chromium: update to 146.0.7680.177

To: pkgsrc-wip-changes%NetBSD.org@localhost
Subject: chromium: update to 146.0.7680.177
From: kikadf (via pkgsrc-wip) <commit-notify%pkgsrc.org@localhost>
Date: Thu, 2 Apr 2026 07:52:31 +0000
Module Name:	pkgsrc-wip
Committed By:	kikadf <kikadf.01%gmail.com@localhost>
Pushed By:	kikadf
Date:		Thu Apr 2 09:52:03 2026 +0200
Changeset:	015f3bad51621ba735faade458747a164905aa81

Modified Files:
	chromium/COMMIT_MSG
	chromium/Makefile
	chromium/distinfo

Log Message:
chromium: update to 146.0.7680.177

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=015f3bad51621ba735faade458747a164905aa81

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 chromium/COMMIT_MSG | 65 +++++++++++++++++++++++++++++++++++++----------------
 chromium/Makefile   |  4 ++--
 chromium/distinfo   | 18 +++++++--------
 3 files changed, 57 insertions(+), 30 deletions(-)

diffs:
diff --git a/chromium/COMMIT_MSG b/chromium/COMMIT_MSG
index 8d3087fec5..f8f66ff3bf 100644
--- a/chromium/COMMIT_MSG
+++ b/chromium/COMMIT_MSG
@@ -1,22 +1,49 @@
-www/chromium: update to 146.0.7680.164
+www/chromium: update to 146.0.7680.177
 
-* 146.0.7680.164
-This update includes 8 security fixes. Please see the
+* 146.0.7680.177
+This update includes 21 security fixes. Please see the
 Chrome Security Page for more information.
-[$7000][485397284] High CVE-2026-4673: Heap buffer overflow in WebAudio.
-Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-02-18
-[TBD][488188166] High CVE-2026-4674: Out of bounds read in CSS.
-Reported by Syn4pse on 2026-02-27
-[TBD][488270257] High CVE-2026-4675: Heap buffer overflow in WebGL.
-Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-02-27
-[TBD][488613135] High CVE-2026-4676: Use after free in Dawn.
- Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-01
-[TBD][490533968] High CVE-2026-4677: Out of bounds read in WebAudio.
-Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-07
-[TBD][491164019] High CVE-2026-4678: Use after free in WebGPU.
-Reported by Google on 2026-03-10
-[TBD][491516670] High CVE-2026-4679: Integer overflow in Fonts.
-Reported by GF, Un3xploitable Of DeadSec on 2026-03-11
-[TBD][491869946] High CVE-2026-4680: Use after free in FedCM.
-Reported by Shaheen Fazim on 2026-03-12
+[TBD][493952652] High CVE-2026-5273: Use after free in CSS.
+Reported by Anonymous on 2026-03-18
+[TBD][491732188] High CVE-2026-5272: Heap buffer overflow in GPU.
+Reported by inspector-ambitious on 2026-03-11
+[TBD][488596746] High CVE-2026-5274: Integer overflow in Codecs.
+Reported by heapracer (@heapracer) on 2026-03-01
+[TBD][489494022] High CVE-2026-5275: Heap buffer overflow in ANGLE.
+Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-04
+[TBD][489711638] High CVE-2026-5276: Insufficient policy enforcement
+in WebUSB. Reported by Ariel Simon on 2026-03-04
+[TBD][489791424] High CVE-2026-5277: Integer overflow in ANGLE.
+Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-05
+[TBD][490254128] High CVE-2026-5278: Use after free in Web MIDI.
+Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-06
+[TBD][490642836] High CVE-2026-5279: Object corruption in V8.
+Reported by Hyeonjun Ahn (@_deayzl) on 2026-03-08
+[TBD][491515787] High CVE-2026-5280: Use after free in WebCodecs.
+Reported by heapracer (@heapracer) on 2026-03-11
+[TBD][491518608] High CVE-2026-5281: Use after free in Dawn.
+Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-10
+[TBD][491655161] High CVE-2026-5282: Out of bounds read in WebCodecs.
+Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-11
+[TBD][492131521] High CVE-2026-5283: Inappropriate implementation
+in ANGLE. Reported by sweetchip on 2026-03-12
+[TBD][492139412] High CVE-2026-5284: Use after free in Dawn.
+Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-12
+[TBD][492228019] High CVE-2026-5285: Use after free in WebGL.
+Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-13
+[TBD][493900619] High CVE-2026-5286: Use after free in Dawn.
+Reported by sweetchip on 2026-03-18
+[TBD][494644471] High CVE-2026-5287: Use after free in PDF.
+Reported by Syn4pse on 2026-03-21
+[NA][495507390] High CVE-2026-5288: Use after free in WebView.
+Reported by Google on 2026-03-23
+[NA][495931147] High CVE-2026-5289: Use after free in Navigation.
+Reported by Google on 2026-03-25
+[NA][496205576] High CVE-2026-5290: Use after free in Compositing.
+Reported by Google on 2026-03-25
+[TBD][490118036] Medium CVE-2026-5291: Inappropriate implementation
+in WebGL. Reported by heapracer (@heapracer) on 2026-03-06
+[NA][492213293] Medium CVE-2026-5292: Out of bounds read in WebCodecs.
+Reported by Google on 2026-03-12
 
