Age | Commit message (Collapse) | Author | Files | Lines |
|
[Backport release-23.11] discord: 0.0.51 -> 0.0.52
|
|
(cherry picked from commit 31b789ce8544f66b1cdce6633648cfce28dd0a7d)
|
|
They signaled interest in issue 306010.
(cherry picked from commit 1f88e2fa146c93330846958f95905e3a0d4d9cd3)
|
|
Historically, `google-chrome` used the version info and debian package
FOD provided by `chromium`.
This was very efficient, because `chromium` uses parts of the debian
tarball for Widevine (opt-in, via `.override`).
Meaning `chromium` has to track that debian tarball with each update
anyway.
And they always release in sync.
So why keep seperate `google-chrome` from `chromium` now?
- The current `chromium` maintainers are already at capacity
maintaining `chromium` and have no time for `google-chrome`.
- `chromium` bumps become sometimes a bottleneck for `google-chrome`.
This is because `chromium` is built from source and a lot more time
consuming and significantly more complex.
- Lately, `chromium` and `google-chrome` both had an upstream issue
under wayland with `--ozone-platform-hint`, rendering it unusable.
For `chromium` we were able to patch it, since unlike `google-chrome`
it's built from source.
The `chromium` maintainers simply forgot that `google-chrome` might
have the same issue, continued to merge the PR, rendering
`google-chrome` broken.
This PR also removes primeos from `meta.maintainers` since they only
added themself to `google-chrome` because it inherited `chromium`'s
version, stating they don't actually use `google-chrome`.
Furthermore, primeos no longer maintains `chromium`.
Ref 477e7d6b60e817661632ff3a8aaf2e39c4cceadc
(cherry picked from commit 9f96faf9d8d5ba69f1772d087284bb6d2a67f356)
|
|
Those are leftovers from when `google-chrome-{beta,dev}` were removed
due to lack of maintenance in 59719f787e94f39e64e9086d08eaedd8a9e61b22.
(cherry picked from commit dfd28b0c05d52782f821dbdf5e710a0a5c80d355)
|
|
Diff: https://github.com/telegramdesktop/tdesktop/compare/v4.16.8...v5.0.0
Changelog: https://github.com/telegramdesktop/tdesktop/releases/tag/v5.0.0
(cherry picked from commit 6ecc2d869a87908becdcf4bc1ad3be8e2a4501d5)
|
|
(cherry picked from commit 252f8d3423479b53dda86716b78a089188dfd925)
|
|
Diff: https://github.com/opentofu/opentofu/compare/v1.7.0-beta1...v1.7.0
Changelog: https://github.com/opentofu/opentofu/blob/v1.7.0/CHANGELOG.md
(cherry picked from commit aadbdc7d48913fe887fbadeb374203e463457f7d)
|
|
Diff: https://github.com/opentofu/opentofu/compare/v1.7.0-alpha1...v1.7.0-beta1
Changelog: https://github.com/opentofu/opentofu/blob/v1.7.0-beta1/CHANGELOG.md
(cherry picked from commit 5105b4bcbc68e42357ae01796af15ad00c1768fd)
|
|
Diff: https://github.com/opentofu/opentofu/compare/v1.6.2...v1.7.0-alpha1
Changelog: https://github.com/opentofu/opentofu/blob/v1.7.0-alpha1/CHANGELOG.md
(cherry picked from commit 25a4a18d8676fbb51b671cb75b893d2d37ce6a09)
|
|
Diff: https://github.com/opentofu/opentofu/compare/v1.6.1...v1.6.2
Changelog: https://github.com/opentofu/opentofu/blob/v1.6.2/CHANGELOG.md
(cherry picked from commit 55af7e2300a0b460a9703d9cb159a1c79b027794)
|
|
[Backport release-23.11] chromium: 124.0.6367.91 -> 124.0.6367.118, lower version range of `--ozone-platform-hint` patch
|
|
[Backport release-23.11] {tor,mullvad}-browser: fix font config patch
|
|
[Backport release-23.11] deltachat-desktop: 1.42.2 -> 1.44.0
|
|
[Backport release-23.11] signal-desktop(aarch64): 7.3.0 -> 7.5.1
|
|
Ref: fb10ea41b2a080cb4ecac34aa12cf056d8d3f90e
We had to apply this patch from M125 to M124 because at the time,
chromium hasn't backported this to M124 yet.
Until now!
Or at least somewhat.
124.0.6367.118 shipped and has an equivalent patch now, which means that
this patch is no longer needed.
