1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-24 14:41:17 +00:00
Commit graph

1507 commits

Author SHA1 Message Date
Gabriel Ebner 9988488fc6 qutebrowser: use makeQtWrapper
Fixes #15597.
2016-06-19 14:42:13 +02:00
Gabriel Ebner 5862c38d9d qutebrowser: 0.6.2 -> 0.7.0 2016-06-19 14:08:09 +02:00
taku0 c802f56639 flashplayer: 11.2.202.621 -> 11.2.202.626 2016-06-16 21:24:38 +09:00
Arseniy Seroka d4876168e2 Merge pull request #16140 from hiberno/update-vivaldi
vivaldi: 1.1 -> 1.2
2016-06-11 22:32:38 +03:00
Arseniy Seroka 263edf8897 Merge pull request #16147 from womfoo/bluejeans
bluejeans: 2.155.17.5 -> 2.160.49-8
2016-06-11 22:31:46 +03:00
Christian Lask da0b516a5f vivaldi: 1.1 -> 1.2 2016-06-11 09:55:32 +02:00
Kranium Gikos Mendoza 1497998a40 bluejeans: 2.155.17.5 -> 2.160.49-8 2016-06-11 06:29:52 +08:00
Christian Lask 527077f02c qutebrowser: 0.6.1 -> 0.6.2 2016-06-10 10:11:59 +02:00
Rok Garbas 4c96860b53 firefox-bin: 47.0b9 -> 48.0b1, 48.0a2 -> 49.0a2 2016-06-10 04:24:27 +02:00
Joachim Fasting ccf7048307 Merge pull request #16057 from taku0/firefox-bin-47.0
firefox-bin: 46.0.1 -> 47.0
2016-06-08 17:20:24 +02:00
Michael Raskin d88aa14c6e Firefox: 46.0.1 -> 47.0 2016-06-08 17:09:12 +02:00
taku0 697437c8e7 firefox-bin: 46.0.1 -> 47.0 2016-06-07 03:23:43 +09:00
Tuomas Tynkkynen bac26e08db Fix lots of fetchgit hashes (fallout from #15469) 2016-06-03 17:17:08 +03:00
Rok Garbas ea3f1ff7f0 firefox-bin: 47.0b8 -> 47.0b9 2016-05-30 11:27:45 +02:00
aszlig 79d18eb604
chromium: Update dev channel to v52.0.2743.10
With this update we need to rebase the nix_plugin_paths patch, which was
done by @srp and I took it from his comment at:

https://github.com/NixOS/nixpkgs/pull/15762#issuecomment-222230677

Other than that, using libjpeg from nixpkgs fails to link:

https://headcounter.org/hydra/build/1114273

Rather than just using versionAtLeast to check for >= version 52, we're
matching on the explicit version number. That way we can make sure that
we (try to) build with system libjpeg again so we can keep it out of the
overall Chromium build time.

Built and tested using the VM tests on my Hydra at:

https://headcounter.org/hydra/eval/322006

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-28 19:15:39 +02:00
aszlig c7a3645e7b
chromium: Remove stuff for versions <= v51
We're already on version 52, so there really is no need to keep all
those conditionals and old patches anymore.

Tested dropping the unconditional build_fixes_46.patch via the Chromium
VM tests.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-28 19:04:22 +02:00
aszlig 0f4095ec50
chromium: Fix hash for beta Debian package
I'm not sure how the wrong hash ended up being there, but I've checked
the hash from three different machines (and networks) just to be sure I
didn't make a mistake.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-28 18:57:15 +02:00
Scott R. Parish e2d067d760
chromium: Update to latest stable and beta channel
Overview of updated versions:

stable: 50.0.2661.102 -> 51.0.2704.63
beta: 51.0.2704.47 -> 51.0.2704.63

I tried to update dev, but couldn't get it to compile, it was failing
with a "'isnan' was not declared in this scope.

As far as I can tell, at the moment the beta and stable channels are
on the same version.