+Google is aware that an exploit for CVE-2026-5281 exists in the wild.
diff --git a/chromium/Makefile b/chromium/Makefile
index 35ea329cae..ae9aba1ecc 100644
--- a/chromium/Makefile
+++ b/chromium/Makefile
@@ -1,7 +1,7 @@
 # $NetBSD: Makefile,v 1.37 2026/01/19 16:14:05 kikadf Exp $
 
 DISTNAME=			chromium-${VERSION}
-VERSION=			146.0.7680.164
+VERSION=			146.0.7680.177
 CATEGORIES=			www
 MASTER_SITES=			https://commondatastorage.googleapis.com/chromium-browser-official/
 EXTRACT_SUFX_C=			.tar.xz
@@ -22,7 +22,7 @@ EB_DISTNAME=			${MAKE} -C ../../www/esbuild -V DISTNAME
 GITHUB_SUBMODULES+=		evanw esbuild v${EB_DISTNAME:sh:C/^.*-//} esbuild
 
 # LLVM_MAJOR_VERSION
-LLVM_MV=			19
+LLVM_MV=			20
 
 MAINTAINER=			kikadf%NetBSD.org@localhost
 HOMEPAGE=			https://www.chromium.org/Home
diff --git a/chromium/distinfo b/chromium/distinfo
index 9762bcd0d1..6d12a96616 100644
--- a/chromium/distinfo
+++ b/chromium/distinfo
@@ -51,12 +51,12 @@ Size (cc-1.1.21.crate) = 83463 bytes
 BLAKE2s (cfg-if-1.0.0.crate) = fbb02f63b24cc224b045ff2aac3aefd0a77cf7b578df4d5f9da9517a59aaf9bb
 SHA512 (cfg-if-1.0.0.crate) = 0fb16a8882fd30e86b62c5143b1cb18ab564e84e75bd1f28fd12f24ffdc4a42e0d2e012a99abb606c12efe3c11061ff5bf8e24ab053e550ae083f7d90f6576ff
 Size (cfg-if-1.0.0.crate) = 7934 bytes
-BLAKE2s (chromium-146.0.7680.164-lite.tar.xz) = 6968cb72fc1be1670046da29f8f6f4ae48369c3be841ceac12ff91a6e3d97cb3
-SHA512 (chromium-146.0.7680.164-lite.tar.xz) = edb557be9e7c771a01e61f57fec8d7962fadfd02eda95afbde76cad1eafecd67eee80bfee337809458c5b4ac6397ef5ccc34fb110e31c45df11a219357b97d17
-Size (chromium-146.0.7680.164-lite.tar.xz) = 1476795816 bytes
-BLAKE2s (chromium-146.0.7680.164-testdata.tar.xz) = 2d865c8533a94450df0a6af92dd2080f0da40d0c731aa57d7598bcedf71f1a0c
-SHA512 (chromium-146.0.7680.164-testdata.tar.xz) = c2e039e34a90c552460fc9b3bb96d6ef2ab142c55cc122579c82514865a3c88c98f2f1c1b64bf8e4e72a03ba8a4bfd9be40000b532e733fdc3ed544c9ae2dd4b
-Size (chromium-146.0.7680.164-testdata.tar.xz) = 1319956124 bytes
+BLAKE2s (chromium-146.0.7680.177-lite.tar.xz) = 8ad8588c0c17fa371dc4ca14655683c8db057407da132055560c5dde26eaef68
+SHA512 (chromium-146.0.7680.177-lite.tar.xz) = 5868e69d3d78f1ce40f908965d3a42a8d4862ddffdb4d5b8e5fa39dcaf83f9bb580e836b4c910e246f587371ced740eb32e615621adcdcbee88e7aa1db6b4802
