Commit Graph

54 Commits

Author SHA1 Message Date
Michael Weiss
d932886d6e
chromium: Fix the build
The build was failing with the following error:
```
[18950/51180] SOLINK ./libvk_swiftshader.sotls_transport_interface/dtls_transport_interface.omputils.o[K.otch.oos.oKx/unbundle:default)fault)ault)
FAILED: libvk_swiftshader.so libvk_swiftshader.so.TOC
python3 "../../build/toolchain/gcc_solink_wrapper.py" --readelf="readelf" --nm="nm"  --sofile="./libvk_swiftshader.so" --tocfile="./libvk_swiftshader.so.TOC" --output="./libvk_swiftshader.so" -- clang++ -shared -Wl,-soname="libvk_swiftshader.so" -Wl,-Bsymbolic -Wl,--version-script=../../third_party/swiftshader/src/Vulkan/vk_swiftshader.lds -fuse-ld=lld -Wl,--fatal-warnings -Wl,--build-id=sha1 -fPIC -Wl,-z,noexecstack -Wl,-z,relro -Wl,-z,now -Wl,--icf=all -Wl,--color-diagnostics -Wl,-mllvm,-instcombine-lower-dbg-declare=0 -flto=thin -Wl,--thinlto-jobs=all -Wl,--thinlto-cache-dir=thinlto-cache -Wl,--thinlto-cache-policy=cache_size=10\%:cache_size_bytes=40g:cache_size_files=100000 -Wl,-mllvm,-import-instr-limit=30 -fwhole-program-vtables -Wl,--no-call-graph-profile-sort -m64 -no-canonical-prefixes -Wl,-O2 -Wl,--gc-sections -rdynamic -Wl,-z,defs -Wl,--as-needed -nostdlib++ -Wl,--lto-O0 -fsanitize=cfi-vcall -fsanitize=cfi-icall -o "./libvk_swiftshader.so" @"./libvk_swiftshader.so.rsp"
ld.lld: error: unable to find library -l:libffi_pic.a
clang++: error: linker command failed with exit code 1 (use -v to see invocation)
```

This turned out to be a regression from b6b51374fc. That change was
bad/undesirable in the first place and I only applied it to quickly fix
another build error caused by incompatible wayland-protocols header
files from a newer system version (Chromium bundles version 1.21 while
we already package 1.26).

The better fix for that wayland-protocols build issue is to pull in a
patch that is already used/tested by the Arch package [0] and seems to
originate from [1] (not sure if that patch was formally submitted yet).

Alternatives to that patch would be to (we should probably first try the
first approach if need be):
1) Build with wayland-protocols 1.21 from the system (by overriding the
   Nixpkgs package).
2) Dynamically link against libffi by patching [2] to use the other
   branch (`default_toolchain == "//build/toolchain/cros:target"`).

Some additional details can be found in the GitHub PR [3].
Huge thanks to Lorenz Brun for his great analysis that enabled me to fix
the build so that we can finally merge the update to Chromium M105
(which contains many important security fixes!).

[0]: a353833a5a
[1]: https://bugs.chromium.org/p/angleproject/issues/detail?id=7582#c1
[2]: https://source.chromium.org/chromium/chromium/src/+/refs/tags/105.0.5195.52:build/config/linux/libffi/BUILD.gn
[3]: https://github.com/NixOS/nixpkgs/pull/189033

Co-Authored-By: Lorenz Brun <lorenz@brun.one>
2022-09-02 23:34:18 +02:00
Michael Weiss
dd9c01a9af
ungoogled-chromium: 102.0.5005.115 -> 103.0.5060.53 2022-06-23 00:08:09 +02:00
Michael Weiss
37a13a3d4d
chromiumBeta: Fix the build
The build was failing with:
[4758/49762] ACTION //third_party/dawn/src/dawn/common:dawn_version_gen__json_tarball(//build/toolchain/linux/unbundle:default)Ke:default)ux/unbundle:default)[Kuide/optimization_guide_internals/resources/optimization_guide_internals.mojom-webui.js
FAILED: gen/third_party/dawn/dawn_version_gen.json_tarball
python3 ../../third_party/dawn/generator/dawn_version_generator.py --dawn-dir ../../third_party/dawn/ --template-dir /build/chromium-102.0.5005.49/third_party/dawn/generator/templates --jinja2-path /build/chromium-102.0.5005.49/third_party/jinja2 --output-json-tarball gen/third_party/dawn/dawn_version_gen.json_tarball --depfile gen/third_party/dawn/dawn_version_gen.json_tarball.d --expected-outputs-file gen/third_party/dawn/dawn_version_gen.expected_outputs --allowed-output-dirs-file gen/third_party/dawn/dawn_version_gen.allowed_output_dirs
Traceback (most recent call last):
[...]
FileNotFoundError: [Errno 2] No such file or directory: 'git'
[4761/49762] ACTION //third_party/blink/renderer/bindings:generate_bindings_all(//build/toolchain/linux/unbundle:default)fault)
ninja: build stopped: subcommand failed.

