Commit Graph

3571 Commits

Author SHA1 Message Date
Graham Christensen
e8ddc0cfa7
google-chrome: add coreutils to PATH
google-chrome-stable can't run without coreutils in PATH
2020-06-17 08:32:34 -04:00
zowoq
78e324d272 treewide: ffmpeg_4 -> ffmpeg 2020-06-16 18:23:14 -07:00
Michael Weiss
5e8b626898
Merge pull request #90538 from primeos/chromium
chromium: 83.0.4103.97 -> 83.0.4103.106
2020-06-16 13:59:12 +02:00
Emery Hemingway
f2592c0b94 kristall: init at 0.2 2020-06-16 13:46:45 +05:30
Michael Weiss
1a5df8f680
chromium: 83.0.4103.97 -> 83.0.4103.106
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop_15.html

This update includes 4 security fixes.

CVEs: CVE-2020-6505 CVE-2020-6506 CVE-2020-6507
2020-06-16 00:01:51 +02:00
Frederik Rietdijk
59dda0a42a Merge master into staging-next 2020-06-15 08:07:00 +02:00
Vladimír Čunát
6857bccf12
Merge #89438: firefox updates (into staging-next)
Most of the changes are in already, but we referenced these commit
hashes from 20.03, so let's include them in the history.
2020-06-14 11:41:42 +02:00
taku0
0a146054bd flashplayer: 32.0.0.371 -> 32.0.0.387 2020-06-14 08:44:44 +02:00
ajs124
5460d53af1
firefox-beta-bin: 77.0b7 -> 78.0b2 (security)
PR #89438.
2020-06-12 21:10:12 +02:00
ajs124
51d0d03b8c
firefox-esr-68: 68.8.0esr -> 68.9.0esr (security)
PR #89438.
2020-06-12 21:10:12 +02:00
ajs124
1bc740008b
firefox-bin: 76.0 -> 77.0.1 (security)
PR #89438.
2020-06-12 21:10:11 +02:00
Doron Behar
01d4e2fe33 treewide: use ffmpeg_3 explicitly if not wanted otherwise
After making `ffmpeg` point to the latest `ffmpeg_4`, all packages that
used `ffmpeg` without requiring a specific version now use ffmpeg_3
explicitly so they shouldn't change.
2020-06-12 11:55:31 -07:00
Anderson Torres
184ecdbf0f
Merge pull request #89931 from OPNA2608/update-palemoon-28.10.0
palemoon: 28.9.3 -> 28.10.0
2020-06-12 11:40:01 -03:00
Michael Weiss
e466ea721c
chromium{Beta,Dev}: Fix the builds
Fix #89615.
2020-06-10 11:23:14 +02:00
Michael Weiss
1d38f6bcb2
chromiumBeta: Fix the configuration phase
The changes from chromiumDev (see 029a5de083) are required for
chromiumBeta as well.
2020-06-09 13:53:47 +02:00
Florian Klink
495cf5fd17
Merge pull request #89565 from jsravn/enable-chromium-rtc-use-pipewire
chromium: add rtc_use_pipewire
2020-06-07 21:13:28 +02:00
Christoph Neidahl
7c65275595 palemoon: 28.9.3 -> 28.10.0 2020-06-07 12:27:03 +02:00
Michael Weiss
029a5de083
chromiumDev: Fix the configuration phase
Relevant changes in M85:
- Upstream switched from YASM to NASM [0].
- third_party/binutils was removed [1].

Note: The gn and dev channel updates are optional.
cc #89615.

[0]: https://bugs.chromium.org/p/chromium/issues/detail?id=766721
[1]: 9869e86fd9
2020-06-06 19:38:53 +02:00
James Ravn
1535270d91
Add pipewire to runtime path 2020-06-06 17:08:39 +01:00
Lassulus
f0bee9760f
Merge pull request #88050 from squalus/ungoogled-0518
ungoogled-chromium: 81.0.4044.122-2 -> 81.0.4044.138-1
2020-06-06 16:16:28 +02:00
Michael Weiss
19e939d98e
chromiumBeta: Fix the source hash
For some reason the hash from 9ec139b672 became invalid, see #89615.
The update script does now produce the correct hash.
2020-06-06 13:36:09 +02:00
James Ravn
fae468b3ce
chromium: add rtc_use_pipewire
This provides the browser flag #enable-webrtc-pipewire-capturer, which
adds support for screensharing on Wayland via xdg-desktop-portal.

