3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

3552 commits

Author SHA1 Message Date
Michael Weiss e466ea721c
chromium{Beta,Dev}: Fix the builds
Fix #89615.
2020-06-10 11:23:14 +02:00
Michael Weiss 1d38f6bcb2
chromiumBeta: Fix the configuration phase
The changes from chromiumDev (see 029a5de083) are required for
chromiumBeta as well.
2020-06-09 13:53:47 +02:00
Florian Klink 495cf5fd17
Merge pull request #89565 from jsravn/enable-chromium-rtc-use-pipewire
chromium: add rtc_use_pipewire
2020-06-07 21:13:28 +02:00
Michael Weiss 029a5de083
chromiumDev: Fix the configuration phase
Relevant changes in M85:
- Upstream switched from YASM to NASM [0].
- third_party/binutils was removed [1].

Note: The gn and dev channel updates are optional.
cc #89615.

[0]: https://bugs.chromium.org/p/chromium/issues/detail?id=766721
[1]: 9869e86fd9
2020-06-06 19:38:53 +02:00
James Ravn 1535270d91
Add pipewire to runtime path 2020-06-06 17:08:39 +01:00
Lassulus f0bee9760f
Merge pull request #88050 from squalus/ungoogled-0518
ungoogled-chromium: 81.0.4044.122-2 -> 81.0.4044.138-1
2020-06-06 16:16:28 +02:00
Michael Weiss 19e939d98e
chromiumBeta: Fix the source hash
For some reason the hash from 9ec139b672 became invalid, see #89615.
The update script does now produce the correct hash.
2020-06-06 13:36:09 +02:00
James Ravn fae468b3ce
chromium: add rtc_use_pipewire
This provides the browser flag #enable-webrtc-pipewire-capturer, which
adds support for screensharing on Wayland via xdg-desktop-portal.

The browser flag is disabled by default until a user enables it. At
least one other major distribution (Arch) enables this compile time
option, and so I believe it should be safe to enable by default.

This is also needed to support xdg-desktop-portal-wlr which was added in
https://github.com/NixOS/nixpkgs/pull/83485.
2020-06-05 21:05:43 +01:00
Michael Weiss 9ec139b672
chromium: 83.0.4103.61 -> 83.0.4103.97
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html

This update includes 5 security fixes.

CVEs: CVE-2020-6493 CVE-2020-6494 CVE-2020-6495 CVE-2020-6496
2020-06-04 20:26:31 +02:00
Christoph Hrdinka 001cf3f926
Merge pull request #87868 from OPNA2608/update-palemoon
palemoon: 28.9.1 -> 28.9.3
2020-06-04 16:40:57 +02:00
JosephTheEngineer c976124d1d
falkon: use wrapQtAppsHook (#89375) 2020-06-03 09:12:46 +00:00
Emery Hemingway 468091a623 tor-browser-bundle-bin: 9.0.9 -> 9.5 2020-06-03 13:22:00 +05:30
josephtheengineer 5d9f617c10
qutebrowser: 1.11.1 -> 1.12.0 2020-06-02 16:51:09 +10:00
Anderson Torres ca90190e2c
Merge pull request #87277 from CheariX/brave-1.8.95
brave: 1.7.92 -> 1.8.95
2020-05-21 00:23:05 -03:00
Michael Weiss cdd95a9625
chromium: 81.0.4044.138 -> 83.0.4103.61
https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop_19.html

This update includes 38 security fixes.

