Upstream changes since version 0.4.0:
* version 0.5.0 (release 2015-05-04):
- Added support for KWallet5 (KDE5/KF)
* version 0.6.0 (release 2016-03-18)
- Added support for the Windows Credential Store
* version 0.6.1 (release 2016-03-31)
- Fix KWallet not working (regressions in 0.6.0)
* version 0.6.2 (release 2016-04-04)
- KWallet: Fixes a crash when storing passwords, seen on Debian/KDE4
* version 0.7.0 (release 2016-05-23)
- Bump SO version due to 0.6 being binary-incompatible to previous
releases
Tomahawk and owncloud-client depend on this library, both are still
building fine after this update.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The following doesn't seem to be quite right and I have missed this when
I was introducing qtkeychain in the first place:
-- Installing: /nix/store/...-qtkeychain-0.4.0/$out/share/qt/translations/qtkeychain_de.qm
-- Installing: /nix/store/...-qtkeychain-0.4.0/$out/share/qt/translations/qtkeychain_ro.qm
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes the following security problems:
- CVE-2016-5147: Universal XSS in Blink
- CVE-2016-5148: Universal XSS in Blink
- CVE-2016-5149: Script injection in extensions
- CVE-2016-5150: Use after free in Blink
- CVE-2016-5151: Use after free in PDFium
- CVE-2016-5152: Heap overflow in PDFium
- CVE-2016-5153: Use after destruction in Blink
- CVE-2016-5154: Heap overflow in PDFium
- CVE-2016-5155: Address bar spoofing
- CVE-2016-5156: Use after free in event bindings
- CVE-2016-5157: Heap overflow in PDFium
- CVE-2016-5158: Heap overflow in PDFium
- CVE-2016-5159: Heap overflow in PDFium
- CVE-2016-5160: Extensions web accessible resources bypass
- CVE-2016-5161: Type confusion in Blink.
- CVE-2016-5162: Extensions web accessible resources bypass
- CVE-2016-5163: Address bar spoofing
- CVE-2016-5164: Universal XSS using DevTools
- CVE-2016-5165: Script injection in DevTools
- CVE-2016-5166: SMB Relay Attack via Save Page As
- CVE-2016-5167: Various fixes from internal audits, fuzzing and other initiatives
A few additional changes:
1. We load patches from debian for improving privacy and security
2. Now with QT 5.6 instead of 5.5
3. We strip bundled python code and use proper upstream instead
````
run_tests.sh: interpreter directive changed from "/bin/bash" to "/nix/store/nyj6xd7s1n1w8c0xdwk5ddhi7bjcyi9x-bash-4.3-p46/bin/bash"
No virtual environment found...create one? (Y/n) builder for ‘/nix/store/qcrhq2f7llvzyc37ili94ff50z7vlgn3-python2.7-keystoneclient-1.8.1.drv’ failed with exit code 1
error: build of ‘/nix/store/qcrhq2f7llvzyc37ili94ff50z7vlgn3-python2.7-keystoneclient-1.8.1.drv’ failed
````