This brings in the new stable version 54 which also introduces a lot of
security fixes:
CVE-2016-5198: Out of bounds memory access in V8
CVE-2016-5181: Universal XSS in Blink
CVE-2016-5182: Heap overflow in Blink
CVE-2016-5183: Use after free in PDFium
CVE-2016-5184: Use after free in PDFium
CVE-2016-5185: Use after free in Blink
CVE-2016-5187: URL spoofing
CVE-2016-5188: UI spoofing
CVE-2016-5192: Cross-origin bypass in Blink
CVE-2016-5189: URL spoofing
CVE-2016-5186: Out of bounds read in DevTools
CVE-2016-5191: Universal XSS in Bookmarks
CVE-2016-5190: Use after free in Internals
CVE-2016-5193: Scheme bypass
Detailed announcements about these changes can be found here (latest to
oldest):
https://googlechromereleases.blogspot.de/2016/11/stable-channel-update-for-desktop.htmlhttps://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop_20.htmlhttps://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop.html
The update process of Chromium has been a bit bumpy on our side, because
version 54 also did the switch from GYP to GN so it wasn't just a matter
of updating the upstream-info file.
I've tested the Flash plugin (which runs fine) and WideVine manually,
although I couldn't get WideVine to work (I was running this within a VM
though).
So if people want to use WideVine they need to use Chrome instead until
we got this sorted out.
VM test results along with builds for all platforms can be found here:
https://headcounter.org/hydra/eval/339328
I'm going to backport these changes to stable as soon as the
tests/builds succeed there as well.
Closes: #19565Closes: #20120
This should now be the upstream default and there also is no more flag
for GN to set it, so we'll no longer need it on our side as well.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This is the standalone version of GN used currently solely for building
Chromium. An upstream bug report is available at
https://crbug.com/504074 to support a standalone build without needing
various components from the Chromium source tree.
Because there isn't a standalone vrsion available, I'm choosing
0.0.0.${date} as the version scheme here so that we don't conflict with
versioned releases from upstream someday[TM].
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
tensorflow 0.10.0 : Because of an upstream bug in tensorflow, only tensorflow > 0.10.0 is functional in Darwin system. Required python packages (mock 2.0.0 and funcsigs 1.0.2) are added
Removing mock2_0_0 and funcsigs since now upstream supports them
Adds dependency to MacOS_SDK 10.9 and accordingly to the macosx
deployment target to configure SDK-based deployment in rtags. In detail,
rtags makes use of launch_activate_socket() which is available in
launchd.h >10.9. Latter is still not available through
apple-opensource-releases, if ever. Thus, the deployment target and
build input have to be added to let rtags build scripts make use of MAC_OS_X_VERSION_MAX_ALLOWED correctly.
Otherwise, systemd-logind fails to work because SECCOMP_FILTER cannot be
enabled with OABI_COMPAT set. We don't need OABI_COMPAT at all on ARM, I
guess.
With this change, the rpi kernel boots fine for raspberrypi2.
We discussed this change with Dezgeg.
dmd 2.070.2 requires a working dmd compiler to build.
Instead of downloading a pre-compiled binary blob, keep the previous
version (which does properly build from source) around as dmd_2_067_1,
and use that to bootstrap the new version.
In category `tools`, subcategory `text`, add a package definition for
the program [`agrep`] [1] — "Approximate `grep` for fast fuzzy string
searching".
I have tested this patch per nixpkgs manual section 11.1 ("Making
patches").
[1]: <https://www.tgries.de/agrep/>