More details here: https://bugs.chromium.org/p/chromium/issues/detail?id=1321370

The patch doesn't apply to M102 so I had to cherry-pick it manually.
2022-05-14 23:40:03 +02:00
Michael Weiss
a12cfff5b2
ungoogled-chromium: 97.0.4692.99 -> 98.0.4758.80 2022-02-04 22:10:32 +01:00
Michael Weiss
a8affa912c
chromium: Backport important fixes for Wayland
This is 843508dad4 for M97 (upstream didn't backport them so far).
2022-01-16 11:39:50 +01:00
Michael Weiss
afaf8d094b
ungoogled-chromium: 93.0.4577.82 -> 94.0.4606.54 2021-09-24 13:37:17 +02:00
Michael Weiss
8505750ac8
chromium: Drop our closure_compiler patch for Java
Hopefully the Java dependency can be dropped soon:
https://bugs.chromium.org/p/chromium/issues/detail?id=1192875#c5
2021-08-02 10:37:32 +02:00
Michael Weiss
8c60448e26
chromiumDev: Fix two build errors
Python 3 is now required (hard-coded in some scripts, but other scripts
still require Python 2) and a patch is required for [0].

[0]: https://bugs.chromium.org/p/chromium/issues/detail?id=1192875
2021-04-13 10:19:51 +02:00
Michael Weiss
015c5a2be6
chromium: Drop the libwebp include patch
Chromium 86.0.4240.75 builds fine without this patch. And since
WEBP_MAX_DIMENSION is the same in the system libwebp this patch should
not be required anymore (it was introduced in 06ec2a9f19, apparently to
fix the build).
2020-10-15 14:33:15 +02:00
Michael Weiss
73b67da169
chromium: Disable VA-API by default
This is done to avoid driver specific issues and restores the previous
behaviour. Like before video acceleration can be enabled without having
to rebuild Chromium.
2020-10-09 21:59:48 +02:00
TredwellGit
757bbdd948
chromium: Fix and enable our ANGLE support
This will additionally install the following files:
libEGL.so libGLESv2.so
libVkICD_mock_icd.so libvk_swiftshader.so libvulkan.so

libEGL.so and libGLESv2.so are required to fix our ANGLE support.
The rest should help with the Vulkan support (currently an experimental
feature that is disabled by default).
2020-10-07 20:37:35 +02:00
Michael Weiss
f79703e50c
chromium: 85.0.4183.121 -> 86.0.4240.75
https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop.html

This update includes 35 security fixes.

CVEs:
CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970
CVE-2020-15971 CVE-2020-15972 CVE-2020-15990 CVE-2020-15991
CVE-2020-15973 CVE-2020-15974 CVE-2020-15975 CVE-2020-15976
CVE-2020-6557 CVE-2020-15977 CVE-2020-15978 CVE-2020-15979
CVE-2020-15980 CVE-2020-15981 CVE-2020-15982 CVE-2020-15983
CVE-2020-15984 CVE-2020-15985 CVE-2020-15986 CVE-2020-15987
CVE-2020-15992 CVE-2020-15988 CVE-2020-15989
2020-10-07 20:37:35 +02:00
Michael Weiss
8427eb7044
chromium: 83.0.4103.116 -> 84.0.4147.89
https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html

This update includes 38 security fixes.

