Commit Graph

2311 Commits

Author SHA1 Message Date
Sarah Brofeldt
2248f98dea
Merge pull request #39570 from srhb/chromium-24h-timeout
chromium: See if Hydra obeys a 24h meta.timeout
2018-04-26 22:12:16 +02:00
Sarah Brofeldt
537d14f4e2 chromium: See if Hydra obeys a 24h meta.timeout 2018-04-26 21:59:33 +02:00
xeji
a586011b58 firefox-wrapper: fix icon linking (#39315)
don't try to link non-existing icons
2018-04-23 08:33:09 +01:00
Herwig Hochleitner
2b29e40153 chromium: 65.0.3325.181 -> 66.0.3359.117
Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28
Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30
High CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous on 2018-02-20
High CVE-2018-6088: Use after free in PDFium. Reported by Anonymous on 2018-03-15
High CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by Rob Wu on 2018-02-04
High CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song on 2018-03-12
High CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05
High CVE-2018-6092: Integer overflow in WebAssembly. Reported by Natalie Silvanovich of Google Project Zero on 2018-03-08
Medium CVE-2018-6093: Same origin bypass in Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-01
Medium CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris Rohlf on 2016-08-01
Medium CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. Reported by Abdulrahman Alqabandi (@qab) on 2016-08-11
Medium CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-19
Medium CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr of Tencent's Xuanwu Lab on 2018-01-26
Medium CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-03
Medium CVE-2018-6099: CORS bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-02-03
Medium CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-02-11
Medium CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . Reported by Rob Wu on 2018-02-19
Medium CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-20
Medium CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani on 2018-02-24
Medium CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-08
Medium CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-18
Medium CVE-2018-6106: Incorrect handling of promises in V8. Reported by lokihardt of Google Project Zero on 2018-01-25
Medium CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-02
Medium CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-27
Low CVE-2018-6109: Incorrect handling of files by FileAPI. Reported by Dominik Weber (@DoWeb_) on 2017-04-10
Low CVE-2018-6110: Incorrect handling of plaintext files via file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24
Low CVE-2018-6111: Heap-use-after-free in DevTools. Reported by Khalil Zhani on 2017-11-02
Low CVE-2018-6112: Incorrect URL handling in DevTools. Reported by Rob Wu on 2017-12-29
Low CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani on 2018-01-25
Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on 2018-02-13
Low CVE-2018-6115: SmartScreen bypass in downloads. Reported by James Feher on 2018-03-07
Low CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by Jin from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. on 2018-03-15
Low CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey on 2018-03-15
Low CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS. Reported by Ian Beer of Google Project Zero on 2018-03-15
2018-04-21 14:57:45 +02:00
Matthew Justin Bauer
80facf99da
Merge pull request #38189 from r-ryantm/auto-update/palemoon
palemoon: 27.8.0 -> 27.8.3
2018-04-17 09:57:06 -05:00
Jörg Thalheim
5ad99e6b05 firefox-bin: add hint on how to update 2018-04-16 11:38:04 +01:00
taku0
f92dc58c71 flashplayer: 29.0.0.113 -> 29.0.0.140 2018-04-10 21:14:20 +09:00
Matthew Justin Bauer
39132f6d5d
Merge pull request #37312 from lprndn/luakit
luakit: init at 2018.08.10
2018-04-08 23:07:57 -05:00
Jörg Thalheim
39eaf98ad3
Merge pull request #38515 from taku0/fix-firefox-wrapper-ln-icon
firefox: fix wrapper to make proper symlink to icon
2018-04-08 14:06:26 +01:00
Ryan Mulligan
6593ce7ef9 otter-browser: 0.9.94 -> 0.9.96 (#37239)
Semi-automatic update generated by https://github.com/ryantm/nix-update tools. These checks were done:

- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 0.9.96 with grep in /nix/store/hy3dyckwbq8x0ylgydqf3hsd0yyj38mf-otter-browser-0.9.96
- directory tree listing: https://gist.github.com/3ba5ac755cab96acd876703e94dff4b4
2018-04-08 10:00:05 +02:00
taku0
9fca924468 firefox: fix wrapper to make proper symlink to icon 2018-04-07 01:00:42 +09:00
Michael Raskin
195521350a
Merge pull request #38111 from oxij/tree/cleanups
assorted cleanups
2018-04-05 07:08:05 +00:00
Gabriel Ebner
a54c87da82
Merge pull request #38153 from r-ryantm/auto-update/qutebrowser
qutebrowser: 1.2.0 -> 1.2.1
2018-04-02 12:30:23 +02:00
Vladimír Čunát
333245e852
Merge #38133: dwb: remove abandoned package
cf. https://wiki.archlinux.org/index.php/dwb
2018-04-02 10:03:08 +02:00
adisbladis
baeb3db5fd
firefox-beta-bin: 60.0b7 -> 60.0b8 2018-03-31 23:42:05 +08:00
adisbladis
9e474a7728
firefox-devedition-bin: 60.0b7 -> 60.0b8 2018-03-31 23:42:04 +08:00
R. RyanTM
e3a91b050b palemoon: 27.8.0 -> 27.8.3
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/palemoon/versions.

These checks were done:

- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 27.8.3 with grep in /nix/store/jnhd2rzskaad61xh3d3rs63hjy8cwi7y-palemoon-27.8.3
- directory tree listing: https://gist.github.com/97a439e8880c3937586c5d06a2ac0844
2018-03-31 00:23:07 -07:00
R. RyanTM
88423094f4 qutebrowser: 1.2.0 -> 1.2.1
Semi-automatic update generated by https://github.com/ryantm/nix-update tools.

This update was made based on information from https://repology.org/metapackage/qutebrowser/versions.

