> can you give a sense of the severity of the CVEs in question? >From one LWN summary[0], it looks pretty serious:
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. > Now that i've installed that build into my System profile, it does work. > It would be great to have clarity on the situation I've applied the patches to 16.09 in my own branch[1] to test this, if anyone would like to try it on stable. Interesting that it might work globally installed. Not sure I understand why that is possible. I'll report how it goes after the (very long) chromium build :) Thank you, Graham [0] https://lwn.net/Vulnerabilities/703767/ [1] https://github.com/grahamca/nixpkgs/tree/chromium-16.09 (note: this is against the channel version, so no chance of a massive rebuild... other than chrome :) ) _______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
