3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

3573 commits

Author SHA1 Message Date
ehmry 07299ff81e
Merge pull request #85442 from fgaz/castor/init
castor: init at 0.8.14
2020-06-18 20:13:50 +05:30
Graham Christensen e8ddc0cfa7
google-chrome: add coreutils to PATH
google-chrome-stable can't run without coreutils in PATH
2020-06-17 08:32:34 -04:00
zowoq 78e324d272 treewide: ffmpeg_4 -> ffmpeg 2020-06-16 18:23:14 -07:00
Michael Weiss 5e8b626898
Merge pull request #90538 from primeos/chromium
chromium: 83.0.4103.97 -> 83.0.4103.106
2020-06-16 13:59:12 +02:00
Emery Hemingway f2592c0b94 kristall: init at 0.2 2020-06-16 13:46:45 +05:30
Michael Weiss 1a5df8f680
chromium: 83.0.4103.97 -> 83.0.4103.106
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_15.html

This update includes 4 security fixes.

CVEs: CVE-2020-6505 CVE-2020-6506 CVE-2020-6507
2020-06-16 00:01:51 +02:00
Frederik Rietdijk 59dda0a42a Merge master into staging-next 2020-06-15 08:07:00 +02:00
Vladimír Čunát 6857bccf12
Merge #89438: firefox updates (into staging-next)
Most of the changes are in already, but we referenced these commit
hashes from 20.03, so let's include them in the history.
2020-06-14 11:41:42 +02:00
taku0 0a146054bd flashplayer: 32.0.0.371 -> 32.0.0.387 2020-06-14 08:44:44 +02:00
ajs124 5460d53af1
firefox-beta-bin: 77.0b7 -> 78.0b2 (security)
PR #89438.
2020-06-12 21:10:12 +02:00
ajs124 51d0d03b8c
firefox-esr-68: 68.8.0esr -> 68.9.0esr (security)
PR #89438.
2020-06-12 21:10:12 +02:00
ajs124 1bc740008b
firefox-bin: 76.0 -> 77.0.1 (security)
PR #89438.
2020-06-12 21:10:11 +02:00
Doron Behar 01d4e2fe33 treewide: use ffmpeg_3 explicitly if not wanted otherwise
After making `ffmpeg` point to the latest `ffmpeg_4`, all packages that
used `ffmpeg` without requiring a specific version now use ffmpeg_3
explicitly so they shouldn't change.
2020-06-12 11:55:31 -07:00
Anderson Torres 184ecdbf0f
Merge pull request #89931 from OPNA2608/update-palemoon-28.10.0
palemoon: 28.9.3 -> 28.10.0
2020-06-12 11:40:01 -03:00
Michael Weiss e466ea721c
chromium{Beta,Dev}: Fix the builds
Fix #89615.
2020-06-10 11:23:14 +02:00
Francesco Gazzetta 5a211182fd castor: init at 0.8.14 2020-06-09 14:54:05 +02:00
Michael Weiss 1d38f6bcb2
chromiumBeta: Fix the configuration phase
The changes from chromiumDev (see 029a5de083) are required for
chromiumBeta as well.
2020-06-09 13:53:47 +02:00
Florian Klink 495cf5fd17
Merge pull request #89565 from jsravn/enable-chromium-rtc-use-pipewire
chromium: add rtc_use_pipewire
2020-06-07 21:13:28 +02:00
Christoph Neidahl 7c65275595 palemoon: 28.9.3 -> 28.10.0 2020-06-07 12:27:03 +02:00
Michael Weiss 029a5de083
chromiumDev: Fix the configuration phase
Relevant changes in M85:
- Upstream switched from YASM to NASM [0].
- third_party/binutils was removed [1].

Note: The gn and dev channel updates are optional.
cc #89615.

