Michael Weiss
adccc8b65b
chromiumBeta: 89.0.4389.58 -> 89.0.4389.69
2021-02-27 16:35:48 +01:00
Michael Weiss
62df868822
ungoogled-chromium: 88.0.4324.150 -> 88.0.4324.182
2021-02-19 19:47:38 +01:00
Michael Weiss
8df4ea8d28
chromiumDev: 90.0.4412.3 -> 90.0.4421.5
2021-02-19 19:45:39 +01:00
Michael Weiss
849bd20271
chromiumBeta: 89.0.4389.47 -> 89.0.4389.58
2021-02-18 12:13:16 +01:00
TredwellGit
c3181699cd
chromium: 88.0.4324.150 -> 88.0.4324.182
...
https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html
This update includes 10 security fixes.
CVEs:
CVE-2021-21149 CVE-2021-21150 CVE-2021-21151 CVE-2021-21152
CVE-2021-21153 CVE-2021-21154 CVE-2021-21155 CVE-2021-21156
CVE-2021-21157
2021-02-17 05:43:11 +00:00
Michael Weiss
d35eb344f8
chromiumBeta: 89.0.4389.40 -> 89.0.4389.47
2021-02-11 12:37:06 +01:00
Michael Weiss
ed6ccd4b27
chromiumDev: 90.0.4408.0 -> 90.0.4412.3
2021-02-09 22:35:08 +01:00
Michael Weiss
43161bc2b7
ungoogled-chromium: 88.0.4324.146 -> 88.0.4324.150
2021-02-09 15:24:38 +01:00
Michael Weiss
06d0d8ecfa
chromiumDev: 90.0.4400.8 -> 90.0.4408.0
2021-02-06 00:55:35 +01:00
Michael Weiss
ad588f04d4
chromium: 88.0.4324.146 -> 88.0.4324.150
...
https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html
This update includes 1 security fix. Google is aware of reports that an
exploit for CVE-2021-21148 exists in the wild.
CVEs: CVE-2021-21148
2021-02-05 21:03:36 +01:00
Michael Weiss
6f0de2b041
chromiumBeta: 89.0.4389.23 -> 89.0.4389.40
2021-02-04 11:42:14 +01:00
Michael Weiss
bdf7d732d3
ungoogled-chromium: 88.0.4324.104 -> 88.0.4324.146 (security)
2021-02-03 12:38:21 +01:00
Michael Weiss
4fe69d33ae
chromium: 88.0.4324.96 -> 88.0.4324.146
...
https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop.html
This update includes 6 security fixes.
CVEs:
CVE-2021-21142 CVE-2021-21143 CVE-2021-21144 CVE-2021-21145
CVE-2021-21146 CVE-2021-21147
2021-02-03 12:38:09 +01:00
Michael Weiss
268600e6b7
ungoogled-chromium: 87.0.4280.141 -> 88.0.4324.104
...
Unfortunately this requires a crazy hack to support building with
Google's proprietary Widevine DRM technology as that requires fetching
the Google Chrome sources (see also 86ff1e45ce
).
The hack is required because ungoogled-chromium doesn't always use tags
that correspond to a Google Chrome release.
2021-01-30 19:22:22 +01:00
Michael Weiss
11ec29dd70
chromiumDev: 89.0.4389.23 -> 90.0.4400.8
2021-01-28 21:30:26 +01:00
Michael Weiss
a7339c3a24
chromiumBeta: 88.0.4324.96 -> 89.0.4389.23
2021-01-28 21:30:25 +01:00
Michael Weiss
bfc1cee4bf
chromiumDev: 89.0.4389.9 -> 89.0.4389.23
2021-01-28 15:45:00 +01:00
Michael Weiss
f5de4608de
chromiumDev: 89.0.4385.0 -> 89.0.4389.9
2021-01-21 11:53:53 +01:00
Michael Weiss
5b6d3c4b13
chromium: 87.0.4280.141 -> 88.0.4324.96
...
https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html
This update includes 36 security fixes.