The browser flag is disabled by default until a user enables it. At
least one other major distribution (Arch) enables this compile time
option, and so I believe it should be safe to enable by default.

This is also needed to support xdg-desktop-portal-wlr which was added in
https://github.com/NixOS/nixpkgs/pull/83485.
2020-06-05 21:05:43 +01:00
Michael Weiss
9ec139b672
chromium: 83.0.4103.61 -> 83.0.4103.97
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html

This update includes 5 security fixes.

CVEs: CVE-2020-6493 CVE-2020-6494 CVE-2020-6495 CVE-2020-6496
2020-06-04 20:26:31 +02:00
Christoph Hrdinka
001cf3f926
Merge pull request #87868 from OPNA2608/update-palemoon
palemoon: 28.9.1 -> 28.9.3
2020-06-04 16:40:57 +02:00
ajs124
0e3b3bd5b0 firefox-beta-bin: 77.0b7 -> 78.0b2 2020-06-04 13:30:40 +02:00
ajs124
303f8d1da4 firefox-bin: 76.0 -> 77.0.1 2020-06-04 13:30:40 +02:00
ajs124
7fc793091b firefox-esr-68: 68.8.0esr -> 68.9.0esr 2020-06-04 13:30:40 +02:00
ajs124
dd334ebabb firefox: 76.0.1 -> 77.0.1 2020-06-04 13:30:40 +02:00
ajs124
785cdcddd7 nss: 3.52 -> 3.52.1 2020-06-04 13:30:40 +02:00
JosephTheEngineer
c976124d1d
falkon: use wrapQtAppsHook (#89375) 2020-06-03 09:12:46 +00:00
Emery Hemingway
468091a623 tor-browser-bundle-bin: 9.0.9 -> 9.5 2020-06-03 13:22:00 +05:30
josephtheengineer
5d9f617c10
qutebrowser: 1.11.1 -> 1.12.0 2020-06-02 16:51:09 +10:00
Anderson Torres
ca90190e2c
Merge pull request #87277 from CheariX/brave-1.8.95
brave: 1.7.92 -> 1.8.95
2020-05-21 00:23:05 -03:00
Michael Weiss
cdd95a9625
chromium: 81.0.4044.138 -> 83.0.4103.61
https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop_19.html

This update includes 38 security fixes.

CVEs:
CVE-2020-6465 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469
CVE-2020-6470 CVE-2020-6471 CVE-2020-6472 CVE-2020-6473 CVE-2020-6474
CVE-2020-6475 CVE-2020-6476 CVE-2020-6477 CVE-2020-6478 CVE-2020-6479
CVE-2020-6480 CVE-2020-6481 CVE-2020-6482 CVE-2020-6483 CVE-2020-6484
CVE-2020-6485 CVE-2020-6486 CVE-2020-6487 CVE-2020-6488 CVE-2020-6489
CVE-2020-6490 CVE-2020-6491
2020-05-19 23:55:32 +02:00
DonHugo69
20b3ba16c4
vivaldi: 2.11 -> 3.0 2020-05-19 14:51:20 +02:00
adisbladis
b3f79e194a
firefox-devedition-bin: 77.0b6 -> 77.0b7 2020-05-19 02:07:38 +01:00
adisbladis
aac358315f
firefox-beta-bin: 77.0b6 -> 77.0b7 2020-05-19 02:07:38 +01:00
squalus
fda9c39559 ungoogled-chromium: 81.0.4044.122-2 -> 81.0.4044.138-1 2020-05-18 01:01:19 -07:00
adisbladis
80a4efc3bd
firefox-devedition-bin: 76.0b8 -> 77.0b6 2020-05-16 14:08:19 +01:00
adisbladis
198653e57e
firefox-beta-bin: 76.0b8 -> 77.0b6 2020-05-16 14:07:56 +01:00
Andreas Rammhold
b0774e2d0e
Merge pull request #87811 from andir/firefox
firefox: 76.0 -> 76.0.1
2020-05-15 20:21:24 +02:00
Christoph Neidahl
5262ada436 palemoon: 28.9.1 -> 28.9.3 2020-05-15 09:06:54 +02:00
Mario Rodas
b51a82932f
Merge pull request #87733 from taku0/flashplayer-32.0.0.371
flashplayer: 32.0.0.363 -> 32.0.0.371
2020-05-14 08:05:29 -05:00
Andreas Rammhold
b70435e43c
firefox: 76.0 -> 76.0.1 2020-05-14 12:50:34 +02:00
aszlig
8fb49973ce
firefox: Add patch to fix AES GCM IV bit size
Regression introduced by bce5268a21.