CVEs:
CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514
CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519
CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524
CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528 CVE-2020-6529
CVE-2020-6530 CVE-2020-6531 CVE-2020-6533 CVE-2020-6534 CVE-2020-6535
CVE-2020-6536
2020-07-14 23:10:31 +02:00
Michael Weiss
267eefcdb7
chromium: Build with VA-API but disable it by default
This makes it possible to enable VA-API without having to rebuild
Chromium: `chromium.override { enableVaapi = true; }`
2020-04-18 13:46:22 +02:00
Michael Weiss
36c7123709
chromiumDev: Remove a patch that is already applied
This fixes the patch phase.
I missed this problem in #83956.
2020-04-02 13:01:39 +02:00
Peter Simons
81b18c3711 chromium: fix webrtc interaction with pulseaudio
The webrtc code suffered from a race condition when used
with Pulseaudio. This lead to audio input breaking every
couple of minutes during a webrtc session.
2020-03-23 16:56:08 +01:00
Michael Weiss
735707ef0c
chromium: Update the VA-API patch (fix #81909) 2020-03-07 15:40:27 +01:00
Ivan Kozik
46d252f1f1 chromium: fix GL support by not using the ANGLE GL implementation 2019-12-15 04:35:23 +00:00
Ivan Kozik
14b40e291d chromium: 78.0.3904.108 -> 79.0.3945.79
https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html

CVE-2019-13725 CVE-2019-13726 CVE-2019-13727 CVE-2019-13728
CVE-2019-13729 CVE-2019-13730 CVE-2019-13732 CVE-2019-13734
CVE-2019-13735 CVE-2019-13764 CVE-2019-13736 CVE-2019-13737
CVE-2019-13738 CVE-2019-13739 CVE-2019-13740 CVE-2019-13741
CVE-2019-13742 CVE-2019-13743 CVE-2019-13744 CVE-2019-13745
CVE-2019-13746 CVE-2019-13747 CVE-2019-13748 CVE-2019-13749
CVE-2019-13750 CVE-2019-13751 CVE-2019-13752 CVE-2019-13753
CVE-2019-13754 CVE-2019-13755 CVE-2019-13756 CVE-2019-13757
CVE-2019-13758 CVE-2019-13759 CVE-2019-13761 CVE-2019-13762
CVE-2019-13763

The new widevine patch was taken from
https://git.archlinux.org/svntogit/packages.git/plain/trunk/chromium-widevine.patch?h=packages/chromium
2019-12-11 15:55:21 +00:00
Herwig Hochleitner
a52d7674cc chromium: update vaapi patch
https://github.com/NixOS/nixpkgs/issues/73878
2019-11-24 19:07:59 +01:00
Ivan Kozik
f45798e544 chromium: 77.0.3865.90 -> 77.0.3865.120
CVE-2019-13693 CVE-2019-13694 CVE-2019-13695 CVE-2019-13696
CVE-2019-13697

Disable jumbo mode because upstream dropped support for it.
(See chromium-dev "We're removing support for the jumbo build")

This makes builds take about 3x as long, but we have no alternative.
2019-10-11 22:32:18 +02:00
Julien Langlois
545d58a1ef
chromium: fix widevine
This change allows widevine to work in chromium (it was previously
broken due to a segfault). Newer versions of chromium do not use the
libwidevinecdmadapter.so. Instead, libwidevinecdm.so should be installed
in the chromium libExec directory.
2019-09-05 17:20:06 -04:00
Ivan Kozik
8c78ae27f6 chromium: 74.0.3729.157 -> 75.0.3770.80
CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831
CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835
CVE-2019-5836 CVE-2019-5837 CVE-2019-5838 CVE-2019-5839
CVE-2019-5840

Update a patch for Python 3, fixes #62347.

Update a GN arg to fix this warning:

warning: The GN arg 'remove_webcore_debug_symbols' is deprecated and
warning: will be removed April 15, 2019. Please change your args.gn
warning: to use 'blink_symbol_level = 0'. https://crbug.com/943869
2019-06-05 09:27:52 +00:00
Cole Mickens
60e2d2ce2b chromium: enable mojo + vaapi + allow hw accel
fixes https://github.com/NixOS/nixpkgs/pull/57837
closes https://github.com/NixOS/nixpkgs/pull/56973
2019-03-25 02:02:05 +01:00
Alexander V. Nikolaev
d0351ad3b6 chromium: fail build, if SOURCE_DATE_EPOCH not set
Also fix spacing style to conform google style
2018-12-03 15:35:53 +02:00
Alexander V. Nikolaev
7b49bd4894 chromium: avoid timestamp build
Use $SOURCE_DATE_EPOCH instead
2018-12-03 15:35:53 +02:00
Alexander V. Nikolaev
254a16c42e chroimum: Improve jumbo reproducibility
A little patch to jumbo script, which should improve reproducibility
by sorting source files before merge.
2018-12-03 15:35:52 +02:00
Herwig Hochleitner
bb03fbc2c8 chromium: 69.0.3497.100 -> 70.0.3538.67 2018-10-24 19:38:51 +02:00
Yuriy Taraday
c098f143b4 chromium: 68.0.3440.106 -> 69.0.3497.81
Also update to build with external gn.
2018-09-07 23:34:47 +04:00
Yuriy Taraday
cd3283f921 chromium: 67.0.3396.99 -> 68.0.3440.75 2018-07-27 14:38:23 +02:00
Yuriy Taraday
06ec2a9f19 chromium: fix 68 (beta) build
Also replace openh264 patch with one landed in upstream.
2018-07-14 23:07:46 +04:00
Yuriy Taraday
e4810965c0 chromium: fix build for 67 2018-05-31 00:33:42 +04:00
Yuriy Taraday
88007f819d chromium: remove outdated patches 2018-05-31 00:28:51 +04:00
Yuriy Taraday
72d7b5ddb1 chromium: fix nix_plugin_paths for 68+ 2018-05-31 00:27:14 +04:00
Léo Gaspard
905b03bce2 chromium: fix build on aarch64
chromium build on aarch64 failed with:
```
FAILED: obj/skia/skia/convolver_neon.o
g++ -MMD -MF obj/skia/skia/convolver_neon.o.d -DV8_DEPRECATION_WARNINGS -DUSE_UDEV -DUSE_AURA=1 -DUSE_GLIB=1 -DUSE_NSS_CERTS=1 -DUSE_X11=1 -DNO_TCMALLOC -DFULL_SAFE_BROWSING -DSAFE_BROWSING_CSD -DSAFE_BROWSING_DB_LOCAL -DCHROMIUM_BUILD -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_LIBCPP_DISABLE_VISIBILITY_ANNOTATIONS -D_LIBCXXABI_DISABLE_VISIBILITY_ANNOTATIONS -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0 -DSK_IGNORE_LINEONLY_AA_CONVEX_PATH_OPTS -DSK_HAS_PNG_LIBRARY -DSK_HAS_WEBP_LIBRARY -DSK_HAS_JPEG_LIBRARY -DSK_SUPPORT_GPU=1 -DSK_FREETYPE_MINIMUM_RUNTIME_VERSION=\(\(\(FREETYPE_MAJOR\)\ \*\ 0x01000000\)\ \|\ \(\(FREETYPE_MINOR\)\ \*\ 0x00010000\)\ \|\ \(\(FREETYPE_PATCH\)\ \*\ 0x00000100\)\) -DSK_GAMMA_EXPONENT=1.2 -DSK_GAMMA_CONTRAST=0.2 -DSK_DEFAULT_FONT_CACHE_LIMIT=20971520 -DGLIB_VERSION_MAX_ALLOWED=GLIB_VERSION_2_32 -DGLIB_VERSION_MIN_REQUIRED=GLIB_VERSION_2_26 -DFT_CONFIG_CONFIG_H=\"freetype-custom-config/ftconfig.h\" -DFT_CONFIG_MODULES_H=\"freetype-custom-config/ftmodule.h\" -DFT_CONFIG_OPTIONS_H=\"freetype-custom-config/ftoption.h\" -DPDFIUM_REQUIRED_MODULES -DCHROMIUM_RESTRICT_VISIBILITY -DUSE_LIBJPEG_TURBO=1 -DU_USING_ICU_NAMESPACE=0 -DU_ENABLE_DYLOAD=0 -DU_STATIC_IMPLEMENTATION -DICU_UTIL_DATA_IMPL=ICU_UTIL_DATA_FILE -DUCHAR_TYPE=uint16_t -DUSE_SYSTEM_ZLIB=1 -I../.. -Igen -I../../skia/config -I../../skia/ext -I../../third_party/skia/include/c -I../../third_party/skia/include/config -I../../third_party/skia/include/core -I../../third_party/skia/include/effects -I../../third_party/skia/include/encode -I../../third_party/skia/include/gpu -I../../third_party/skia/include/images -I../../third_party/skia/include/lazy -I../../third_party/skia/include/pathops -I../../third_party/skia/include/pdf -I../../third_party/skia/include/pipe -I../../third_party/skia/include/ports -I../../third_party/skia/include/utils -I../../third_party/skia/src/gpu -I../../third_party/skia/src/sksl -I../../third_party/skia/include/codec -I../../third_party/skia/include/private -I../../third_party/skia/include/client/android -I../../third_party/skia/src/codec -I../../third_party/skia/src/core -I../../third_party/skia/src/image -I../../third_party/skia/src/images -I../../third_party/skia/src/opts -I../../third_party/skia/src/pdf -I../../third_party/skia/src/ports -I../../third_party/skia/src/shaders -I../../third_party/skia/src/shaders/gradients -I../../third_party/skia/src/sfnt -I../../third_party/skia/src/utils -I../../third_party/skia/src/lazy -I../../third_party/skia/third_party/gif -I../../third_party/skia/src/effects/gradients -Igen/shim_headers/libpng_shim -Igen/shim_headers/zlib_shim -I../../third_party/freetype/include -I../../third_party/freetype/src/include -I../../third_party/harfbuzz-ng/src -I../../third_party/libjpeg_turbo -I../../third_party/fontconfig/src -I../../third_party/icu/source/common -I../../third_party/icu/source/i18n -I../../third_party/sfntly/src/cpp/src -fno-strict-aliasing --param=ssp-buffer-size=4 -fstack-protector -Wno-builtin-macro-redefined -D__DATE__= -D__TIME__= -D__TIMESTAMP__= -funwind-tables -fPIC -pipe -pthread -fno-omit-frame-pointer -g0 -fno-builtin-abs -fvisibility=hidden -Wno-unused-local-typedefs -Wno-maybe-uninitialized -Wno-deprecated-declarations -fno-delete-null-pointer-checks -Wno-missing-field-initializers -Wno-unused-parameter -O2 -fno-ident -fdata-sections -ffunction-sections -isystem/nix/store/smmxgfkqaqqh43d5gmv5p3abcq19hkzy-glib-2.56.0-dev/include/glib-2.0 -isystem/nix/store/yn3bbw1sxg19h07wzn16k0ja58wr9yiz-glib-2.56.0/lib/glib-2.0/include -isystem/nix/store/f82jgynysk9mvhyfavfzims41zkskb3c-libpng-apng-1.6.34-dev/include/libpng16 -isystem/nix/store/56i89kfi2nmjrv8hifsz6zikr6pq1avw-zlib-1.2.11-dev/include -std=gnu++14 -fno-exceptions -fno-rtti -nostdinc++ -isystem../../buildtools/third_party/libc++/trunk/include -isystem../../buildtools/third_party/libc++abi/trunk/include -fvisibility-inlines-hidden -Wno-narrowing -c ../../skia/ext/convolver_neon.cc -o obj/skia/skia/convolver_neon.o
../../skia/ext/convolver_neon.cc: In function 'int32x4_t skia::AccumRemainder(const unsigned char*, const Fixed*, int)':
../../skia/ext/convolver_neon.cc:26:65: error: cannot convert '<brace-enclosed initializer list>' to 'int32x4_t {aka __vector(4) int}' in return
   return {remainder[0], remainder[1], remainder[2], remainder[3]};
                                                                 ^
```

