Commit graph

775 commits

Author SHA1 Message Date
Michael Weiss
d1a27a5f00
chromium: 85.0.4183.102 -> 85.0.4183.121
https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html

This update includes 10 security fixes.

CVEs:
CVE-2020-15960 CVE-2020-15961 CVE-2020-15962 CVE-2020-15963
CVE-2020-15965 CVE-2020-15966 CVE-2020-15964
2020-09-22 13:58:22 +02:00
Gabriel Ebner
705ecdc192 chromium: use jre8 2020-09-19 14:06:14 +02:00
Michael Weiss
8129917320
Merge pull request #97515 from primeos/chromium
chromium: 85.0.4183.83 -> 85.0.4183.102
2020-09-10 19:56:34 +02:00
Michael Weiss
e249baca22
chromiumDev: M86 -> M87 2020-09-10 12:31:00 +02:00
Michael Weiss
ceb3acfa8b
chromium: update.py: Keep the channel order consistent
This makes Git diffs way easier to read.
Using sort_keys=True is usually better but with this implementation the
output is a bit nicer to read IMO.
2020-09-10 12:30:03 +02:00
Michael Weiss
a9c78519d6
chromium: 85.0.4183.83 -> 85.0.4183.102
https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop.html

This update includes 5 security fixes.

CVEs:
CVE-2020-6573 CVE-2020-6574 CVE-2020-6575 CVE-2020-6576 CVE-2020-15959
2020-09-09 09:57:45 +02:00
taku0
807e4ae439 flashplayer: 32.0.0.414 -> 32.0.0.433 2020-09-08 15:15:04 +09:00
Michael Weiss
1fa610bdf0
chromium: Prefix $PATH with xdg_utils (#96922)
This is required for certain URIs that require launching external
programs (e.g. mailto:, magnet:, or irc:) or setting the default browser
via xdg-settings.
Fix #96897 and fix #92751.
2020-09-06 23:20:30 +02:00
Tethys Svensson
2927a19be3 chromium: Unblock nixos-unstable by using the correct argument to fetchurl 2020-09-06 14:54:42 +02:00
Florian Klink
c7a503bf2e Revert "chromiumDev: 86.0.4240.8 -> 87.0.4252.0"
This reverts commit 5da66561d1.

It seems the chromium build now unconditionally tries to enable ozone
(even though we disable it), causing the build to fail (as we only
provide xkbcommon when enabling Ozone):

```
configuring
ERROR at //build/config/linux/pkg_config.gni:103:17: Script returned non-zero exit code.
    pkgresult = exec_script(pkg_config_script, args, "value")
                ^----------
Current dir: /build/chromium-87.0.4252.0/out/Release/
Command: python /build/chromium-87.0.4252.0/build/config/linux/pkg-config.py xkbcommon
Returned 1.
stderr:

Package xkbcommon was not found in the pkg-config search path.
Perhaps you should add the directory containing `xkbcommon.pc'
to the PKG_CONFIG_PATH environment variable
No package 'xkbcommon' found
Could not run pkg-config.

See //ui/events/ozone/layout/BUILD.gn:12:3: whence it was called.
  pkg_config("xkbcommon") {
  ^------------------------
See //chrome/test/chromedriver/BUILD.gn:273:15: which caused the file to be included.
    deps += [ "//ui/events/ozone/layout" ]
              ^-------------------------
builder for '/nix/store/2dqhrd2qzyms078wnvwv6ays53ppvgc2-chromium-unwrapped-87.0.4252.0.drv' failed with exit code 1
cannot build derivation '/nix/store/4iyhgzsmpx80v75hvk1jycwzanw4z5dn-chromium-dev-87.0.4252.0.drv': 1 dependencies couldn't be built
```
2020-09-05 12:00:48 +02:00
Florian Klink
6c92847e81 chromiumBeta: 85.0.4183.83 -> 86.0.4240.22 2020-09-05 11:25:38 +02:00
Florian Klink
5da66561d1 chromiumDev: 86.0.4240.8 -> 87.0.4252.0 2020-09-05 11:24:57 +02:00
Alyssa Ross
de69b705d2 chromium: replace update.nix with Python impl
update.nix was a huuuuge hack, abusing checksum collisions, etc., and
was extremely difficult to read and maintain, especially because
values from update.nix were also used in the derivations themselves!

