Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chromium,ungoogled-chromium,chromedriver: 116.0.5845.187/96 -> 117.0.5938.88 #255653

Merged
merged 4 commits into from
Sep 17, 2023
Merged

chromium,ungoogled-chromium,chromedriver: 116.0.5845.187/96 -> 117.0.5938.88 #255653

merged 4 commits into from
Sep 17, 2023

Conversation

networkException
Copy link
Member

Description of changes

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_15.html

This update includes 11 security fixes.

CVEs:
CVE-2023-4863 CVE-2023-4900 CVE-2023-4901 CVE-2023-4902 CVE-2023-4903
CVE-2023-4904 CVE-2023-4905 CVE-2023-4906 CVE-2023-4907 CVE-2023-4908
CVE-2023-4909

Note that CVE-2023-4863 has already been addressed by #254702, also note
that due to chromium not vendoring libwebp the actual fix was in #254775.

See the tracking issue for CVE-2023-4863 #254798.

This pull request depends on #255463 due to including new scripts that hit
this bug in the source tarball.

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 23.11 Release Notes (or backporting 23.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

@networkException
chromium: 116.0.5845.187 -> 117.0.5938.88
e451433 
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_15.html

This update includes 11 security fixes.

CVEs:
CVE-2023-4863 CVE-2023-4900 CVE-2023-4901 CVE-2023-4902 CVE-2023-4903
CVE-2023-4904 CVE-2023-4905 CVE-2023-4906 CVE-2023-4907 CVE-2023-4908
CVE-2023-4909
@networkException
ungoogled-chromium: 116.0.5845.187 -> 117.0.5938.88
b677e25 
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_15.html

This update includes 11 security fixes.

CVEs:
CVE-2023-4863 CVE-2023-4900 CVE-2023-4901 CVE-2023-4902 CVE-2023-4903
CVE-2023-4904 CVE-2023-4905 CVE-2023-4906 CVE-2023-4907 CVE-2023-4908
CVE-2023-4909
@networkException
chromedriver: 116.0.5845.96 -> 117.0.5938.88
c620130
@networkException networkException added 1.severity: security Issues which raise a security issue, or PRs that fix one backport release-23.05 labels Sep 17, 2023
@ofborg ofborg bot added 11.by: package-maintainer This PR was created by the maintainer of the package it changes 10.rebuild-darwin: 1-10 10.rebuild-linux: 11-100 labels Sep 17, 2023
@emilylange emilylange changed the title [WIP] chromium,ungoogled-chromium,chromedriver: 116.0.5845.187/96 -> 117.0.5938.88 chromium,ungoogled-chromium,chromedriver: 116.0.5845.187/96 -> 117.0.5938.88 Sep 17, 2023
@emilylange emilylange marked this pull request as ready for review September 17, 2023 12:17
@emilylange
Copy link
Member

@ofborg build chromium

@emilylange emilylange merged commit f106523 into NixOS:master Sep 17, 2023
@github-actions
Copy link
Contributor

Backport failed for release-23.05, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally.

git fetch origin release-23.05
git worktree add -d .worktree/backport-255653-to-release-23.05 origin/release-23.05
cd .worktree/backport-255653-to-release-23.05
git checkout -b backport-255653-to-release-23.05
ancref=$(git merge-base 5148520bfab61f99fd25fb9ff7bfbb50dad3c9db df39696f6b35b4e21cf15bb65518ee1b5f67ee3d)
git cherry-pick -x $ancref..df39696f6b35b4e21cf15bb65518ee1b5f67ee3d

@emilylange emilylange mentioned this pull request Sep 17, 2023
Closed
12 tasks
@emilylange
Copy link
Member

emilylange commented Sep 17, 2023
edited
Loading

Manual backport in #255690

Backporting #251760 in #255692 and will then trigger another label-based bot-backport.

@github-actions github-actions bot mentioned this pull request Sep 17, 2023
Merged
1 task
@github-actions
Copy link
Contributor

Successfully created backport PR for release-23.05:

@emilylange emilylange mentioned this pull request Sep 22, 2023
Merged
12 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thefloweringash thefloweringash Awaiting requested review from thefloweringash

@squalus squalus Awaiting requested review from squalus

@primeos primeos Awaiting requested review from primeos

@michaeladler michaeladler Awaiting requested review from michaeladler

Assignees
No one assigned
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one 10.rebuild-darwin: 1-10 10.rebuild-linux: 11-100 11.by: package-maintainer This PR was created by the maintainer of the package it changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@networkException @emilylange