[Nix-commits] [NixOS/nixpkgs] 5dbabd: chromium: Update stable to 50.0.2661.102 for multi...

Sat, 14 May 2016 20:24:05 -0700 

  Branch: refs/heads/release-16.03
  Home:   https://github.com/NixOS/nixpkgs
  Commit: 5dbabdd2a93b5ab7e088d08dc8acc8d55e56e6b0
      
https://github.com/NixOS/nixpkgs/commit/5dbabdd2a93b5ab7e088d08dc8acc8d55e56e6b0
  Author: Scott R. Parish <srpar...@gmail.com>
  Date:   2016-05-15 (Sun, 15 May 2016)

  Changed paths:
    M pkgs/applications/networking/browsers/chromium/upstream-info.nix

  Log Message:
  -----------
  chromium: Update stable to 50.0.2661.102 for multiple security fixes

This addresses the following security fixes:

 * High   CVE-2016-1667: Same origin bypass in DOM. Credit to
                   Mariusz Mlynski.
 * High   CVE-2016-1668: Same origin bypass in Blink V8 bindings. Credit
                   to Mariusz Mlynski.
 * High   CVE-2016-1669: Buffer overflow in V8. Credit to Choongwoo Han.
 * Medium CVE-2016-1670: Race condition in loader. Credit to anonymous.
 * Medium CVE-2016-1671: Directory traversal using the file scheme on
                   Android. Credit to Jann Horn.

See: http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html

Signed-off-by: Scott R. Parish <srpar...@gmail.com>
Tested-by: aszlig <asz...@redmoonstudios.org>
Closes: #15446
Signed-off-by: aszlig <asz...@redmoonstudios.org>
(cherry picked from commit 5ebf20db0f514ef9c6f08da0bb650a02cb2120fd)


  Commit: 5454a88346697166e58c1b5c726ca8d2b74980d4
      
https://github.com/NixOS/nixpkgs/commit/5454a88346697166e58c1b5c726ca8d2b74980d4
  Author: aszlig <asz...@redmoonstudios.org>
  Date:   2016-05-15 (Sun, 15 May 2016)

  Changed paths:
    M pkgs/applications/networking/browsers/chromium/upstream-info.nix

  Log Message:
  -----------
  chromium: Update to latest beta and dev channels

Overview of the updated versions:

beta: 50.0.2661.49 -> 51.0.2704.47
dev:  51.0.2693.2  -> 52.0.2729.3

It has been a while since we had a major Chromium update that compiled
and worked without troubles, but version 52 builds and the VM tests are
successful as well:

https://headcounter.org/hydra/eval/320335

Signed-off-by: aszlig <asz...@redmoonstudios.org>
(cherry picked from commit ad2c8d3510eaec68861a610574b09aca45b9cad3)
Reason: 50.0.2661.102 fixes a bunch of security vulnerabilities and
  we want to have them fixed in beta/dev as well.


Compare: https://github.com/NixOS/nixpkgs/compare/342435cc57fb...5454a8834669
_______________________________________________
nix-commits mailing list
nix-comm...@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-commits

Reply via email to