JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
238,195 Commits 2 Branches 0 Tags 12 GiB
7a34bf1aae
Commit Graph

750 Commits

Author SHA1 Message Date
Michael Weiss
51b6f9c6ae
chromium: 80.0.3987.122 -> 80.0.3987.132 
https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop.html

This update includes 4 security fixes.

CVEs:
CVE-2020-6420
 2020-03-04 10:35:11 +01:00
Michael Weiss
02ca096a85
chromiumDev: Add the missing clang-format binary 
The fix from 1d961a4c6d was unfortunately incomplete. This commit fixes
the second error [0] that occurs later during the build (the Python
script third_party/blink/renderer/bindings/scripts/generate_bindings.py
requires buildtools/linux64/clang-format).

[0]: https://github.com/NixOS/nixpkgs/pull/81016#issuecomment-591572821
 2020-03-01 10:37:26 +01:00
Michael Weiss
1d961a4c6d
chromiumDev: Fix the build 
Building Chromium 82 requires LLVM 10 for the new argument
"-fintegrated-cc1". LLVM 9 fails with:
clang++: error: unknown argument: '-fintegrated-cc1'
 2020-02-26 19:21:59 +01:00
Michael Weiss
8be566d288
chromium: 80.0.3987.116 -> 80.0.3987.122 
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html

This update includes 3 security fixes.

CVEs:
CVE-2020-6407 CVE-2020-6418
 2020-02-26 19:21:58 +01:00
Michael Weiss
3e9d2f80a4
chromium: 80.0.3987.106 -> 80.0.3987.116 2020-02-20 09:50:25 +01:00
worldofpeace
98b854c79d
Merge pull request #79915 from taku0/flashplayer-32.0.0.330 
flashplayer: 32.0.0.314 -> 32.0.0.330 [Critical security fixes]
 2020-02-17 20:05:03 -05:00
Michael Weiss
574a57a67f
chromium: 80.0.3987.100 -> 80.0.3987.106 
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_13.html
 2020-02-14 00:57:17 +01:00
Michael Weiss
e61b8d99c2
chromium: 80.0.3987.87 -> 80.0.3987.100 
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_11.html
 2020-02-11 21:25:53 +01:00
taku0
87d9d9a374 flashplayer: 32.0.0.314 -> 32.0.0.330 2020-02-11 21:15:08 +09:00
Michael Weiss
272041b85a
chromium: 79.0.3945.130 -> 80.0.3987.87 
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html

This update includes 56 security fixes.

CVEs:
CVE-2020-6381 CVE-2020-6382 CVE-2019-18197 CVE-2019-19926 CVE-2020-6385
CVE-2019-19880 CVE-2019-19925 CVE-2020-6387 CVE-2020-6388 CVE-2020-6389
CVE-2020-6390 CVE-2020-6391 CVE-2020-6392 CVE-2020-6393 CVE-2020-6394
CVE-2020-6395 CVE-2020-6396 CVE-2020-6397 CVE-2020-6398 CVE-2020-6399
CVE-2020-6400 CVE-2020-6401 CVE-2020-6402 CVE-2020-6403 CVE-2020-6404
CVE-2020-6405 CVE-2020-6406 CVE-2019-19923 CVE-2020-6408 CVE-2020-6409
CVE-2020-6410 CVE-2020-6411 CVE-2020-6412 CVE-2020-6413 CVE-2020-6414
CVE-2020-6415 CVE-2020-6416 CVE-2020-6417
 2020-02-05 00:20:16 +01:00
Michael Weiss
4ad78e64ff
chromium: Add myself (@primeos) as provisional maintainer 
I don't really have the hardware resources nor time to do this properly,
but I'll try to keep a watch on Chromium (updates, PRs, and issues)
until we've found a new team [0].
Testing will be performed on a best effort basis (no guarantees :o).

I've also briefly documented the current maintainer
roles/responsibilities and added `meta.longDescription`.

[0]: https://github.com/NixOS/nixpkgs/issues/78450
 2020-01-28 23:08:21 +01:00
Michael Weiss
cccfd1092f
chromium: 79.0.3945.117 -> 79.0.3945.130 
https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop_16.html

This update includes 11 security fixes.

