nixpkgs

mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-27 16:11:58 +00:00

History

Herwig Hochleitner 2b29e40153 chromium: 65.0.3325.181 -> 66.0.3359.117 Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28 Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30 High CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous on 2018-02-20 High CVE-2018-6088: Use after free in PDFium. Reported by Anonymous on 2018-03-15 High CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by Rob Wu on 2018-02-04 High CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song on 2018-03-12 High CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05 High CVE-2018-6092: Integer overflow in WebAssembly. Reported by Natalie Silvanovich of Google Project Zero on 2018-03-08 Medium CVE-2018-6093: Same origin bypass in Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-01 Medium CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris Rohlf on 2016-08-01 Medium CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. Reported by Abdulrahman Alqabandi (@qab) on 2016-08-11 Medium CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-19 Medium CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr of Tencent's Xuanwu Lab on 2018-01-26 Medium CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-03 Medium CVE-2018-6099: CORS bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-02-03 Medium CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-02-11 Medium CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . Reported by Rob Wu on 2018-02-19 Medium CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-20 Medium CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani on 2018-02-24 Medium CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-08 Medium CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-18 Medium CVE-2018-6106: Incorrect handling of promises in V8. Reported by lokihardt of Google Project Zero on 2018-01-25 Medium CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-02 Medium CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-27 Low CVE-2018-6109: Incorrect handling of files by FileAPI. Reported by Dominik Weber (@DoWeb_) on 2017-04-10 Low CVE-2018-6110: Incorrect handling of plaintext files via file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24 Low CVE-2018-6111: Heap-use-after-free in DevTools. Reported by Khalil Zhani on 2017-11-02 Low CVE-2018-6112: Incorrect URL handling in DevTools. Reported by Rob Wu on 2017-12-29 Low CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani on 2018-01-25 Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on 2018-02-13 Low CVE-2018-6115: SmartScreen bypass in downloads. Reported by James Feher on 2018-03-07 Low CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by Jin from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. on 2018-03-15 Low CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey on 2018-03-15 Low CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS. Reported by Ian Beer of Google Project Zero on 2018-03-15		2018-04-21 14:57:45 +02:00
..
apache-directory-studio
bittorrentsync
browsers	chromium: 65.0.3325.181 -> 66.0.3359.117	2018-04-21 14:57:45 +02:00
c14	c14: 2017-05-15 -> 0.3 (#38905 )	2018-04-14 08:29:30 +01:00
cluster	Merge pull request #37512 from MHOOO/patch-1	2018-04-17 10:41:12 -05:00
compactor	compactor: init at 0.11.0	2018-03-28 18:59:06 -03:00
corebird	corebird: gtkSupport moved to gst-plugins-good	2018-04-04 17:50:33 +02:00
davmail
drive
droopy
dropbox	treewide: move "extensions" drvs to dir	2018-04-17 13:50:49 -05:00
dyndns/cfdyndns
enhanced-ctorrent
errbot
esniper
feedreaders	newsboat: 2.10.2 -> 2.11.1	2018-03-30 12:07:32 -07:00
firehol	Merge pull request #35121 from xeji/firehol-35114	2018-04-09 14:22:32 -05:00
flexget
ftp/filezilla
gdrive
gmailieer	gmailieer: 0.5 -> 0.6	2018-03-19 12:31:11 -07:00
gns3	gns3Packages.{server,gui}{Stable,Preview}: 2.1.4 -> 2.1.5	2018-04-19 22:34:32 +02:00
google-drive-ocamlfuse	google-drive-ocamlfuse: 0.6.21 -> 0.6.25.	2018-03-19 11:47:18 -07:00
gopher
ids
ike
instant-messengers	signal-desktop-beta: Mark as broken (really outdated)	2018-04-17 18:26:53 +02:00
insync
ipfs	ipfs 0.4.13 -> 0.4.14	2018-04-12 15:55:46 +08:00
ipfs-migrator
ipget
iptraf
iptraf-ng
irc	Switch suckless.org URLs to https	2018-04-11 15:11:55 +02:00
jmeter
linssid
mailreaders	inboxer: 1.0.4 -> 1.1.2 (#39233 )	2018-04-20 16:03:24 +02:00
mpop
msmtp
mumble
ndppd
netperf
newsreaders	quiterss: 0.18.9 -> 0.18.10	2018-04-17 18:16:23 +02:00
nextcloud-client
nload
nntp-proxy
offrss	offrss: mark linux only	2018-04-05 20:05:56 +02:00
ostinato	treewide: use more HTTPS URLs	2018-03-24 22:04:25 -07:00
owncloud-client
p2p	Merge pull request #38976 from volth/patch-124	2018-04-19 11:59:15 -05:00
pjsip
protocol
pyload
remote	freerdp: 2.0.0-rc1 -> 2.0.0-rc2	2018-04-19 10:31:19 +08:00
resilio-sync	resilio-sync: 2.5.2 -> 2.5.12	2018-03-23 14:53:38 -05:00
seafile-client	seafile-client: add dotlambda as maintainer	2018-04-01 18:43:54 +02:00
sipcmd
siproxd
sniffers	wireshark-gtk: 2.4.5 -> 2.4.6	2018-04-05 19:17:27 -07:00
sniproxy
spideroak	spideraok: 7.0.1 -> 7.1.0	2018-03-26 09:57:54 -05:00
sync	backintime-qt4: package is broken	2018-04-13 14:13:22 +02:00
syncplay	syncplay: 1.5.2 -> 1.5.3 (#38693 )	2018-04-11 17:25:10 +02:00
syncthing	syncthing: 0.14.45 -> 0.14.46	2018-04-05 08:19:11 +08:00
syncthing-gtk	librsvg: always build introspection	2018-03-22 07:46:50 +01:00
tcpkali
testssl	testssl: 2.9.5-4 -> 2.9.5-5 (#38936 )	2018-04-14 21:17:44 +02:00
umurmur
vnstat
znc	znc: 1.6.5 -> 1.6.6	2018-03-23 14:52:46 -05:00