CVEs:
CVE-2020-6465 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469
CVE-2020-6470 CVE-2020-6471 CVE-2020-6472 CVE-2020-6473 CVE-2020-6474
CVE-2020-6475 CVE-2020-6476 CVE-2020-6477 CVE-2020-6478 CVE-2020-6479
CVE-2020-6480 CVE-2020-6481 CVE-2020-6482 CVE-2020-6483 CVE-2020-6484
CVE-2020-6485 CVE-2020-6486 CVE-2020-6487 CVE-2020-6488 CVE-2020-6489
CVE-2020-6490 CVE-2020-6491
2020-05-19 23:55:32 +02:00
DonHugo69 20b3ba16c4
vivaldi: 2.11 -> 3.0 2020-05-19 14:51:20 +02:00
adisbladis b3f79e194a
firefox-devedition-bin: 77.0b6 -> 77.0b7 2020-05-19 02:07:38 +01:00
adisbladis aac358315f
firefox-beta-bin: 77.0b6 -> 77.0b7 2020-05-19 02:07:38 +01:00
squalus fda9c39559 ungoogled-chromium: 81.0.4044.122-2 -> 81.0.4044.138-1 2020-05-18 01:01:19 -07:00
adisbladis 80a4efc3bd
firefox-devedition-bin: 76.0b8 -> 77.0b6 2020-05-16 14:08:19 +01:00
adisbladis 198653e57e
firefox-beta-bin: 76.0b8 -> 77.0b6 2020-05-16 14:07:56 +01:00
Andreas Rammhold b0774e2d0e
Merge pull request #87811 from andir/firefox
firefox: 76.0 -> 76.0.1
2020-05-15 20:21:24 +02:00
Christoph Neidahl 5262ada436 palemoon: 28.9.1 -> 28.9.3 2020-05-15 09:06:54 +02:00
Mario Rodas b51a82932f
Merge pull request #87733 from taku0/flashplayer-32.0.0.371
flashplayer: 32.0.0.363 -> 32.0.0.371
2020-05-14 08:05:29 -05:00
Andreas Rammhold b70435e43c
firefox: 76.0 -> 76.0.1 2020-05-14 12:50:34 +02:00
aszlig 8fb49973ce
firefox: Add patch to fix AES GCM IV bit size
Regression introduced by bce5268a21.

The bit size of the initialisation vector for AES GCM has been
introduced in NSS version 3.52 in the CK_GCM_PARMS struct via the
ulIvBits field.

Unfortunately, Firefox 68.8.0 and 76.0 do not set this field and thus it
gets initialised to zero, which in turn causes IV generation to fail.

I found out about this because WebRTC stopped working after updating to
NSS 3.52 and so I started bisecting.

Since there wasn't an obvious error in Firefox hinting towards NSS but
instead just the video stream ended up as a "null" stream, I didn't
suspect the NSS update to be the culprit at first. So I verified a few
times and then also started bisecting the actual commit in NSS that
caused the issue.

This turned out to be the problematic change:

https://phabricator.services.mozilla.com/D63241

> One notable change was caused by an inconsistancy between the spec and
> the released headers in PKCS#11 v2.40. CK_GCM_PARAMS had an extra
> field in the header that was not in the spec. OASIS considers the
> header file to be normative, so PKCS#11 v3.0 resolved the issue in
> favor of the header file definition.

Since the test I've used[1] was a bit flaky, I still didn't believe the
result of the bisect to be accurate, but after running the test several
times leading same results I dug through the above change line by line
to get more clues.

It fortunately didn't take that long to stumble upon the ulIvBits change
(which is actually documented in the NSS 3.52 release notes[4], but I
managed to blatantly ignore it for some reason) and started checking the
Firefox source tree for changes regarding that field.

Initialisation of that new field has been introduced[2] in preparation
for the 76 release, but subsequently got reverted[3] prior to the
release, because Firefox 76 is expected to be shipped with NSS 3.51,
which didn't have the ulIvBits field.

The patch I'm adding here is just a reintroduction of that change,
because we're using NSS 3.52. Not initialising that field will break
WebRTC and WebCrypto, which I think the former seems to gain in
popularity these days ;-)

Tested the change against the mentioned VM test[1] and also by testing
manually using Jitsi Meet and Nextcloud Talk.

