| Commit message (Collapse) | Author | Age |
... | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
There's not really a reason to ship an unsupported ESR variant of
firefox, and if one really needs it, it's also possible to just checkout
an older version of nixpkgs.
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
palemoon: 28.8.1 -> 28.8.2.1
|
| | |/ /
| |/| | |
|
| | | | |
|
|/ / / |
|
|\ \ \
| | | |
| | | | |
chromium: 79.0.3945.130 -> 80.0.3987.87
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html
This update includes 56 security fixes.
CVEs:
CVE-2020-6381 CVE-2020-6382 CVE-2019-18197 CVE-2019-19926 CVE-2020-6385
CVE-2019-19880 CVE-2019-19925 CVE-2020-6387 CVE-2020-6388 CVE-2020-6389
CVE-2020-6390 CVE-2020-6391 CVE-2020-6392 CVE-2020-6393 CVE-2020-6394
CVE-2020-6395 CVE-2020-6396 CVE-2020-6397 CVE-2020-6398 CVE-2020-6399
CVE-2020-6400 CVE-2020-6401 CVE-2020-6402 CVE-2020-6403 CVE-2020-6404
CVE-2020-6405 CVE-2020-6406 CVE-2019-19923 CVE-2020-6408 CVE-2020-6409
CVE-2020-6410 CVE-2020-6411 CVE-2020-6412 CVE-2020-6413 CVE-2020-6414
CVE-2020-6415 CVE-2020-6416 CVE-2020-6417
|
| |/ /
|/| | |
|
| | | |
|
|\ \ \
| | | |
| | | | |
otter-browser: remove
|
| | | |
| | | |
| | | |
| | | | |
I have no interest in maintaining this anymore and it has no other maintainers.
|
| |/ /
|/| | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
I don't really have the hardware resources nor time to do this properly,
but I'll try to keep a watch on Chromium (updates, PRs, and issues)
until we've found a new team [0].
Testing will be performed on a best effort basis (no guarantees :o).
I've also briefly documented the current maintainer
roles/responsibilities and added `meta.longDescription`.
[0]: https://github.com/NixOS/nixpkgs/issues/78450
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop_16.html
This update includes 11 security fixes.
CVEs: CVE-2020-6378 CVE-2020-6379 CVE-2020-6380 CVE-2020-0601
|
|\ \ \
| | | |
| | | | |
opera: 65.0.3467.48 -> 66.0.3515.36
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
chromium: 79.0.3945.88 -> 79.0.3945.117
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
CVE-TBD: Use after free in audio
https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop.html
|
|\ \ \ \ \
| | | | | |
| | | | | | |
palemoon: 28.8.0 -> 28.8.1
|
| | |/ / /
| |/| | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
|/ / / / |
|
| | | | |
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
google_talk_plugin: sha1 -> sha256
|
| |/ / /
| | | |
| | | |
| | | | |
related https://github.com/NixOS/nixpkgs/issues/77238
|
| | | |
| | | |
| | | |
| | | | |
It's based on 60.3.0, whose support ended around October 2019.
|
|\ \ \ \
| | | | |
| | | | | |
tor-browser-bundle-bin: 9.0.3 -> 9.0.4
|
| | |/ /
| |/| | |
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
These are all based on firefox versions with known vulnerabilities
exploited in the wild.
We seriously shouldn't ship this in nixpkgs, especially not for
sensitive applications as the Tor Browser.
`tor-browser-bundle` is just a wrapper around
`firefoxPackages.tor-browser`, so let's remove it too.
`tor-browser-bundle-bin` is the much safer bet, which is individually
downloaded from `dist.torproject.org` and just `patchelf`-ed locally to
work on NixOS.
Co-Authored-By: Alyssa Ross <hi@alyssa.is>
Co-Authored-By: Andreas Rammhold <andreas@rammhold.de>
Co-Authored-By: Graham Christensen <graham@grahamc.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The last release was in September, so it's surely "vulnerable" now.
https://www.mozilla.org/en-US/firefox/60.9.0/releasenotes/
This is the same appproach we've taken for esr-52.
|
|\ \ \ \
| |/ / /
|/| | | |
qutebrowser: 1.8.3 -> 1.9.0
|
| | | |
| | | |
| | | |
| | | | |
Closes #77360
|
|\ \ \ \
| | | | |
| | | | | |
tor-browser-bundle-bin: 9.0.2 -> 9.0.3
|
| | | | |
| | | | |
| | | | |
| | | | | |
https://blog.torproject.org/new-release-tor-browser-903
|
| |/ / /
|/| | | |
|
| | | | |
|
| | | | |
|
|/ / / |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|