Commit Graph

1513 Commits

Author SHA1 Message Date
zimbatm
e25933ac6e Merge pull request #16410 from womfoo/conkeror
conkeror: 1.0pre-20160130 -> 1.0.3
2016-06-22 21:47:13 +01:00
Marius Bakke
4a7d31a392 treewide: remove double quotes from wrappers
Close #14753; see that for context.
2016-06-22 11:12:27 +02:00
Kranium Gikos Mendoza
ac680eed2b conkeror: 1.0pre-20160130 -> 1.0.3 2016-06-22 07:14:03 +08:00
aszlig
9728554c4f
Merge pull request #16099 (Chromium update)
The changes contain an update of the stable channel (along with beta and
dev as well) fixing 18 security vulnerabilities:

http://googlechromereleases.blogspot.de/2016/06/stable-channel-update.html
http://googlechromereleases.blogspot.de/2016/06/stable-channel-update_6.html
http://googlechromereleases.blogspot.de/2016/06/stable-channel-update_16.html

I've built and tested this at the following evaluation on my Hydra:

https://headcounter.org/hydra/eval/324449
2016-06-20 18:43:41 +02:00
Bjørn Forsman
bd01fad0ed Captialize meta.description of all packages
In line with the Nixpkgs manual.

A mechanical change, done with this command:

  find pkgs -name "*.nix" | \
      while read f; do \
          sed -e 's/description\s*=\s*"\([a-z]\)/description = "\u\1/' -i "$f"; \
      done

I manually skipped some:

* Descriptions starting with an abbreviation, a user name or package name
* Frequently generated expressions (haskell-packages.nix)
2016-06-20 13:55:52 +02:00
Scott R. Parish
1f1f0f049b chromium: Update to latest stable, beta, and dev channels
stable 51.0.2704.63 => 51.0.2704.103
beta   51.0.2704.63 => 52.0.2743.41
dev    52.0.2743.10 => 53.0.2767.4

This addresses 15 security fixes, including:

 * High   CVE-2015-1696: Cross-origin bypass in Extension bindings. Credit to
                         anonymous.
 * High   CVE-2015-1697: Cross-origin bypass in Blink. Credit to Mariusz
                         Mlynski.
 * Medium CVE-2016-1698: Information leak in Extension bindings. Credit to
                         Rob Wu.
 * Medium CVE-2016-1699: Parameter sanitization failure in DevTools. Credit
                         to Gregory Panakkal.
 * Medium CVE-2016-1700: Use-after-free in Extensions. Credit to Rob Wu.
 * Medium CVE-2016-1701: Use-after-free in Autofill. Credit to Rob Wu.
 * Medium CVE-2016-1702: Out-of-bounds read in Skia. Credit to cloudfuzzer.

See: http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html
2016-06-19 19:50:45 -07:00
Gabriel Ebner
9988488fc6 qutebrowser: use makeQtWrapper
Fixes #15597.
2016-06-19 14:42:13 +02:00
Gabriel Ebner
5862c38d9d qutebrowser: 0.6.2 -> 0.7.0 2016-06-19 14:08:09 +02:00
taku0
c802f56639 flashplayer: 11.2.202.621 -> 11.2.202.626 2016-06-16 21:24:38 +09:00
Arseniy Seroka
d4876168e2 Merge pull request #16140 from hiberno/update-vivaldi
vivaldi: 1.1 -> 1.2
2016-06-11 22:32:38 +03:00
Arseniy Seroka
263edf8897 Merge pull request #16147 from womfoo/bluejeans
bluejeans: 2.155.17.5 -> 2.160.49-8
2016-06-11 22:31:46 +03:00
Christian Lask
da0b516a5f vivaldi: 1.1 -> 1.2 2016-06-11 09:55:32 +02:00
Kranium Gikos Mendoza
1497998a40 bluejeans: 2.155.17.5 -> 2.160.49-8 2016-06-11 06:29:52 +08:00
Christian Lask
527077f02c qutebrowser: 0.6.1 -> 0.6.2 2016-06-10 10:11:59 +02:00
Rok Garbas
4c96860b53 firefox-bin: 47.0b9 -> 48.0b1, 48.0a2 -> 49.0a2 2016-06-10 04:24:27 +02:00
Joachim Fasting
ccf7048307 Merge pull request #16057 from taku0/firefox-bin-47.0
firefox-bin: 46.0.1 -> 47.0
2016-06-08 17:20:24 +02:00
Michael Raskin
d88aa14c6e Firefox: 46.0.1 -> 47.0 2016-06-08 17:09:12 +02:00
taku0
697437c8e7 firefox-bin: 46.0.1 -> 47.0 2016-06-07 03:23:43 +09:00
Tuomas Tynkkynen
bac26e08db Fix lots of fetchgit hashes (fallout from #15469) 2016-06-03 17:17:08 +03:00
Rok Garbas
ea3f1ff7f0 firefox-bin: 47.0b8 -> 47.0b9 2016-05-30 11:27:45 +02:00
aszlig
79d18eb604
chromium: Update dev channel to v52.0.2743.10
With this update we need to rebase the nix_plugin_paths patch, which was
done by @srp and I took it from his comment at:

https://github.com/NixOS/nixpkgs/pull/15762#issuecomment-222230677

Other than that, using libjpeg from nixpkgs fails to link:

https://headcounter.org/hydra/build/1114273

Rather than just using versionAtLeast to check for >= version 52, we're
matching on the explicit version number. That way we can make sure that
we (try to) build with system libjpeg again so we can keep it out of the
overall Chromium build time.

Built and tested using the VM tests on my Hydra at:

https://headcounter.org/hydra/eval/322006

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-28 19:15:39 +02:00
aszlig
c7a3645e7b
chromium: Remove stuff for versions <= v51
We're already on version 52, so there really is no need to keep all
those conditionals and old patches anymore.

Tested dropping the unconditional build_fixes_46.patch via the Chromium
VM tests.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-28 19:04:22 +02:00
aszlig
0f4095ec50
chromium: Fix hash for beta Debian package
I'm not sure how the wrong hash ended up being there, but I've checked
the hash from three different machines (and networks) just to be sure I
didn't make a mistake.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-28 18:57:15 +02:00
Scott R. Parish
e2d067d760
chromium: Update to latest stable and beta channel
Overview of updated versions:

stable: 50.0.2661.102 -> 51.0.2704.63
beta: 51.0.2704.47 -> 51.0.2704.63

I tried to update dev, but couldn't get it to compile, it was failing
with a "'isnan' was not declared in this scope.

As far as I can tell, at the moment the beta and stable channels are
on the same version.

The stable update addresses the following security issues:

  * High   CVE-2016-1672: Cross-origin bypass in extension bindings. Credit
                          to Mariusz Mlynski.
  * High   CVE-2016-1673: Cross-origin bypass in Blink. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1674: Cross-origin bypass in extensions. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1675: Cross-origin bypass in Blink. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1676: Cross-origin bypass in extension bindings. Credit
                          to Rob Wu.
  * Medium CVE-2016-1677: Type confusion in V8. Credit to Guang Gong of
                        Qihoo 360.
  * High   CVE-2016-1678: Heap overflow in V8. Credit to Christian Holler.
  * High   CVE-2016-1679: Heap use-after-free in V8 bindings. Credit to Rob Wu.
  * High   CVE-2016-1680: Heap use-after-free in Skia. Credit to Atte Kettunen
                          of OUSPG.
  * High   CVE-2016-1681: Heap overflow in PDFium. Credit to Aleksandar Nikolic
                          of Cisco Talos.
  * Medium CVE-2016-1682: CSP bypass for ServiceWorker. Credit to
                          KingstonTime.
  * Medium CVE-2016-1683: Out-of-bounds access in libxslt. Credit to Nicolas
                          Gregoire.
  * Medium CVE-2016-1684: Integer overflow in libxslt. Credit to Nicolas
                          Gregoire.
  * Medium CVE-2016-1685: Out-of-bounds read in PDFium. Credit to Ke Liu
                          of Tencent's Xuanwu LAB.
  * Medium CVE-2016-1686: Out-of-bounds read in PDFium. Credit to Ke Liu
                          of Tencent's Xuanwu LAB.
  * Medium CVE-2016-1687: Information leak in extensions. Credit to Rob Wu.
  * Medium CVE-2016-1688: Out-of-bounds read in V8. Credit to Max Korenko.
  * Medium CVE-2016-1689: Heap buffer overflow in media. Credit to Atte
                          Kettunen of OUSPG.
  * Medium CVE-2016-1690: Heap use-after-free in Autofill. Credit to Rob Wu.
  * Low    CVE-2016-1691: Heap buffer-overflow in Skia. Credit to Atte Kettunen
                          of OUSPG.
  * Low    CVE-2016-1692: Limited cross-origin bypass in ServiceWorker. Credit
                          to Til Jasper Ullrich.
  * Low    CVE-2016-1693: HTTP Download of Software Removal Tool. Credit to
                          Khalil Zhani.
  * Low    CVE-2016-1694: HPKP pins removed on cache clearance. Credit to Ryan
                          Lester and Bryant Zadegan.