The stable update addresses the following security issues:

  * High   CVE-2016-1672: Cross-origin bypass in extension bindings. Credit
                          to Mariusz Mlynski.
  * High   CVE-2016-1673: Cross-origin bypass in Blink. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1674: Cross-origin bypass in extensions. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1675: Cross-origin bypass in Blink. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1676: Cross-origin bypass in extension bindings. Credit
                          to Rob Wu.
  * Medium CVE-2016-1677: Type confusion in V8. Credit to Guang Gong of
                        Qihoo 360.
  * High   CVE-2016-1678: Heap overflow in V8. Credit to Christian Holler.
  * High   CVE-2016-1679: Heap use-after-free in V8 bindings. Credit to Rob Wu.
  * High   CVE-2016-1680: Heap use-after-free in Skia. Credit to Atte Kettunen
                          of OUSPG.
  * High   CVE-2016-1681: Heap overflow in PDFium. Credit to Aleksandar Nikolic
                          of Cisco Talos.
  * Medium CVE-2016-1682: CSP bypass for ServiceWorker. Credit to
                          KingstonTime.
  * Medium CVE-2016-1683: Out-of-bounds access in libxslt. Credit to Nicolas
                          Gregoire.
  * Medium CVE-2016-1684: Integer overflow in libxslt. Credit to Nicolas
                          Gregoire.
  * Medium CVE-2016-1685: Out-of-bounds read in PDFium. Credit to Ke Liu
                          of Tencent's Xuanwu LAB.
  * Medium CVE-2016-1686: Out-of-bounds read in PDFium. Credit to Ke Liu
                          of Tencent's Xuanwu LAB.
  * Medium CVE-2016-1687: Information leak in extensions. Credit to Rob Wu.
  * Medium CVE-2016-1688: Out-of-bounds read in V8. Credit to Max Korenko.
  * Medium CVE-2016-1689: Heap buffer overflow in media. Credit to Atte
                          Kettunen of OUSPG.
  * Medium CVE-2016-1690: Heap use-after-free in Autofill. Credit to Rob Wu.
  * Low    CVE-2016-1691: Heap buffer-overflow in Skia. Credit to Atte Kettunen
                          of OUSPG.
  * Low    CVE-2016-1692: Limited cross-origin bypass in ServiceWorker. Credit
                          to Til Jasper Ullrich.
  * Low    CVE-2016-1693: HTTP Download of Software Removal Tool. Credit to
                          Khalil Zhani.
  * Low    CVE-2016-1694: HPKP pins removed on cache clearance. Credit to Ryan
                          Lester and Bryant Zadegan.

See: http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
2016-05-28 18:12:39 +02:00
Vladimír Čunát 81039713fa Merge branch 'master' into staging
... to get the systemd update (rebuilding ~7k jobs).
2016-05-26 16:50:22 +02:00
Rok Garbas 1908c90412 firefox-bin: 47.0b7 -> 47.0b8 2016-05-25 11:42:40 +02:00
Rok Garbas 03f36a4141 firefox-bin: 47.0b5 -> 47.0b7 2016-05-24 12:36:23 +02:00
Vladimír Čunát c4661e9643 Merge: make dev output references explicit
This is a rebase of most commits from #14766,
resolving conflicts and a few other evaluation problems.
2016-05-22 12:09:23 +02:00
Tuomas Tynkkynen 2a73de6e6c treewide: Make explicit that 'dev' output of openssl is used 2016-05-19 10:02:23 +02:00
Tuomas Tynkkynen 825bd69b38 treewide: Make explicit that 'dev' output of boehmgc is used 2016-05-19 10:00:27 +02:00
Nikolay Amiantov 5445e521b6 firefox: restore gstreamer support for older firefox releases 2016-05-19 00:28:49 +03:00
Franz Pletz 2007e9b140
firefox: reenable libvpx as 1.5 is now available 2016-05-17 01:05:46 +02:00
Tobias Geerinckx-Rice e8db151fa3
firefox-bin: fix evaluation 2016-05-15 23:22:50 +02:00
aszlig ad2c8d3510
chromium: Update to latest beta and dev channels
Overview of the updated versions:

beta: 50.0.2661.49 -> 51.0.2704.47
dev:  51.0.2693.2  -> 52.0.2729.3

It has been a while since we had a major Chromium update that compiled
and worked without troubles, but version 52 builds and the VM tests are
successful as well:

https://headcounter.org/hydra/eval/320335

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-15 05:17:51 +02:00
Rok Garbas d4fe0f522e firefox-bin: adding developer and beta channel 2016-05-15 03:00:44 +02:00
Nikolay Amiantov e81c6c7768 firefox: upstream moved to ffmpeg from gstreamer
Sadly, they don't support using system library yet (or I was unattentive).
2016-05-15 01:06:39 +03:00
Scott R. Parish 5ebf20db0f
chromium: Update stable to 50.0.2661.102 for multiple security fixes
This addresses the following security fixes:

 * High   CVE-2016-1667: Same origin bypass in DOM. Credit to
                         Mariusz Mlynski.
 * High   CVE-2016-1668: Same origin bypass in Blink V8 bindings. Credit
                         to Mariusz Mlynski.
 * High   CVE-2016-1669: Buffer overflow in V8. Credit to Choongwoo Han.
 * Medium CVE-2016-1670: Race condition in loader. Credit to anonymous.
 * Medium CVE-2016-1671: Directory traversal using the file scheme on
                         Android. Credit to Jann Horn.

