chromium: update to 146.0.7680.153

[kikadf (via pkgsrc-wip) <commit-notify%pkgsrc.org@localhost>]

Module Name:	pkgsrc-wip
Committed By:	kikadf <kikadf.01%gmail.com@localhost>
Pushed By:	kikadf
Date:		Sat Mar 21 13:24:27 2026 +0100
Changeset:	0cca01a42ed5c81ab7ae17c0bb7ca5eef5c6b294

Modified Files:
	chromium/COMMIT_MSG
	chromium/Makefile
	chromium/distinfo
Removed Files:
	chromium/patches/patch-chrome_browser_ui_views_frame_multi__contents__view__drop__target__controller.h

Log Message:
chromium: update to 146.0.7680.153

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=0cca01a42ed5c81ab7ae17c0bb7ca5eef5c6b294

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 chromium/COMMIT_MSG                                | 64 +++++++++++++++++++---
 chromium/Makefile                                  |  2 +-
 chromium/distinfo                                  | 13 ++---
 ...lti__contents__view__drop__target__controller.h | 17 ------
 4 files changed, 64 insertions(+), 32 deletions(-)

diffs:
diff --git a/chromium/COMMIT_MSG b/chromium/COMMIT_MSG
index 6e91f7636f..e6c0a3e48c 100644
--- a/chromium/COMMIT_MSG
+++ b/chromium/COMMIT_MSG
@@ -1,9 +1,59 @@
-www/chromium: update to 146.0.7680.80
+www/chromium: update to 146.0.7680.153
 
-* 146.0.7680.80
-This update includes 1 security fixes. Please see the
+* 146.0.7680.153
+This update includes 26 security fixes. Please see the
 Chrome Security Page for more information.
-[N/A][491421267] High CVE-2026-3909: Out of bounds write in Skia.
-Reported by Google Threat Analysis Group on 2026-03-10
-
-Google is aware that an exploit for CVE-2026-3909 exists in the wild.
+[TBD][475877320] Critical CVE-2026-4439: Out of bounds memory access
+in WebGL. Reported by Goodluck on 2026-01-15
+[TBD][485935305] Critical CVE-2026-4440: Out of bounds read and write
+in WebGL. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-02-20
+[TBD][489381399] Critical CVE-2026-4441: Use after free in Base.
+Reported by Google on 2026-03-03
+[TBD][484751092] High CVE-2026-4442: Heap buffer overflow in CSS.
+Reported by Syn4pse on 2026-02-16
+[TBD][485292589] High CVE-2026-4443: Heap buffer overflow in WebAudio.
+Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-02-18
+[TBD][486349161] High CVE-2026-4444: Stack buffer overflow in WebRTC.
+Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-02-21
+[TBD][486421953] High CVE-2026-4445: Use after free in WebRTC.
+Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-02-22
+[TBD][486421954] High CVE-2026-4446: Use after free in WebRTC.
+Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-02-22
+[TBD][486657483] High CVE-2026-4447: Inappropriate implementation
+in V8. Reported by Erge on 2026-02-23
+[TBD][486972661] High CVE-2026-4448: Heap buffer overflow in ANGLE.
+Reported by M. Fauzan Wijaya (Gh05t666nero) on 2026-02-23
+[TBD][487117772] High CVE-2026-4449: Use after free in Blink.
+Reported by Syn4pse on 2026-02-24
+[TBD][487746373] High CVE-2026-4450: Out of bounds write in V8.
+Reported by qymag1c on 2026-02-26
+[TBD][487768779] High CVE-2026-4451: Insufficient validation of
+untrusted input in Navigation.
+Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-02-26
+[TBD][487977696] High CVE-2026-4452: Integer overflow in ANGLE.
+Reported by cinzinga on 2026-02-26
+[TBD][488400770] High CVE-2026-4453: Integer overflow in Dawn.
+Reported by sweetchip on 2026-02-27
+[TBD][488585488] High CVE-2026-4454: Use after free in Network.
+Reported by heapracer (@heapracer) on 2026-03-01
+[TBD][488585504] High CVE-2026-4455: Heap buffer overflow in PDFium.
+Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-01
+[TBD][488617440] High CVE-2026-4456: Use after free in Digital
+Credentials API. Reported by sean wong on 2026-02-28
+[TBD][488803413] High CVE-2026-4457: Type Confusion in V8.
+Reported by Zhenpeng (Leo) Lin at depthfirst on 2026-03-01
+[TBD][489619753] High CVE-2026-4458: Use after free in Extensions.
+Reported by Shaheen Fazim on 2026-03-04
+[TBD][490246422] High CVE-2026-4459: Out of bounds read and write
+in WebAudio. Reported by Jihyeon Jeong (Compsec Lab, Seoul National
+University / Research Intern) on 2026-03-06
+[TBD][490254124] High CVE-2026-4460: Out of bounds read in Skia.
+Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-06
+[TBD][490558172] High CVE-2026-4461: Inappropriate implementation
+in V8. Reported by Google on 2026-03-07
+[TBD][491080830] High CVE-2026-4462: Out of bounds read in Blink.
+Reported by heapracer (@heapracer) on 2026-03-09
+[TBD][491358681] High CVE-2026-4463: Heap buffer overflow in WebRTC.
+Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-10
+[TBD][487208468] Medium CVE-2026-4464: Integer overflow in ANGLE.
+Reported by heesun on 2026-02-24
diff --git a/chromium/Makefile b/chromium/Makefile
index 4a8b9bfba0..6c91812ff8 100644
--- a/chromium/Makefile
+++ b/chromium/Makefile
@@ -1,7 +1,7 @@
 # $NetBSD: Makefile,v 1.37 2026/01/19 16:14:05 kikadf Exp $
 
