nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-27 09:23:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

ungoogled-chromium: 126.0.6478.182-1 -> 127.0.6533.72-1

Browse Source 
https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html

This update includes 22 security fixes.

CVEs:
CVE-2024-6988 CVE-2024-6989 CVE-2024-6991 CVE-2024-6994 CVE-2024-6995
CVE-2024-6996 CVE-2024-6997 CVE-2024-6998 CVE-2024-6999 CVE-2024-7000
CVE-2024-7001 CVE-2024-7003 CVE-2024-7004 CVE-2024-7005

The ungoogled-chromium binary pruning list got updated to include the
path to a node binary previously not included in the chromium source
tarball. We already did link the binary from our node package into place,
however as we were running the pruning script after the linking the
binary would get removed, causing the build to fail.

Co-authored-by: emilylange <git@emilylange.de>
This commit is contained in:
networkException 2024-07-28 12:14:23 +02:00
parent 1c39ed2403
commit bb19f848ae
No known key found for this signature in database
GPG Key ID: E3877443AE684391
2 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pkgs/applications/networking/browsers/chromium/common.nix
View File

@ -388,6 +388,10 @@ let
find . -type f -perm -0100 -exec sed -i -e '$a\' {} +
patchShebangs .
'' + lib.optionalString (ungoogled) ''
# Prune binaries (ungoogled only) *before* linking our own binaries:
${ungoogler}/utils/prune_binaries.py . ${ungoogler}/pruning.list || echo "some errors"
'' + ''
# Link to our own Node.js and Java (required during the build):
mkdir -p third_party/node/linux/node-linux-x64/bin
ln -s${lib.optionalString (chromiumVersionAtLeast "127") "f"} "${pkgsBuildHost.nodejs}/bin/node" third_party/node/linux/node-linux-x64/bin/node
@ -400,7 +404,6 @@ let
substituteInPlace build/toolchain/linux/BUILD.gn \
--replace 'toolprefix = "aarch64-linux-gnu-"' 'toolprefix = ""'
'' + lib.optionalString ungoogled ''
${ungoogler}/utils/prune_binaries.py . ${ungoogler}/pruning.list || echo "some errors"
${ungoogler}/utils/patches.py . ${ungoogler}/patches
${ungoogler}/utils/domain_substitution.py apply -r ${ungoogler}/domain_regex.list -f ${ungoogler}/domain_substitution.list -c ./ungoogled-domsubcache.tar.gz .
'';

14
pkgs/applications/networking/browsers/chromium/upstream-info.nix
View File

@ -21,17 +21,17 @@
ungoogled-chromium = {
deps = {
gn = {
hash = "sha256-mNoQeHSSM+rhR0UHrpbyzLJC9vFqfxK1SD0X8GiRsqw=";
rev = "df98b86690c83b81aedc909ded18857296406159";
hash = "sha256-vzZu/Mo4/xATSD9KgKcRuBKVg9CoRZC9i0PEajYr4UM=";
rev = "b3a0bff47dd81073bfe67a402971bad92e4f2423";
url = "https://gn.googlesource.com/gn";
version = "2024-05-13";
version = "2024-06-06";
};
ungoogled-patches = {
hash = "sha256-jDWL4gXcWF6GMlFJ/sua4dfVURs9vWYXRMjnYNqESWc=";
rev = "126.0.6478.182-1";
hash = "sha256-IBdOV+eFJWD+kCxnhSWWjiBgMbP/DxF+gUVIIpWf4rc=";
rev = "127.0.6533.72-1";
};
};
hash = "sha256-vZ7P8+vHTMCo6lXkV84ENqRZVG3/fDEwl+BTNJTGMn4=";
version = "126.0.6478.182";
hash = "sha256-m99HaGCuIihDdbVnmu6xatnC/QDxgLVby2TWY/L+RHk=";
version = "127.0.6533.72";
};
}