[0]: https://bugs.chromium.org/p/chromium/issues/detail?id=766721
[1]: 9869e86fd9
2020-06-06 19:38:53 +02:00
James Ravn 1535270d91
Add pipewire to runtime path 2020-06-06 17:08:39 +01:00
Lassulus f0bee9760f
Merge pull request #88050 from squalus/ungoogled-0518
ungoogled-chromium: 81.0.4044.122-2 -> 81.0.4044.138-1
2020-06-06 16:16:28 +02:00
Michael Weiss 19e939d98e
chromiumBeta: Fix the source hash
For some reason the hash from 9ec139b672 became invalid, see #89615.
The update script does now produce the correct hash.
2020-06-06 13:36:09 +02:00
James Ravn fae468b3ce
chromium: add rtc_use_pipewire
This provides the browser flag #enable-webrtc-pipewire-capturer, which
adds support for screensharing on Wayland via xdg-desktop-portal.

The browser flag is disabled by default until a user enables it. At
least one other major distribution (Arch) enables this compile time
option, and so I believe it should be safe to enable by default.

This is also needed to support xdg-desktop-portal-wlr which was added in
https://github.com/NixOS/nixpkgs/pull/83485.
2020-06-05 21:05:43 +01:00
Michael Weiss 9ec139b672
chromium: 83.0.4103.61 -> 83.0.4103.97
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html

This update includes 5 security fixes.

CVEs: CVE-2020-6493 CVE-2020-6494 CVE-2020-6495 CVE-2020-6496
2020-06-04 20:26:31 +02:00
Christoph Hrdinka 001cf3f926
Merge pull request #87868 from OPNA2608/update-palemoon
palemoon: 28.9.1 -> 28.9.3
2020-06-04 16:40:57 +02:00
ajs124 0e3b3bd5b0 firefox-beta-bin: 77.0b7 -> 78.0b2 2020-06-04 13:30:40 +02:00
ajs124 303f8d1da4 firefox-bin: 76.0 -> 77.0.1 2020-06-04 13:30:40 +02:00
ajs124 7fc793091b firefox-esr-68: 68.8.0esr -> 68.9.0esr 2020-06-04 13:30:40 +02:00
ajs124 dd334ebabb firefox: 76.0.1 -> 77.0.1 2020-06-04 13:30:40 +02:00
ajs124 785cdcddd7 nss: 3.52 -> 3.52.1 2020-06-04 13:30:40 +02:00
JosephTheEngineer c976124d1d
falkon: use wrapQtAppsHook (#89375) 2020-06-03 09:12:46 +00:00
Emery Hemingway 468091a623 tor-browser-bundle-bin: 9.0.9 -> 9.5 2020-06-03 13:22:00 +05:30
josephtheengineer 5d9f617c10
qutebrowser: 1.11.1 -> 1.12.0 2020-06-02 16:51:09 +10:00
Anderson Torres ca90190e2c
Merge pull request #87277 from CheariX/brave-1.8.95
brave: 1.7.92 -> 1.8.95
2020-05-21 00:23:05 -03:00
Michael Weiss cdd95a9625
chromium: 81.0.4044.138 -> 83.0.4103.61
https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop_19.html

This update includes 38 security fixes.

