-linux-add-statx-support-for-loongarch64.patch:
       update for upstream changes.
     - loongarch64/0016-medium-cmodel-support-for-loongarch64.patch: refresh.
 .
   [ Daniel Richard G. ]
   * d/patches/disable/rustc-allow-features.patch: Zap the -Zallow-features=
     flag so that Rust doesn't complain about our compatibility workarounds.
Checksums-Sha1:
 f38b860033a2a0cebad3497331cecfabe21e749a 4072 chromium_145.0.7632.45-1.dsc
 0e6ac6c3df954a3698aecc0b270b5e1bf619e327 749412888 
chromium_145.0.7632.45.orig.tar.xz
 f356922ae32416b3cbf42bdb495f0370dc83f759 452384 
chromium_145.0.7632.45-1.debian.tar.xz
 739111b90e75f41fc433c2a757950ef96f5501df 27644 
chromium_145.0.7632.45-1_source.buildinfo
Checksums-Sha256:
 2c5f5cdf9034506e49cb47f4961aa263d868d506319cfa16981739c0db0ba86f 4072 
chromium_145.0.7632.45-1.dsc
 4255cc5b85e0589552a65660db5086e50a80d826e58f57eb39a62f59a4ae7670 749412888 
chromium_145.0.7632.45.orig.tar.xz
 144aa4ab600ce3eb53ccdffc56de8a9ccea0a6126891a4d74ad37adc0d40aaab 452384 
chromium_145.0.7632.45-1.debian.tar.xz
 b2228461d5cbbe7843892936fb3d3744733a801e4815e39479eb7d7d4f0b0308 27644 
chromium_145.0.7632.45-1_source.buildinfo
Files:
 6a9f02dc097a2b139602f232760cbd17 4072 web optional chromium_145.0.7632.45-1.dsc
 09484ea9f4e00991f286365c21592b8b 749412888 web optional 
chromium_145.0.7632.45.orig.tar.xz
 389b526839da81a9224ffa78c8d154c6 452384 web optional 
chromium_145.0.7632.45-1.debian.tar.xz
 86f68c36fa9ba7eac917fb833747f910 27644 web optional 
chromium_145.0.7632.45-1_source.buildinfo
pgpOvVGrXjMZU.pgp
Description: PGP signature
Accepted chromium 145.0.7632.45-1 (source) into unstable

Reply via email to
