From 01d3f37f6b47f517f044b5101805c1282e475087 Mon Sep 17 00:00:00 2001 From: emilylange Date: Thu, 16 May 2024 00:24:54 +0200 Subject: chromedriver: 124.0.6367.207 -> 125.0.6422.60 --- pkgs/applications/networking/browsers/chromium/upstream-info.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'pkgs/applications/networking/browsers/chromium') diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.nix b/pkgs/applications/networking/browsers/chromium/upstream-info.nix index 1c0daf2372924..51c65ea648f27 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.nix +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.nix @@ -1,11 +1,11 @@ { stable = { chromedriver = { - hash_darwin = "sha256-00582jnlAkVkqFsylZnTWfHh5TJkz+m9W8QCXYKerfo="; + hash_darwin = "sha256-ahwPSPoB2h6Zq4ePbvSmYs3WNc+MpBXQYyYLf0ZS3ss="; hash_darwin_aarch64 = - "sha256-EV45I6lav93uMzgZkjypq1RazqtP1W8w8/c4dVZ5hjI="; - hash_linux = "sha256-xCizRpHgcent3D/tMBK+CtXiwtTdH61fja1u8QyECCA="; - version = "124.0.6367.207"; + "sha256-NVqr/i4S4XP+z0+YT6CuDnmyN4GtS6ttyJDOQ05KB+0="; + hash_linux = "sha256-PKuhfBw5FblCUQ60yeQC0McvYu7gPfwwIW1ysN/MwVA="; + version = "125.0.6422.60"; }; deps = { gn = { -- cgit 1.4.1 From 55ed4c20f0afdd66d6914865ba7ec03ce3c7ee35 Mon Sep 17 00:00:00 2001 From: emilylange Date: Thu, 16 May 2024 00:25:58 +0200 Subject: chromium: 124.0.6367.207 -> 125.0.6422.60 https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html This update includes 9 security fixes. Google is aware that an exploit for CVE-2024-4947 exists in the wild. CVEs: CVE-2024-4947 CVE-2024-4948 CVE-2024-4949 CVE-2024-4950 --- .../networking/browsers/chromium/upstream-info.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'pkgs/applications/networking/browsers/chromium') diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.nix b/pkgs/applications/networking/browsers/chromium/upstream-info.nix index 51c65ea648f27..ba8ec97ccc079 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.nix +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.nix @@ -9,14 +9,14 @@ }; deps = { gn = { - hash = "sha256-aEL1kIhgPAFqdb174dG093HoLhCJ07O1Kpqfu7r14wQ="; - rev = "22581fb46c0c0c9530caa67149ee4dd8811063cf"; + hash = "sha256-lrVAb6La+cvuUCNI90O6M/sheOEVFTjgpfA3O/6Odp0="; + rev = "d823fd85da3fb83146f734377da454473b93a2b2"; url = "https://gn.googlesource.com/gn"; - version = "2024-03-14"; + version = "2024-04-10"; }; }; - hash = "sha256-IeIWk4y1dufEnhxqvZbQlFVD8dsoceysiEHqJ2G4Oz8="; - version = "124.0.6367.207"; + hash = "sha256-ewX7oRna7IYCXhAe98HS5HbS1psIEAguhZJ1ymK+dPE="; + version = "125.0.6422.60"; }; ungoogled-chromium = { deps = { -- cgit 1.4.1 From 81c988db8af8674c8905f3286f058f0456ecb6b8 Mon Sep 17 00:00:00 2001 From: emilylange Date: Thu, 16 May 2024 00:40:39 +0200 Subject: chromium: rebase widevine patch for M125 Ref: https://github.com/chromium/chromium/commit/ca53cbde1728fbc0a30d1acb30357be55a18e26a --- .../widevine-disable-auto-download-allow-bundle.patch | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'pkgs/applications/networking/browsers/chromium') diff --git a/pkgs/applications/networking/browsers/chromium/patches/widevine-disable-auto-download-allow-bundle.patch