GNU bug report logs - #47154
ungoogled-chromium@88.0.4324.182 package vulnerable to various severe CVEs

Previous Next

Package: guix;

Reported by: Léo Le Bouter <lle-bout <at> zaclys.net>

Date: Mon, 15 Mar 2021 08:45:02 UTC

Severity: normal

Done: Léo Le Bouter <lle-bout <at> zaclys.net>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Léo Le Bouter <lle-bout <at> zaclys.net>
Subject: bug#47154: closed (ungoogled-chromium <at> 88.0.4324.182 package
 vulnerable to various severe CVEs)
Date: Fri, 19 Mar 2021 08:50:02 +0000

[Message part 1 (text/plain, inline)]
Your bug report

#47154: ungoogled-chromium <at> 88.0.4324.182 package vulnerable to various severe CVEs

which was filed against the guix package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 47154 <at> debbugs.gnu.org.

-- 
47154: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=47154
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Léo Le Bouter <lle-bout <at> zaclys.net>
To: 47154-done <at> debbugs.gnu.org
Subject: ungoogled-chromium <at> 88.0.4324.182 package vulnerable to various
 severe CVEs
Date: Fri, 19 Mar 2021 09:48:59 +0100

[Message part 3 (text/plain, inline)]
Fixed by 1155a88308df7649fe74bd5bb8279a4d103ce386

[signature.asc (application/pgp-signature, inline)]
[Message part 5 (message/rfc822, inline)]
From: Léo Le Bouter <lle-bout <at> zaclys.net>
To: bug-guix <at> gnu.org
Cc: marius <at> gnu.org
Subject: ungoogled-chromium <at> 88.0.4324.182 package vulnerable to various
 severe CVEs
Date: Mon, 15 Mar 2021 09:44:22 +0100

[Message part 6 (text/plain, inline)]
Hello!

Latest version is 89.0.4389.90

ungoogled-chromium upstream has it: 
https://github.com/Eloston/ungoogled-chromium/commit/64cbcbcfee33fd56760173b3a17d2de52cd77258

Debian also upgraded: 
https://salsa.debian.org/chromium-team/chromium/-/commit/8a1f530bdc3fc90993cdc1499e77f9e91468a686

I am not sure how to undertake this upgrade, I tried a little bit but
it failed at failing to delete some bundled third_party directories.

Would love to know in more detail what is the process for upgrading
ungoogled-chromium, license checking and patch rebasing if necessary.

Thank you!

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 4 years and 60 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.