 DISTNAME=			chromium-${VERSION}
-VERSION=			146.0.7680.80
+VERSION=			146.0.7680.153
 CATEGORIES=			www
 MASTER_SITES=			https://commondatastorage.googleapis.com/chromium-browser-official/
 EXTRACT_SUFX_C=			.tar.xz
diff --git a/chromium/distinfo b/chromium/distinfo
index 129b7c80b4..015fbb8750 100644
--- a/chromium/distinfo
+++ b/chromium/distinfo
@@ -51,12 +51,12 @@ Size (cc-1.1.21.crate) = 83463 bytes
 BLAKE2s (cfg-if-1.0.0.crate) = fbb02f63b24cc224b045ff2aac3aefd0a77cf7b578df4d5f9da9517a59aaf9bb
 SHA512 (cfg-if-1.0.0.crate) = 0fb16a8882fd30e86b62c5143b1cb18ab564e84e75bd1f28fd12f24ffdc4a42e0d2e012a99abb606c12efe3c11061ff5bf8e24ab053e550ae083f7d90f6576ff
 Size (cfg-if-1.0.0.crate) = 7934 bytes
-BLAKE2s (chromium-146.0.7680.80-lite.tar.xz) = 7ff6ddc31e8c4b40309c525d719e5ce10e4843d4dde1720bd2826ca28decea81
-SHA512 (chromium-146.0.7680.80-lite.tar.xz) = 86bf36d7ed607ce314d084aebce7e4713e7b39a3edda3c33b613651799abfe40fda67b665d4ec1fc53bc26654a0b731b2d3d1f898ab51cc1c8f6682b155efd12
-Size (chromium-146.0.7680.80-lite.tar.xz) = 1476612920 bytes
-BLAKE2s (chromium-146.0.7680.80-testdata.tar.xz) = 574053ec85c5ef77b613ced95eec3a22e65997be6e66e2d918acd521d4c2f690
-SHA512 (chromium-146.0.7680.80-testdata.tar.xz) = 7437561e6ce18808d0bb96384763e01e5e677a576eade5c14ddda37991cc9276939fe0a7275ed3625c10898efb90b4981f3b031e405bf10f0e1b239de829a20c
-Size (chromium-146.0.7680.80-testdata.tar.xz) = 1320139412 bytes
+BLAKE2s (chromium-146.0.7680.153-lite.tar.xz) = 4fc540a2ec0d36909e33552c1ae9c441bc248404d54271698aa5ab1c3d1d9ee3
+SHA512 (chromium-146.0.7680.153-lite.tar.xz) = 30692e93b70298144fe75fe38beda88dc7160fc4812f11fe58800dc601edc93407dc5140debae40aa686d35242fbcd443acdfa665f1bd1e5e656ec901fffafa5
+Size (chromium-146.0.7680.153-lite.tar.xz) = 1477731668 bytes
+BLAKE2s (chromium-146.0.7680.153-testdata.tar.xz) = f2e47ec422ad256bc00cd7440cd8c7ebea9774a7d1c2b1ef2714b5a2aa42803d
+SHA512 (chromium-146.0.7680.153-testdata.tar.xz) = a74c0dc42bbd89b71e8bc7772e949979d32b93bc39223f4a86a6e6dec30f824b5c121b0b1275a7d96fffa68463176540ab3c9a4ca3d648541795ccf83039d8e1
+Size (chromium-146.0.7680.153-testdata.tar.xz) = 1319900156 bytes
 BLAKE2s (convert_case-0.6.0.crate) = c65fc0970543af9611c565957751df80f31efa3aa7c4d8e5eac41712864a67d5