CVEs:
CVE-2020-6465 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469
CVE-2020-6470 CVE-2020-6471 CVE-2020-6472 CVE-2020-6473 CVE-2020-6474
CVE-2020-6475 CVE-2020-6476 CVE-2020-6477 CVE-2020-6478 CVE-2020-6479
CVE-2020-6480 CVE-2020-6481 CVE-2020-6482 CVE-2020-6483 CVE-2020-6484
CVE-2020-6485 CVE-2020-6486 CVE-2020-6487 CVE-2020-6488 CVE-2020-6489
CVE-2020-6490 CVE-2020-6491
2020-05-19 23:55:32 +02:00
DonHugo69 20b3ba16c4
vivaldi: 2.11 -> 3.0 2020-05-19 14:51:20 +02:00
adisbladis b3f79e194a
firefox-devedition-bin: 77.0b6 -> 77.0b7 2020-05-19 02:07:38 +01:00
adisbladis aac358315f
firefox-beta-bin: 77.0b6 -> 77.0b7 2020-05-19 02:07:38 +01:00
squalus fda9c39559 ungoogled-chromium: 81.0.4044.122-2 -> 81.0.4044.138-1 2020-05-18 01:01:19 -07:00
adisbladis 80a4efc3bd
firefox-devedition-bin: 76.0b8 -> 77.0b6 2020-05-16 14:08:19 +01:00
adisbladis 198653e57e
firefox-beta-bin: 76.0b8 -> 77.0b6 2020-05-16 14:07:56 +01:00
Andreas Rammhold b0774e2d0e
Merge pull request #87811 from andir/firefox
firefox: 76.0 -> 76.0.1
2020-05-15 20:21:24 +02:00
Christoph Neidahl 5262ada436 palemoon: 28.9.1 -> 28.9.3 2020-05-15 09:06:54 +02:00
Mario Rodas b51a82932f
Merge pull request #87733 from taku0/flashplayer-32.0.0.371
flashplayer: 32.0.0.363 -> 32.0.0.371
2020-05-14 08:05:29 -05:00
Andreas Rammhold b70435e43c
firefox: 76.0 -> 76.0.1 2020-05-14 12:50:34 +02:00
aszlig 8fb49973ce
firefox: Add patch to fix AES GCM IV bit size
Regression introduced by bce5268a21.

The bit size of the initialisation vector for AES GCM has been
introduced in NSS version 3.52 in the CK_GCM_PARMS struct via the
ulIvBits field.

Unfortunately, Firefox 68.8.0 and 76.0 do not set this field and thus it
gets initialised to zero, which in turn causes IV generation to fail.

I found out about this because WebRTC stopped working after updating to
NSS 3.52 and so I started bisecting.

Since there wasn't an obvious error in Firefox hinting towards NSS but
instead just the video stream ended up as a "null" stream, I didn't
suspect the NSS update to be the culprit at first. So I verified a few
times and then also started bisecting the actual commit in NSS that
caused the issue.

This turned out to be the problematic change:

https://phabricator.services.mozilla.com/D63241

> One notable change was caused by an inconsistancy between the spec and
> the released headers in PKCS#11 v2.40. CK_GCM_PARAMS had an extra
> field in the header that was not in the spec. OASIS considers the
> header file to be normative, so PKCS#11 v3.0 resolved the issue in
> favor of the header file definition.

Since the test I've used[1] was a bit flaky, I still didn't believe the
result of the bisect to be accurate, but after running the test several
times leading same results I dug through the above change line by line
to get more clues.

It fortunately didn't take that long to stumble upon the ulIvBits change
(which is actually documented in the NSS 3.52 release notes[4], but I
managed to blatantly ignore it for some reason) and started checking the
Firefox source tree for changes regarding that field.

Initialisation of that new field has been introduced[2] in preparation
for the 76 release, but subsequently got reverted[3] prior to the
release, because Firefox 76 is expected to be shipped with NSS 3.51,
which didn't have the ulIvBits field.

The patch I'm adding here is just a reintroduction of that change,
because we're using NSS 3.52. Not initialising that field will break
WebRTC and WebCrypto, which I think the former seems to gain in
popularity these days ;-)

Tested the change against the mentioned VM test[1] and also by testing
manually using Jitsi Meet and Nextcloud Talk.

[1]: https://github.com/aszlig/avonc/tree/884315838b6f0ebb32b/tests/talk
[2]: https://hg.mozilla.org/mozilla-central/rev/3ed30e6b6de1
[3]: https://hg.mozilla.org/mozilla-central/rev/665137da70ee
[4]: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.52_release_notes

Signed-off-by: aszlig <aszlig@nix.build>
2020-05-13 02:23:12 +02:00
Robert Schütz 52fcfd3876 qutebrowser: 1.11.0 -> 1.11.1
fixes CVE-2020-11054
2020-05-12 18:46:09 +02:00
taku0 d8fa222ca2 flashplayer: 32.0.0.363 -> 32.0.0.371 2020-05-12 18:31:02 +09:00
xiorcale ccfe14cb3b github username: kjuvi -> xiorcale 2020-05-09 09:08:18 +02:00