+Size (chromium-146.0.7680.177-lite.tar.xz) = 1477102388 bytes
+BLAKE2s (chromium-146.0.7680.177-testdata.tar.xz) = 73c026a8ab3d1953407e128becab31abef43dc75a52c14d012ed65394f35a293
+SHA512 (chromium-146.0.7680.177-testdata.tar.xz) = d827fa4ff7540bf03137f282ff7ecf39ecb801d8ceca14567d0fa45394d632f9970d7ccaed029437446e8f480787d9dc0fd50b416100f782ef14767e0602ce58
+Size (chromium-146.0.7680.177-testdata.tar.xz) = 1320109536 bytes
 BLAKE2s (convert_case-0.6.0.crate) = c65fc0970543af9611c565957751df80f31efa3aa7c4d8e5eac41712864a67d5
 SHA512 (convert_case-0.6.0.crate) = 3b17449195a9a36e3965db89eeb967979c192ad7743217ea08e8c8b91ecae1ac1674362d05dc6f32f1f361fface3f783398285bb78060403f65a777a9d29adf2
 Size (convert_case-0.6.0.crate) = 18675 bytes
@@ -81,9 +81,9 @@ Size (either-1.13.0.crate) = 19169 bytes
 BLAKE2s (equivalent-1.0.1.crate) = 915ff7ece3e11b5de2f2f26d2da9c4dfa1c7484416c53025c08507677cebebbd
 SHA512 (equivalent-1.0.1.crate) = b2bc60e804c1b02c461dcefcfd60fc37145af710d183ebe65f9a4d63f2b2072d23193f98dc550a9213c7fdc6a2a837af23b04a89294ebbb681a4aaf5d5031140
 Size (equivalent-1.0.1.crate) = 6615 bytes
-BLAKE2s (evanw-esbuild-v0.27.3.tar.gz) = 798d1a1f3574c92b47c6588b9ed436dbb74fc77f1eb065b2fcb0bfb5396b87ca
-SHA512 (evanw-esbuild-v0.27.3.tar.gz) = 169861c528ffb4943b8c7074017e1b65d97c3b598eb7be355e9842ce40ea75393e6ecc40a29e6a9d865175b354a5c74e18f3b024c480a3a09446a66db4ee02a4
-Size (evanw-esbuild-v0.27.3.tar.gz) = 1983973 bytes
+BLAKE2s (evanw-esbuild-v0.27.5.tar.gz) = 8bf45743ce0631bd6936e295f2c766be143fbf4b20689cdcf89bd34117b3cca3
+SHA512 (evanw-esbuild-v0.27.5.tar.gz) = 5e71a7976067526883607e509cde9418e13065f18a41e01dbfc1f6b92a7e19c2ffc690b5fe88b4a864f65967f957df27b2d185223752eb3d0f8e988577139e02
+Size (evanw-esbuild-v0.27.5.tar.gz) = 1990125 bytes
 BLAKE2s (fixedbitset-0.4.2.crate) = 4b9d305e9a18e8ccdf747fa067106c885d45e3856780140107551f9aaee4812c
 SHA512 (fixedbitset-0.4.2.crate) = 57c5d756b0a202b2506270f0d5e890f7617a1e0c015b6059ea23fab49cf7af47fd06927eb56feb03b37cb2b6c467e326b3f0da1e32cfcb6339cf11a130a3ccab
 Size (fixedbitset-0.4.2.crate) = 15954 bytes
Prev by Date: Import www/esbuild
Previous by Thread: esbuild: update to 0.27.5
Indexes:
Home | Main Index | Thread Index | Old Index