See: http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
2016-05-28 18:12:39 +02:00
Vladimír Čunát
81039713fa Merge branch 'master' into staging
... to get the systemd update (rebuilding ~7k jobs).
2016-05-26 16:50:22 +02:00
Rok Garbas
1908c90412 firefox-bin: 47.0b7 -> 47.0b8 2016-05-25 11:42:40 +02:00
Rok Garbas
03f36a4141 firefox-bin: 47.0b5 -> 47.0b7 2016-05-24 12:36:23 +02:00
Vladimír Čunát
c4661e9643 Merge: make dev output references explicit
This is a rebase of most commits from #14766,
resolving conflicts and a few other evaluation problems.
2016-05-22 12:09:23 +02:00
Tuomas Tynkkynen
2a73de6e6c treewide: Make explicit that 'dev' output of openssl is used 2016-05-19 10:02:23 +02:00
Tuomas Tynkkynen
825bd69b38 treewide: Make explicit that 'dev' output of boehmgc is used 2016-05-19 10:00:27 +02:00
Nikolay Amiantov
5445e521b6 firefox: restore gstreamer support for older firefox releases 2016-05-19 00:28:49 +03:00
Franz Pletz
2007e9b140
firefox: reenable libvpx as 1.5 is now available 2016-05-17 01:05:46 +02:00
Tobias Geerinckx-Rice
e8db151fa3
firefox-bin: fix evaluation 2016-05-15 23:22:50 +02:00
aszlig
ad2c8d3510
chromium: Update to latest beta and dev channels
Overview of the updated versions:

beta: 50.0.2661.49 -> 51.0.2704.47
dev:  51.0.2693.2  -> 52.0.2729.3

It has been a while since we had a major Chromium update that compiled
and worked without troubles, but version 52 builds and the VM tests are
successful as well:

https://headcounter.org/hydra/eval/320335

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-15 05:17:51 +02:00
Rok Garbas
d4fe0f522e firefox-bin: adding developer and beta channel 2016-05-15 03:00:44 +02:00
Nikolay Amiantov
e81c6c7768 firefox: upstream moved to ffmpeg from gstreamer
Sadly, they don't support using system library yet (or I was unattentive).
2016-05-15 01:06:39 +03:00
Scott R. Parish
5ebf20db0f
chromium: Update stable to 50.0.2661.102 for multiple security fixes
This addresses the following security fixes:

 * High   CVE-2016-1667: Same origin bypass in DOM. Credit to
                         Mariusz Mlynski.
 * High   CVE-2016-1668: Same origin bypass in Blink V8 bindings. Credit
                         to Mariusz Mlynski.
 * High   CVE-2016-1669: Buffer overflow in V8. Credit to Choongwoo Han.
 * Medium CVE-2016-1670: Race condition in loader. Credit to anonymous.
 * Medium CVE-2016-1671: Directory traversal using the file scheme on
                         Android. Credit to Jann Horn.

See: http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html

Signed-off-by: Scott R. Parish <srparish@gmail.com>
Tested-by: aszlig <aszlig@redmoonstudios.org>
Closes: #15446
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-14 22:04:56 +02:00
Vladimír Čunát
3e387c3e00 Merge branch 'staging'
Darwin isn't in a perfect state, in particular its bootstrap tools won't
build which will block nixpkgs channel. But on the whole it seems
acceptable.
2016-05-13 10:14:53 +02:00
taku0
cade2f36e5 flashplayer: 11.2.202.616 -> 11.2.202.621 2016-05-12 21:58:26 +09:00
Vladimír Čunát
6c2fbfbd77 Merge branch 'master' into staging 2016-05-12 04:53:38 +02:00
Eelco Dolstra
86c45ba50d google-talk-plugin: 5.4.2.0 -> 5.41.0.0 2016-05-11 20:18:30 +02:00
Kranium Gikos Mendoza
a36f721630 bluejeans: 2.125.24.5 -> 2.155.17.5 2016-05-11 21:47:12 +08:00
Eelco Dolstra
cb37ab146b Add mirror://mozilla scheme 2016-05-09 19:37:22 +02:00
Eelco Dolstra
de22402f85 firefox-esr: 45.0.2 -> 45.1.1 2016-05-09 15:28:13 +02:00
Eelco Dolstra
02d01dc7c5 firefox: 46.0 -> 46.0.1 2016-05-09 15:27:06 +02:00
Vladimír Čunát
65a9fa8cdc Merge branch 'master' into staging 2016-05-08 21:24:48 +02:00
taku0
07a83f226e firefox-bin: fixed missing icon 2016-05-08 17:06:08 +09:00
Wei Tang
4d15758984 firefox: Fix build due to commit #ab0a0c 2016-05-08 05:58:02 +02:00
Vladimír Čunát
1dc36904d8 Merge #14920: windows improvements, mainly mingw 2016-05-05 08:30:19 +02:00
aszlig
3f7735fe65
chromium+chrome: Don't import update.nix directly
Regression introduced by f28b71023c.

Let's now expose and use the upstream-info attribute via the main
Chromium derivation, so that other packages like the google-chrome
package doesn't need to rely on internals of the Chromium
implementation.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-05-04 23:12:33 +02:00