c67a7ee731
This brings in the new stable version 54 which also introduces a lot of security fixes: CVE-2016-5198: Out of bounds memory access in V8 CVE-2016-5181: Universal XSS in Blink CVE-2016-5182: Heap overflow in Blink CVE-2016-5183: Use after free in PDFium CVE-2016-5184: Use after free in PDFium CVE-2016-5185: Use after free in Blink CVE-2016-5187: URL spoofing CVE-2016-5188: UI spoofing CVE-2016-5192: Cross-origin bypass in Blink CVE-2016-5189: URL spoofing CVE-2016-5186: Out of bounds read in DevTools CVE-2016-5191: Universal XSS in Bookmarks CVE-2016-5190: Use after free in Internals CVE-2016-5193: Scheme bypass Detailed announcements about these changes can be found here (latest to oldest): https://googlechromereleases.blogspot.de/2016/11/stable-channel-update-for-desktop.html https://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop_20.html https://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop.html The update process of Chromium has been a bit bumpy on our side, because version 54 also did the switch from GYP to GN so it wasn't just a matter of updating the upstream-info file. I've tested the Flash plugin (which runs fine) and WideVine manually, although I couldn't get WideVine to work (I was running this within a VM though). So if people want to use WideVine they need to use Chrome instead until we got this sorted out. VM test results along with builds for all platforms can be found here: https://headcounter.org/hydra/eval/339328 I'm going to backport these changes to stable as soon as the tests/builds succeed there as well. Closes: #19565 Closes: #20120 |
||
---|---|---|
.. | ||
apache-ant | ||
apache-maven | ||
bam | ||
bazel | ||
bear | ||
boot | ||
buildbot | ||
cmake | ||
colormake | ||
dub | ||
gn | ||
gnumake | ||
gradle | ||
gup | ||
icmake | ||
jam | ||
leiningen | ||
meson | ||
mk | ||
nant | ||
ninja | ||
rake | ||
rebar | ||
rebar3 | ||
redo | ||
remake | ||
sbt | ||
scons | ||
tup | ||
waf |