| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
| |
https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html
This update includes 6 security fixes.
CVEs:
CVE-2024-0222 CVE-2024-0223 CVE-2024-0224 CVE-2024-0225
|
|
|
|
|
|
|
|
|
| |
https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html
This update includes 6 security fixes.
CVEs:
CVE-2024-0222 CVE-2024-0223 CVE-2024-0224 CVE-2024-0225
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recap: We need that (arguably stupid) helper function/drv because the
chromium tarball is big -- and is likely to increase even more in the
future. So big, that we eventually exceeded hydra.nixos.org's
max-output-limit (3G). Instead of raising global hydra's limit, it was
decided that we recompress the tarball after deleting unused vendored
files from it.
I spent a lot of time on a version/prototype that does everything
(downloading, decompression, tar extraction, deleting unused files,
reproducible tar recreation and finally recompression) via stdin but
eventually had to scratch that.
GNU tar does not allow to create a tarball just from stdin, nixpkgs'
stdenv isn't built with stdin/stdout/pipes in mind, and things a lot of
other things I probably already forgot.
Nonetheless, this version improves multiple things:
- No more `mv` (used to be multiple, not just ours, since fetchzip had
some as well)
- No more `rm` to get rid of the extracted files before recompressing.
Instead, we simply don't extract them in the first place (thanks to
tar's --exlude).
- No more "no space left" that happened due to `downloadToTemp = true;`.
- Multithreaded xz decompression, since that commit is still in
staging-next.
We cannot use stdenv's unpackFile() because that does not allow us to
specify the needed --exclude (and --strip-components=1 if we don't want
to rely on glob matching).
The hash changed because we now have a static base directory ("source")
in the tarball, instead of whatever upstream provided us with (e.g.
"chromium-120.0.6099.129").
|
|\
| |
| | |
polypane: 16.0.0 -> 17.0.0
|
| | |
|
|\ \
| | |
| | | |
opera: 105.0.4970.21 -> 106.0.4998.19
|
| | | |
|
|\ \ \
| | | |
| | | | |
chromium: use llvm 17
|
| | |/
| |/| |
|
|\ \ \
| | | |
| | | | |
microsoft-edge: 119.0.2151.72 -> 120.0.2210.61
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
vivaldi: 6.5.3206.39 -> 6.5.3206.48
|
| | | | | |
|
|/ / / / |
|
| | | |
| | | |
| | | |
| | | | |
https://github.com/mullvad/mullvad-browser/releases/tag/13.0.7
|
| |_|/
|/| |
| | |
| | |
| | | |
https://blog.torproject.org/new-release-tor-browser-1307/
https://blog.torproject.org/new-release-tor-browser-1308/
|
| | | |
|
|\ \ \
| | | |
| | | | |
floorp: 11.6.1 -> 11.7.1
|
| | | | |
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
brave: 1.61.101 -> 1.61.109
|
| | | | |
| | | | |
| | | | |
| | | | | |
https://community.brave.com/t/release-channel-1-61-109/522518
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_20.html
This update includes 1 security fix. Google is aware that an exploit
for CVE-2023-7024 exists in the wild.
CVEs:
CVE-2023-7024
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_20.html
This update includes 1 security fix. Google is aware that an exploit
for CVE-2023-7024 exists in the wild.
CVEs:
CVE-2023-7024
|
|/ / / / |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
https://www.mozilla.org/en-US/firefox/115.6.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/
Fixes CVE-2023-6856
Fixes CVE-2023-6857
Fixes CVE-2023-6858
Fixes CVE-2023-6859
Fixes CVE-2023-6860
Fixes CVE-2023-6861
Fixes CVE-2023-6862
Fixes CVE-2023-6863
Fixes CVE-2023-6864
Fixes CVE-2023-6865
Fixes CVE-2023-6867
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
https://www.mozilla.org/en-US/firefox/121.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/
Fixes CVE-2023-6135
Fixes CVE-2023-6856
Fixes CVE-2023-6857
Fixes CVE-2023-6858
Fixes CVE-2023-6859
Fixes CVE-2023-6860
Fixes CVE-2023-6861
Fixes CVE-2023-6863
Fixes CVE-2023-6864
Fixes CVE-2023-6865
Fixes CVE-2023-6866
Fixes CVE-2023-6867
Fixes CVE-2023-6868
Fixes CVE-2023-6869
Fixes CVE-2023-6870
Fixes CVE-2023-6871
Fixes CVE-2023-6872
Fixes CVE-2023-6873
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
https://www.mozilla.org/en-US/firefox/121.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/
Fixes CVE-2023-6135
Fixes CVE-2023-6856
Fixes CVE-2023-6857
Fixes CVE-2023-6858
Fixes CVE-2023-6859
Fixes CVE-2023-6860
Fixes CVE-2023-6861
Fixes CVE-2023-6863
Fixes CVE-2023-6864
Fixes CVE-2023-6865
Fixes CVE-2023-6866
Fixes CVE-2023-6867
Fixes CVE-2023-6868
Fixes CVE-2023-6869
Fixes CVE-2023-6870
Fixes CVE-2023-6871
Fixes CVE-2023-6872
Fixes CVE-2023-6873
|
|\ \ \
| |_|/
|/| | |
chromium: never use libpng-apng patch
|
| |/ |
|
|\ \
| | |
| | | |
tor-browser: use system install & simplify wrapper
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Enables official system install which stores state in `~/.tor project`
instead of `~/.local/share/tor-browser`.
The custom wrapper, which added some isolation, is replaced with a
simpler makeWrapper-based solution.
These changes bring the `tor-browser` package much closer to the
`mullvad-browser` package.
|
| | | |
|
|\ \ \
| | | |
| | | | |
vivaldi: 6.4.3160.42 -> 6.5.3206.39
|
| | |/
| |/| |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html
This update includes 9 security fixes.
CVEs:
CVE-2023-6702 CVE-2023-6703 CVE-2023-6704 CVE-2023-6705 CVE-2023-6706
CVE-2023-6707
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_12.html
This update includes 9 security fixes.
CVEs:
CVE-2023-6702 CVE-2023-6703 CVE-2023-6704 CVE-2023-6705 CVE-2023-6706
CVE-2023-6707
|
|\ \
| | |
| | | |
qutebrowser: 3.0.2 -> 3.1.0
|
| | |
| | |
| | |
| | |
| | |
| | | |
Diff: https://github.com/qutebrowser/qutebrowser/compare/v3.0.2...v3.1.0
Changelog: https://github.com/qutebrowser/qutebrowser/blob/v3.1.0/doc/changelog.asciidoc
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Having
```nix
host_toolchain = "//build/toolchain/linux/unbundle:host";
v8_snapshot_toolchain = "//build/toolchain/linux/unbundle:host";
```
on native, non-cross-compilation builds roughly doubles the build steps
and, by proxy, compute and time needed to build.
So to resolve this, we conditionally change those values depending on
whether we are cross-compiling or not.
Co-authored-by: Adam Joseph <adam@westernsemico.com>
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
|\| | |
|
| |\ \
| | | |
| | | | |
{ungoogled-,}chromium,chromedriver: 119.0.6045.199/105 -> 120.0.6099.71
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop.html
https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_6.html
This update includes 10 security fixes.
CVEs:
CVE-2023-6508 CVE-2023-6509 CVE-2023-6510 CVE-2023-6511 CVE-2023-6512
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop.html
https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_6.html
This update includes 10 security fixes.
CVEs:
CVE-2023-6508 CVE-2023-6509 CVE-2023-6510 CVE-2023-6511 CVE-2023-6512
Co-authored-by: emilylange <git@emilylange.de>
|