The following patch appears to fix this build issue.

Source: b84682f31d%5E%21/#F0
Suggested-by: @dezgeg
2018-04-29 18:38:38 +03:00
Herwig Hochleitner
2b29e40153 chromium: 65.0.3325.181 -> 66.0.3359.117
Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28
Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30
High CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous on 2018-02-20
High CVE-2018-6088: Use after free in PDFium. Reported by Anonymous on 2018-03-15
High CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by Rob Wu on 2018-02-04
High CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song on 2018-03-12
High CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05
High CVE-2018-6092: Integer overflow in WebAssembly. Reported by Natalie Silvanovich of Google Project Zero on 2018-03-08
Medium CVE-2018-6093: Same origin bypass in Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-01
Medium CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris Rohlf on 2016-08-01
Medium CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. Reported by Abdulrahman Alqabandi (@qab) on 2016-08-11
Medium CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-19
Medium CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr of Tencent's Xuanwu Lab on 2018-01-26
Medium CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-03
Medium CVE-2018-6099: CORS bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-02-03
Medium CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-02-11
Medium CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . Reported by Rob Wu on 2018-02-19
Medium CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-20
Medium CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani on 2018-02-24
Medium CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-08
Medium CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-18
Medium CVE-2018-6106: Incorrect handling of promises in V8. Reported by lokihardt of Google Project Zero on 2018-01-25
Medium CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-02
Medium CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-27
Low CVE-2018-6109: Incorrect handling of files by FileAPI. Reported by Dominik Weber (@DoWeb_) on 2017-04-10
Low CVE-2018-6110: Incorrect handling of plaintext files via file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24
Low CVE-2018-6111: Heap-use-after-free in DevTools. Reported by Khalil Zhani on 2017-11-02
Low CVE-2018-6112: Incorrect URL handling in DevTools. Reported by Rob Wu on 2017-12-29
Low CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani on 2018-01-25
Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on 2018-02-13
Low CVE-2018-6115: SmartScreen bypass in downloads. Reported by James Feher on 2018-03-07
Low CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by Jin from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. on 2018-03-15
Low CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey on 2018-03-15
Low CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS. Reported by Ian Beer of Google Project Zero on 2018-03-15
2018-04-21 14:57:45 +02:00
Andrew Childs
3928fd9081 Chromium: fix skia build on aarch64
Patch imported from Arch Linux ARM
2018-03-20 00:20:42 +02:00
Yuriy Taraday
ebce42146f chromium: fix GCC 7 related build issues
Also clean up unused patches.
2018-03-10 03:31:55 +04:00
Yuriy Taraday
994a614ca3 chromium: 62.0.3202.94 -> 63.0.3239.84
New stable release with bunch of security fixes and other changes [0]