(Ignoring the fact that it no longer applies because of this anyway)
At least on chromium.
The thing is, ungoogled-chromium hasn't caught up with chromium yet,
meaning it is still on < .118 and thus still needs that patch.
(cherry picked from commit 85dfe83a86658f3fba80c050a774195f08fb378d)
|
|
https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html
This update includes 2 security fixes.
CVEs:
CVE-2024-4331 CVE-2024-4368
(cherry picked from commit b71eeb5b2d7a3c7aed0cb089bfad25b23cc008fc)
|
|
[Backport release-23.11] git-hound: 1.4 -> 1.7.2 unbreak
|
|
(cherry picked from commit 67b3f5964f964c63841e5ec8a85efc75a1e1dc58)
|
|
(cherry picked from commit dd647021251a01a02e5bfe1af8465eab4f5423fb)
|
|
The new substituteInPlace commands will fail when they don't apply,
which will avoid some issues.
(cherry picked from commit f00481192ddbf75ada1ee02b324485104d1280c3)
|
|
(cherry picked from commit c69a216eec2f8f3ae1ddbaf051666d7eff424440)
|
|
[23.11] gitea: backport CSP patch in markdown renderer
|
|
https://www.mozilla.org/en-US/firefox/125.0.3/releasenotes/
(cherry picked from commit cade5ad06a0d926dcd5ac37067dfff99dbc7dfdd)
|
|
https://www.mozilla.org/en-US/firefox/125.0.3/releasenotes/
(cherry picked from commit 0a694771751e1d37fa4cdef85ae550aa17104eb4)
|
|
risicle/ris-sngrep-CVE-2024-3119-CVE-2024-3120-r23.11
[23.11] sngrep: add patch for CVE-2024-3119 & CVE-2024-3120
|
|
[Backport release-23.11] Discord updates
|
|
[Backport release-23.11] palemoon-bin: 33.0.2 -> 33.1.0
|
|
(cherry picked from commit 89e1ebb1e06b6fd415397f9cd76b9ff38488e511)
|
|
(cherry picked from commit 5c88cde0ba69605ce17fb99fc80b21d12c812eda)
|
|
(cherry picked from commit e2a67424fdbeb80a0f190c7cd8476c38f7bb4c42)
|
|
(cherry picked from commit 2ebc5bd3f59f64f5d0ffd21767d716e069a07ac9)
|
|
(cherry picked from commit ce38e7a4afebcf07cc6fffedad45e7f156f9d787)
|
|
(cherry picked from commit 9511e7af23bbf4ad7f57f5cc5015232b007bd9b1)
|
|
(cherry picked from commit 44658c14579e127aaa3b58c240028ad31e51713d)
|
|
Note that there's currently no release blog entry
for .91 specifically.
https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html
This update includes 4 security fixes.
CVEs:
CVE-2024-4058 CVE-2024-4059 CVE-2024-4060
(cherry picked from commit 48f25ebe728c551bfb3bbafb237a28ecfda67bdc)
|
|
Note that there's currently no release blog entry
for .91 specifically.
https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html
This update includes 4 security fixes.
CVEs:
CVE-2024-4058 CVE-2024-4059 CVE-2024-4060
(cherry picked from commit 5072c7bb91802e6c0b8492a01b757771b161071d)
|
|
(cherry picked from commit 95c1ffd998b90138a4910076d22e03aa6d69d52c)
|
|
(cherry picked from commit dd7a10fac877d605b1cc91d3f3e94471d180622a)
|
|
[23.11] octoprint: apply patch for CVE-2024-28237
|
|
...into release-23.11
|
|
|
|
The 1.10.0 upgrade from #306861 seems to be too big to
be safely backported.
I also did not backport CVE-2024-23637: it is split across
a series of patches and impacts quite sensitive parts of OctoPrint.
I am not feeling confident enough to backport it and exploiting the issue
requires an admin level access.
|
|
(cherry picked from commit 1af4a76beaf7403f816d42fc8ec85614be54d41c)
|
|
(cherry picked from commit a7e26c5949710061c5ee1cb61829b254f432739c)
|
|
(cherry picked from commit ae8abf36cfcdad2ccc3bf3e9c4ca7089021c51e7)
|
|
(cherry picked from commit c21d0c384484712202bb9f5a69858739f31742f5)
|
|
[Backport release-23.11] brscan5: 1.3.0-0 -> 1.3.1-0
|
|
vscode-extensions.davidanson.vscode-markdownlint: 0.54.0 -> 0.55.0
|
|
[23.11] brave: 1.64.113 -> 1.65.122
|