Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Electron 6,7,8 #86237

Merged
merged 4 commits into from May 21, 2020
Merged

Update Electron 6,7,8 #86237

merged 4 commits into from May 21, 2020

Conversation

@prusnak
Copy link
Member

prusnak commented Apr 28, 2020

Motivation for this change

Update Electron 6,7,8 to latest stable releases:

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.
@worldofpeace
Copy link
Member

worldofpeace commented Apr 28, 2020

These fix CVE's so I believe we should backport them.

@prusnak prusnak force-pushed the prusnak:electron-update branch from c589faa to b500911 May 2, 2020
@prusnak
Copy link
Member Author

prusnak commented May 2, 2020

Updated PR to include the latest electron releases 7.2.4 and 8.2.5.

@prusnak prusnak force-pushed the prusnak:electron-update branch from b500911 to 6b8ab28 May 8, 2020
@prusnak
Copy link
Member Author

prusnak commented May 8, 2020

Updated PR to include the latest electron release 6.1.11

@prusnak
Copy link
Member Author

prusnak commented May 10, 2020

All releases include security fixes, adding the security label. Once these changes are in master, I will create a PR to stable.

@ajs124
ajs124 approved these changes May 15, 2020
Copy link
Member

ajs124 left a comment

LGTM

@prusnak prusnak force-pushed the prusnak:electron-update branch from 6b8ab28 to 8d08b2d May 16, 2020
@prusnak
Copy link
Member Author

prusnak commented May 16, 2020

Updated PR to include the latest electron releases 7.3.0 and 8.3.0

prusnak added 4 commits Apr 28, 2020
@prusnak prusnak force-pushed the prusnak:electron-update branch from 8d08b2d to 3f6698b May 19, 2020
@prusnak
Copy link
Member Author

prusnak commented May 19, 2020

Updated PR to include the latest electron release 6.1.12

@prusnak
Copy link
Member Author

prusnak commented May 19, 2020

All 3 releases have CVE fixes in them. Please let's get this merged ASAP, so we can backport this to stable.

Security: backported fix for CVE-2020-6457: Use after free in speech recognizer.
Security: backported fix for CVE-2020-6458: Out of bounds read and write in PDFium.
Security: backported fix for CVE-2020-6459: Use after free in payments.
Security: backported fix for CVE-2020-6460: Insufficient data validation in URL formatting.
Security: backported fix for CVE-2020-6461: use-after-free in storage.
Security: backported fix for CVE-2020-6462: Use after free in task scheduling.
Security: backported fix for CVE-2020-6463: use-after-free in Angle.
Security: backported fix for CVE-2020-6464: Type confusion in blink.
Security: backported fix for CVE-2020-6831: Stack buffer overflow in SCTP.

@mmahut mmahut merged commit 6a205d6 into NixOS:master May 21, 2020
17 checks passed
17 checks passed
Evaluation Performance Report Evaluator Performance Report
Details
electron, electron.passthru.tests, electron_6, electron_6.passthru.tests, electron_7, electron_7.passthru.tests, electron_8, electron_8.passthru.tests on aarch64-linux Success
Details
electron, electron.passthru.tests, electron_6, electron_6.passthru.tests, electron_7, electron_7.passthru.tests, electron_8, electron_8.passthru.tests on x86_64-darwin Success
Details
electron, electron.passthru.tests, electron_6, electron_6.passthru.tests, electron_7, electron_7.passthru.tests, electron_8, electron_8.passthru.tests on x86_64-linux Success
Details
grahamcofborg-eval ^.^!
Details
grahamcofborg-eval-check-maintainers matching changed paths to changed attrs...
Details
grahamcofborg-eval-check-meta config.nix: checkMeta = true
Details
grahamcofborg-eval-darwin nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="3f6698b"; rev="3f6698b8aab7334e5bd08358e173625dd64a48dc"; } ./pkgs/t
Details
grahamcofborg-eval-lib-tests nix-build --arg pkgs import ./. {} ./lib/tests/release.nix
Details
grahamcofborg-eval-nixos nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="3f6698b"; rev="3f6698b8aab7334e5bd08358e173625dd64a48dc"; } ./nixos/
Details
grahamcofborg-eval-nixos-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="3f6698b"; rev="3f6698b8aab7334e5bd08358e173625dd64a48dc"; } ./nixos/
Details
grahamcofborg-eval-nixos-options nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="3f6698b"; rev="3f6698b8aab7334e5bd08358e173625dd64a48dc"; } ./nixos/
Details
grahamcofborg-eval-nixpkgs-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="3f6698b"; rev="3f6698b8aab7334e5bd08358e173625dd64a48dc"; } ./pkgs/t
Details
grahamcofborg-eval-nixpkgs-tarball nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="3f6698b"; rev="3f6698b8aab7334e5bd08358e173625dd64a48dc"; } ./pkgs/t
Details
grahamcofborg-eval-nixpkgs-unstable-jobset nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="3f6698b"; rev="3f6698b8aab7334e5bd08358e173625dd64a48dc"; } ./pkgs/t
Details
grahamcofborg-eval-package-list nix-env -qa --json --file .
Details
grahamcofborg-eval-package-list-no-aliases nix-env -qa --json --file . --arg config { allowAliases = false; }
Details
@prusnak prusnak deleted the prusnak:electron-update branch May 21, 2020
@prusnak prusnak mentioned this pull request May 21, 2020
3 of 10 tasks complete
@prusnak
Copy link
Member Author

prusnak commented May 21, 2020

Thanks @mmahut!

Backport to stable in #88550

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

4 participants
You can’t perform that action at this time.