CVEs:
CVE-2021-21117 CVE-2021-21118 CVE-2021-21119 CVE-2021-21120
CVE-2021-21121 CVE-2021-21122 CVE-2021-21123 CVE-2021-21124
CVE-2021-21125 CVE-2020-16044 CVE-2021-21126 CVE-2021-21127
CVE-2021-21128 CVE-2021-21129 CVE-2021-21130 CVE-2021-21131
CVE-2021-21132 CVE-2021-21133 CVE-2021-21134 CVE-2021-21135
CVE-2021-21136 CVE-2021-21137 CVE-2021-21138 CVE-2021-21139
CVE-2021-21140 CVE-2021-21141
2021-01-19 20:56:29 +01:00
Michael Weiss
101d42849d
chromiumBeta: 88.0.4324.87 -> 88.0.4324.96
2021-01-19 13:25:47 +01:00
Michael Weiss
aee78d463e
ungoogled-chromium: 87.0.4280.88 -> 87.0.4280.141 (security)
...
I did a quick, automated test by reusing the VM test for Chromium.
2021-01-18 14:56:32 +01:00
Michael Weiss
c0e177d09f
chromiumBeta: 88.0.4324.79 -> 88.0.4324.87
2021-01-14 20:36:28 +01:00
Michael Weiss
79150e0573
chromiumDev: 89.0.4381.6 -> 89.0.4385.0
2021-01-13 17:43:12 +01:00
Michael Weiss
84840c81e3
chromiumDev: 89.0.4356.6 -> 89.0.4381.6
2021-01-09 14:53:20 +01:00
Michael Weiss
f274df0cda
chromiumBeta: 88.0.4324.50 -> 88.0.4324.79
2021-01-08 12:48:31 +01:00
TredwellGit
ba0068cf9e
chromium: 87.0.4280.88 -> 87.0.4280.141
...
https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop.html
This update includes 16 security fixes.
CVEs:
CVE-2021-21106 CVE-2021-21107 CVE-2021-21108 CVE-2021-21109
CVE-2021-21110 CVE-2021-21111 CVE-2021-21112 CVE-2021-21113
CVE-2020-16043 CVE-2021-21114 CVE-2020-15995 CVE-2021-21115
CVE-2021-21116
2021-01-07 01:59:35 +00:00
Michael Weiss
86ff1e45ce
ungoogled-chromium: Support enableWideVine=true
...
Building with Google's proprietary Widevine DRM technology requires
fetching the Google Chrome sources.
2020-12-22 13:35:40 +01:00
Michael Weiss
94bee10904
ungoogled-chromium: Support automatic updates via update.py
2020-12-18 19:10:45 +01:00
Michael Weiss
40199cd3d8
chromiumDev: 89.0.4350.4 -> 89.0.4356.6
2020-12-18 13:02:51 +01:00
Michael Weiss
39c5d116a2
chromiumBeta: 88.0.4324.41 -> 88.0.4324.50
2020-12-17 21:02:14 +01:00
Michael Weiss
f5944b74e6
Merge pull request #106475 from primeos/ungoogled-chromium-merge
...
Merge ungoogled-chromium back into the chromium expressions
2020-12-17 19:02:21 +01:00
Michael Weiss
397a5ee2ee
chromiumDev: 89.0.4343.0 -> 89.0.4350.4
2020-12-11 10:54:19 +01:00
Michael Weiss
4ea2b2129e
chromiumBeta: 88.0.4324.27 -> 88.0.4324.41
2020-12-10 17:43:52 +01:00
Michael Weiss
240a8f746e
ungoogled-chromium: Move ungoogled-src.nix into upstream-info.json
...
This also adds a dedicated channel for ungoogled-chromium that enables
us to update ungoogled-chromium independently of chromium.
TODO: Automate ungoogled-chromium updates via update.py (currently it
needs to be updated manually).
Note: Unfortunately this changes the ungoogled-chromium derivation
because common.nix passes the channel as an argument to
stdenv.mkDerivation (this makes it more difficult to verify this commit
but the result should remain the same).
2020-12-10 17:41:22 +01:00
Michael Weiss
d35b635628
chromedriver.src: Update the hash
...
I just regenerated upstream-info.json using update.py again and got a
different hash this time (but the same hash as in #106272 ). Therefore,
the only possible explanation I have is that upstream changed the file
that is hosted at [0]. I'll try to contact upstream regarding this.
Fix #106272 .
