pkgsrc.se | The NetBSD package collection

./www/chromium, Open source web browser

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 146.0.7680.80, Package name: chromium-146.0.7680.80, Maintainer: kikadf

Chromium is an open-source browser project that aims to build a
safer, faster, and more stable way for all Internet users to
experience the web.

Package options: sunaudio

Master sites:

https://commondatastorage.googleapis.com/chromium-browser-official/

Version history: (Expand)

(2026-03-14) Updated to version: chromium-146.0.7680.80
(2026-03-14) Updated to version: chromium-146.0.7680.75
(2026-03-09) Updated to version: chromium-145.0.7632.159
(2026-02-26) Updated to version: chromium-145.0.7632.116
(2026-02-22) Updated to version: chromium-145.0.7632.109
(2026-02-15) Updated to version: chromium-145.0.7632.75

CVS history: (Expand)

2026-03-14 20:24:49 by Robert Bagdan | Files touched by this commit (2) | Package updated

Log message: www/chromium: update to 146.0.7680.80 * 146.0.7680.80 This update includes 1 security fixes. Please see the Chrome Security Page for more information. [N/A][491421267] High CVE-2026-3909: Out of bounds write in Skia. Reported by Google Threat Analysis Group on 2026-03-10 Google is aware that an exploit for CVE-2026-3909 exists in the wild.

2026-03-09 20:05:36 by Robert Bagdan | Files touched by this commit (3) | Package updated

Log message: www/chromium: update to 145.0.7632.159 * 145.0.7632.159 This update includes 10 security fixes. Please see the Chrome Security Page for more information. [$33,000][485622239] Critical CVE-2026-3536: Integer overflow in ANGLE. Reported by cinzinga on 2026-02-18 [$32,000][474266014] Critical CVE-2026-3537: Object lifecycle issue in PowerVR. Reported by Zhihua Yao of KunLun Lab on 2026-01-08 [TBD][484983991] Critical CVE-2026-3538: Integer overflow in Skia. Reported by Symeon Paraschoudis on 2026-02-17 [TBD][483853098] High CVE-2026-3539: Object lifecycle issue in DevTools. Reported by Zhenpeng (Leo) Lin at depthfirst on 2026-02-12 [TBD][484088917] High CVE-2026-3540: Inappropriate implementation in WebAudio. Reported by Davi Antônio Cruz on 2026-02-14 [TBD][484811719] High CVE-2026-3541: Inappropriate implementation in CSS. Reported by Syn4pse on 2026-02-16 [TBD][485152421] High CVE-2026-3542: Inappropriate implementation in WebAssembly. Reported by qymag1c on 2026-02-17 [TBD][485267831] High CVE-2026-3543: Inappropriate implementation in V8. Reported by qymag1c on 2026-02-18 [TBD][485683110] High CVE-2026-3544: Heap buffer overflow in WebCodecs. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-02-19 [TBD][487383169] High CVE-2026-3545: Insufficient data validation in Navigation. Reported by Google on 2026-02-24

2026-02-26 12:45:39 by Robert Bagdan | Files touched by this commit (2) | Package updated

Log message: www/chromium: update to 145.0.7632.116 * 145.0.7632.116 This update includes 3 security fixes. Please see the Chrome Security Page for more information. [TBD][482862710] High CVE-2026-3061: Out of bounds read in Media. Reported by Luke Francis on 2026-02-09 [TBD][483751167] High CVE-2026-3062: Out of bounds read and write in Tint. Reported by cinzinga on 2026-02-11 [TBD][485287859] High CVE-2026-3063: Inappropriate implementation in DevTools. Reported by M. Fauzan Wijaya (Gh05t666nero) on 2026-02-17

2026-02-22 09:46:28 by Robert Bagdan | Files touched by this commit (3) | Package updated

Log message: www/chromium: update to 145.0.7632.109 * 145.0.7632.109 This update includes 3 security fixes. Please see the Chrome Security Page for more information. [TBD][477033835] High CVE-2026-2648: Heap buffer overflow in PDFium. Reported by soiax on 2026-01-19 [TBD][481074858] High CVE-2026-2649: Integer overflow in V8. Reported by JunYoung Park(@candymate) of KAIST Hacking Lab on 2026-02-03 [N/A][476461867] Medium CVE-2026-2650: Heap buffer overflow in Media. Reported by Google on 2026-01-18

2026-02-06 11:06:21 by Thomas Klausner | Files touched by this commit (1305)

Log message: *: recursive bump for nettle 4.0 shlib major bump

2026-01-29 13:44:16 by Robert Bagdan | Files touched by this commit (3) | Package updated

Log message: www/chromium: update to 144.0.7559.109 * 144.0.7559.109 This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$3000][474435504] High CVE-2026-1504: Inappropriate implementation in Background Fetch API. Reported by Luan Herrera (@lbherrera_) on 2026-01-09

2026-01-27 09:41:10 by Thomas Klausner | Files touched by this commit (1344)

Log message: *: recursive bump for removal of cairo's xcb option

2026-01-22 20:08:09 by Robert Bagdan | Files touched by this commit (2) | Package updated

Log message: www/chromium: update to 144.0.7559.96 * 144.0.7559.96 This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [TBD][473851441] High CVE-2026-1220: Race in V8. Reported by @p1nky4745 on 2026-01-07 * Pkgsrc: enable widevine