Alien Pastures

My thoughts on Slackware, life and everything

Tag: chromium (Page 19 of 20)

Updates for Chromium and Flash in sep 14

September 11, 2014 / / 11 Comments

Chromium and Pepper Flash:

chromium_iconPatch tuesday came and went. We have new Flash from Adobe and as a result, the Google Chrome browser also had a version bump and a new “PepperFlash” Plugin. Time for an update of my own Chromium package (just for Slackware 14.1 & current; the package for 13.37 & 14.0 remains at 37.0.2062.94 but you can of course compile a newer one yourself).

Taken from the Chrome releases blog: Chromium 37.0.2062.120 addresses critical bug fixes, of which these stand out –

  • [$2000][401362High CVE-2014-3178: Use-after-free in rendering. Credit to miaubiz.
  • [411014] CVE-2014-3179: Various fixes from internal audits, fuzzing and other initiatives..

I also updated the package for chromium-pepperflash-plugin to version 15.0.0.152. As usual, the flash library is taken from the official Google Chrome binaries and integrates nicely with my Chromium package. Note that Chromium contains a PDF plugin these days, so if you still have an old “chromium-pdf-plugin” package installed, you should ‘removepkg’ that now!

Note: If you had the chromium-pepperflash package already installed, please open the file “/etc/default/chromium” in an editor and change the line:

 flashversion=$(strings $flashso|grep ^LNX|sed -e "s/^LNX //"|sed -e "s/,/./g")

to

 flashversion=$(strings $flashso|grep "LNX "|sed -e "s/.*LNX //"|sed -e "s/,/./g")

in order to fix the plugin version shown in “chrome://plugins

Linux Flash:

adobe_flash_8s600x600_2 The Flash updates are released for all platforms, one of them is the “legacy” Linux NPAPI plugin for Mozilla-compatible browsers. See Adobe’s monthly security bulletin for all the version numbers and vulnerabilities. The Linux flashplayer-plugin went up to 11.2.202.406.

 

 

Pipelight with Windows Flash:

pipelight-logoI do not have a new version of the pipelight browser plugin (see previous article for the how to). You can easily update the Windows plugins (including the Windows Flash player if you use that) by running (as root) the script:

# pipelight-plugin --update

I will see about a soon-ish update of pipelight and wine-pipelight if there are enough enhancements.

Good luck with these updates!

New Chromium now supports Netflix natively without Wine plugins

August 31, 2014 / / 46 Comments

chromium_icon

The latest update to my Chromium package is an interesting one. It took me many nights, all of last week, to find a solution for a crash that is mentioned in various bug reports and for which I could not find a working fix anywhere. In the end, I just removed the few lines of code which trigger the crash.

Dear Google: I think it is stupid to force a crash in my package just because my build is not an “official build”. If your developers want bug reports, fine, arrange something in your development or beta source code, but do not annoy users of your your stable releases by making your product unfit for Google searches.

Anyway, Chromium 37.0.2062.94 comes with a couple of critical bug fixes:

  • [$30000][386988] Critical CVE-2014-3176, CVE-2014-3177: A special reward to lokihardt@asrt for a combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox.
  • [$2000][369860] High CVE-2014-3168: Use-after-free in SVG. Credit to cloudfuzzer.
  • [$2000][387389] High CVE-2014-3169: Use-after-free in DOM. Credit to Andrzej Dyjak.
  • [$1000][390624] High CVE-2014-3170: Extension permission dialog spoofing. Credit to Rob Wu.
  • [$4000][390928] High CVE-2014-3171: Use-after-free in bindings. Credit to cloudfuzzer.
  • [$1500][367567] Medium CVE-2014-3172: Issue related to extension debugging. Credit to Eli Grey.
  • [$2000][376951] Medium CVE-2014-3173: Uninitialized memory read in WebGL. Credit to jmuizelaar.
  • [$500][389219] Medium CVE-2014-3174: Uninitialized memory read in Web Audio. Credit to Atte Kettunen from OUSPG.

New in Chromium 37:

Two nice things happened in Chromium 37 that I want to write about.

  • A separate PDF plugin is no longer needed. This release of Chromium finally has the PDF library included which in the past would only be released with the binary Chrome builds. PDF’s are now nicely rendered in the browser window without having to install the chromium-pdf-plugin package. In fact, I removed that plugin package from my repository. If anyone still wants or needs the SlackBuild for that, let me know and I will post it somewhere.
  • I have not tried it myself (no Netflix here) but reportedly Chrome 37.0.2062.94 can play Netflix natively in Linux, without the need for Wine plugins that add support for MS SilverLight. The new HTML5 player with DRM which Netflix optionally uses now, is supported thanks to co-operation between Chrome developers and Netflix. I assume that the Chromium package would provide the same support. In any case, newer (developer) versions of Chromium reportedly do support Netflix natively, just not sure of the exact version where this started working. Try it, and tell me what you found! I will release a “chromium-dev” package later this week to allow testing in Slackware of new functionality, that may help too.

How to make Netflix work with Chrome/Chromium?

These are instructions I took from a LinuxQuestions.org thread, again I am unable to verify their value.

