Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28
Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30
High CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous on 2018-02-20
High CVE-2018-6088: Use after free in PDFium. Reported by Anonymous on 2018-03-15
High CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by Rob Wu on 2018-02-04
High CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song on 2018-03-12
High CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05
High CVE-2018-6092: Integer overflow in WebAssembly. Reported by Natalie Silvanovich of Google Project Zero on 2018-03-08
Medium CVE-2018-6093: Same origin bypass in Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-01
Medium CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris Rohlf on 2016-08-01
Medium CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. Reported by Abdulrahman Alqabandi (@qab) on 2016-08-11
Medium CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-19
Medium CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr of Tencent's Xuanwu Lab on 2018-01-26
Medium CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-03
Medium CVE-2018-6099: CORS bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-02-03
Medium CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-02-11
Medium CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . Reported by Rob Wu on 2018-02-19
Medium CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-20
Medium CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani on 2018-02-24
Medium CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-08
Medium CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-18
Medium CVE-2018-6106: Incorrect handling of promises in V8. Reported by lokihardt of Google Project Zero on 2018-01-25
Medium CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-02
Medium CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-27
Low CVE-2018-6109: Incorrect handling of files by FileAPI. Reported by Dominik Weber (@DoWeb_) on 2017-04-10
Low CVE-2018-6110: Incorrect handling of plaintext files via file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24
Low CVE-2018-6111: Heap-use-after-free in DevTools. Reported by Khalil Zhani on 2017-11-02
Low CVE-2018-6112: Incorrect URL handling in DevTools. Reported by Rob Wu on 2017-12-29
Low CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani on 2018-01-25
Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on 2018-02-13
Low CVE-2018-6115: SmartScreen bypass in downloads. Reported by James Feher on 2018-03-07
Low CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by Jin from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. on 2018-03-15
Low CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey on 2018-03-15
Low CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS. Reported by Ian Beer of Google Project Zero on 2018-03-15
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/atom/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/q560gnycgnl44jmldg5y2a9akg47q8kb-atom-1.26.0/bin/apm -h’ got 0 exit code
- ran ‘/nix/store/q560gnycgnl44jmldg5y2a9akg47q8kb-atom-1.26.0/bin/apm --help’ got 0 exit code
- ran ‘/nix/store/q560gnycgnl44jmldg5y2a9akg47q8kb-atom-1.26.0/bin/apm help’ got 0 exit code
- ran ‘/nix/store/q560gnycgnl44jmldg5y2a9akg47q8kb-atom-1.26.0/bin/atom help’ got 0 exit code
- ran ‘/nix/store/q560gnycgnl44jmldg5y2a9akg47q8kb-atom-1.26.0/bin/.atom-wrapped help’ got 0 exit code
- found 1.26.0 with grep in /nix/store/q560gnycgnl44jmldg5y2a9akg47q8kb-atom-1.26.0
- directory tree listing: https://gist.github.com/10c433ad7807e5aeaa581f442b89dd6c
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/jpegoptim/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/c0w9l7rcn6kx098z11nx3x5q53dvcvmd-jpegoptim-1.4.6/bin/jpegoptim -h’ got 0 exit code
- ran ‘/nix/store/c0w9l7rcn6kx098z11nx3x5q53dvcvmd-jpegoptim-1.4.6/bin/jpegoptim --help’ got 0 exit code
- ran ‘/nix/store/c0w9l7rcn6kx098z11nx3x5q53dvcvmd-jpegoptim-1.4.6/bin/jpegoptim help’ got 0 exit code
- found 1.4.6 with grep in /nix/store/c0w9l7rcn6kx098z11nx3x5q53dvcvmd-jpegoptim-1.4.6
- directory tree listing: https://gist.github.com/ccc6411a2aca02d1769831b9c561f6b4
* Never modify tabstop. This causes incompatibilities with other
utilities that expect tabs to always be 8 spaces.
* Add standard boilerplate for system-level filetype plugins.