Also:
* remove patch for dev already landed upstream
* remove patches specific to version 62
* dev is broken again, need to investigate failures

[0] https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html
2017-12-09 01:12:32 +01:00
Yuriy Taraday
7105bb68cc chromium: 62.0.3202.75 -> 62.0.3202.89
Includes security fixes for CVE-2017-15398 and CVE-2017-15399.

Also fixes builds for beta and dev branches:
- backport https://webrtc-review.googlesource.com/9384 to fix build for
  new webrtc revision
- for dev branch fix gn bootstrap, see
  https://chromium-review.googlesource.com/758584
- for 63+ manpage now is not generated during ninja build, it is
  processed with sed using packagers tools included in sources
2017-11-10 01:19:23 +01:00
Yuriy Taraday
f0a0f02b22 chromium: 61.0.3163.100 -> 62.0.3202.62
Also updated most of patches according to their state in Gentoo
repository, deleted ones that are not applicable anymore.
2017-10-21 15:55:42 +02:00
Herwig Hochleitner
93aaeaccc2 chromium: separate patches for beta and dev builds
fixes beta and dev builds
2017-09-28 19:53:20 +02:00
Herwig Hochleitner
2773508b5d chromium: 60.0.3112.113 -> 61.0.3163.79
CVE-2017-5111
CVE-2017-5112
CVE-2017-5113
CVE-2017-5114
CVE-2017-5115
CVE-2017-5116
CVE-2017-5117
CVE-2017-5118
CVE-2017-5119
CVE-2017-5120
2017-09-14 20:15:57 +02:00
Herwig Hochleitner
8dc869e340 chromium: 59.0.3071.115 -> 60.0.3112.78
get rid of outdated version branches and patches
take a patch from gentoo, to fix gn bootstrapping
2017-08-11 11:17:14 +02:00
Herwig Hochleitner
cc583b75fb chromium: 59.0.3071.109 -> 59.0.3071.115
use several system libraries instead of bundled

see http://www.linuxfromscratch.org/blfs/view/cvs/xsoft/chromium.html
2017-07-15 13:14:37 +02:00
Domen Kožar
af4056f22b
chromium: apply patch to fix chromecast 2017-06-17 17:23:02 +02:00
Nicolas Truessel
74fd4de956 chromium: 58.0.3029.110 -> 59.0.3071.86 2017-06-11 13:26:03 +02:00
Herwig Hochleitner
bafcf4226e chromium: add bootstrap gn patch 2017-05-20 16:03:01 +02:00
aszlig
d2e60d1f93
chromium: Fix building with WineVine components
Before version 54, the WideVine CDM plugin was built unconditionally and
it seems since version 54 this now is dependent upon a GYP/GN flag on
whether to include the CDM shared library or not.

Also, we now use a patch from Gentoo which should hopefully get the CDM
plugin to work properly, at least according to their bugtracker:

https://bugs.gentoo.org/show_bug.cgi?id=547630

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-09 00:58:29 +01:00
aszlig
7a3a16dd80
chromium: Remove plugin paths patch for version 50
The oldest version we build is version 53, so we no longer need this
patch.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-08 20:11:56 +01:00