New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chromium: 81.0.4044.138 -> 83.0.4103.61 #88206
Conversation
https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop_19.html This update includes 38 security fixes. CVEs: CVE-2020-6465 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469 CVE-2020-6470 CVE-2020-6471 CVE-2020-6472 CVE-2020-6473 CVE-2020-6474 CVE-2020-6475 CVE-2020-6476 CVE-2020-6477 CVE-2020-6478 CVE-2020-6479 CVE-2020-6480 CVE-2020-6481 CVE-2020-6482 CVE-2020-6483 CVE-2020-6484 CVE-2020-6485 CVE-2020-6486 CVE-2020-6487 CVE-2020-6488 CVE-2020-6489 CVE-2020-6490 CVE-2020-6491
Built and tested |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Tested building, some browsing, youtube, and nix-build nixos/tests/chromium.nix -A stable
on aarch64-linux
.
It takes a lot of time in these steps:
it took 2 hours until now and I am still waiting I am using the latest version of the OS itself with the latest kernel |
Unfortunately not really, Chromium is just that big (one of the largest open-source projects). To receive Chromium updates I'd recommend to use a channel and wait for Hydra to finish building it (or get an AMD Ryzen Threadripper :D). |
Since M81 won't receive any updates anymore and there are known vulnerabilities we should mark it as insecure so that users are aware of the risks. Updating Chromium to M83 is unfortunately too challenging for 19.09, but as of today we've already covered the one month period of security updates for "oldstable" and both 20.03 and nixos-unstable contain recent versions (i.e. users should either update to the current stable release or install Chromium from a different channel). nixos-unstable PR for M83: NixOS#88206
https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop_19.html
This update includes 38 security fixes.
CVEs:
CVE-2020-6465 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469
CVE-2020-6470 CVE-2020-6471 CVE-2020-6472 CVE-2020-6473 CVE-2020-6474
CVE-2020-6475 CVE-2020-6476 CVE-2020-6477 CVE-2020-6478 CVE-2020-6479
CVE-2020-6480 CVE-2020-6481 CVE-2020-6482 CVE-2020-6483 CVE-2020-6484
CVE-2020-6485 CVE-2020-6486 CVE-2020-6487 CVE-2020-6488 CVE-2020-6489
CVE-2020-6490 CVE-2020-6491
BTW (in case that causes confusion): Upstream skipped Chromium 82, see https://chromereleases.googleblog.com/2020/03/chrome-and-chrome-os-release-updates.html.
Testing status
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
./result/bin/
)nix path-info -S
before and after)