3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

664 commits

Author SHA1 Message Date
obadz 3c7e691c9e chromium: 78.0.3904.70 -> 78.0.3904.87
Two high severity CVEs: CVE-2019-13721 & CVE-2019-13720
(https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_31.html)
2019-11-02 03:43:25 +01:00
Ivan Kozik b4f5dc2fb8 chromium: do not load .so files from current working directory
Fixes #67234.
2019-10-31 01:34:19 +00:00
Ivan Kozik 908b24ea04 chromium: 77.0.3865.120 -> 78.0.3904.70
CVE-2019-13699 CVE-2019-13700 CVE-2019-13701 CVE-2019-13702
CVE-2019-13703 CVE-2019-13704 CVE-2019-13705 CVE-2019-13706
CVE-2019-13707 CVE-2019-13708 CVE-2019-13709 CVE-2019-13710
CVE-2019-13711 CVE-2019-15903 CVE-2019-13713 CVE-2019-13714
CVE-2019-13715 CVE-2019-13716 CVE-2019-13717 CVE-2019-13718
CVE-2019-13719

https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html
2019-10-23 03:54:39 +00:00
Renaud e77a6ec5e4
Merge pull request #70853 from taku0/flashplayer-32.0.0.270
flashplayer: 32.0.0.255 -> 32.0.0.270 [Critical security fixes]
2019-10-15 19:55:56 +02:00
Herwig Hochleitner 13e3b03d1b chromium: restore versionRange utility
This partially reverts commit
f45798e544.

cc @ivan I'd like to have that left in, because it's very useful for
gcc compiles, when necessary patches often span multiple releases,
i.e. for aarch64 builds
2019-10-11 23:00:29 +02:00
Ivan Kozik f45798e544 chromium: 77.0.3865.90 -> 77.0.3865.120
CVE-2019-13693 CVE-2019-13694 CVE-2019-13695 CVE-2019-13696
CVE-2019-13697

Disable jumbo mode because upstream dropped support for it.
(See chromium-dev "We're removing support for the jumbo build")

This makes builds take about 3x as long, but we have no alternative.
2019-10-11 22:32:18 +02:00
taku0 09ef6dc625 flashplayer: add maintainer 2019-10-09 21:13:14 +09:00
taku0 8948290cec flashplayer: 32.0.0.255 -> 32.0.0.270 2019-10-09 15:13:12 +09:00
Graham Christensen 8dbca5e3ca
Merge pull request #69054 from ivan/chromium-77.0.3865.90
chromium: 77.0.3865.75 -> 77.0.3865.90
2019-09-19 18:01:06 -04:00
Ivan Kozik 5456def6b3 chromiumDev: fix widevine support
Upstream moved libwidevinecdm.so from
./opt/google/chrome-unstable/libwidevinecdm.so
to
./opt/google/chrome-unstable/WidevineCdm/_platform_specific/linux_x64/libwidevinecdm.so
2019-09-19 00:05:30 +00:00
Ivan Kozik 44957a9f30 chromiumDev: fix build by disabling jumbo
This fixes:

