alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity
nixpkgs/pkgs/applications/networking/browsers
History
aszlig 8b97ca270e
chromium: Update all channels to latest versions 
Overview of the updated versions:

stable: 48.0.2564.116 -> 49.0.2623.75
beta:   49.0.2623.63  -> 49.0.2623.75
dev:    50.0.2657.0   -> 50.0.2661.11

Stable and beta are now in par because of the release of a major stable
update.

The release addresses 26 security vulnerabilities, the following with an
assigned CVE:

 * CVE-2016-1630: Same-origin bypass in Blink. Credit to Mariusz
                  Mlynski.
 * CVE-2016-1631: Same-origin bypass in Pepper Plugin. Credit to Mariusz
                  Mlynski.
 * CVE-2016-1632: Bad cast in Extensions. Credit to anonymous.
 * CVE-2016-1633: Use-after-free in Blink. Credit to cloudfuzzer.
 * CVE-2016-1634: Use-after-free in Blink. Credit to cloudfuzzer.
 * CVE-2016-1635: Use-after-free in Blink. Credit to Rob Wu.
 * CVE-2016-1636: SRI Validation Bypass. Credit to Ryan Lester and
                  Bryant Zadegan.
 * CVE-2015-8126: Out-of-bounds access in libpng. Credit to
                  joerg.bornemann.
 * CVE-2016-1637: Information Leak in Skia. Credit to Keve Nagy.
 * CVE-2016-1638: WebAPI Bypass. Credit to Rob Wu.
 * CVE-2016-1639: Use-after-free in WebRTC. Credit to Khalil Zhani.
 * CVE-2016-1640: Origin confusion in Extensions UI. Credit to Luan
                  Herrera.
 * CVE-2016-1641: Use-after-free in Favicon. Credit to Atte Kettunen of
                  OUSPG.

The full announcement which also includes the link to the bug tracker
can be found here:

http://googlechromereleases.blogspot.de/2016/03/stable-channel-update.html

Also, the 32bit Chrome package needed for the Flash and Widevine plugins
doesn't exist anymore, because Google has dropped support for 32bit
distros, see here for the announcement:

https://groups.google.com/a/chromium.org/forum/#!topic/chromium-dev/FoE6sL-p6oU

On our end, we need to fix the patch for the plugin paths to work for
the latest dev channel. The change is very minor, because the
nix_plugin_paths_46.patch only doesn't apply because of an iOS-related
ifdef.

Built and tested on my Hydra at:

https://headcounter.org/hydra/eval/311511

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes: #13665
2016-03-05 22:53:13 +01:00
..
arora
chromium chromium: Update all channels to latest versions 2016-03-05 22:53:13 +01:00
conkeror Replace 'with plaforms; platform' with 'platforms.platform' 2015-11-17 21:30:43 +01:00
dillo Dillo: 3.0.4.1 -> 3.0.5 2015-07-23 23:05:19 -03:00
dwb dwb: mark it as broken, closes #7952 2015-08-04 13:04:14 +02:00
elinks x11: replace its usage by xlibsWrapper directly 2015-09-15 12:08:24 +02:00
firefox firefox-esr: 38.5.2esr -> 38.6.1esr 2016-02-12 08:02:31 +01:00
firefox-bin firefox-bin: 44.0.1 -> 44.0.2 2016-02-12 10:15:23 +09:00
google-chrome google-chrome: add -beta and -unstable variants 2015-12-28 00:40:45 -08:00
jumanji jumanji: fixed source 2015-12-15 02:46:04 +09:00
kwebkitpart kde414: build with kdelibs-4.14.12 2015-09-27 15:08:12 -05:00
links2 links: Remove package & deprecate for links2 2016-01-31 11:46:35 +01:00
luakit Fix luakit description 2015-02-06 14:50:39 +01:00
lynx
midori midori: add a missing dependency to buildInputs 2015-12-01 00:26:49 +02:00
mozilla-plugins Merge pull request #12577 from zohl/flashplayer 2016-01-26 00:49:02 +03:00
opera opera: fix build 2015-10-10 14:24:05 +03:00
qutebrowser buildPythonApplication: use new function for Python applications 2016-02-19 13:16:41 +01:00
rekonq rekonq: fix homepage url 2016-02-16 14:11:36 +00:00
surf surf: move to correct category 2016-01-03 15:49:55 +01:00
uzbl uzbl: version 20120514 -> v0.9.0 2016-03-01 23:15:26 -05:00
vimb vimb: 2.9 -> 2.11 2016-01-08 10:57:32 +11:00
vimprobable2 Don't statically depend on cacert for certificates 2015-07-31 01:34:58 +02:00
w3m w3m: update to actively maintained debian repo 2016-01-14 13:06:48 +01:00