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/cli-visualizer/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/mjifmz701jz9zxicim6wqgjgvjrhm47f-cli-visualizer-1.7/bin/vis -h’ got 0 exit code
- ran ‘/nix/store/mjifmz701jz9zxicim6wqgjgvjrhm47f-cli-visualizer-1.7/bin/vis --help’ got 0 exit code
- ran ‘/nix/store/mjifmz701jz9zxicim6wqgjgvjrhm47f-cli-visualizer-1.7/bin/.vis-wrapped -h’ got 0 exit code
- ran ‘/nix/store/mjifmz701jz9zxicim6wqgjgvjrhm47f-cli-visualizer-1.7/bin/.vis-wrapped --help’ got 0 exit code
- found 1.7 with grep in /nix/store/mjifmz701jz9zxicim6wqgjgvjrhm47f-cli-visualizer-1.7
- directory tree listing: https://gist.github.com/544d33e8edd7362d66363d64c8cabf80
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/electrum/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/lwp0yd15d73bsnq54za1v9df8r8ryl9s-electrum-3.1.3/bin/.electrum-wrapped -h’ got 0 exit code
- ran ‘/nix/store/lwp0yd15d73bsnq54za1v9df8r8ryl9s-electrum-3.1.3/bin/.electrum-wrapped --help’ got 0 exit code
- ran ‘/nix/store/lwp0yd15d73bsnq54za1v9df8r8ryl9s-electrum-3.1.3/bin/.electrum-wrapped help’ got 0 exit code
- ran ‘/nix/store/lwp0yd15d73bsnq54za1v9df8r8ryl9s-electrum-3.1.3/bin/electrum -h’ got 0 exit code
- ran ‘/nix/store/lwp0yd15d73bsnq54za1v9df8r8ryl9s-electrum-3.1.3/bin/electrum --help’ got 0 exit code
- ran ‘/nix/store/lwp0yd15d73bsnq54za1v9df8r8ryl9s-electrum-3.1.3/bin/electrum help’ got 0 exit code
- found 3.1.3 with grep in /nix/store/lwp0yd15d73bsnq54za1v9df8r8ryl9s-electrum-3.1.3
- directory tree listing: https://gist.github.com/db75e500a00674c62bfac3e757b1721c
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/flacon/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/0m9jr6wv7w3imscxq1lha4q9nrajj7xx-flacon-4.1.0/bin/flacon -h’ got 0 exit code
- ran ‘/nix/store/0m9jr6wv7w3imscxq1lha4q9nrajj7xx-flacon-4.1.0/bin/flacon --help’ got 0 exit code
- ran ‘/nix/store/0m9jr6wv7w3imscxq1lha4q9nrajj7xx-flacon-4.1.0/bin/.flacon-wrapped -h’ got 0 exit code
- ran ‘/nix/store/0m9jr6wv7w3imscxq1lha4q9nrajj7xx-flacon-4.1.0/bin/.flacon-wrapped --help’ got 0 exit code
- found 4.1.0 with grep in /nix/store/0m9jr6wv7w3imscxq1lha4q9nrajj7xx-flacon-4.1.0
- directory tree listing: https://gist.github.com/5db6cc1fd7c7f049d13a305eb9ab5199
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/qmapshack/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/wddp26cbiivr7sfvh7r36bqj8wlvr5gx-qmapshack-1.11.1/bin/qmt_rgb2pct -h’ got 0 exit code
- ran ‘/nix/store/wddp26cbiivr7sfvh7r36bqj8wlvr5gx-qmapshack-1.11.1/bin/qmt_rgb2pct --help’ got 0 exit code
- ran ‘/nix/store/wddp26cbiivr7sfvh7r36bqj8wlvr5gx-qmapshack-1.11.1/bin/qmt_map2jnx -h’ got 0 exit code
- ran ‘/nix/store/wddp26cbiivr7sfvh7r36bqj8wlvr5gx-qmapshack-1.11.1/bin/qmt_map2jnx --help’ got 0 exit code
- ran ‘/nix/store/wddp26cbiivr7sfvh7r36bqj8wlvr5gx-qmapshack-1.11.1/bin/qmt_map2jnx help’ got 0 exit code
- found 1.11.1 with grep in /nix/store/wddp26cbiivr7sfvh7r36bqj8wlvr5gx-qmapshack-1.11.1
- directory tree listing: https://gist.github.com/1823f811dd1c8c3b648af3fc29d40605