I've replaced this with an implementation in Python, which I chose for
readability.  Rather than generating Nix, I chose to
generate JSON, since Python can do that in the standard library and
Nix can read it.

I also set update.py as an updateScript, so Chromium can now
automatically be updated!

Fixes: https://github.com/NixOS/nixpkgs/issues/89635
2020-09-05 11:20:13 +02:00
Alyssa Ross
5811b6c1cd chromiumDev: 86.0.4238.0 -> 86.0.4240.8 2020-09-05 11:08:50 +02:00
Matthew Bauer
25ac498482
Merge pull request #96404 from matthewbauer/gcc-cross
Fix cycle detected in Darwin->Linux cross GCC
2020-08-26 16:17:14 -05:00
Michael Weiss
9a96d71f71
chromiumDev: Unbreak the build by using LLVM 11 2020-08-26 22:29:07 +02:00
Michael Weiss
b8fb1e15b9
Merge pull request #96308 from primeos/chromium
chromium: 84.0.4147.135 -> 85.0.4183.83
2020-08-26 22:27:11 +02:00
Michael Weiss
8815c9e186
chromiumDev: Fix "patchShebangs ."
Note: The following might also need to be updated:
substituteStream(): WARNING: pattern '/usr/share/xcb' doesn't match anything in file 'ui/gfx/x/BUILD.gn'
2020-08-26 14:33:18 +02:00
Michael Weiss
bf0e13a322
chromiumDev: Drop the optional VA-API patches
I didn't look into this yet but IIRC M86 will finally have a flag for
Linux to enable VA-API. So we shouldn't need
enable-video-acceleration-on-linux.patch anymore.

But we likely need to update enable-vdpau-support-for-nvidia.patch
when/before M86 hits the stable channel if we want to keep VDPAU
support.
2020-08-26 14:30:49 +02:00
Michael Weiss
2213c464f6
chromiumDev: Drop nix_plugin_paths_68.patch
Ok, so I was about to update the patch (didn't apply anymore) when I
also started looking at it's usage and realized that
NIX_CHROMIUM_PLUGIN_PATH_ (and other substrings) only appears in the
patch itself (i.e. it seemed like we don't need this patch anymore).

Turns out that we have this patch since 2014 (1b84fbf0ca) and it was
only ever used for NIX_CHROMIUM_PLUGIN_PATH_WIDEVINE (and from the log
it isn't clear if/when or how well that worked). But in 2019 that last
usage got removed (545d58a1ef) so we should be able to safely drop this
patch now :) \o/

(I just wanted to note that as it seemed somewhat of a funny story :D
But there is of course nothing wrong with it.)
Git history (git log --oneline -S NIX_CHROMIUM_PLUGIN_PATH_):
7205bd64a3 ungoogled-chromium: init at 81.0.4044.92-2
545d58a1ef chromium: fix widevine
cd3283f921 chromium: 67.0.3396.99 -> 68.0.3440.75
72d7b5ddb1 chromium: fix nix_plugin_paths for 68+
7a3a16dd80 chromium: Remove plugin paths patch for version 50
79d18eb604 chromium: Update dev channel to v52.0.2743.10
c7a3645e7b chromium: Remove stuff for versions <= v51
8b97ca270e chromium: Update all channels to latest versions
b9093f1c64 chromium: Updates, fixes #11492
471cdd15e2 chromium: Update beta and dev channels.
5c6aa391fc chromium: Cleanup old patch and update stable
af54ddf8b6 chromium: Drop plugin_paths patch for old versions.
6a8afa4bb3 chromium: Fix plugin_paths patch for version 44.
0aad4b7ee4 chromium: Update all channels to latest versions.
1b84fbf0ca chromium: Allow env vars for passing plugin paths.
2020-08-26 14:30:49 +02:00
Michael Weiss
25aed428aa
chromium: Make the gnChromium overrides depend on the version
This is more robust than depending on the channel, though the version
should only matter if the configuration phase fails.
This also switches to the intended version for `chromium` which should
be higher since M85 is in the stable channel.

Thanks `@volth` for pointing this out.
2020-08-25 23:22:41 +02:00
Michael Weiss
4252ba90f4
chromium: 84.0.4147.135 -> 85.0.4183.83
https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop_25.html

This update includes 20 security fixes.

