about summary refs log tree commit diff
path: root/nixos
diff options
context:
space:
mode:
authoraszlig <aszlig@redmoonstudios.org>2016-11-09 09:55:31 +0100
committeraszlig <aszlig@redmoonstudios.org>2016-11-09 09:55:31 +0100
commitc67a7ee73156796187894c63386b1a78e5902ea5 (patch)
treef5154cf24dd9c41e3d2ea722a5040cabd63f30fc /nixos
parentcef68b475e8176a4871de5b7ad4d214ebe5c4ba2 (diff)
parent4e7eb75a79a48b0d7068f1949f8c7c42553181d7 (diff)
downloadnixlib-c67a7ee73156796187894c63386b1a78e5902ea5.tar
nixlib-c67a7ee73156796187894c63386b1a78e5902ea5.tar.gz
nixlib-c67a7ee73156796187894c63386b1a78e5902ea5.tar.bz2
nixlib-c67a7ee73156796187894c63386b1a78e5902ea5.tar.lz
nixlib-c67a7ee73156796187894c63386b1a78e5902ea5.tar.xz
nixlib-c67a7ee73156796187894c63386b1a78e5902ea5.tar.zst
nixlib-c67a7ee73156796187894c63386b1a78e5902ea5.zip
Merge branch 'chromium-update-with-gn'
This brings in the new stable version 54 which also introduces a lot of
security fixes:

  CVE-2016-5198: Out of bounds memory access in V8
  CVE-2016-5181: Universal XSS in Blink
  CVE-2016-5182: Heap overflow in Blink
  CVE-2016-5183: Use after free in PDFium
  CVE-2016-5184: Use after free in PDFium
  CVE-2016-5185: Use after free in Blink
  CVE-2016-5187: URL spoofing
  CVE-2016-5188: UI spoofing
  CVE-2016-5192: Cross-origin bypass in Blink
  CVE-2016-5189: URL spoofing
  CVE-2016-5186: Out of bounds read in DevTools
  CVE-2016-5191: Universal XSS in Bookmarks
  CVE-2016-5190: Use after free in Internals
  CVE-2016-5193: Scheme bypass

Detailed announcements about these changes can be found here (latest to
oldest):

https://googlechromereleases.blogspot.de/2016/11/stable-channel-update-for-desktop.html
https://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop_20.html
https://googlechromereleases.blogspot.de/2016/10/stable-channel-update-for-desktop.html

The update process of Chromium has been a bit bumpy on our side, because
version 54 also did the switch from GYP to GN so it wasn't just a matter
of updating the upstream-info file.

I've tested the Flash plugin (which runs fine) and WideVine manually,
although I couldn't get WideVine to work (I was running this within a VM
though).

So if people want to use WideVine they need to use Chrome instead until
we got this sorted out.

VM test results along with builds for all platforms can be found here:

https://headcounter.org/hydra/eval/339328

I'm going to backport these changes to stable as soon as the
tests/builds succeed there as well.

Closes: #19565
Closes: #20120
Diffstat (limited to 'nixos')
-rw-r--r--nixos/tests/chromium.nix2
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/tests/chromium.nix b/nixos/tests/chromium.nix
index 9a6414f81c39..55b1fb5a7222 100644
--- a/nixos/tests/chromium.nix
+++ b/nixos/tests/chromium.nix
@@ -118,7 +118,7 @@ mapAttrs (channel: chromiumPkg: makeTest rec {
       "ulimit -c unlimited; ".
       "chromium $args \"$url\" & disown"
     );
-    $machine->waitForText(qr/Type to search or enter a URL to navigate/);
+    $machine->waitForText(qr/startup done/);
     $machine->waitUntilSucceeds("${xdo "check-startup" ''
       search --sync --onlyvisible --name "startup done"
       # close first start help popup
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-28 17:40:09 +0000