b/pkgs/applications/networking/browsers/chromium/patches/widevine-disable-auto-download-allow-bundle.patch index d4f16d26b769e..4ab2c9a8179ba 100644 --- a/pkgs/applications/networking/browsers/chromium/patches/widevine-disable-auto-download-allow-bundle.patch +++ b/pkgs/applications/networking/browsers/chromium/patches/widevine-disable-auto-download-allow-bundle.patch @@ -12,15 +12,16 @@ index 525693b6c10ab..245491e137d39 100644 "ENABLE_MEDIA_FOUNDATION_WIDEVINE_CDM=$enable_media_foundation_widevine_cdm", ] diff --git a/third_party/widevine/cdm/widevine.gni b/third_party/widevine/cdm/widevine.gni -index 58f073ca562ca..4b242c2618dfb 100644 +index 8b97b7a57419e..69fe548ec2845 100644 --- a/third_party/widevine/cdm/widevine.gni +++ b/third_party/widevine/cdm/widevine.gni -@@ -41,8 +41,7 @@ enable_library_widevine_cdm = - # Widevine CDM can be deployed as a component. Currently only supported on - # desktop platforms. The CDM can be bundled regardless whether - # it's a component. See below. +@@ -42,9 +42,7 @@ enable_library_widevine_cdm = + # desktop platforms. Not enabled for lacros (as it is changing to use the + # ash updated version). The CDM can be bundled regardless whether it's a + # component. See below. -enable_widevine_cdm_component = -- enable_library_widevine_cdm && (is_win || is_mac || is_linux || is_chromeos) +- enable_library_widevine_cdm && +- (is_win || is_mac || is_linux || is_chromeos_ash) +enable_widevine_cdm_component = false # Enable (Windows) Media Foundation Widevine CDM component. -- cgit 1.4.1 From 3809fdf55c2147613bf123d46e0190c7bf3717c9 Mon Sep 17 00:00:00 2001 From: networkException Date: Fri, 17 May 2024 01:23:49 +0100 Subject: ungoogled-chromium: 124.0.6367.207-1 -> 125.0.6422.60-1 https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html This update includes 9 security fixes. Google is aware that an exploit for CVE-2024-4947 exists in the wild. CVEs: CVE-2024-4947 CVE-2024-4948 CVE-2024-4949 CVE-2024-4950 --- .../networking/browsers/chromium/upstream-info.nix | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'pkgs/applications/networking/browsers/chromium') diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.nix b/pkgs/applications/networking/browsers/chromium/upstream-info.nix index ba8ec97ccc079..db658cdda73a2 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.nix +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.nix @@ -21,17 +21,17 @@ ungoogled-chromium = { deps = { gn = { - hash = "sha256-aEL1kIhgPAFqdb174dG093HoLhCJ07O1Kpqfu7r14wQ="; - rev = "22581fb46c0c0c9530caa67149ee4dd8811063cf"; + hash = "sha256-lrVAb6La+cvuUCNI90O6M/sheOEVFTjgpfA3O/6Odp0="; + rev = "d823fd85da3fb83146f734377da454473b93a2b2"; url = "https://gn.googlesource.com/gn"; - version = "2024-03-14"; + version = "2024-04-10"; }; ungoogled-patches = { - hash = "sha256-7Z9j+meVRZYLmreCzHlJe71E9kj5YJ4rrfpQ/deNTpM="; - rev = "124.0.6367.207-1"; + hash = "sha256-I3RQBa4LLuOdZQFKHIqePj9Ozw61dsuAOctqN1abij0="; + rev = "125.0.6422.60-1"; }; }; - hash = "sha256-IeIWk4y1dufEnhxqvZbQlFVD8dsoceysiEHqJ2G4Oz8="; - version = "124.0.6367.207"; + hash = "sha256-ewX7oRna7IYCXhAe98HS5HbS1psIEAguhZJ1ymK+dPE="; + version = "125.0.6422.60"; }; } -- cgit 1.4.1