nixpkgs-suyu/pkgs/applications
aszlig c67a7ee731
Merge branch 'chromium-update-with-gn'
This brings in the new stable version 54 which also introduces a lot of
security fixes:

  CVE-2016-5198: Out of bounds memory access in V8
  CVE-2016-5181: Universal XSS in Blink
  CVE-2016-5182: Heap overflow in Blink
  CVE-2016-5183: Use after free in PDFium
  CVE-2016-5184: Use after free in PDFium
  CVE-2016-5185: Use after free in Blink
  CVE-2016-5187: URL spoofing
  CVE-2016-5188: UI spoofing
  CVE-2016-5192: Cross-origin bypass in Blink
  CVE-2016-5189: URL spoofing
  CVE-2016-5186: Out of bounds read in DevTools
  CVE-2016-5191: Universal XSS in Bookmarks
  CVE-2016-5190: Use after free in Internals
  CVE-2016-5193: Scheme bypass

Detailed announcements about these changes can be found here (latest to
oldest):

https://googlechromereleases.blogspot.de/2016/11/stable-channel-update-for-desktop.html
https://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop_20.html
https://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop.html

The update process of Chromium has been a bit bumpy on our side, because
version 54 also did the switch from GYP to GN so it wasn't just a matter
of updating the upstream-info file.

I've tested the Flash plugin (which runs fine) and WideVine manually,
although I couldn't get WideVine to work (I was running this within a VM
though).

So if people want to use WideVine they need to use Chrome instead until
we got this sorted out.

VM test results along with builds for all platforms can be found here:

https://headcounter.org/hydra/eval/339328

I'm going to backport these changes to stable as soon as the
tests/builds succeed there as well.

Closes: #19565
Closes: #20120
2016-11-09 09:55:31 +01:00
..
altcoins bitcoin: 0.13.0 -> 0.13.1 2016-11-03 21:03:52 +01:00
audio Merge pull request #20233 from womfoo/bump/fldigi-3.23.15 2016-11-08 02:52:21 +01:00
backup treewide: Use more makeLibraryPath 2016-08-23 02:56:12 +03:00
display-managers lightdm: 1.19.4 -> 1.19.5 2016-10-14 21:28:18 -04:00
editors melpa-packages: 2016-11-07 2016-11-07 19:46:27 -05:00
gis Python: more evaluation fixups. 2016-10-14 00:03:12 +02:00
graphics darktable: 2.0.6 -> 2.0.7 2016-11-06 09:04:13 -05:00
inferno
misc Merge pull request #19999 from AndersonTorres/cherrytree 2016-11-07 11:43:54 +01:00
networking chromium: Add Gtk 3 for versions >= 56 2016-11-09 00:58:33 +01:00
office zotero: mark as broken #20049 2016-11-02 17:32:39 +01:00
science z3: 4.4.1 -> 4.5.0 2016-11-08 16:14:16 -05:00
search Remove pycairo from top-level 2016-08-14 13:52:42 +02:00
taxes
version-management gitlab: 8.12.6 -> 8.12.8, fix CVE-2016-9086 2016-11-03 20:18:05 +01:00
video motion: init at 4.0.1 2016-11-08 10:55:13 +11:00
virtualization remotebox: 2.1 -> 2.2 2016-11-09 02:24:46 +01:00
window-managers Remove myself as maintainer. 2016-11-03 11:54:54 +01:00