These checks were done:

- built on NixOS
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/qutebrowser -h` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/qutebrowser --help` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/..qutebrowser-wrapped-wrapped -h` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/..qutebrowser-wrapped-wrapped --help` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/.qutebrowser-wrapped -h` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/.qutebrowser-wrapped --help` got 0 exit code
- found 1.2.1 with grep in /nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1
- directory tree listing: https://gist.github.com/b85ebb5c38a8861cac255f78b5c16525
2018-03-30 16:08:11 -07:00
Pascal Wittmann
0680093baa
dwb: remove package as its insecure and outdated 2018-03-30 21:55:47 +02:00
SLNOS
1e3bd96aad wrapFirefox: tiny cleanup 2018-03-30 06:40:14 +00:00
SLNOS
6433935120 tor-browser: 52.7.0esr-7.5-1 -> 52.7.3esr-7.5-1 2018-03-30 06:21:00 +00:00
Andreas Rammhold
6abbe39551
firefox-bin: 59.0.1 -> 59.0.2
Fixes MFSA2018-10 [1].

[1] https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/
2018-03-28 00:29:10 +02:00
Andreas Rammhold
24a2c3fe58
firefox-esr: 52.7.2esr -> 52.7.3esr
Fixes MFSA2018-10 [1].

[1] https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/
2018-03-28 00:29:05 +02:00
Michael Raskin
73a7d67795 firefox: 59.0.1 -> 59.0.2 2018-03-27 22:06:54 +02:00
Joachim Fasting
707a1ce0da
tor-browser-bundle-bin: 7.5.2 -> 7.5.3 2018-03-27 18:10:58 +02:00
adisbladis
29e757ecc5
firefox-beta-bin: 60.0b6 -> 60.0b7 2018-03-27 21:48:40 +08:00
adisbladis
deae713d6d
firefox-devedition-bin: 60.0b6 -> 60.0b7 2018-03-27 21:48:39 +08:00
Joachim Fasting
d09b4d7b2e
tor-browser-bundle-bin: 7.5.1 -> 7.5.2 2018-03-26 12:27:44 +02:00
adisbladis
0e4f68a832
Merge pull request #37829 from ryantm/auto-update/links2
links: 2.14 -> 2.15
2018-03-26 10:40:30 +08:00
adisbladis
fab46dc9de
firefox-beta-bin: 60.0b3 -> 60.0b6 2018-03-26 10:11:14 +08:00
adisbladis
7151ce7f0a
firefox-devedition-bin: 60.0b3 -> 60.0b6 2018-03-26 10:11:02 +08:00
Ryan Mulligan
60cbe23764 links: 2.14 -> 2.15
Semi-automatic update generated by https://github.com/ryantm/nix-update tools.

This update was made based on information from https://repology.org/metapackage/links2/versions.

These checks were done:

- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 2.15 with grep in /nix/store/sv2bhipkaba7wbgkwinbq1xs430zmvra-links2-2.15
- directory tree listing: https://gist.github.com/c94bde5e3281eca9ed30751401d14020
2018-03-25 17:46:46 -07:00
Herwig Hochleitner
8cbf295b6c chromium: 65.0.3325.162 -> 65.0.3325.181
dev: 66 -> 67

cc @YorikSar @aszlig
2018-03-26 01:52:11 +02:00
Thomas Tuegel
01f37880f3
wrapFirefox: update icon location
The icons for Firefox are in a new location in the unwrapped package; the
wrapper is updated to reflect that. This should have no effect on other browers
that provide their own icons in the default XDG location.
2018-03-22 11:42:25 -05:00
Jan Tojnar
fefbcbc550
eolie: fix build 2018-03-22 07:48:13 +01:00
Andrew Childs
3928fd9081 Chromium: fix skia build on aarch64
Patch imported from Arch Linux ARM
2018-03-20 00:20:42 +02:00
Yuriy Taraday
6b0732a956 chromium: 65.0.3325.146 -> 65.0.3325.162
Also bump dev branch to ensure that next beta will work.
2018-03-18 19:15:32 +02:00
Lprndn
aa5921a9cf luakit: init at 2018.08.10 2018-03-18 12:17:59 +01:00
taku0
d947db7e3c firefox-esr: 52.7.1esr -> 52.7.2esr 2018-03-17 11:02:14 +09:00
taku0
9aae5d7c80 firefox: 59.0 -> 59.0.1 2018-03-17 11:00:48 +09:00
taku0
3d28c32921 firefox-bin: 59.0 -> 59.0.1 2018-03-17 10:56:22 +09:00
Michael Raskin
808e8f672e
Merge branch 'master' into firefox-59.0 2018-03-16 18:08:53 +00:00
Michael Raskin
c940d2e1ac
Merge pull request #37158 from oxij/pkgs/tor-browsers
update tor browsers
2018-03-16 18:06:50 +00:00
Graham Christensen
0297aff1f1
Merge pull request #36921 from tokudan/ffb59
firefox-bin: 58.0.2 -> 59.0
2018-03-16 10:34:25 -04:00
taku0
6778f7a786 firefox-esr: 52.7.0esr -> 52.7.1esr 2018-03-16 23:17:07 +09:00
taku0
8170c05afc firefox: 58.0.2 -> 59.0 2018-03-16 23:17:07 +09:00
taku0
186de9ca9e common-updater: support updating source URL 2018-03-16 23:17:07 +09:00
taku0
cb51341d12 firefox-esr: 52.6.0esr -> 52.7.0esr 2018-03-16 23:17:07 +09:00
taku0
97ab43d580 firefox-bin: 58.0.2 -> 59.0 2018-03-16 23:17:07 +09:00
taku0
13df7202d7 firefox: Fix update.nix 2018-03-16 23:17:07 +09:00