-
-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chromium: 71.0.3578.98 -> 72.0.3626.81 #54960
Conversation
CVE-2019-5754 CVE-2019-5782 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757 CVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762 CVE-2019-5763 CVE-2019-5764 CVE-2019-5765 CVE-2019-5766 CVE-2019-5767 CVE-2019-5768 CVE-2019-5769 CVE-2019-5770 CVE-2019-5771 CVE-2019-5772 CVE-2019-5773 CVE-2019-5774 CVE-2019-5775 CVE-2019-5776 CVE-2019-5777 CVE-2019-5778 CVE-2019-5779 CVE-2019-5780 CVE-2019-5781
3e4ad89
to
4bba727
Compare
Finally a stable update! \o/ |
Do not merge, I am not hearing any sound output with ALSA in Chromium 72:
71 works fine. |
https://chromium.googlesource.com/chromium/src/+/f2fc90bb74a05cffde6b4363ee575fcca7c45197 https://github.com/chromium/chromium/blob/master/services/audio/audio_sandbox_hook_linux.cc might need to be patched I am currently testing diff --git a/pkgs/applications/networking/browsers/chromium/common.nix b/pkgs/applications/networking/browsers/chromium/common.nix
index 5af8fa60cec..1748387787c 100644
--- a/pkgs/applications/networking/browsers/chromium/common.nix
+++ b/pkgs/applications/networking/browsers/chromium/common.nix
@@ -12,6 +12,7 @@
, utillinux, alsaLib
, bison, gperf
, glib, gtk2, gtk3, dbus-glib
+, glibc
, libXScrnSaver, libXcursor, libXtst, libGLU_combined
, protobuf, speechd, libXdamage, cups
, ffmpeg, libxslt, libxml2, at-spi2-core
@@ -169,6 +170,17 @@ let
'return sandbox_binary;' \
'return base::FilePath(GetDevelSandboxPath());'
+ substituteInPlace services/audio/audio_sandbox_hook_linux.cc \
+ --replace \
+ '/usr/share/alsa/' \
+ '${alsaLib}/share/alsa/' \
+ --replace \
+ '/usr/lib/x86_64-linux-gnu/gconv/' \
+ '${glibc}/lib/gconv/' \
+ --replace \
+ '/usr/share/locale/' \
+ '${glibc}/share/locale/'
+
sed -i -e 's@"\(#!\)\?.*xdg-@"\1${xdg_utils}/bin/xdg-@' \
chrome/browser/shell_integration_linux.cc
|
Deal with https://chromium.googlesource.com/chromium/src/+/f2fc90bb74a05cffde6b4363ee575fcca7c45197 which landed https://github.com/chromium/chromium/blob/master/services/audio/audio_sandbox_hook_linux.cc containing /usr/share and /usr/lib/x86_64-linux-gnu paths.
6b27008 FWIW |
Also, I haven't tested with pulseaudio, if someone uses it, please test. |
CVE-2019-5754 CVE-2019-5782 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757 CVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762 CVE-2019-5763 CVE-2019-5764 CVE-2019-5765 CVE-2019-5766 CVE-2019-5767 CVE-2019-5768 CVE-2019-5769 CVE-2019-5770 CVE-2019-5771 CVE-2019-5772 CVE-2019-5773 CVE-2019-5774 CVE-2019-5775 CVE-2019-5776 CVE-2019-5777 CVE-2019-5778 CVE-2019-5779 CVE-2019-5780 CVE-2019-5781
Oh, I didn't even check for a PR, before updating chromium, sorry. I'll pick your change as soon as I get home. |
Deal with https://chromium.googlesource.com/chromium/src/+/f2fc90bb74a05cffde6b4363ee575fcca7c45197 which landed https://github.com/chromium/chromium/blob/master/services/audio/audio_sandbox_hook_linux.cc containing /usr/share and /usr/lib/x86_64-linux-gnu paths. closes #54960 (cherry picked from commit 03960a3)
Deal with https://chromium.googlesource.com/chromium/src/+/f2fc90bb74a05cffde6b4363ee575fcca7c45197 which landed https://github.com/chromium/chromium/blob/master/services/audio/audio_sandbox_hook_linux.cc containing /usr/share and /usr/lib/x86_64-linux-gnu paths. closes #54960
Motivation for this change
https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)The updated
chromium
is working fine here, I did not testchromiumDev
.