[Nix-commits] [NixOS/nixpkgs] 0b0591: chromium: Update stable to 50.0.2661.102 for multi...

Sat, 14 May 2016 20:28:07 -0700 

  Branch: refs/heads/release-15.09
  Home:   https://github.com/NixOS/nixpkgs
  Commit: 0b0591810eb6f744d47ec7a3a4e6dad9e75b5c00
      
https://github.com/NixOS/nixpkgs/commit/0b0591810eb6f744d47ec7a3a4e6dad9e75b5c00
  Author: Scott R. Parish <srpar...@gmail.com>
  Date:   2016-05-15 (Sun, 15 May 2016)

  Changed paths:
    M pkgs/applications/networking/browsers/chromium/upstream-info.nix

  Log Message:
  -----------
  chromium: Update stable to 50.0.2661.102 for multiple security fixes

This addresses the following security fixes:

 * High   CVE-2016-1667: Same origin bypass in DOM. Credit to
                   Mariusz Mlynski.
 * High   CVE-2016-1668: Same origin bypass in Blink V8 bindings. Credit
                   to Mariusz Mlynski.
 * High   CVE-2016-1669: Buffer overflow in V8. Credit to Choongwoo Han.
 * Medium CVE-2016-1670: Race condition in loader. Credit to anonymous.
 * Medium CVE-2016-1671: Directory traversal using the file scheme on
                   Android. Credit to Jann Horn.

See: http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html

Signed-off-by: Scott R. Parish <srpar...@gmail.com>
Tested-by: aszlig <asz...@redmoonstudios.org>
Closes: #15446
Signed-off-by: aszlig <asz...@redmoonstudios.org>
(cherry picked from commit 5ebf20db0f514ef9c6f08da0bb650a02cb2120fd)


  Commit: 4f32d2c5659074ad3c0f050dfbf848ff0548ca77
      
https://github.com/NixOS/nixpkgs/commit/4f32d2c5659074ad3c0f050dfbf848ff0548ca77
  Author: aszlig <asz...@redmoonstudios.org>
  Date:   2016-05-15 (Sun, 15 May 2016)

  Changed paths:
    M pkgs/applications/networking/browsers/chromium/upstream-info.nix

  Log Message:
  -----------
  chromium: Update to latest beta and dev channels

Overview of the updated versions:

beta: 50.0.2661.49 -> 51.0.2704.47
dev:  51.0.2693.2  -> 52.0.2729.3

It has been a while since we had a major Chromium update that compiled
and worked without troubles, but version 52 builds and the VM tests are
successful as well:

https://headcounter.org/hydra/eval/320335

Signed-off-by: aszlig <asz...@redmoonstudios.org>
(cherry picked from commit ad2c8d3510eaec68861a610574b09aca45b9cad3)
Reason: 50.0.2661.102 fixes a bunch of security vulnerabilities and
  we want to have them fixed in beta/dev as well.


Compare: https://github.com/NixOS/nixpkgs/compare/e263fdae1d55...4f32d2c56590
_______________________________________________
nix-commits mailing list
nix-comm...@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-commits

Reply via email to