CVEs:
CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562
CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567
CVE-2020-6568 CVE-2020-6569 CVE-2020-6570 CVE-2020-6571
2020-08-25 22:36:56 +02:00
Florian Klink
40d2968ebf
Merge pull request #94354 from flokli/systemd-246
systemd: 245.6 -> 246
2020-08-24 12:42:24 +02:00
Michael Weiss
f9c3038465
chromium: 84.0.4147.125 -> 84.0.4147.135
https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop_18.html

This update includes 1 security fix.

CVEs:
CVE-2020-6556
2020-08-19 15:59:11 +02:00
Florian Klink
c56e961acd chromium: use lib.getLib systemd instead of systemd.lib
This will pick the `lib` output if it exists, otherwise default to `out`.
2020-08-13 20:51:40 +02:00
Samuel Gräfenstein
7a34bf1aae
flashplayer: 32.0.0.403 -> 32.0.0.414 2020-08-12 11:11:24 +02:00
Michael Weiss
edb0920697
chromium: 84.0.4147.105 -> 84.0.4147.125
https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop.html

This update includes 15 security fixes.

CVEs:
CVE-2020-6542 CVE-2020-6543 CVE-2020-6544 CVE-2020-6545 CVE-2020-6546
CVE-2020-6547 CVE-2020-6548 CVE-2020-6549 CVE-2020-6550 CVE-2020-6551
CVE-2020-6552 CVE-2020-6553 CVE-2020-6554 CVE-2020-6555
2020-08-10 23:37:23 +02:00
f4814n
6e4d33a001
chromium: Add missing dependency on coreutils (#94578)
The script that runs chromium calls tr from coreutils - however
it just assumed that coreutils are in PATH.

With missing coreutils chromium did still launch (at least with
d433839007 applied) but emitted
`line 15: tr: command not found` error messages.
2020-08-03 17:58:41 +02:00
Michael Weiss
bf02beb099
chromium: 84.0.4147.89 -> 84.0.4147.105
https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop_27.html

This update includes 8 security fixes.

CVEs:
CVE-2020-6537 CVE-2020-6538 CVE-2020-6532 CVE-2020-6539 CVE-2020-6540
CVE-2020-6541
2020-07-28 12:18:09 +02:00
Michael Weiss
11fbe97810
chromium{Beta,Dev}: M84 -> M85 -> M86 (broken)
Mark chromiumDev as broken since the build requires LLVM 11 which is not
yet in Nixpkgs (due to the lack of an RC, see #93324). Build error:
clang (LLVM option parsing): Unknown command line argument '-basic-aa-recphi=0'.  Try: 'clang (LLVM option parsing) --help'
clang (LLVM option parsing): Did you mean '--basicaa-recphi=0'?
ninja: build stopped: subcommand failed.
2020-07-24 13:40:24 +02:00
Mario Rodas
c09af4ea38
Merge pull request #93222 from taku0/flashplayer-32.0.0.403
flashplayer: 32.0.0.387 -> 32.0.0.403
2020-07-19 10:56:10 -05:00
Griffin Smith
d433839007 chromium: Add missing dependency on gnugrep
The bin script that runs chromium calls out to gnugrep - but gnugrep is
missing as a runtime dependency of the chromium package. I found this
out when I was trying to put it in a docker image.
2020-07-17 18:33:43 +02:00
Michael Weiss
8427eb7044
chromium: 83.0.4103.116 -> 84.0.4147.89
https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html

This update includes 38 security fixes.

CVEs:
CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514
CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519
CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524
CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528 CVE-2020-6529
CVE-2020-6530 CVE-2020-6531 CVE-2020-6533 CVE-2020-6534 CVE-2020-6535
CVE-2020-6536
2020-07-14 23:10:31 +02:00
taku0
65579d4bf8 flashplayer: 32.0.0.387 -> 32.0.0.403 2020-07-14 21:12:28 +09:00
Domen Kožar
347ab190c7
remove usage of patchelfUnstable now that it's released 2020-07-08 21:55:09 +02:00
Andrew Childs
46f11f53c9 chromium: 83.0.4103.106 -> 83.0.4103.116
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_22.html

This update includes 2 security fixes.