FAILED: obj/chrome/browser/ui/ui/ui_jumbo_3.o
../../third_party/llvm-build/Release+Asserts/bin/clang++ -MMD -MF obj/chrome/browser/ui/ui/ui_jumbo_3.o.d -DUSE_DBUS -DUSE_UDEV -DUSE_AURA=1 -DUSE_GLIB=1 -DUSE_NSS_CERTS=1 -DUSE_X11=1 -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_GNU_SOURCE -DCR_CLANG_REVISION=\"371202-8455294f-1\" -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -D_FORTIFY_SOURCE=2 -D_LIBCPP_ABI_UNSTABLE -D_LIBCPP_DISABLE_VISIBILITY_ANNOTATIONS -D_LIBCXXABI_DISABLE_VISIBILITY_ANNOTATIONS -D_LIBCPP_ENABLE_NODISCARD -DCR_LIBCXX_REVISION=361348 -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0 -DUSE_CUPS -DGLIB_VERSION_MAX_ALLOWED=GLIB_VERSION_2_32 -DGLIB_VERSION_MIN_REQUIRED=GLIB_VERSION_2_26 -DENABLE_IPC_FUZZER -DTOOLKIT_VIEWS=1 -DVK_NO_PROTOTYPES -DGL_GLEXT_PROTOTYPES -DUSE_GLX -DUSE_EGL -DSYNC_PASSWORD_REUSE_DETECTION_ENABLED -DON_FOCUS_PING_ENABLED -DEXPAT_RELATIVE_PATH -DGOOGLE_PROTOBUF_NO_RTTI -DGOOGLE_PROTOBUF_NO_STATIC_INITIALIZER -DHAVE_PTHREAD -DLEVELDB_PLATFORM_CHROMIUM=1 -DLEVELDB_PLATFORM_CHROMIUM=1 -DU_USING_ICU_NAMESPACE=0 -DU_ENABLE_DYLOAD=0 -DUSE_CHROMIUM_ICU=1 -DU_STATIC_IMPLEMENTATION -DICU_UTIL_DATA_IMPL=ICU_UTIL_DATA_FILE -DUCHAR_TYPE=uint16_t -DWEBRTC_NON_STATIC_TRACE_EVENT_HANDLERS=0 -DWEBRTC_CHROMIUM_BUILD -DWEBRTC_POSIX -DWEBRTC_LINUX -DABSL_ALLOCATOR_NOTHROW=1 -DNO_MAIN_THREAD_WRAPPING -DV8_USE_EXTERNAL_STARTUP_DATA -DSK_GL -DSK_HAS_PNG_LIBRARY -DSK_HAS_WEBP_LIBRARY -DSK_USER_CONFIG_HEADER=\"../../skia/config/SkUserConfig.h\" -DSK_HAS_JPEG_LIBRARY -DSK_VULKAN_HEADER=\"../../skia/config/SkVulkanConfig.h\" -DSK_VULKAN=1 -DSK_SUPPORT_GPU=1 -DSK_GPU_WORKAROUNDS_HEADER=\"gpu/config/gpu_driver_bug_workaround_autogen.h\" -DVK_NO_PROTOTYPES -DV8_DEPRECATION_WARNINGS -DI18N_ADDRESS_VALIDATION_DATA_URL=\"https://chromium-i18n.appspot.com/ssl-aggregate-address/\" -DPERFETTO_IMPLEMENTATION -I. -I../.. -Igen -Igen/shim_headers/snappy_shim -I../../third_party/libyuv/include -Igen/shim_headers/libpng_shim -Igen/shim_headers/libwebp_shim -I../../third_party/khronos -I../../gpu -I../../third_party/vulkan/include -Igen/shim_headers/opus_shim -Igen/third_party/dawn -I../../third_party/dawn/src/include -Igen/shim_headers/flac_shim -I../../third_party/protobuf/src -Igen/protoc_out -I../../third_party/protobuf/src -I../../third_party/boringssl/src/include -I../../third_party/cacheinvalidation/overrides -I../../third_party/cacheinvalidation/src -Igen/third_party/metrics_proto -I../../third_party/leveldatabase -I../../third_party/leveldatabase/src -I../../third_party/leveldatabase/src/include -I../../third_party/ced/src -I../../third_party/icu/source/common -I../../third_party/icu/source/i18n -I../../third_party/webrtc_overrides -I../../third_party/webrtc -Igen/third_party/webrtc -I../../third_party/abseil-cpp -I../../third_party/skia -I../../third_party/vulkan/include -I../../third_party/skia/third_party/vulkanmemoryallocator -I../../third_party/vulkan/include -I../../third_party/libwebm/source -I../../v8/include -Igen/v8/include -I../../third_party/perfetto/include -Igen/third_party/perfetto/build_config -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -I../../third_party/re2/src -I../../third_party/mesa_headers -Igen -Igen -Igen -Igen -I../../third_party/libaddressinput/src/cpp/include -Igen/components/sync/protocol -I../../third_party/flatbuffers/src/include -I../../third_party/perfetto -I../../third_party/perfetto/include -Igen/third_party/perfetto/build_config -I../../third_party/brotli/include -I../../third_party/zlib -I../../third_party/fontconfig/src -Igen -Igen -Igen -Igen -Igen -fno-strict-aliasing --param=ssp-buffer-size=4 -fstack-protector -funwind-tables -fPIC -pthread -fcolor-diagnostics -fmerge-all-constants -fcrash-diagnostics-dir=../../tools/clang/crashreports -Xclang -mllvm -Xclang -instcombine-lower-dbg-declare=0 -fcomplete-member-pointers -m64 -march=x86-64 -Wno-builtin-macro-redefined -D__DATE__= -D__TIME__= -D__TIMESTAMP__= -no-canonical-prefixes -Wall -Wextra -Wimplicit-fallthrough -Wthread-safety -Wextra-semi -Wno-missing-field-initializers -Wno-unused-parameter -Wno-c++11-narrowing -Wno-unneeded-internal-declaration -Wno-undefined-var-template -Wno-ignored-pragma-optimize -Wno-implicit-int-float-conversion -Wno-xor-used-as-pow -Wno-c99-designator -Wno-reorder-init-list -Wno-final-dtor-non-final-class -O2 -fno-ident -fdata-sections -ffunction-sections -fno-omit-frame-pointer -g0 -fvisibility=hidden -Wheader-hygiene -Wstring-conversion -Wtautological-overlap-compare -Wexit-time-destructors -I/nix/store/fn0ag3ahbrjjjbsqb2846x321zj4jika-glib-2.60.7-dev/include -I/nix/store/fn0ag3ahbrjjjbsqb2846x321zj4jika-glib-2.60.7-dev/include/glib-2.0 -I/nix/store/ilk1606qj4pqzsplnnzycsxpzl6pjss8-glib-2.60.7/lib/glib-2.0/include -Wno-shorten-64-to-32 -Wno-header-guard -I/nix/store/c3i4il1c0n9mjhzm1dsvcw8h8d973s0b-nspr-4.21-dev/include -I/nix/store/qk3racv0a2967wsk0g9ps9wlbfn17faj-nss-3.46-dev/include/nss -I/nix/store/v85mz845m1hv2xlhp0zvxv36pmsfbc3q-dbus-1.12.16-dev/include/dbus-1.0 -I/nix/store/j3sv2g9s6dnlh672rwx0mmlkcm37v1k8-dbus-1.12.16-lib/lib/dbus-1.0/include -std=c++14 -fno-exceptions -fno-rtti -nostdinc++ -isystem../../buildtools/third_party/libc++/trunk/include -isystem../../buildtools/third_party/libc++abi/trunk/include -fvisibility-inlines-hidden -c gen/chrome/browser/ui/ui_jumbo_3.cc -o obj/chrome/browser/ui/ui/ui_jumbo_3.o
warning: unknown warning option '-Wno-implicit-int-float-conversion'; did you mean '-Wno-implicit-float-conversion'? [-Wunknown-warning-option]
warning: unknown warning option '-Wno-xor-used-as-pow'; did you mean '-Wno-unused-macros'? [-Wunknown-warning-option]
warning: unknown warning option '-Wno-c99-designator'; did you mean '-Wno-gnu-designator'? [-Wunknown-warning-option]
warning: unknown warning option '-Wno-reorder-init-list'; did you mean '-Wno-empty-init-stmt'? [-Wunknown-warning-option]
warning: unknown warning option '-Wno-final-dtor-non-final-class'; did you mean '-Wno-abstract-final-class'? [-Wunknown-warning-option]
In file included from gen/chrome/browser/ui/ui_jumbo_3.cc:24:
./../../chrome/browser/ui/views/profiles/profile_menu_view.cc:68:25: error: redefinition of 'GetProfileAttributesEntry'
ProfileAttributesEntry* GetProfileAttributesEntry(Profile* profile) {
                        ^
./../../chrome/browser/ui/views/profiles/avatar_toolbar_button.cc:49:25: note: previous definition is here
ProfileAttributesEntry* GetProfileAttributesEntry(Profile* profile) {
                        ^
5 warnings and 1 error generated.
2019-09-19 00:05:24 +00:00
Ivan Kozik 2e2a9ae22a chromium: 77.0.3865.75 -> 77.0.3865.90
CVE-2019-13685 CVE-2019-13688 CVE-2019-13687 CVE-2019-13686
2019-09-18 22:19:08 +00:00
Ivan Kozik 19d730df85 chromium: add patch to fix performance regression with fonts
This reverts a commit to fix a serious performance regression
introduced in Chromium 77:

https://bugs.chromium.org/p/chromium/issues/detail?id=1003997
2019-09-17 23:42:11 +00:00
Herwig Hochleitner dd57bf928b
Merge pull request #60833 from jflanglois/chromium-widevine
chromium: fix widevine
2019-09-14 14:30:29 +02:00
Ivan Kozik d66430be79 chromium: 76.0.3809.132 -> 77.0.3865.75
CVE-2019-5870 CVE-2019-5871 CVE-2019-5872 CVE-2019-5873
CVE-2019-5874 CVE-2019-5875 CVE-2019-5876 CVE-2019-5877
CVE-2019-5878 CVE-2019-5879 CVE-2019-5880 CVE-2019-5881
CVE-2019-13659 CVE-2019-13660 CVE-2019-13661 CVE-2019-13662
CVE-2019-13663 CVE-2019-13664 CVE-2019-13665 CVE-2019-13666
CVE-2019-13667 CVE-2019-13668 CVE-2019-13669 CVE-2019-13670
CVE-2019-13671 CVE-2019-13673 CVE-2019-13674 CVE-2019-13675
CVE-2019-13676 CVE-2019-13677 CVE-2019-13678 CVE-2019-13679
CVE-2019-13680 CVE-2019-13681 CVE-2019-13682 CVE-2019-13683
2019-09-14 14:29:35 +02:00
taku0 dac340737a flashplayer: 32.0.0.238 -> 32.0.0.255 2019-09-10 21:13:06 +09:00
Julien Langlois 7d9578819b
Comment about handling widevine in default.nix. 2019-09-06 15:19:49 -04:00
Julien Langlois ea7c012e4b
Explicitly check for channels in widevine plugin unpack command. 2019-09-05 17:43:58 -04:00
Julien Langlois c28eb26100
Set package to unfree when widevine is enabled. 2019-09-05 17:27:04 -04:00
Julien Langlois aeeb67bfcb
Rework to avoid a full rebuild for widevine. 2019-09-05 17:20:09 -04:00
Julien Langlois 545d58a1ef
chromium: fix widevine
This change allows widevine to work in chromium (it was previously
broken due to a segfault). Newer versions of chromium do not use the
libwidevinecdmadapter.so. Instead, libwidevinecdm.so should be installed
in the chromium libExec directory.
2019-09-05 17:20:06 -04:00
Vladimír Čunát f21211ebfe
Merge branch 'master' into staging 2019-09-02 23:25:24 +02:00
Ivan Kozik 0e703ce075 chromium: 76.0.3809.100 -> 76.0.3809.132 (#67610)
CVE-2019-5869
2019-08-31 22:22:58 -04:00
volth 08f68313a4 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
Frederik Rietdijk 5061fe0c2c Merge staging-next into staging 2019-08-28 08:26:42 +02:00
Frederik Rietdijk 98640fd482 Merge master into staging-next 2019-08-27 16:36:47 +02:00
Asad Saeeduddin 17775d538b flashplayer: 32.0.0.223 -> 32.0.0.238 2019-08-25 06:05:10 -04:00
Ben Wolsieffer 8b0a684d21 chromium: remove obsolete patches
One of these patches was causing a warning message, which broke ofborg
evaluation.
2019-08-19 18:54:48 -04:00
Frederik Rietdijk fe9a3e3e63 Merge staging-next into staging 2019-08-17 09:39:23 +02:00
volth 46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Matthew Bauer 8281a67be0
Merge pull request #64809 from ambrop72/chromium-egl-fix
chromium: Fix running with --use-gl=egl.
2019-08-14 15:42:31 -04:00
Ivan Kozik 42521cb95b chromium: 76.0.3809.87 -> 76.0.3809.100
CVE-2019-5868 CVE-2019-5867
2019-08-09 16:07:37 +00:00
Ivan Kozik a897743a13 chromiumDev: fix build
Fixes:

ERROR Unresolved dependencies.
//third_party/perfetto/gn:zlib(//build/toolchain/linux:clang_x64)
  needs //third_party/zlib:zlib_config(//build/toolchain/linux:clang_x64)

builder for '/nix/store/iqr4vn2by1yxa7f92jiymvgfsn9mdvwq-chromium-unwrapped-77.0.3860.5.drv' failed with exit code 1
2019-07-31 11:31:07 +00:00
Ivan Kozik d18f4acdf1 chromium: 75.0.3770.90 -> 76.0.3809.87
Fixed in 75.0.3770.142:

CVE-2019-5847 CVE-2019-5848

Fixed in 76.0.3809.87:

CVE-2019-5850 CVE-2019-5860 CVE-2019-5853 CVE-2019-5851
CVE-2019-5859 CVE-2019-5856 CVE-2019-5863 CVE-2019-5855
CVE-2019-5865 CVE-2019-5858 CVE-2019-5864 CVE-2019-5862
CVE-2019-5861 CVE-2019-5857 CVE-2019-5854 CVE-2019-5852
2019-07-31 11:30:46 +00:00
Ambroz Bizjak 6a0a073187 chromium: Fix running with --use-gl=egl.
When Chromium is using EGL, it dlopen's libGLESv2. Before this fix, this failed
with a not-found error. Fix it by adding libGL to the RUNPATH of the binary.