CVEs: CVE-2020-6378 CVE-2020-6379 CVE-2020-6380 CVE-2020-0601
 2020-01-26 23:58:14 +01:00
Michael Weiss
2932d787ec
Merge pull request #77299 from ivan/chromium-79.0.3945.117 
chromium: 79.0.3945.88 -> 79.0.3945.117
 2020-01-25 01:12:31 +01:00
Ivan Kozik
76ab11518d treewide: Remove myself from maintainers on some packages (#78027) 2020-01-19 12:18:34 -05:00
taku0
2becf7ffed flashplayer: 32.0.0.303 -> 32.0.0.314 2020-01-14 15:13:06 +09:00
Ivan Kozik
b8fa6dd0ac chromium: 79.0.3945.88 -> 79.0.3945.117 
CVE-TBD: Use after free in audio

https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop.html
 2020-01-08 08:42:54 +00:00
Mario Rodas
3efe39d2cc
Merge pull request #75436 from taku0/flashplayer-32.0.0.303 
flashplayer: 32.0.0.293 -> 32.0.0.303
 2019-12-25 13:40:59 -05:00
Ivan Kozik
5dd4f1d0b9 chromium: 79.0.3945.79 -> 79.0.3945.88 
https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop_17.html

CVE-2019-13767
 2019-12-18 04:56:50 +00:00
Graham Christensen
aa4a1b01d5
Merge pull request #75516 from ivan/chromium-79.0.3945.79 
chromium: 78.0.3904.108 -> 79.0.3945.79
 2019-12-15 14:48:34 -05:00
Andrew Childs
b29e3582ac chromium: add thefloweringash (myself) as maintainer 
I have an interest in making Chromium available on Aarch64. I'm adding
myself here on a recommendation from @ivan [1].

[1] https://github.com/NixOS/nixpkgs/pull/74015#issuecomment-565780595
 2019-12-15 21:34:22 +09:00
Ivan Kozik
af006f9ff3 chromium: fix enableWideVine for v79 which needs the manifest.json in WidevineCdm/ 2019-12-15 04:56:01 +00:00
Ivan Kozik
3d71db8abb chromium: explain enable_widevine = true 2019-12-15 04:55:59 +00:00
Ivan Kozik
950230bc84 chromium: remove enableNaCl option 
This hasn't worked since 2016 (https://github.com/NixOS/nixpkgs/issues/13983)
and is being removed very soon, per "Q4 2019" in
https://developer.chrome.com/native-client/migration

(It's staying around for "Chrome Apps", but those only run on ChromeOS now.)

earth.google.com users can use https://earth.google.com/web/?beta=1 to get
the wasm version instead of the PNaCl version.
 2019-12-15 04:55:30 +00:00
Ivan Kozik
ec75ea3329 chromium: use llvmPackages_9 to more closely match upstream 2019-12-15 04:35:36 +00:00
Ivan Kozik
46d252f1f1 chromium: fix GL support by not using the ANGLE GL implementation 2019-12-15 04:35:23 +00:00
Ivan Kozik
14b40e291d chromium: 78.0.3904.108 -> 79.0.3945.79 
https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html

CVE-2019-13725 CVE-2019-13726 CVE-2019-13727 CVE-2019-13728
CVE-2019-13729 CVE-2019-13730 CVE-2019-13732 CVE-2019-13734
CVE-2019-13735 CVE-2019-13764 CVE-2019-13736 CVE-2019-13737
CVE-2019-13738 CVE-2019-13739 CVE-2019-13740 CVE-2019-13741
CVE-2019-13742 CVE-2019-13743 CVE-2019-13744 CVE-2019-13745
CVE-2019-13746 CVE-2019-13747 CVE-2019-13748 CVE-2019-13749
CVE-2019-13750 CVE-2019-13751 CVE-2019-13752 CVE-2019-13753
CVE-2019-13754 CVE-2019-13755 CVE-2019-13756 CVE-2019-13757
CVE-2019-13758 CVE-2019-13759 CVE-2019-13761 CVE-2019-13762
CVE-2019-13763

The new widevine patch was taken from
https://git.archlinux.org/svntogit/packages.git/plain/trunk/chromium-widevine.patch?h=packages/chromium
 2019-12-11 15:55:21 +00:00
taku0
b16d72e61b flashplayer: 32.0.0.293 -> 32.0.0.303 2019-12-10 21:54:15 +09:00
Andrew Childs
6ec5e745dc chromium: fix aarch64 build 
The skia patch no longer applies, and is no longer necessary.

The current version of chromium doesn't build with gcc. This has been
fixed upstream[1] and could be backported, but switching aarch64 to
clang/llvm and making the build the same on all platforms is simpler.