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/mediainfo/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/jw7xbadzlavx5k13ij9686f8cyylbhyz-mediainfo-18.03.1/bin/mediainfo -h’ got 0 exit code
- ran ‘/nix/store/jw7xbadzlavx5k13ij9686f8cyylbhyz-mediainfo-18.03.1/bin/mediainfo --help’ got 0 exit code
- ran ‘/nix/store/jw7xbadzlavx5k13ij9686f8cyylbhyz-mediainfo-18.03.1/bin/mediainfo --version’ and found version 18.03.1
- found 18.03.1 with grep in /nix/store/jw7xbadzlavx5k13ij9686f8cyylbhyz-mediainfo-18.03.1
- directory tree listing: https://gist.github.com/1f4582abcedfafe5a1c8e26b5a4af4f9
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/peek/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/6qsj0hw5vl2i0398i0y2n9jjg0l28mz5-peek-1.3.1/bin/peek -h’ got 0 exit code
- ran ‘/nix/store/6qsj0hw5vl2i0398i0y2n9jjg0l28mz5-peek-1.3.1/bin/peek --help’ got 0 exit code
- ran ‘/nix/store/6qsj0hw5vl2i0398i0y2n9jjg0l28mz5-peek-1.3.1/bin/.peek-wrapped -h’ got 0 exit code
- ran ‘/nix/store/6qsj0hw5vl2i0398i0y2n9jjg0l28mz5-peek-1.3.1/bin/.peek-wrapped --help’ got 0 exit code
- found 1.3.1 with grep in /nix/store/6qsj0hw5vl2i0398i0y2n9jjg0l28mz5-peek-1.3.1
- directory tree listing: https://gist.github.com/d9ae1da7a87a6e5703b8ef273d0bab8a
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/singularity/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/0rcn1kn4j7rmr0qn314g28vpa4xf230d-singularity-2.4.6/bin/singularity -h’ got 0 exit code
- ran ‘/nix/store/0rcn1kn4j7rmr0qn314g28vpa4xf230d-singularity-2.4.6/bin/singularity --help’ got 0 exit code
- ran ‘/nix/store/0rcn1kn4j7rmr0qn314g28vpa4xf230d-singularity-2.4.6/bin/singularity help’ got 0 exit code
- found 2.4.6 with grep in /nix/store/0rcn1kn4j7rmr0qn314g28vpa4xf230d-singularity-2.4.6
- directory tree listing: https://gist.github.com/e2f21872e885760acf461b07dd5b4f86
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/safeeyes/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/gzc1ivdll8xp7mx7ii0l9xkhfjzw872a-safeeyes-2.0.5/bin/safeeyes -h’ got 0 exit code
- ran ‘/nix/store/gzc1ivdll8xp7mx7ii0l9xkhfjzw872a-safeeyes-2.0.5/bin/safeeyes --help’ got 0 exit code
- found 2.0.5 with grep in /nix/store/gzc1ivdll8xp7mx7ii0l9xkhfjzw872a-safeeyes-2.0.5
- directory tree listing: https://gist.github.com/748ac5c50858dc7c1d5736104b8970b3
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/xmr-stak/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/xdp6rb1bvdmpkd77vbqq8dq175dfvrvl-xmr-stak-2.4.3/bin/xmr-stak -h’ got 0 exit code
- ran ‘/nix/store/xdp6rb1bvdmpkd77vbqq8dq175dfvrvl-xmr-stak-2.4.3/bin/xmr-stak --help’ got 0 exit code
- found 2.4.3 with grep in /nix/store/xdp6rb1bvdmpkd77vbqq8dq175dfvrvl-xmr-stak-2.4.3
- directory tree listing: https://gist.github.com/ba044f08ae439ad36ac7e143f14e0fb0
However, none of the exporters I tried actually _worked_, but now
shutter at least returns an error to the user (pop-up UI element)
instead of silently hanging and only leaving messages on stdout/stderr
about the missing deps.
AFAICS, this changes the failure of Screenshot->Export functionality
from a packaging bug to an application bug (upstream).