Skip to content

ungoogled-chromium: 131.0.6778.69-1 -> 131.0.6778.85-1#357691

Merged
emilylange merged 2 commits intoNixOS:masterfrom
networkException:ungoogled-chromium
Nov 21, 2024
Merged

ungoogled-chromium: 131.0.6778.69-1 -> 131.0.6778.85-1#357691
emilylange merged 2 commits intoNixOS:masterfrom
networkException:ungoogled-chromium

Conversation

@networkException
Copy link
Member

https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_19.html

This update includes 3 security fixes.

CVEs:
CVE-2024-11395

Updating to the same version as chromium in #357371

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 25.05 Release Notes (or backporting 24.11 and 25.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

This patch extends the caching mechanism of the chromium
update scripts to use cached dependencies of all attributes
in the lockfile.

When updating ungoogled-chromium for example, the update script
will now use cached dependencies from vanilla chromium, usually
meaning that no additional fetching has to be done.
@networkException networkException added 1.severity: security Issues which raise a security issue, or PRs that fix one backport release-24.05 labels Nov 20, 2024
@nix-owners nix-owners bot requested a review from emilylange November 20, 2024 22:31
@emilylange
Copy link
Member

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review pr 357691


x86_64-linux

✅ 3 packages built:
  • ungoogled-chromium
  • ungoogled-chromium.sandbox
  • vscode-extensions.yzane.markdown-pdf

@emilylange emilylange merged commit 0bbaf55 into NixOS:master Nov 21, 2024
@github-actions
Copy link
Contributor

Backport failed for release-24.05, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin release-24.05
git worktree add -d .worktree/backport-357691-to-release-24.05 origin/release-24.05
cd .worktree/backport-357691-to-release-24.05
git switch --create backport-357691-to-release-24.05
git cherry-pick -x 68d51619a279eea68df7a656a7276877412e6347 bd84f1c657c79169651f84f06d6aa4204c6ca59c

@github-actions
Copy link
Contributor

Successfully created backport PR for release-24.11:

@emilylange
Copy link
Member

Backport failed for release-24.05, because it was unable to cherry-pick the commit(s).

Manual backport in #357925

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants

Comments