[1] 9662ec8440
 2019-11-26 01:25:39 +01:00
John Ericson
4f1261134e Merge remote-tracking branch 'upstream/master' into staging 2019-11-24 18:33:54 +00:00
Herwig Hochleitner
a52d7674cc chromium: update vaapi patch 
https://github.com/NixOS/nixpkgs/issues/73878
 2019-11-24 19:07:59 +01:00
Frederik Rietdijk
10d0c68a9b Merge staging-next into staging 2019-11-20 10:02:21 +01:00
Frederik Rietdijk
5f8b0d7d99 Merge staging-next into staging 2019-11-19 14:53:29 +01:00
Ivan Kozik
0c8fc2e90e chromium: 78.0.3904.97 -> 78.0.3904.108 
CVE-2019-13723 CVE-2019-13724

https://chromereleases.googleblog.com/2019/11/stable-channel-update-for-desktop_18.html
 2019-11-19 05:15:47 +00:00
adisbladis
c9d8624ccd
treewide: Get rid of libGLU_combined 2019-11-18 20:10:43 +00:00
Herwig Hochleitner
8c997725a2 flashplayer: 32.0.0.270 -> 32.0.0.293 2019-11-16 17:24:53 +01:00
Ivan Kozik
c653c7ade3 chromium: 78.0.3904.87 -> 78.0.3904.97 
4 security fixes, no CVEs.

https://chromereleases.googleblog.com/2019/11/stable-channel-update-for-desktop.html
 2019-11-13 08:21:38 +01:00
Ivan Kozik
648b1c5b97 chromium: 78.0.3904.70 -> 78.0.3904.87 
CVE-2019-13721 CVE-2019-13720

https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_31.html
 2019-11-01 23:14:55 +00:00
Ivan Kozik
b4f5dc2fb8 chromium: do not load .so files from current working directory 
Fixes #67234.
 2019-10-31 01:34:19 +00:00
Ivan Kozik
908b24ea04 chromium: 77.0.3865.120 -> 78.0.3904.70 
CVE-2019-13699 CVE-2019-13700 CVE-2019-13701 CVE-2019-13702
CVE-2019-13703 CVE-2019-13704 CVE-2019-13705 CVE-2019-13706
CVE-2019-13707 CVE-2019-13708 CVE-2019-13709 CVE-2019-13710
CVE-2019-13711 CVE-2019-15903 CVE-2019-13713 CVE-2019-13714
CVE-2019-13715 CVE-2019-13716 CVE-2019-13717 CVE-2019-13718
CVE-2019-13719

https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html
 2019-10-23 03:54:39 +00:00
Renaud
e77a6ec5e4
Merge pull request #70853 from taku0/flashplayer-32.0.0.270 
flashplayer: 32.0.0.255 -> 32.0.0.270 [Critical security fixes]
 2019-10-15 19:55:56 +02:00
Herwig Hochleitner
13e3b03d1b chromium: restore versionRange utility 
This partially reverts commit
f45798e544.

cc @ivan I'd like to have that left in, because it's very useful for
gcc compiles, when necessary patches often span multiple releases,
i.e. for aarch64 builds
 2019-10-11 23:00:29 +02:00
Ivan Kozik
f45798e544 chromium: 77.0.3865.90 -> 77.0.3865.120 
CVE-2019-13693 CVE-2019-13694 CVE-2019-13695 CVE-2019-13696
CVE-2019-13697

Disable jumbo mode because upstream dropped support for it.
(See chromium-dev "We're removing support for the jumbo build")

This makes builds take about 3x as long, but we have no alternative.
 2019-10-11 22:32:18 +02:00
taku0
09ef6dc625 flashplayer: add maintainer 2019-10-09 21:13:14 +09:00
taku0
8948290cec flashplayer: 32.0.0.255 -> 32.0.0.270 2019-10-09 15:13:12 +09:00
Graham Christensen
8dbca5e3ca
Merge pull request #69054 from ivan/chromium-77.0.3865.90 
chromium: 77.0.3865.75 -> 77.0.3865.90
 2019-09-19 18:01:06 -04:00
Ivan Kozik
5456def6b3 chromiumDev: fix widevine support 
Upstream moved libwidevinecdm.so from
./opt/google/chrome-unstable/libwidevinecdm.so
to
./opt/google/chrome-unstable/WidevineCdm/_platform_specific/linux_x64/libwidevinecdm.so
 2019-09-19 00:05:30 +00:00
Ivan Kozik
44957a9f30 chromiumDev: fix build by disabling jumbo 
This fixes:

FAILED: obj/chrome/browser/ui/ui/ui_jumbo_3.o
../../third_party/llvm-build/Release+Asserts/bin/clang++ -MMD -MF obj/chrome/browser/ui/ui/ui_jumbo_3.o.d -DUSE_DBUS -DUSE_UDEV -DUSE_AURA=1 -DUSE_GLIB=1 -DUSE_NSS_CERTS=1 -DUSE_X11=1 -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_GNU_SOURCE -DCR_CLANG_REVISION=\"371202-8455294f-1\" -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -D_FORTIFY_SOURCE=2 -D_LIBCPP_ABI_UNSTABLE -D_LIBCPP_DISABLE_VISIBILITY_ANNOTATIONS -D_LIBCXXABI_DISABLE_VISIBILITY_ANNOTATIONS -D_LIBCPP_ENABLE_NODISCARD -DCR_LIBCXX_REVISION=361348 -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0 -DUSE_CUPS -DGLIB_VERSION_MAX_ALLOWED=GLIB_VERSION_2_32 -DGLIB_VERSION_MIN_REQUIRED=GLIB_VERSION_2_26 -DENABLE_IPC_FUZZER -DTOOLKIT_VIEWS=1 -DVK_NO_PROTOTYPES -DGL_GLEXT_PROTOTYPES -DUSE_GLX -DUSE_EGL -DSYNC_PASSWORD_REUSE_DETECTION_ENABLED -DON_FOCUS_PING_ENABLED -DEXPAT_RELATIVE_PATH -DGOOGLE_PROTOBUF_NO_RTTI -DGOOGLE_PROTOBUF_NO_STATIC_INITIALIZER -DHAVE_PTHREAD -DLEVELDB_PLATFORM_CHROMIUM=1 -DLEVELDB_PLATFORM_CHROMIUM=1 -DU_USING_ICU_NAMESPACE=0 -DU_ENABLE_DYLOAD=0 -DUSE_CHROMIUM_ICU=1 -DU_STATIC_IMPLEMENTATION -DICU_UTIL_DATA_IMPL=ICU_UTIL_DATA_FILE -DUCHAR_TYPE=uint16_t -DWEBRTC_NON_STATIC_TRACE_EVENT_HANDLERS=0 -DWEBRTC_CHROMIUM_BUILD -DWEBRTC_POSIX -DWEBRTC_LINUX -DABSL_ALLOCATOR_NOTHROW=1 -DNO_MAIN_THREAD_WRAPPING -DV8_USE_EXTERNAL_STARTUP_DATA -DSK_GL -DSK_HAS_PNG_LIBRARY -DSK_HAS_WEBP_LIBRARY -DSK_USER_CONFIG_HEADER=\"../../skia/config/SkUserConfig.h\" -DSK_HAS_JPEG_LIBRARY -DSK_VULKAN_HEADER=\"../../skia/config/SkVulkanConfig.h\" -DSK_VULKAN=1 -DSK_SUPPORT_GPU=1 -DSK_GPU_WORKAROUNDS_HEADER=\"gpu/config/gpu_driver_bug_workaround_autogen.h\" -DVK_NO_PROTOTYPES -DV8_DEPRECATION_WARNINGS -DI18N_ADDRESS_VALIDATION_DATA_URL=\"https://chromium-i18n.appspot.com/ssl-aggregate-address/\" -DPERFETTO_IMPLEMENTATION -I. -I../.. -Igen -Igen/shim_headers/snappy_shim -I../../third_party/libyuv/include -Igen/shim_headers/libpng_shim -Igen/shim_headers/libwebp_shim -I../../third_party/khronos -I../../gpu -I../../third_party/vulkan/include -Igen/shim_headers/opus_shim -Igen/third_party/dawn -I../../third_party/dawn/src/include -Igen/shim_headers/flac_shim -I../../third_party/protobuf/src -Igen/protoc_out -I../../third_party/protobuf/src -I../../third_party/boringssl/src/include -I../../third_party/cacheinvalidation/overrides -I../../third_party/cacheinvalidation/src -Igen/third_party/metrics_proto -I../../third_party/leveldatabase -I../../third_party/leveldatabase/src -I../../third_party/leveldatabase/src/include -I../../third_party/ced/src -I../../third_party/icu/source/common -I../../third_party/icu/source/i18n -I../../third_party/webrtc_overrides -I../../third_party/webrtc -Igen/third_party/webrtc -I../../third_party/abseil-cpp -I../../third_party/skia -I../../third_party/vulkan/include -I../../third_party/skia/third_party/vulkanmemoryallocator -I../../third_party/vulkan/include -I../../third_party/libwebm/source -I../../v8/include -Igen/v8/include -I../../third_party/perfetto/include -Igen/third_party/perfetto/build_config -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -Igen/third_party/perfetto -I../../third_party/re2/src -I../../third_party/mesa_headers -Igen -Igen -Igen -Igen -I../../third_party/libaddressinput/src/cpp/include -Igen/components/sync/protocol -I../../third_party/flatbuffers/src/include -I../../third_party/perfetto -I../../third_party/perfetto/include -Igen/third_party/perfetto/build_config -I../../third_party/brotli/include -I../../third_party/zlib -I../../third_party/fontconfig/src -Igen -Igen -Igen -Igen -Igen -fno-strict-aliasing --param=ssp-buffer-size=4 -fstack-protector -funwind-tables -fPIC -pthread -fcolor-diagnostics -fmerge-all-constants -fcrash-diagnostics-dir=../../tools/clang/crashreports -Xclang -mllvm -Xclang -instcombine-lower-dbg-declare=0 -fcomplete-member-pointers -m64 -march=x86-64 -Wno-builtin-macro-redefined -D__DATE__= -D__TIME__= -D__TIMESTAMP__= -no-canonical-prefixes -Wall -Wextra -Wimplicit-fallthrough -Wthread-safety -Wextra-semi -Wno-missing-field-initializers -Wno-unused-parameter -Wno-c++11-narrowing -Wno-unneeded-internal-declaration -Wno-undefined-var-template -Wno-ignored-pragma-optimize -Wno-implicit-int-float-conversion -Wno-xor-used-as-pow -Wno-c99-designator -Wno-reorder-init-list -Wno-final-dtor-non-final-class -O2 -fno-ident -fdata-sections -ffunction-sections -fno-omit-frame-pointer -g0 -fvisibility=hidden -Wheader-hygiene -Wstring-conversion -Wtautological-overlap-compare -Wexit-time-destructors -I/nix/store/fn0ag3ahbrjjjbsqb2846x321zj4jika-glib-2.60.7-dev/include -I/nix/store/fn0ag3ahbrjjjbsqb2846x321zj4jika-glib-2.60.7-dev/include/glib-2.0 -I/nix/store/ilk1606qj4pqzsplnnzycsxpzl6pjss8-glib-2.60.7/lib/glib-2.0/include -Wno-shorten-64-to-32 -Wno-header-guard -I/nix/store/c3i4il1c0n9mjhzm1dsvcw8h8d973s0b-nspr-4.21-dev/include -I/nix/store/qk3racv0a2967wsk0g9ps9wlbfn17faj-nss-3.46-dev/include/nss -I/nix/store/v85mz845m1hv2xlhp0zvxv36pmsfbc3q-dbus-1.12.16-dev/include/dbus-1.0 -I/nix/store/j3sv2g9s6dnlh672rwx0mmlkcm37v1k8-dbus-1.12.16-lib/lib/dbus-1.0/include -std=c++14 -fno-exceptions -fno-rtti -nostdinc++ -isystem../../buildtools/third_party/libc++/trunk/include -isystem../../buildtools/third_party/libc++abi/trunk/include -fvisibility-inlines-hidden -c gen/chrome/browser/ui/ui_jumbo_3.cc -o obj/chrome/browser/ui/ui/ui_jumbo_3.o
warning: unknown warning option '-Wno-implicit-int-float-conversion'; did you mean '-Wno-implicit-float-conversion'? [-Wunknown-warning-option]
warning: unknown warning option '-Wno-xor-used-as-pow'; did you mean '-Wno-unused-macros'? [-Wunknown-warning-option]
warning: unknown warning option '-Wno-c99-designator'; did you mean '-Wno-gnu-designator'? [-Wunknown-warning-option]
warning: unknown warning option '-Wno-reorder-init-list'; did you mean '-Wno-empty-init-stmt'? [-Wunknown-warning-option]
warning: unknown warning option '-Wno-final-dtor-non-final-class'; did you mean '-Wno-abstract-final-class'? [-Wunknown-warning-option]
In file included from gen/chrome/browser/ui/ui_jumbo_3.cc:24:
./../../chrome/browser/ui/views/profiles/profile_menu_view.cc:68:25: error: redefinition of 'GetProfileAttributesEntry'
ProfileAttributesEntry* GetProfileAttributesEntry(Profile* profile) {
                        ^
./../../chrome/browser/ui/views/profiles/avatar_toolbar_button.cc:49:25: note: previous definition is here
ProfileAttributesEntry* GetProfileAttributesEntry(Profile* profile) {
                        ^
5 warnings and 1 error generated.
 2019-09-19 00:05:24 +00:00
Ivan Kozik
2e2a9ae22a chromium: 77.0.3865.75 -> 77.0.3865.90 
CVE-2019-13685 CVE-2019-13688 CVE-2019-13687 CVE-2019-13686
 2019-09-18 22:19:08 +00:00
Ivan Kozik
19d730df85 chromium: add patch to fix performance regression with fonts 
This reverts a commit to fix a serious performance regression
introduced in Chromium 77:

https://bugs.chromium.org/p/chromium/issues/detail?id=1003997
 2019-09-17 23:42:11 +00:00
Herwig Hochleitner
dd57bf928b
Merge pull request #60833 from jflanglois/chromium-widevine 
chromium: fix widevine
 2019-09-14 14:30:29 +02:00
Ivan Kozik
d66430be79 chromium: 76.0.3809.132 -> 77.0.3865.75 
CVE-2019-5870 CVE-2019-5871 CVE-2019-5872 CVE-2019-5873
CVE-2019-5874 CVE-2019-5875 CVE-2019-5876 CVE-2019-5877
CVE-2019-5878 CVE-2019-5879 CVE-2019-5880 CVE-2019-5881
CVE-2019-13659 CVE-2019-13660 CVE-2019-13661 CVE-2019-13662
CVE-2019-13663 CVE-2019-13664 CVE-2019-13665 CVE-2019-13666
CVE-2019-13667 CVE-2019-13668 CVE-2019-13669 CVE-2019-13670
CVE-2019-13671 CVE-2019-13673 CVE-2019-13674 CVE-2019-13675
CVE-2019-13676 CVE-2019-13677 CVE-2019-13678 CVE-2019-13679
CVE-2019-13680 CVE-2019-13681 CVE-2019-13682 CVE-2019-13683
 2019-09-14 14:29:35 +02:00
taku0
dac340737a flashplayer: 32.0.0.238 -> 32.0.0.255 2019-09-10 21:13:06 +09:00
Julien Langlois
7d9578819b
Comment about handling widevine in default.nix. 2019-09-06 15:19:49 -04:00
Julien Langlois
ea7c012e4b
Explicitly check for channels in widevine plugin unpack command. 2019-09-05 17:43:58 -04:00
Julien Langlois
c28eb26100
Set package to unfree when widevine is enabled. 2019-09-05 17:27:04 -04:00
Julien Langlois
aeeb67bfcb
Rework to avoid a full rebuild for widevine. 2019-09-05 17:20:09 -04:00
Julien Langlois
545d58a1ef
chromium: fix widevine 
This change allows widevine to work in chromium (it was previously
broken due to a segfault). Newer versions of chromium do not use the
libwidevinecdmadapter.so. Instead, libwidevinecdm.so should be installed
in the chromium libExec directory.
 2019-09-05 17:20:06 -04:00
Vladimír Čunát
f21211ebfe
Merge branch 'master' into staging 2019-09-02 23:25:24 +02:00
Ivan Kozik
0e703ce075 chromium: 76.0.3809.100 -> 76.0.3809.132 (#67610) 
CVE-2019-5869
 2019-08-31 22:22:58 -04:00
volth
08f68313a4 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
Frederik Rietdijk
5061fe0c2c Merge staging-next into staging 2019-08-28 08:26:42 +02:00
Frederik Rietdijk
98640fd482 Merge master into staging-next 2019-08-27 16:36:47 +02:00
Asad Saeeduddin
17775d538b flashplayer: 32.0.0.223 -> 32.0.0.238 2019-08-25 06:05:10 -04:00
Ben Wolsieffer
8b0a684d21 chromium: remove obsolete patches 
One of these patches was causing a warning message, which broke ofborg
evaluation.
 2019-08-19 18:54:48 -04:00
Frederik Rietdijk
fe9a3e3e63 Merge staging-next into staging 2019-08-17 09:39:23 +02:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585) 
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
 2019-08-15 13:41:18 +01:00
Matthew Bauer
8281a67be0
Merge pull request #64809 from ambrop72/chromium-egl-fix 
chromium: Fix running with --use-gl=egl.
 2019-08-14 15:42:31 -04:00
Ivan Kozik
42521cb95b chromium: 76.0.3809.87 -> 76.0.3809.100 
CVE-2019-5868 CVE-2019-5867
 2019-08-09 16:07:37 +00:00
Ivan Kozik
a897743a13 chromiumDev: fix build 
Fixes:

ERROR Unresolved dependencies.
//third_party/perfetto/gn:zlib(//build/toolchain/linux:clang_x64)
  needs //third_party/zlib:zlib_config(//build/toolchain/linux:clang_x64)

builder for '/nix/store/iqr4vn2by1yxa7f92jiymvgfsn9mdvwq-chromium-unwrapped-77.0.3860.5.drv' failed with exit code 1
 2019-07-31 11:31:07 +00:00
Ivan Kozik
d18f4acdf1 chromium: 75.0.3770.90 -> 76.0.3809.87 
Fixed in 75.0.3770.142:

CVE-2019-5847 CVE-2019-5848

Fixed in 76.0.3809.87:

CVE-2019-5850 CVE-2019-5860 CVE-2019-5853 CVE-2019-5851
CVE-2019-5859 CVE-2019-5856 CVE-2019-5863 CVE-2019-5855
CVE-2019-5865 CVE-2019-5858 CVE-2019-5864 CVE-2019-5862
CVE-2019-5861 CVE-2019-5857 CVE-2019-5854 CVE-2019-5852
 2019-07-31 11:30:46 +00:00
Ambroz Bizjak
6a0a073187 chromium: Fix running with --use-gl=egl. 
When Chromium is using EGL, it dlopen's libGLESv2. Before this fix, this failed
with a not-found error. Fix it by adding libGL to the RUNPATH of the binary.

This problem does not have a visible impact on typical desktop system because
Chromium uses GLX by default. It only matters when Chromium is started with
--use-gl=egl (which makes it use OpenGL ES via EGL instead of desktop OpenGL
via GLX), and probably on certain embedded systems which only support OpenGL
ES.

With this fix, Chromium runs fine for me with --use-gl=egl and the NVidia
driver, and the about:gpu page indicates that it is indeed using OpenGL ES and
EGL.
 2019-07-15 17:03:56 +02:00
taku0
126c5d0be8 flashplayer: 32.0.0.207 -> 32.0.0.223 2019-07-11 09:51:49 +02:00
Andreas Rammhold
5a74f84536
Merge pull request #63136 from ivan/chromium-75.0.3770.90 
chromium: 75.0.3770.80 -> 75.0.3770.90
 2019-06-19 00:42:05 +02:00
volth
f3282c8d1e treewide: remove unused variables (#63177) 
* treewide: remove unused variables

* making ofborg happy
 2019-06-16 19:59:05 +00:00
Ivan Kozik
67ced10c23 chromium: 75.0.3770.80 -> 75.0.3770.90 
CVE-2019-5842
 2019-06-14 21:17:45 +00:00
taku0
1296f699e5 flashplayer: 32.0.0.192 -> 32.0.0.207 2019-06-11 15:13:34 +09:00
Ivan Kozik
8c78ae27f6 chromium: 74.0.3729.157 -> 75.0.3770.80 
CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831
CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835
CVE-2019-5836 CVE-2019-5837 CVE-2019-5838 CVE-2019-5839
CVE-2019-5840

Update a patch for Python 3, fixes #62347.

Update a GN arg to fix this warning:

warning: The GN arg 'remove_webcore_debug_symbols' is deprecated and
warning: will be removed April 15, 2019. Please change your args.gn
warning: to use 'blink_symbol_level = 0'. https://crbug.com/943869
 2019-06-05 09:27:52 +00:00
Ivan Kozik
4481a0150b chromium: use LLVM 8.0.0 to more closely match upstream 2019-06-05 09:27:52 +00:00
Silvan Mosberger
99b68ffbb0
chromium: Fix build 
Since https://github.com/NixOS/nixpkgs/pull/60499, the unwrapped
chromium already contains the applications directory.
 2019-05-28 02:33:00 +02:00
Silvan Mosberger
526a0b2277
Merge pull request #60499 from JohnAZoidberg/chromium-upstream-desktop-entry 
chromium: Use upstream desktop entry
 2019-05-27 18:28:20 +02:00
Daniel Schaefer
0f537a49e1 chromium: Use upstream desktop entry 
Upstream provides a much more featureful desktop entry file. If we use
that we take advantage of all of those features and don't have to maintain it
ourselves.
 2019-05-25 22:39:47 +02:00
Andreas Rammhold
333a2be17b
chromium: 74.0.3729.131 -> 74.0.3729.157 (#61533) 
chromium: 74.0.3729.131 -> 74.0.3729.157
 2019-05-16 19:27:12 +02:00
Ivan Kozik
2db1a06136 chromium: 74.0.3729.131 -> 74.0.3729.157 
Fixes a security bug with no CVE at this time:
https://chromereleases.googleblog.com/2019/05/stable-channel-update-for-desktop.html
 2019-05-15 05:41:40 +00:00
taku0
8be03860e4 flashplayer: 32.0.0.171 -> 32.0.0.192 2019-05-14 21:13:49 +09:00
Andreas Rammhold
0b7c602d55
chromium: 74.0.3729.108 -> 74.0.3729.131 (#60950) 
chromium: 74.0.3729.108 -> 74.0.3729.131
 2019-05-05 18:04:36 +02:00
Ivan Kozik
75d1439f8f chromium: add myself as maintainer (#60961) 2019-05-05 05:09:20 -04:00
Ivan Kozik
f15adc548f chromium: 74.0.3729.108 -> 74.0.3729.131 
CVE-2019-5827 CVE-2019-5824
 2019-05-04 22:46:24 +00:00
Herwig Hochleitner
d77256c604 chromium: 73.0.3683.103 -> 74.0.3729.108 
CVE-2019-5805 CVE-2019-5806 CVE-2019-5807 CVE-2019-5808 CVE-2019-5809
CVE-2019-5810 CVE-2019-5811 CVE-2019-5812 CVE-2019-5813 CVE-2019-5814
CVE-2019-5815 CVE-2019-5816 CVE-2019-5817 CVE-2019-5818 CVE-2019-5819
CVE-2019-5820 CVE-2019-5821 CVE-2019-5822 CVE-2019-5823
 2019-04-24 22:01:45 +02:00
taku0
3eb4e958b4 flashplayer: 32.0.0.156 -> 32.0.0.171 2019-04-09 21:14:12 +09:00
Herwig Hochleitner
a5960f765a chromium: 73.0.3683.86 -> 73.0.3683.103 2019-04-05 16:53:36 +02:00
aszlig
ed8f3b5fa3
chromium/updater: Fix usage of insecure MD5 hashes 
The title of https://github.com/NixOS/nix/issues/802 says it all:

