Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ungoogled-chromium: 131.0.6778.69-1 -> 131.0.6778.85-1 #357691

Merged
merged 2 commits into from
Nov 21, 2024
Merged

ungoogled-chromium: 131.0.6778.69-1 -> 131.0.6778.85-1 #357691

merged 2 commits into from
Nov 21, 2024

Conversation

networkException
Copy link
Member

https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_19.html

This update includes 3 security fixes.

CVEs:
CVE-2024-11395

Updating to the same version as chromium in #357371

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 25.05 Release Notes (or backporting 24.11 and 25.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@networkException
chromium: use cached dependencies from other attributes in update script
68d5161 
This patch extends the caching mechanism of the chromium
update scripts to use cached dependencies of all attributes
in the lockfile.

When updating ungoogled-chromium for example, the update script
will now use cached dependencies from vanilla chromium, usually
meaning that no additional fetching has to be done.
@networkException
ungoogled-chromium: 131.0.6778.69-1 -> 131.0.6778.85-1
bd84f1c 
https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_19.html

This update includes 3 security fixes.

CVEs:
CVE-2024-11395
@networkException networkException added 1.severity: security Issues which raise a security issue, or PRs that fix one backport release-24.05 backport release-24.11 Backport PR automatically labels Nov 20, 2024
@nix-owners nix-owners bot requested a review from emilylange November 20, 2024 22:31
@emilylange
Copy link
Member

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review pr 357691

x86_64-linux

✅ 3 packages built:
  • ungoogled-chromium
  • ungoogled-chromium.sandbox
  • vscode-extensions.yzane.markdown-pdf

@emilylange emilylange merged commit 0bbaf55 into NixOS:master Nov 21, 2024
19 of 20 checks passed
@github-actions GitHub Actions
Copy link
Contributor

Backport failed for release-24.05, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin release-24.05
git worktree add -d .worktree/backport-357691-to-release-24.05 origin/release-24.05
cd .worktree/backport-357691-to-release-24.05
git switch --create backport-357691-to-release-24.05
git cherry-pick -x 68d51619a279eea68df7a656a7276877412e6347 bd84f1c657c79169651f84f06d6aa4204c6ca59c

@github-actions GitHub Actions
Copy link
Contributor

Successfully created backport PR for release-24.11:

@github-actions github-actions bot mentioned this pull request Nov 21, 2024
Merged
1 task
@emilylange emilylange mentioned this pull request Nov 21, 2024
Merged
13 tasks
@emilylange
Copy link
Member

Backport failed for release-24.05, because it was unable to cherry-pick the commit(s).

Manual backport in #357925

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emilylange emilylange Awaiting requested review from emilylange

Assignees
No one assigned
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one backport release-24.11 Backport PR automatically
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@networkException @emilylange