Update includes 4 security fixes, including one critical (see [0]):
* [835887] Critical: Chain leading to sandbox escape. Reported by Anonymous on 2018-04-23:
* [836858] High CVE-2018-6121: Privilege Escalation in extensions.
* [836141] High CVE-2018-6122: Type confusion in V8.
* [$5000][833721] High CVE-2018-6120: Heap buffer overflow in PDFium. Reported by Zhou Aiting(@zhouat1) of Qihoo 360 Vulcan Team on 2018-04-17
[0] https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop.html
PS: Didn't build Beta and Dev, verified only Stable for now
cc @bendlas @aszlig
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/qutebrowser/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/nckfqg5crmyrx3aazk6szii42qy7v1g3-qutebrowser-1.3.0/bin/qutebrowser -h’ got 0 exit code
- ran ‘/nix/store/nckfqg5crmyrx3aazk6szii42qy7v1g3-qutebrowser-1.3.0/bin/qutebrowser --help’ got 0 exit code
- ran ‘/nix/store/nckfqg5crmyrx3aazk6szii42qy7v1g3-qutebrowser-1.3.0/bin/..qutebrowser-wrapped-wrapped -h’ got 0 exit code
- ran ‘/nix/store/nckfqg5crmyrx3aazk6szii42qy7v1g3-qutebrowser-1.3.0/bin/..qutebrowser-wrapped-wrapped --help’ got 0 exit code
- ran ‘/nix/store/nckfqg5crmyrx3aazk6szii42qy7v1g3-qutebrowser-1.3.0/bin/.qutebrowser-wrapped -h’ got 0 exit code
- ran ‘/nix/store/nckfqg5crmyrx3aazk6szii42qy7v1g3-qutebrowser-1.3.0/bin/.qutebrowser-wrapped --help’ got 0 exit code
- found 1.3.0 with grep in /nix/store/nckfqg5crmyrx3aazk6szii42qy7v1g3-qutebrowser-1.3.0
- directory tree listing: https://gist.github.com/b9f575b232cde51598aeed723a03f7ec
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/palemoon/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/0qfxznyni5ivyrj3hs0w6dhlk3z4kfaq-palemoon-27.9.0/bin/palemoon -h’ got 0 exit code
- ran ‘/nix/store/0qfxznyni5ivyrj3hs0w6dhlk3z4kfaq-palemoon-27.9.0/bin/palemoon --help’ got 0 exit code
- ran ‘/nix/store/0qfxznyni5ivyrj3hs0w6dhlk3z4kfaq-palemoon-27.9.0/bin/palemoon -V’ and found version 27.9.0
- ran ‘/nix/store/0qfxznyni5ivyrj3hs0w6dhlk3z4kfaq-palemoon-27.9.0/bin/palemoon -v’ and found version 27.9.0
- ran ‘/nix/store/0qfxznyni5ivyrj3hs0w6dhlk3z4kfaq-palemoon-27.9.0/bin/palemoon --version’ and found version 27.9.0
- found 27.9.0 with grep in /nix/store/0qfxznyni5ivyrj3hs0w6dhlk3z4kfaq-palemoon-27.9.0
- directory tree listing: https://gist.github.com/d3039819d96bec3615450de44abbffc4
Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28
Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30
High CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous on 2018-02-20
High CVE-2018-6088: Use after free in PDFium. Reported by Anonymous on 2018-03-15
High CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by Rob Wu on 2018-02-04
High CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song on 2018-03-12
High CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05
High CVE-2018-6092: Integer overflow in WebAssembly. Reported by Natalie Silvanovich of Google Project Zero on 2018-03-08
Medium CVE-2018-6093: Same origin bypass in Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-01
Medium CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris Rohlf on 2016-08-01
Medium CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. Reported by Abdulrahman Alqabandi (@qab) on 2016-08-11
Medium CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-19
Medium CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr of Tencent's Xuanwu Lab on 2018-01-26
Medium CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-03
Medium CVE-2018-6099: CORS bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-02-03
Medium CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-02-11
Medium CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . Reported by Rob Wu on 2018-02-19
Medium CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-20
Medium CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani on 2018-02-24
Medium CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-08
Medium CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-18
Medium CVE-2018-6106: Incorrect handling of promises in V8. Reported by lokihardt of Google Project Zero on 2018-01-25
Medium CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-02
Medium CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-27
Low CVE-2018-6109: Incorrect handling of files by FileAPI. Reported by Dominik Weber (@DoWeb_) on 2017-04-10
Low CVE-2018-6110: Incorrect handling of plaintext files via file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24
Low CVE-2018-6111: Heap-use-after-free in DevTools. Reported by Khalil Zhani on 2017-11-02
Low CVE-2018-6112: Incorrect URL handling in DevTools. Reported by Rob Wu on 2017-12-29
Low CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani on 2018-01-25
Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on 2018-02-13
Low CVE-2018-6115: SmartScreen bypass in downloads. Reported by James Feher on 2018-03-07
Low CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by Jin from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. on 2018-03-15
Low CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey on 2018-03-15
Low CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS. Reported by Ian Beer of Google Project Zero on 2018-03-15
Semi-automatic update generated by https://github.com/ryantm/nix-update tools. These checks were done:
- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 0.9.96 with grep in /nix/store/hy3dyckwbq8x0ylgydqf3hsd0yyj38mf-otter-browser-0.9.96
- directory tree listing: https://gist.github.com/3ba5ac755cab96acd876703e94dff4b4
Semi-automatic update generated by https://github.com/ryantm/nix-update tools.
This update was made based on information from https://repology.org/metapackage/qutebrowser/versions.
These checks were done:
- built on NixOS
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/qutebrowser -h` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/qutebrowser --help` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/..qutebrowser-wrapped-wrapped -h` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/..qutebrowser-wrapped-wrapped --help` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/.qutebrowser-wrapped -h` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/.qutebrowser-wrapped --help` got 0 exit code
- found 1.2.1 with grep in /nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1
- directory tree listing: https://gist.github.com/b85ebb5c38a8861cac255f78b5c16525
The icons for Firefox are in a new location in the unwrapped package; the
wrapper is updated to reflect that. This should have no effect on other browers
that provide their own icons in the default XDG location.
This is optional (`libcardiacarrest` has a workaround for this bug
because there's `firefox-bin` that I can't fix), but with this applied things
are a bit smoother.
Semi-automatic update. These checks were done:
- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 27.8.0 with grep in /nix/store/vqardwl9d7s3wdgapj4ybzrgpw5w3671-palemoon-27.8.0