    Is it time to deprecate md5?

Of course it is - we shouldn't use MD5 for our beautiful updater, but
switch to SHA1 instead. It's the future!

       .    .          .       .           .
  .              .        .          .               .
    .    .           .           .        .-.   .         .     .
           -------     ______             | `\                .
.   ______   .            '   ``-..-.-,.-.`.  `----._______
           .  -------   .   . `.`.-=,'='-===| SHA1  \______`--._
 --------------      ---   .  ..-.-.-=-.-===|   ____________.--"
               ---------  . . .- .,==-'`-'-./  /__----'^  `^  `^  `^
   ____   -----     --  ____   ' . _____   \______[=>  =>  =>  =>
         .                   .       .                .
   .          .     .     .              .        .          .

Signed-off-by: aszlig <aszlig@nix.build>
 2019-03-31 22:41:44 +02:00
Herwig Hochleitner
233e551674 chromium: disable vaapi support 
this fixes playback on radeon

see https://github.com/NixOS/nixpkgs/pull/57837#issuecomment-477906724
 2019-03-31 01:04:49 +01:00
Cole Mickens
60e2d2ce2b chromium: enable mojo + vaapi + allow hw accel 
fixes https://github.com/NixOS/nixpkgs/pull/57837
closes https://github.com/NixOS/nixpkgs/pull/56973
 2019-03-25 02:02:05 +01:00
Herwig Hochleitner
ea34ad0e43 chromium: 73.0.3683.75 -> 73.0.3683.86 2019-03-22 19:33:30 +01:00
taku0
e933c7875b flashplayer: 32.0.0.142 -> 32.0.0.156 (#57571) 2019-03-13 23:30:50 +01:00
Herwig Hochleitner
006a699e69 chromium: 72.0.3626.121 -> 73.0.3683.75 
CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790 CVE-2019-5791
CVE-2019-5792 CVE-2019-5793 CVE-2019-5794 CVE-2019-5795 CVE-2019-5796
CVE-2019-5797 CVE-2019-5798 CVE-2019-5799 CVE-2019-5800 CVE-2019-5801
CVE-2019-5802 CVE-2019-5803 CVE-2019-5804
 2019-03-13 16:19:29 +01:00
Herwig Hochleitner
4901dc4e74 Merge commit '9ae406c0749bbc7373d7422edeaf6b1b6caa0dae' of github.com:NixOS/nixpkgs into fix-chromium 
fixes https://github.com/NixOS/nixpkgs/pull/49797
 2019-03-07 20:50:13 +01:00
Ivan Kozik
2129c6ec05 chromium: fix sha256 for 72.0.3626.121 
The sha256 was previously unchanged from 72.0.3626.119
 2019-03-07 00:37:01 +00:00
Herwig Hochleitner
9a6e64691c chromium: 72.0.3626.119 -> 72.0.3626.121 
CVE-2019-5786
 2019-03-02 05:19:53 +01:00
Frederik Rietdijk
2fcb11a244 Merge staging-next into master 2019-03-01 09:06:20 +01:00