This problem does not have a visible impact on typical desktop system because
Chromium uses GLX by default. It only matters when Chromium is started with
--use-gl=egl (which makes it use OpenGL ES via EGL instead of desktop OpenGL
via GLX), and probably on certain embedded systems which only support OpenGL
ES.

With this fix, Chromium runs fine for me with --use-gl=egl and the NVidia
driver, and the about:gpu page indicates that it is indeed using OpenGL ES and
EGL.
2019-07-15 17:03:56 +02:00
taku0 126c5d0be8 flashplayer: 32.0.0.207 -> 32.0.0.223 2019-07-11 09:51:49 +02:00
Andreas Rammhold 5a74f84536
Merge pull request #63136 from ivan/chromium-75.0.3770.90
chromium: 75.0.3770.80 -> 75.0.3770.90
2019-06-19 00:42:05 +02:00
volth f3282c8d1e treewide: remove unused variables (#63177)
* treewide: remove unused variables

* making ofborg happy
2019-06-16 19:59:05 +00:00
Ivan Kozik 67ced10c23 chromium: 75.0.3770.80 -> 75.0.3770.90
CVE-2019-5842
2019-06-14 21:17:45 +00:00
taku0 1296f699e5 flashplayer: 32.0.0.192 -> 32.0.0.207 2019-06-11 15:13:34 +09:00
Ivan Kozik 8c78ae27f6 chromium: 74.0.3729.157 -> 75.0.3770.80
CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831
CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835
CVE-2019-5836 CVE-2019-5837 CVE-2019-5838 CVE-2019-5839
CVE-2019-5840

Update a patch for Python 3, fixes #62347.

Update a GN arg to fix this warning:

warning: The GN arg 'remove_webcore_debug_symbols' is deprecated and
warning: will be removed April 15, 2019. Please change your args.gn
warning: to use 'blink_symbol_level = 0'. https://crbug.com/943869
2019-06-05 09:27:52 +00:00
Ivan Kozik 4481a0150b chromium: use LLVM 8.0.0 to more closely match upstream 2019-06-05 09:27:52 +00:00
Silvan Mosberger 99b68ffbb0
chromium: Fix build
Since https://github.com/NixOS/nixpkgs/pull/60499, the unwrapped
chromium already contains the applications directory.
2019-05-28 02:33:00 +02:00
Silvan Mosberger 526a0b2277
Merge pull request #60499 from JohnAZoidberg/chromium-upstream-desktop-entry
chromium: Use upstream desktop entry
2019-05-27 18:28:20 +02:00
Daniel Schaefer 0f537a49e1 chromium: Use upstream desktop entry
Upstream provides a much more featureful desktop entry file. If we use
that we take advantage of all of those features and don't have to maintain it
ourselves.
2019-05-25 22:39:47 +02:00
Andreas Rammhold 333a2be17b
chromium: 74.0.3729.131 -> 74.0.3729.157 (#61533)
chromium: 74.0.3729.131 -> 74.0.3729.157
2019-05-16 19:27:12 +02:00
Ivan Kozik 2db1a06136 chromium: 74.0.3729.131 -> 74.0.3729.157
Fixes a security bug with no CVE at this time:
https://chromereleases.googleblog.com/2019/05/stable-channel-update-for-desktop.html
2019-05-15 05:41:40 +00:00
taku0 8be03860e4 flashplayer: 32.0.0.171 -> 32.0.0.192 2019-05-14 21:13:49 +09:00
Andreas Rammhold 0b7c602d55
chromium: 74.0.3729.108 -> 74.0.3729.131 (#60950)
chromium: 74.0.3729.108 -> 74.0.3729.131
2019-05-05 18:04:36 +02:00
Ivan Kozik 75d1439f8f chromium: add myself as maintainer (#60961) 2019-05-05 05:09:20 -04:00