[0]: https://chromedriver.storage.googleapis.com/87.0.4280.88/chromedriver_linux64.zip
2020-12-08 13:46:47 +01:00
Michael Weiss
f4419dd970
chromiumDev: 88.0.4324.27 -> 89.0.4343.0
2020-12-04 19:21:57 +01:00
Michael Weiss
beb83591fb
chromiumBeta: 87.0.4280.66 -> 88.0.4324.27
2020-12-04 19:21:57 +01:00
Michael Weiss
36d40f77a9
chromium: 87.0.4280.66 -> 87.0.4280.88
...
https://chromereleases.googleblog.com/2020/12/stable-channel-update-for-desktop.html
This update includes 0 security fixes.
2020-12-03 10:36:48 +01:00
Michael Weiss
8eb2551e51
chromiumDev: 88.0.4324.11 -> 88.0.4324.27
2020-12-02 11:43:43 +01:00
Michael Weiss
6aea53c3ce
chromedriver: Switch to Chromium's upstream-info.json ( #105054 )
...
This enables automatic updates and fixes #85629 .
2020-11-27 12:38:07 +01:00
Michael Weiss
97677fa34f
chromiumDev: Unmark the build as broken
...
The build succeeds again as dirmd is no longer required for building.
2020-11-21 00:27:27 +01:00
Michael Weiss
54673b1f3b
chromium: 86.0.4240.198 -> 87.0.4280.66
...
https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html
This update includes 33 security fixes.
CVEs:
CVE-2020-16018 CVE-2020-16019 CVE-2020-16020 CVE-2020-16021
CVE-2020-16022 CVE-2020-16015 CVE-2020-16014 CVE-2020-16023
CVE-2020-16024 CVE-2020-16025 CVE-2020-16026 CVE-2020-16027
CVE-2020-16028 CVE-2020-16029 CVE-2020-16030 CVE-2019-8075
CVE-2020-16031 CVE-2020-16032 CVE-2020-16033 CVE-2020-16034
CVE-2020-16035 CVE-2020-16012 CVE-2020-16036
Note: We'll finally build with use_ozone=true on Hydra now :) \o/
2020-11-17 22:53:12 +01:00
Michael Weiss
b91153fd7a
chromium: 86.0.4240.193 -> 86.0.4240.198
...
https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html
This update includes 2 security fixes. Google is aware of reports that
exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild.
CVEs: CVE-2020-16013 CVE-2020-16017
2020-11-12 12:39:24 +01:00
Michael Weiss
841664a172
chromium: 86.0.4240.183 -> 86.0.4240.193
...
https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_9.html
This update includes 1 security fix (no CVE).
2020-11-10 12:11:55 +01:00
Michael Weiss
d7f5386474
chromium: Extend update.py to automatically update gn
...
The gn version depends on the channel and new gn versions aren't always
backward compatible. Therefore we should also include it in
upstream-info.json (I've scoped it under "deps" as we'll likely have to
add more like this in the future).
2020-11-03 20:00:25 +01:00
Michael Weiss
531decc11d
chromium: 86.0.4240.111 -> 86.0.4240.183
...
https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.html
This update includes 10 security fixes. Google is aware of reports that
an exploit for CVE-2020-16009 exists in the wild.
CVEs:
CVE-2020-16004 CVE-2020-16005 CVE-2020-16006 CVE-2020-16007
CVE-2020-16008 CVE-2020-16009 CVE-2020-16011
2020-11-03 11:14:20 +01:00
Michael Weiss
50a2f50acb
chromiumDev: 88.0.4292.2 -> 88.0.4298.4
...
This should also fix VA-API for chromiumBeta (though that part needs
some cleanup). However, chromiumDev likely still fails due to the
absence of dirmd (not included in the tarball so far, we might have to
package and add it as a dependency).
2020-10-23 17:49:46 +02:00
TredwellGit
7dc2d9f819
chromium: 86.0.4240.75 -> 86.0.4240.111
...
https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html
CVE-2020-16000 CVE-2020-16001 CVE-2020-16002 CVE-2020-15999 CVE-2020-16003
2020-10-22 00:38:17 +00:00
Michael Weiss
aee3076ba7
chromiumDev: M87 -> M88
2020-10-16 11:58:20 +02:00
Michael Weiss
a667bc7ae1
chromiumBeta: M86 -> M87
2020-10-15 20:46:24 +02:00
Michael Weiss
f79703e50c
chromium: 85.0.4183.121 -> 86.0.4240.75
...
https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop.html
This update includes 35 security fixes.