 SHA512 (convert_case-0.6.0.crate) = 3b17449195a9a36e3965db89eeb967979c192ad7743217ea08e8c8b91ecae1ac1674362d05dc6f32f1f361fface3f783398285bb78060403f65a777a9d29adf2
 Size (convert_case-0.6.0.crate) = 18675 bytes
@@ -932,7 +932,6 @@ SHA1 (patch-chrome_browser_ui_views_frame_browser__widget.h) = 94a0a0a6c81ce9a73
 SHA1 (patch-chrome_browser_ui_views_frame_custom__corners__background.cc) = 302a2b92f697344269acc0b909ed1186021301f2
 SHA1 (patch-chrome_browser_ui_views_frame_layout_browser__view__app__layout__impl.cc) = d721ce6529cae7a507832e04a8a216407250922d
 SHA1 (patch-chrome_browser_ui_views_frame_multi__contents__view__drop__target__controller.cc) = a2157c147d417773eb839a1c9bd4d26880e701b1
-SHA1 (patch-chrome_browser_ui_views_frame_multi__contents__view__drop__target__controller.h) = f8e4fdee6da69ae70fae70bd7eb868c78eef5ac5
 SHA1 (patch-chrome_browser_ui_views_frame_opaque__browser__frame__view.cc) = df92b1cba8759dbd02a58aa8560c2a6695181087
 SHA1 (patch-chrome_browser_ui_views_frame_opaque__browser__frame__view.h) = d0bbdb533fcdb112de4cf37b5ca269a0ef12e929
 SHA1 (patch-chrome_browser_ui_views_frame_opaque__browser__frame__view__layout__delegate.h) = d7b392736a261e00c556d8e0e59755330e52fe4e
diff --git a/chromium/patches/patch-chrome_browser_ui_views_frame_multi__contents__view__drop__target__controller.h b/chromium/patches/patch-chrome_browser_ui_views_frame_multi__contents__view__drop__target__controller.h
deleted file mode 100644
index 5a16c4f971..0000000000
--- a/chromium/patches/patch-chrome_browser_ui_views_frame_multi__contents__view__drop__target__controller.h
+++ /dev/null
@@ -1,17 +0,0 @@
-$NetBSD$
-
-* Part of patchset to build chromium on NetBSD
-* Based on OpenBSD's chromium patches, and
-  pkgsrc's qt5-qtwebengine patches
-
---- chrome/browser/ui/views/frame/multi_contents_view_drop_target_controller.h.orig	2026-03-11 22:12:25.000000000 +0000
-+++ chrome/browser/ui/views/frame/multi_contents_view_drop_target_controller.h
-@@ -32,7 +32,7 @@ class MultiContentsViewDropTargetControl
-       public MultiContentsDropTargetView::DragDelegate {
-  public:
-   static constexpr base::TimeDelta kShowDropTargetForTabDelay =
--#if BUILDFLAG(IS_LINUX)
-+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_BSD)
-       base::Milliseconds(1000);
- #else
-       base::Milliseconds(500);