chromium: 86.0.4240.75 -> 86.0.4240.111 (CVE-2020-16000 CVE-2020-16001 CVE-2020-16002 CVE-2020-15999 CVE-2020-16003)

[TredwellGit]

Motivation for this change

https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html

CVE-2020-16000 CVE-2020-16001 CVE-2020-16002 CVE-2020-15999 CVE-2020-16003

Google is aware of reports that an exploit for CVE-2020-15999 exists in the wild.

Things done

• Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
• Built on platform(s)
  • NixOS
  • macOS
  • other Linux distributions
• Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
• Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
• Tested execution of all binary files (usually in ./result/bin/)
• Determined the impact on package closure size (by running nix path-info -S before and after)
• Ensured that relevant documentation is up to date
• Fits CONTRIBUTING.md.

[TredwellGit]

platform	attribute	status	tester
x86_64	chromium	✓	@danielfullmer
x86_64	nixosTests.chromium	✓	@danielfullmer
x86_64	google-chrome		@primeos
aarch64	chromium		@thefloweringash

[TredwellGit]

I know that @primeos usually does these, but this is a critical security release and the fix has been out for almost two days.

[danielfullmer]

Built and tested chromium and nixosTests.chromium on x86_64-linux.

[primeos]

I know that @primeos usually does these, but this is a critical security release and the fix has been out for almost two days.

Thanks! The timing of the update was unfortunate for me (wasn't even aware of it until now :o).
Btw. in case you'd be interested in becoming the primary Chromium maintainer that would be welcome (just let me know in advance). But only if you want of course ;)

Anyway, I'll backport this right away.