CVEs:
CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970
CVE-2020-15971 CVE-2020-15972 CVE-2020-15990 CVE-2020-15991
CVE-2020-15973 CVE-2020-15974 CVE-2020-15975 CVE-2020-15976
CVE-2020-6557 CVE-2020-15977 CVE-2020-15978 CVE-2020-15979
CVE-2020-15980 CVE-2020-15981 CVE-2020-15982 CVE-2020-15983
CVE-2020-15984 CVE-2020-15985 CVE-2020-15986 CVE-2020-15987
CVE-2020-15992 CVE-2020-15988 CVE-2020-15989
2020-10-07 20:37:35 +02:00
Michael Weiss
d1a27a5f00
chromium: 85.0.4183.102 -> 85.0.4183.121
...
https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html
This update includes 10 security fixes.
CVEs:
CVE-2020-15960 CVE-2020-15961 CVE-2020-15962 CVE-2020-15963
CVE-2020-15965 CVE-2020-15966 CVE-2020-15964
2020-09-22 13:58:22 +02:00
Michael Weiss
e249baca22
chromiumDev: M86 -> M87
2020-09-10 12:31:00 +02:00
Michael Weiss
a9c78519d6
chromium: 85.0.4183.83 -> 85.0.4183.102
...
https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop.html
This update includes 5 security fixes.
CVEs:
CVE-2020-6573 CVE-2020-6574 CVE-2020-6575 CVE-2020-6576 CVE-2020-15959
2020-09-09 09:57:45 +02:00
Florian Klink
c7a503bf2e
Revert "chromiumDev: 86.0.4240.8 -> 87.0.4252.0"
...
This reverts commit 5da66561d1
.
It seems the chromium build now unconditionally tries to enable ozone
(even though we disable it), causing the build to fail (as we only
provide xkbcommon when enabling Ozone):
```
configuring
ERROR at //build/config/linux/pkg_config.gni:103:17: Script returned non-zero exit code.
pkgresult = exec_script(pkg_config_script, args, "value")
^----------
Current dir: /build/chromium-87.0.4252.0/out/Release/
Command: python /build/chromium-87.0.4252.0/build/config/linux/pkg-config.py xkbcommon
Returned 1.
stderr:
Package xkbcommon was not found in the pkg-config search path.
Perhaps you should add the directory containing `xkbcommon.pc'
to the PKG_CONFIG_PATH environment variable
No package 'xkbcommon' found
Could not run pkg-config.
See //ui/events/ozone/layout/BUILD.gn:12:3: whence it was called.
pkg_config("xkbcommon") {
^------------------------
See //chrome/test/chromedriver/BUILD.gn:273:15: which caused the file to be included.
deps += [ "//ui/events/ozone/layout" ]
^-------------------------
builder for '/nix/store/2dqhrd2qzyms078wnvwv6ays53ppvgc2-chromium-unwrapped-87.0.4252.0.drv' failed with exit code 1
cannot build derivation '/nix/store/4iyhgzsmpx80v75hvk1jycwzanw4z5dn-chromium-dev-87.0.4252.0.drv': 1 dependencies couldn't be built
```
2020-09-05 12:00:48 +02:00
Florian Klink
6c92847e81
chromiumBeta: 85.0.4183.83 -> 86.0.4240.22
2020-09-05 11:25:38 +02:00
Florian Klink
5da66561d1
chromiumDev: 86.0.4240.8 -> 87.0.4252.0
2020-09-05 11:24:57 +02:00
Alyssa Ross
de69b705d2
chromium: replace update.nix with Python impl
...
update.nix was a huuuuge hack, abusing checksum collisions, etc., and
was extremely difficult to read and maintain, especially because
values from update.nix were also used in the derivations themselves!
I've replaced this with an implementation in Python, which I chose for
readability. Rather than generating Nix, I chose to
generate JSON, since Python can do that in the standard library and
Nix can read it.
I also set update.py as an updateScript, so Chromium can now
automatically be updated!
Fixes: https://github.com/NixOS/nixpkgs/issues/89635
2020-09-05 11:20:13 +02:00