cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
nixpkgs/pkgs/applications/networking/browsers
History
Scott R. Parish e2d067d760
chromium: Update to latest stable and beta channel 
Overview of updated versions:

stable: 50.0.2661.102 -> 51.0.2704.63
beta: 51.0.2704.47 -> 51.0.2704.63

I tried to update dev, but couldn't get it to compile, it was failing
with a "'isnan' was not declared in this scope.

As far as I can tell, at the moment the beta and stable channels are
on the same version.

The stable update addresses the following security issues:

  * High   CVE-2016-1672: Cross-origin bypass in extension bindings. Credit
                          to Mariusz Mlynski.
  * High   CVE-2016-1673: Cross-origin bypass in Blink. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1674: Cross-origin bypass in extensions. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1675: Cross-origin bypass in Blink. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1676: Cross-origin bypass in extension bindings. Credit
                          to Rob Wu.
  * Medium CVE-2016-1677: Type confusion in V8. Credit to Guang Gong of
                        Qihoo 360.
  * High   CVE-2016-1678: Heap overflow in V8. Credit to Christian Holler.
  * High   CVE-2016-1679: Heap use-after-free in V8 bindings. Credit to Rob Wu.
  * High   CVE-2016-1680: Heap use-after-free in Skia. Credit to Atte Kettunen
                          of OUSPG.
  * High   CVE-2016-1681: Heap overflow in PDFium. Credit to Aleksandar Nikolic
                          of Cisco Talos.
  * Medium CVE-2016-1682: CSP bypass for ServiceWorker. Credit to
                          KingstonTime.
  * Medium CVE-2016-1683: Out-of-bounds access in libxslt. Credit to Nicolas
                          Gregoire.
  * Medium CVE-2016-1684: Integer overflow in libxslt. Credit to Nicolas
                          Gregoire.
  * Medium CVE-2016-1685: Out-of-bounds read in PDFium. Credit to Ke Liu
                          of Tencent's Xuanwu LAB.
  * Medium CVE-2016-1686: Out-of-bounds read in PDFium. Credit to Ke Liu
                          of Tencent's Xuanwu LAB.
  * Medium CVE-2016-1687: Information leak in extensions. Credit to Rob Wu.
  * Medium CVE-2016-1688: Out-of-bounds read in V8. Credit to Max Korenko.
  * Medium CVE-2016-1689: Heap buffer overflow in media. Credit to Atte
                          Kettunen of OUSPG.
  * Medium CVE-2016-1690: Heap use-after-free in Autofill. Credit to Rob Wu.
  * Low    CVE-2016-1691: Heap buffer-overflow in Skia. Credit to Atte Kettunen
                          of OUSPG.
  * Low    CVE-2016-1692: Limited cross-origin bypass in ServiceWorker. Credit
                          to Til Jasper Ullrich.
  * Low    CVE-2016-1693: HTTP Download of Software Removal Tool. Credit to
                          Khalil Zhani.
  * Low    CVE-2016-1694: HPKP pins removed on cache clearance. Credit to Ryan
                          Lester and Bryant Zadegan.

See: http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
2016-05-28 18:12:39 +02:00
..
arora arora: move to qmake4Hook 2016-04-20 18:55:45 +03:00
chromium chromium: Update to latest stable and beta channel 2016-05-28 18:12:39 +02:00
conkeror conkeror: 1.0pre-20150730 -> 1.0pre-20160130 2016-04-05 14:34:42 +02:00
dillo Dillo: 3.0.4.1 -> 3.0.5 2015-07-23 23:05:19 -03:00
dwb Merge pull request #14742 from mbakke/dwb 2016-04-15 23:12:31 +02:00
elinks treewide: Make explicit that 'dev' output of openssl is used 2016-05-19 10:02:23 +02:00
firefox firefox: restore gstreamer support for older firefox releases 2016-05-19 00:28:49 +03:00
firefox-bin firefox-bin: 47.0b7 -> 47.0b8 2016-05-25 11:42:40 +02:00
google-chrome Merge #14920: windows improvements, mainly mingw 2016-05-05 08:30:19 +02:00
jumanji Merge branch 'master' into closure-size 2015-12-31 09:53:02 +01:00
kwebkitpart kde414: build with kdelibs-4.14.12 2015-09-27 15:08:12 -05:00
links2 links: Remove package & deprecate for links2 2016-01-31 11:46:35 +01:00
luakit glib-networking: split the dev output 2015-10-13 20:18:56 +02:00
lynx treewide: Make explicit that 'dev' output of openssl is used 2016-05-19 10:02:23 +02:00
midori Merge branch 'master' into closure-size 2016-04-01 10:06:01 +02:00
mozilla-plugins flashplayer: 11.2.202.616 -> 11.2.202.621 2016-05-12 21:58:26 +09:00
opera makeSearchPathOutputs: refactor to makeSearchPathOutput 2016-04-25 13:24:39 +03:00
qutebrowser qutebrowser: 0.6.0 -> 0.6.1 2016-04-17 15:38:12 +02:00
rekonq rekonq: fix homepage url 2016-02-16 14:11:36 +00:00
surf Merge branch 'staging' into closure-size 2016-01-19 09:55:31 +01:00
uzbl Merge master into closure-size 2016-03-08 09:58:19 +01:00
vimb Merge branch 'staging' into closure-size 2016-01-19 09:55:31 +01:00
vimprobable2 glib-networking: split the dev output 2015-10-13 20:18:56 +02:00
vivaldi Merge remote-tracking branch 'upstream/master' into staging 2016-05-03 23:12:48 +03:00
w3m treewide: Make explicit that 'dev' output of openssl is used 2016-05-19 10:02:23 +02:00