CVEs: CVE-2020-6509
2020-06-24 13:53:28 +09:00
Michael Weiss
1a5df8f680
chromium: 83.0.4103.97 -> 83.0.4103.106
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_15.html

This update includes 4 security fixes.

CVEs: CVE-2020-6505 CVE-2020-6506 CVE-2020-6507
2020-06-16 00:01:51 +02:00
taku0
0a146054bd flashplayer: 32.0.0.371 -> 32.0.0.387 2020-06-14 08:44:44 +02:00
Doron Behar
01d4e2fe33 treewide: use ffmpeg_3 explicitly if not wanted otherwise
After making `ffmpeg` point to the latest `ffmpeg_4`, all packages that
used `ffmpeg` without requiring a specific version now use ffmpeg_3
explicitly so they shouldn't change.
2020-06-12 11:55:31 -07:00
Michael Weiss
e466ea721c
chromium{Beta,Dev}: Fix the builds
Fix #89615.
2020-06-10 11:23:14 +02:00
Michael Weiss
1d38f6bcb2
chromiumBeta: Fix the configuration phase
The changes from chromiumDev (see 029a5de083) are required for
chromiumBeta as well.
2020-06-09 13:53:47 +02:00
Florian Klink
495cf5fd17
Merge pull request #89565 from jsravn/enable-chromium-rtc-use-pipewire
chromium: add rtc_use_pipewire
2020-06-07 21:13:28 +02:00
Michael Weiss
029a5de083
chromiumDev: Fix the configuration phase
Relevant changes in M85:
- Upstream switched from YASM to NASM [0].
- third_party/binutils was removed [1].

Note: The gn and dev channel updates are optional.
cc #89615.

[0]: https://bugs.chromium.org/p/chromium/issues/detail?id=766721
[1]: 9869e86fd9
2020-06-06 19:38:53 +02:00
James Ravn
1535270d91
Add pipewire to runtime path 2020-06-06 17:08:39 +01:00
Michael Weiss
19e939d98e
chromiumBeta: Fix the source hash
For some reason the hash from 9ec139b672 became invalid, see #89615.
The update script does now produce the correct hash.
2020-06-06 13:36:09 +02:00
James Ravn
fae468b3ce
chromium: add rtc_use_pipewire
This provides the browser flag #enable-webrtc-pipewire-capturer, which
adds support for screensharing on Wayland via xdg-desktop-portal.

The browser flag is disabled by default until a user enables it. At
least one other major distribution (Arch) enables this compile time
option, and so I believe it should be safe to enable by default.

This is also needed to support xdg-desktop-portal-wlr which was added in
https://github.com/NixOS/nixpkgs/pull/83485.
2020-06-05 21:05:43 +01:00
Michael Weiss
9ec139b672
chromium: 83.0.4103.61 -> 83.0.4103.97
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html

This update includes 5 security fixes.

CVEs: CVE-2020-6493 CVE-2020-6494 CVE-2020-6495 CVE-2020-6496
2020-06-04 20:26:31 +02:00
Michael Weiss
cdd95a9625
chromium: 81.0.4044.138 -> 83.0.4103.61
https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop_19.html

This update includes 38 security fixes.

CVEs:
CVE-2020-6465 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469
CVE-2020-6470 CVE-2020-6471 CVE-2020-6472 CVE-2020-6473 CVE-2020-6474
CVE-2020-6475 CVE-2020-6476 CVE-2020-6477 CVE-2020-6478 CVE-2020-6479
CVE-2020-6480 CVE-2020-6481 CVE-2020-6482 CVE-2020-6483 CVE-2020-6484
CVE-2020-6485 CVE-2020-6486 CVE-2020-6487 CVE-2020-6488 CVE-2020-6489
CVE-2020-6490 CVE-2020-6491
2020-05-19 23:55:32 +02:00
taku0
d8fa222ca2 flashplayer: 32.0.0.363 -> 32.0.0.371 2020-05-12 18:31:02 +09:00
Michael Weiss
dec3d5f39f
chromium: 81.0.4044.129 -> 81.0.4044.138
https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop.html

This update includes 3 security fixes.

CVEs: CVE-2020-6831 CVE-2020-6464
2020-05-06 01:11:53 +02:00