The bit size of the initialisation vector for AES GCM has been
introduced in NSS version 3.52 in the CK_GCM_PARMS struct via the
ulIvBits field.

Unfortunately, Firefox 68.8.0 and 76.0 do not set this field and thus it
gets initialised to zero, which in turn causes IV generation to fail.

I found out about this because WebRTC stopped working after updating to
NSS 3.52 and so I started bisecting.

Since there wasn't an obvious error in Firefox hinting towards NSS but
instead just the video stream ended up as a "null" stream, I didn't
suspect the NSS update to be the culprit at first. So I verified a few
times and then also started bisecting the actual commit in NSS that
caused the issue.

This turned out to be the problematic change:

https://phabricator.services.mozilla.com/D63241

> One notable change was caused by an inconsistancy between the spec and
> the released headers in PKCS#11 v2.40. CK_GCM_PARAMS had an extra
> field in the header that was not in the spec. OASIS considers the
> header file to be normative, so PKCS#11 v3.0 resolved the issue in
> favor of the header file definition.

Since the test I've used[1] was a bit flaky, I still didn't believe the
result of the bisect to be accurate, but after running the test several
times leading same results I dug through the above change line by line
to get more clues.

It fortunately didn't take that long to stumble upon the ulIvBits change
(which is actually documented in the NSS 3.52 release notes[4], but I
managed to blatantly ignore it for some reason) and started checking the
Firefox source tree for changes regarding that field.

Initialisation of that new field has been introduced[2] in preparation
for the 76 release, but subsequently got reverted[3] prior to the
release, because Firefox 76 is expected to be shipped with NSS 3.51,
which didn't have the ulIvBits field.

The patch I'm adding here is just a reintroduction of that change,
because we're using NSS 3.52. Not initialising that field will break
WebRTC and WebCrypto, which I think the former seems to gain in
popularity these days ;-)

Tested the change against the mentioned VM test[1] and also by testing
manually using Jitsi Meet and Nextcloud Talk.

[1]: https://github.com/aszlig/avonc/tree/884315838b6f0ebb32b/tests/talk
[2]: https://hg.mozilla.org/mozilla-central/rev/3ed30e6b6de1
[3]: https://hg.mozilla.org/mozilla-central/rev/665137da70ee
[4]: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.52_release_notes

Signed-off-by: aszlig <aszlig@nix.build>
2020-05-13 02:23:12 +02:00
Robert Schütz
52fcfd3876 qutebrowser: 1.11.0 -> 1.11.1
fixes CVE-2020-11054
2020-05-12 18:46:09 +02:00
taku0
d8fa222ca2 flashplayer: 32.0.0.363 -> 32.0.0.371 2020-05-12 18:31:02 +09:00
xiorcale
ccfe14cb3b github username: kjuvi -> xiorcale 2020-05-09 09:08:18 +02:00
Christian Mainka
e659bf3ce4 brave: 1.7.92 -> 1.8.95 2020-05-08 18:16:17 +02:00
Pavol Rusnak
6abf4a43ad
treewide: per RFC45, remove more unquoted URLs 2020-05-08 15:20:47 +02:00