nixpkgs/pkgs
Scott R. Parish e2d067d760
chromium: Update to latest stable and beta channel
Overview of updated versions:

stable: 50.0.2661.102 -> 51.0.2704.63
beta: 51.0.2704.47 -> 51.0.2704.63

I tried to update dev, but couldn't get it to compile, it was failing
with a "'isnan' was not declared in this scope.

As far as I can tell, at the moment the beta and stable channels are
on the same version.

The stable update addresses the following security issues:

  * High   CVE-2016-1672: Cross-origin bypass in extension bindings. Credit
                          to Mariusz Mlynski.
  * High   CVE-2016-1673: Cross-origin bypass in Blink. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1674: Cross-origin bypass in extensions. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1675: Cross-origin bypass in Blink. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1676: Cross-origin bypass in extension bindings. Credit
                          to Rob Wu.
  * Medium CVE-2016-1677: Type confusion in V8. Credit to Guang Gong of
                        Qihoo 360.
  * High   CVE-2016-1678: Heap overflow in V8. Credit to Christian Holler.
  * High   CVE-2016-1679: Heap use-after-free in V8 bindings. Credit to Rob Wu.
  * High   CVE-2016-1680: Heap use-after-free in Skia. Credit to Atte Kettunen
                          of OUSPG.
  * High   CVE-2016-1681: Heap overflow in PDFium. Credit to Aleksandar Nikolic
                          of Cisco Talos.
  * Medium CVE-2016-1682: CSP bypass for ServiceWorker. Credit to
                          KingstonTime.
  * Medium CVE-2016-1683: Out-of-bounds access in libxslt. Credit to Nicolas
                          Gregoire.
  * Medium CVE-2016-1684: Integer overflow in libxslt. Credit to Nicolas
                          Gregoire.
  * Medium CVE-2016-1685: Out-of-bounds read in PDFium. Credit to Ke Liu
                          of Tencent's Xuanwu LAB.
  * Medium CVE-2016-1686: Out-of-bounds read in PDFium. Credit to Ke Liu
                          of Tencent's Xuanwu LAB.
  * Medium CVE-2016-1687: Information leak in extensions. Credit to Rob Wu.
  * Medium CVE-2016-1688: Out-of-bounds read in V8. Credit to Max Korenko.
  * Medium CVE-2016-1689: Heap buffer overflow in media. Credit to Atte
                          Kettunen of OUSPG.
  * Medium CVE-2016-1690: Heap use-after-free in Autofill. Credit to Rob Wu.
  * Low    CVE-2016-1691: Heap buffer-overflow in Skia. Credit to Atte Kettunen
                          of OUSPG.
  * Low    CVE-2016-1692: Limited cross-origin bypass in ServiceWorker. Credit
                          to Til Jasper Ullrich.
  * Low    CVE-2016-1693: HTTP Download of Software Removal Tool. Credit to
                          Khalil Zhani.
  * Low    CVE-2016-1694: HPKP pins removed on cache clearance. Credit to Ryan
                          Lester and Bryant Zadegan.

See: http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
2016-05-28 18:12:39 +02:00
..
applications chromium: Update to latest stable and beta channel 2016-05-28 18:12:39 +02:00
build-support buildRustPackage: Don't specify logLevel by default. 2016-05-28 15:05:11 +02:00
data Merge branch 'master' into staging 2016-05-26 16:50:22 +02:00
desktops elementary: 1.17.0 -> 1.17.1 2016-05-28 09:54:32 -03:00
development Merge pull request #15606 from dvc94ch/fpga-toolchain-updates 2016-05-28 15:41:10 +02:00
games crawl: 1.17.1 -> 1.18.0 2016-05-28 14:00:15 +03:00
misc Merge branch 'master' into staging 2016-05-26 16:50:22 +02:00
os-specific openvswitch: 2.3.1 -> 2.5.0 (#15729) 2016-05-28 16:02:04 +02:00
servers slurm-llnl: improvements 2016-05-28 02:08:41 +02:00
shells fish: 2.2.0 -> 2.3.0 2016-05-26 00:10:22 +02:00
stdenv Allow not rebasing in cygwin stdenv. 2016-05-20 17:17:10 +02:00
test
tools Merge pull request #15769 from redvers/mtx 2016-05-28 16:47:36 +02:00
top-level Merge pull request #15769 from redvers/mtx 2016-05-28 16:47:36 +02:00