[Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Apr 1 21:16:38 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d59ad57e by Salvatore Bonaccorso at 2026-04-01T22:16:11+02:00
Track fixed version for chromium issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -802,67 +802,67 @@ CVE-2026-34956
 	NOTE: Fixed by: https://github.com/openvswitch/ovs/commit/a9785c7e1df73fc3dd5f9ca3816a884e63f2f9e0 (v3.7.1)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2026-March/431425.html
 CVE-2026-5273 (Use after free in CSS in Google Chrome prior to 146.0.7680.178 allowed ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5272 (Heap buffer overflow in GPU in Google Chrome prior to 146.0.7680.178 a ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5274 (Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 al ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5275 (Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 146.0.7 ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5276 (Insufficient policy enforcement in WebUSB in Google Chrome prior to 14 ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5277 (Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7 ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5278 (Use after free in Web MIDI in Google Chrome on Android prior to 146.0. ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5279 (Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allow ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5280 (Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 a ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5281 (Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowe ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5282 (Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.1 ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5283 (Inappropriate implementation in ANGLE in Google Chrome prior to 146.0. ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5284 (Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowe ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5285 (Use after free in WebGL in Google Chrome prior to 146.0.7680.178 allow ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5286 (Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowe ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5287 (Use after free in PDF in Google Chrome prior to 146.0.7680.178 allowed ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5288 (Use after free in WebView in Google Chrome on Android prior to 146.0.7 ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5289 (Use after free in Navigation in Google Chrome prior to 146.0.7680.178  ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5290 (Use after free in Compositing in Google Chrome prior to 146.0.7680.178 ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5291 (Inappropriate implementation in WebGL in Google Chrome prior to 146.0. ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-5292 (Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.1 ...)
-	- chromium <unfixed>
+	- chromium 146.0.7680.177-1
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-34743 [liblzma: Fix a buffer overflow in lzma_index_append()]
 	- xz-utils <unfixed> (bug #1132497)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d59ad57e6db1455942d6ef3b6718f70810c3abd0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d59ad57e6db1455942d6ef3b6718f70810c3abd0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260401/6cbf7f22/attachment.htm>

More information about the debian-security-tracker-commits mailing list