See: http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html

Signed-off-by: Scott R. Parish <srparish@gmail.com>
Tested-by: aszlig <aszlig@redmoonstudios.org>
Closes: #15446
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-14 22:04:56 +02:00
Vladimír Čunát 3e387c3e00 Merge branch 'staging'
Darwin isn't in a perfect state, in particular its bootstrap tools won't
build which will block nixpkgs channel. But on the whole it seems
acceptable.
2016-05-13 10:14:53 +02:00
taku0 cade2f36e5 flashplayer: 11.2.202.616 -> 11.2.202.621 2016-05-12 21:58:26 +09:00
Vladimír Čunát 6c2fbfbd77 Merge branch 'master' into staging 2016-05-12 04:53:38 +02:00
Eelco Dolstra 86c45ba50d google-talk-plugin: 5.4.2.0 -> 5.41.0.0 2016-05-11 20:18:30 +02:00
Kranium Gikos Mendoza a36f721630 bluejeans: 2.125.24.5 -> 2.155.17.5 2016-05-11 21:47:12 +08:00
Eelco Dolstra cb37ab146b Add mirror://mozilla scheme 2016-05-09 19:37:22 +02:00
Eelco Dolstra de22402f85 firefox-esr: 45.0.2 -> 45.1.1 2016-05-09 15:28:13 +02:00
Eelco Dolstra 02d01dc7c5 firefox: 46.0 -> 46.0.1 2016-05-09 15:27:06 +02:00
Vladimír Čunát 65a9fa8cdc Merge branch 'master' into staging 2016-05-08 21:24:48 +02:00
taku0 07a83f226e firefox-bin: fixed missing icon 2016-05-08 17:06:08 +09:00
Wei Tang 4d15758984 firefox: Fix build due to commit #ab0a0c 2016-05-08 05:58:02 +02:00
Vladimír Čunát 1dc36904d8 Merge #14920: windows improvements, mainly mingw 2016-05-05 08:30:19 +02:00
aszlig 3f7735fe65
chromium+chrome: Don't import update.nix directly
Regression introduced by f28b71023c.

Let's now expose and use the upstream-info attribute via the main
Chromium derivation, so that other packages like the google-chrome
package doesn't need to rely on internals of the Chromium
implementation.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-04 23:12:33 +02:00
aszlig f28b71023c
chromium/updater: Don't import <nixpkgs> again
This effectively resets the attributes given at the point the main
<nixpkgs> is imported and thus for example is also reading in stuff like
~/.nixpkgs/config.nix again, which might lead to unexpected results.

We now only import <nixpkgs> now if the updater is auto-called (like in
update.sh), otherwise the required attributes are passed by callPackage
within the Chromium scope.

I remember noting about this a while ago either on IRC or on GitHub, but
I can't find it right now, so thanks to @obadz for reminding me about
this in #15225.

Tested this by running the updater and also using:

NIXPKGS_CONFIG=$(pwd)/broken.nix nix-instantiate --arg config {} -A chromium

The contents of broken.nix were:

EVALERR{

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes: #15225
2016-05-04 22:35:24 +02:00
Arseniy Seroka 9cb8abe846 Merge pull request #15208 from taku0/firefox-bin-46.0.1
firefox-bin: 45.0.2 -> 46.0.1
2016-05-04 21:38:47 +03:00
Eelco Dolstra 1f84e43239 Do some large, concurrency-capable builds on dedicated machines 2016-05-04 18:16:27 +02:00
Eelco Dolstra f2d24b9840 chromium: Disable Hydra builds of -dev and -beta
It's not the job of Nixpkgs to distribute beta versions of upstream
packages. More importantly, building these delays channel updates by
several hours, which is bad for our security fix turnaround time.
2016-05-04 18:16:27 +02:00
taku0 90f5be3133 firefox-bin: 45.0.2 -> 46.0.1 2016-05-04 14:50:17 +09:00
Tuomas Tynkkynen aadaa91379 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/applications/networking/browsers/vivaldi/default.nix
	pkgs/misc/emulators/wine/base.nix
2016-05-03 23:12:48 +03:00