about summary refs log tree commit diff
path: root/pkgs/applications
diff options
context:
space:
mode:
authorScott R. Parish <srparish@gmail.com>2016-05-26 12:24:41 -0700
committeraszlig <aszlig@redmoonstudios.org>2016-05-28 18:12:39 +0200
commite2d067d76035974a77bcb15526d5414b3823a123 (patch)
tree07fa05415810c37b912d036b430cda243d278297 /pkgs/applications
parent5b0a045d07611818cca0c1507e82294943bf241a (diff)
downloadnixlib-e2d067d76035974a77bcb15526d5414b3823a123.tar
nixlib-e2d067d76035974a77bcb15526d5414b3823a123.tar.gz
nixlib-e2d067d76035974a77bcb15526d5414b3823a123.tar.bz2
nixlib-e2d067d76035974a77bcb15526d5414b3823a123.tar.lz
nixlib-e2d067d76035974a77bcb15526d5414b3823a123.tar.xz
nixlib-e2d067d76035974a77bcb15526d5414b3823a123.tar.zst
nixlib-e2d067d76035974a77bcb15526d5414b3823a123.zip
chromium: Update to latest stable and beta channel
Overview of updated versions:

stable: 50.0.2661.102 -> 51.0.2704.63
beta: 51.0.2704.47 -> 51.0.2704.63

I tried to update dev, but couldn't get it to compile, it was failing
with a "'isnan' was not declared in this scope.

As far as I can tell, at the moment the beta and stable channels are
on the same version.

The stable update addresses the following security issues:

  * High   CVE-2016-1672: Cross-origin bypass in extension bindings. Credit
                          to Mariusz Mlynski.
  * High   CVE-2016-1673: Cross-origin bypass in Blink. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1674: Cross-origin bypass in extensions. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1675: Cross-origin bypass in Blink. Credit to Mariusz
                          Mlynski.
  * High   CVE-2016-1676: Cross-origin bypass in extension bindings. Credit
                          to Rob Wu.
  * Medium CVE-2016-1677: Type confusion in V8. Credit to Guang Gong of
                        Qihoo 360.
  * High   CVE-2016-1678: Heap overflow in V8. Credit to Christian Holler.
  * High   CVE-2016-1679: Heap use-after-free in V8 bindings. Credit to Rob Wu.
  * High   CVE-2016-1680: Heap use-after-free in Skia. Credit to Atte Kettunen
                          of OUSPG.
  * High   CVE-2016-1681: Heap overflow in PDFium. Credit to Aleksandar Nikolic
                          of Cisco Talos.
  * Medium CVE-2016-1682: CSP bypass for ServiceWorker. Credit to
                          KingstonTime.
  * Medium CVE-2016-1683: Out-of-bounds access in libxslt. Credit to Nicolas
                          Gregoire.
  * Medium CVE-2016-1684: Integer overflow in libxslt. Credit to Nicolas
                          Gregoire.
  * Medium CVE-2016-1685: Out-of-bounds read in PDFium. Credit to Ke Liu
                          of Tencent's Xuanwu LAB.
  * Medium CVE-2016-1686: Out-of-bounds read in PDFium. Credit to Ke Liu
                          of Tencent's Xuanwu LAB.
  * Medium CVE-2016-1687: Information leak in extensions. Credit to Rob Wu.
  * Medium CVE-2016-1688: Out-of-bounds read in V8. Credit to Max Korenko.
  * Medium CVE-2016-1689: Heap buffer overflow in media. Credit to Atte
                          Kettunen of OUSPG.
  * Medium CVE-2016-1690: Heap use-after-free in Autofill. Credit to Rob Wu.
  * Low    CVE-2016-1691: Heap buffer-overflow in Skia. Credit to Atte Kettunen
                          of OUSPG.
  * Low    CVE-2016-1692: Limited cross-origin bypass in ServiceWorker. Credit
                          to Til Jasper Ullrich.
  * Low    CVE-2016-1693: HTTP Download of Software Removal Tool. Credit to
                          Khalil Zhani.
  * Low    CVE-2016-1694: HPKP pins removed on cache clearance. Credit to Ryan
                          Lester and Bryant Zadegan.

See: http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Diffstat (limited to 'pkgs/applications')
-rw-r--r--pkgs/applications/networking/browsers/chromium/upstream-info.nix12
1 files changed, 6 insertions, 6 deletions
diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.nix b/pkgs/applications/networking/browsers/chromium/upstream-info.nix
index 4cc459397d3e..e633f25558b2 100644
--- a/pkgs/applications/networking/browsers/chromium/upstream-info.nix
+++ b/pkgs/applications/networking/browsers/chromium/upstream-info.nix
@@ -1,9 +1,9 @@
 # This file is autogenerated from update.sh in the same directory.
 {
   beta = {
-    sha256 = "0l1434wqhi6c24qyb5ysg1wnd0s9l9i1k6kh6wr3s4acrsbb7p12";
-    sha256bin64 = "1ssw92l8zwj8x0zs5h6vxl7d7gj0lqb0x71vsazgd4d0p23nglb1";
-    version = "51.0.2704.47";
+    sha256 = "1sgfwh2b0aw6l5v4ggk7frcy306x3ygxk81p3h6zdy5s1rpf8hxj";
+    sha256bin64 = "1kjnxxf2ak8v1akzxz46r7a7r6bhxjb2y9fhr1fqvks3m4jc5zqw";
+    version = "51.0.2704.63";
   };
   dev = {
     sha256 = "0czp4p434yqr5rv3w2vypkyis13x8lc4xph8yh84r9big1ga6fqs";
@@ -11,8 +11,8 @@
     version = "52.0.2729.3";
   };
   stable = {
-    sha256 = "1ijpbmn38znjjb3h8579x5gsclgjx122lvm0afv17gf2j3w5w4qj";
-    sha256bin64 = "17vqvxmy6llg7dpc3pxi0qhwpm9qc9rsq8lgknhwwygvkl8g14sb";
-    version = "50.0.2661.102";
+    sha256 = "1sgfwh2b0aw6l5v4ggk7frcy306x3ygxk81p3h6zdy5s1rpf8hxj";
+    sha256bin64 = "1kjnxxf2ak8v1akzxz46r7a7r6bhxjb2y9fhr1fqvks3m4jc5zqw";
+    version = "51.0.2704.63";
   };
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-08 02:03:08 +0000