diff options
author | Scott R. Parish <srparish@gmail.com> | 2016-05-26 12:24:41 -0700 |
---|---|---|
committer | aszlig <aszlig@redmoonstudios.org> | 2016-05-28 18:12:39 +0200 |
commit | e2d067d76035974a77bcb15526d5414b3823a123 (patch) | |
tree | 07fa05415810c37b912d036b430cda243d278297 /pkgs/applications | |
parent | 5b0a045d07611818cca0c1507e82294943bf241a (diff) | |
download | nixlib-e2d067d76035974a77bcb15526d5414b3823a123.tar nixlib-e2d067d76035974a77bcb15526d5414b3823a123.tar.gz nixlib-e2d067d76035974a77bcb15526d5414b3823a123.tar.bz2 nixlib-e2d067d76035974a77bcb15526d5414b3823a123.tar.lz nixlib-e2d067d76035974a77bcb15526d5414b3823a123.tar.xz nixlib-e2d067d76035974a77bcb15526d5414b3823a123.tar.zst nixlib-e2d067d76035974a77bcb15526d5414b3823a123.zip |
chromium: Update to latest stable and beta channel
Overview of updated versions: stable: 50.0.2661.102 -> 51.0.2704.63 beta: 51.0.2704.47 -> 51.0.2704.63 I tried to update dev, but couldn't get it to compile, it was failing with a "'isnan' was not declared in this scope. As far as I can tell, at the moment the beta and stable channels are on the same version. The stable update addresses the following security issues: * High CVE-2016-1672: Cross-origin bypass in extension bindings. Credit to Mariusz Mlynski. * High CVE-2016-1673: Cross-origin bypass in Blink. Credit to Mariusz Mlynski. * High CVE-2016-1674: Cross-origin bypass in extensions. Credit to Mariusz Mlynski. * High CVE-2016-1675: Cross-origin bypass in Blink. Credit to Mariusz Mlynski. * High CVE-2016-1676: Cross-origin bypass in extension bindings. Credit to Rob Wu. * Medium CVE-2016-1677: Type confusion in V8. Credit to Guang Gong of Qihoo 360. * High CVE-2016-1678: Heap overflow in V8. Credit to Christian Holler. * High CVE-2016-1679: Heap use-after-free in V8 bindings. Credit to Rob Wu. * High CVE-2016-1680: Heap use-after-free in Skia. Credit to Atte Kettunen of OUSPG. * High CVE-2016-1681: Heap overflow in PDFium. Credit to Aleksandar Nikolic of Cisco Talos. * Medium CVE-2016-1682: CSP bypass for ServiceWorker. Credit to KingstonTime. * Medium CVE-2016-1683: Out-of-bounds access in libxslt. Credit to Nicolas Gregoire. * Medium CVE-2016-1684: Integer overflow in libxslt. Credit to Nicolas Gregoire. * Medium CVE-2016-1685: Out-of-bounds read in PDFium. Credit to Ke Liu of Tencent's Xuanwu LAB. * Medium CVE-2016-1686: Out-of-bounds read in PDFium. Credit to Ke Liu of Tencent's Xuanwu LAB. * Medium CVE-2016-1687: Information leak in extensions. Credit to Rob Wu. * Medium CVE-2016-1688: Out-of-bounds read in V8. Credit to Max Korenko. * Medium CVE-2016-1689: Heap buffer overflow in media. Credit to Atte Kettunen of OUSPG. * Medium CVE-2016-1690: Heap use-after-free in Autofill. Credit to Rob Wu. * Low CVE-2016-1691: Heap buffer-overflow in Skia. Credit to Atte Kettunen of OUSPG. * Low CVE-2016-1692: Limited cross-origin bypass in ServiceWorker. Credit to Til Jasper Ullrich. * Low CVE-2016-1693: HTTP Download of Software Removal Tool. Credit to Khalil Zhani. * Low CVE-2016-1694: HPKP pins removed on cache clearance. Credit to Ryan Lester and Bryant Zadegan. See: http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Diffstat (limited to 'pkgs/applications')
-rw-r--r-- | pkgs/applications/networking/browsers/chromium/upstream-info.nix | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.nix b/pkgs/applications/networking/browsers/chromium/upstream-info.nix index 4cc459397d3e..e633f25558b2 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.nix +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.nix @@ -1,9 +1,9 @@ # This file is autogenerated from update.sh in the same directory. { beta = { - sha256 = "0l1434wqhi6c24qyb5ysg1wnd0s9l9i1k6kh6wr3s4acrsbb7p12"; - sha256bin64 = "1ssw92l8zwj8x0zs5h6vxl7d7gj0lqb0x71vsazgd4d0p23nglb1"; - version = "51.0.2704.47"; + sha256 = "1sgfwh2b0aw6l5v4ggk7frcy306x3ygxk81p3h6zdy5s1rpf8hxj"; + sha256bin64 = "1kjnxxf2ak8v1akzxz46r7a7r6bhxjb2y9fhr1fqvks3m4jc5zqw"; + version = "51.0.2704.63"; }; dev = { sha256 = "0czp4p434yqr5rv3w2vypkyis13x8lc4xph8yh84r9big1ga6fqs"; @@ -11,8 +11,8 @@ version = "52.0.2729.3"; }; stable = { - sha256 = "1ijpbmn38znjjb3h8579x5gsclgjx122lvm0afv17gf2j3w5w4qj"; - sha256bin64 = "17vqvxmy6llg7dpc3pxi0qhwpm9qc9rsq8lgknhwwygvkl8g14sb"; - version = "50.0.2661.102"; + sha256 = "1sgfwh2b0aw6l5v4ggk7frcy306x3ygxk81p3h6zdy5s1rpf8hxj"; + sha256bin64 = "1kjnxxf2ak8v1akzxz46r7a7r6bhxjb2y9fhr1fqvks3m4jc5zqw"; + version = "51.0.2704.63"; }; } |