[1]: https://github.com/aszlig/avonc/tree/884315838b6f0ebb32b/tests/talk
[2]: https://hg.mozilla.org/mozilla-central/rev/3ed30e6b6de1
[3]: https://hg.mozilla.org/mozilla-central/rev/665137da70ee
[4]: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.52_release_notes

Signed-off-by: aszlig <aszlig@nix.build>
2020-05-13 02:23:12 +02:00
Robert Schütz 52fcfd3876 qutebrowser: 1.11.0 -> 1.11.1
fixes CVE-2020-11054
2020-05-12 18:46:09 +02:00
taku0 d8fa222ca2 flashplayer: 32.0.0.363 -> 32.0.0.371 2020-05-12 18:31:02 +09:00
xiorcale ccfe14cb3b github username: kjuvi -> xiorcale 2020-05-09 09:08:18 +02:00
Christian Mainka e659bf3ce4 brave: 1.7.92 -> 1.8.95 2020-05-08 18:16:17 +02:00
Pavol Rusnak 6abf4a43ad
treewide: per RFC45, remove more unquoted URLs 2020-05-08 15:20:47 +02:00
Vladimír Čunát a2d5351b63
Merge #86788: firefox 75.0 -> 76.0 (critical security)
https://www.mozilla.org/en-US/firefox/76.0/releasenotes/
Some of the changes were in master already, but whatever...
2020-05-07 19:57:16 +02:00
Tim Steinbach 795564a03d
Merge pull request #81997 from eadwu/vivaldi-snapshot/fix-rpath-libdrm_gbm
vivaldi: include libdrm and libgbm
2020-05-07 08:17:27 -04:00
Michael Weiss f00f6a73df
Merge pull request #87021 from primeos/chromium
chromium: 81.0.4044.129 -> 81.0.4044.138
2020-05-06 13:01:58 +02:00
Andreas Rammhold 5040192913
firefox-bin: 75.0 -> 76.0
Discussion: https://github.com/NixOS/nixpkgs/pull/86788
2020-05-06 11:41:38 +02:00
Andreas Rammhold 5bac4f0213
firefox-esr-68: 68.7.0esr -> 68.8.0esr
Discussion: https://github.com/NixOS/nixpkgs/pull/86788
2020-05-06 11:40:28 +02:00
Michael Weiss dec3d5f39f
chromium: 81.0.4044.129 -> 81.0.4044.138
https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop.html

This update includes 3 security fixes.

CVEs: CVE-2020-6831 CVE-2020-6464
2020-05-06 01:11:53 +02:00
Andreas Rammhold d9f4f0645c
Merge pull request #81917 from colemickens/nixpkgs-firefox-libva
firefox: wrapper: add libva to libs
2020-05-05 20:21:43 +02:00
Andreas Rammhold 8996273bee
firefox-devedition-bin: 76.0b4 -> 76.0b8 2020-05-04 17:46:12 +02:00
Andreas Rammhold f3cc8dc6fa
firefox-esr-68: 68.7.0esr -> 68.8.0esr 2020-05-04 17:29:37 +02:00
Andreas Rammhold c186bc893f
firefox-beta-bin: 76.0b4 -> 76.0b8 2020-05-04 17:29:14 +02:00
Andreas Rammhold 3911336cc6
firefox-bin: 75.0 -> 76.0 2020-05-04 17:22:59 +02:00
Andreas Rammhold 324e40f0f4
firefox: 75.0 -> 76.0 2020-05-04 16:31:27 +02:00
R. RyanTM 5be4c34185 ephemeral: 6.3.3 -> 6.4.1 2020-05-04 01:34:33 -07:00
paumr 4a5b85364e qutebrowser: 1.10.1 -> 1.11.0 2020-05-01 16:44:31 +02:00
squalus ae5c4ed886 ungoogled-chromium: 81.0.4044.92-2 -> 81.0.4044.122-2 2020-05-01 09:19:53 +02:00
Michael Weiss bfa2452dc8
Merge pull request #86206 from primeos/chromium
chromium: 81.0.4044.122 -> 81.0.4044.129
2020-04-29 11:15:25 +02:00
Michael Weiss db4aece884
chromium: 81.0.4044.122 -> 81.0.4044.129
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_27.html

This update includes 2 security fixes.

CVEs: CVE-2020-6462 CVE-2020-6461
2020-04-28 14:39:10 +02:00
Christoph Neidahl 1e814e356a palemoon: 28.8.4 -> 28.9.1, add GTK3 option 2020-04-27 21:02:09 -07:00
Cole Mickens 552d729571
firefox: wrapper: use ffmpeg_4 for vaapi
without this, adding libva is insufficient to get VA-API working in
Firefox.
2020-04-27 05:05:14 -07:00