  • Install Chromium (Chrome would work too of course)
  • Install a User Agent switcher (apparently Netflix keeps blocking Linux browsers even though they now support them…)
  • Add new User-Agent in User-Agent-plugin with following settings:
    • New User-Agent Name = Netflix
      New User-Agent String = Mozilla/5.0 (Windows NT 6.3; Win 64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.24 Safari/537.36 (looks like 37.x.x.x version numberss do not work; use the latest Chrome (beta) version here).
      Group = Chrome
      Append = Replace
      Indicator Flag = NX (or whatever you want)
  • Add a new Permanent Spoof List
    • Domain = netflix.com
      User-Agent String = Netflix
  • Make sure your mozilla-nss package has at least version 3.16.4 (Pat Volkerding upgraded all mozilla-nss packages in recent Slackware releases for this reason)
  • In Netflix Playback-settings chose HTML5

Have fun! Eric

Note (added Fri Jan  9 12:12:23 UTC 2015):
Please also read my follow-up article because I have made the Widevnie plugin actually work with Chromium and watching Netflix is now possible in Chromium without any UserAgent spoofing.

Updates for Chromium and Flash

August 13, 2014 / / 8 Comments

Adobe did their monthly security dance and as a result, Google also updated their Chrome browser with the new PepperFlash Plugin. That Chrome release meant that I could compile a new Chromium from the updated sources.

Chromium and Pepper Flash:

chromium_icon The update to my Chromium package was not just triggered by the update (in Chrome) of the Pepper Flash plugin. Chromium 36.0.1985.143 comes with a couple of critical bug fixes:

  • [$2000][390174] High CVE-2014-3165: Use-after-free in web sockets. Credit to Collin Payne.
  • [398925] High CVE-2014-3166: Information disclosure in SPDY. Credit to Antoine Delignat-Lavaud.
  • [400950] CVE-2014-3167: Various fixes from internal audits, fuzzing and other initiatives.

Note that I also updated the package for chromium-pepperflash-plugin to version 14.0.0.177- it contains the newest library, taken from the official Google Chrome binaries and is a recommended companion for the new Chromium package.

Linux Flash:

adobe_flash_8s600x600_2 The Flash updates are released for all platforms, one of them is the “legacy” Linux NPAPI plugin for Mozilla-compatible browsers. See Adobe’s monthly security bulletin for all the version numbers and vulnerabilities. The Linux flashplayer-plugin went up to 11.2.202.400.

Last week: new Chromium, Flash, OpenJDK

June 15, 2014 / / 10 Comments

Real life is taking precedence these days, and I have not been able to work on Slackware so much lately. I did release some updated packages last week.

Chromium:

chromium_icon The update to my Chromium package came pretty shortly after the previous one. Major driver was the update (in Chrome) of the Pepper Flash plugin. Chromium 35.0.1916.153 comes with this list of critical bug fixes:

  • [$1000][369525] High CVE-2014-3154: Use-after-free in filesystem api. Credit to Collin Payne.
  • [$1000][369539] High CVE-2014-3155: Out-of-bounds read in SPDY. Credit to James March, Daniel Sommermann and Alan Frindell of Facebook.
  • [$500][369621] Medium CVE-2014-3156: Buffer overflow in clipboard. Credit to Atte Kettunen of OUSPG.

 

Flash:

adobe_flash_8s600x600_2 The Flash update which triggered the new Chrome/Chromium release was announced along with a security bulletin by Adobe. My pepperflash-plugin package which I extracted from the official Chrome binaries (for use with Chromium) is now at version 14.0.0.125 while the accompanying Linux flashplayer-plugin (for Mozilla-compatible browsers) went up to 11.2.202.378.

 

 

OpenJDK:

icedtea Oracle released their Update 60 to Java7 a week or so ago, and it took a while to get the icedtea framework synced up to Oracle’s new OpenJDK drop. The icedtea bug tracker saw many bugfixes being applied in recent days. The icedtea version went up in minor release number: from 2.4 to 2.5.
The icedtea-2.5.0 release will compile OpenJDK 7 “Update 60 Build 30” (resulting in a package openjdk-7u60_b30).

Remember that I release packages for the JRE (runtime) and the JDK (development kit) simultaneously, but you only need to nstall one of the two. The JRE is sufficient if you only want to run Java programs (including Java web plugins). Only in case where you’d want to develop Java programs and need a Java compiler, you are in need of the JDK package.

The package has one dependency: rhino provides JavaScript support for OpenJDK.

If you want to compile this OpenJDK package yourself, you need to install apache-ant additionally. Note that the previous requirements of xalan & xerces packages have been dropped; ant will provide all required build functionality on its own now.

Have fun! Eric

New pipelight release, accompanied by wine-pipelight. And what about chromium?

June 5, 2014 / / 5 Comments

You are of course subscribed to my repository’s RSS feed and/or you are using slackpkg+ . Then you certainly noticed the update of Chromium to the new major version 35 two weeks ago. I really should have written about this update earlier, because Chromium 35 brings some unfortunate side effects to the table.

Chromium

chromium_iconChrome and Chromium were updated to version 35.0.1916.114, with “fixes for 23 security issues“. The most important fixes (for high-risk vulnerabilities) are:

  • [$3000][356653] High CVE-2014-1743: Use-after-free in styles. Credit to cloudfuzzer.
  • [$3000][359454] High CVE-2014-1744: Integer overflow in audio. Credit to Aaron Staple.
  • [$1000][346192] High CVE-2014-1745: Use-after-free in SVG. Credit to Atte Kettunen of OUSPG.
  • [$1000][364065] Medium CVE-2014-1746: Out-of-bounds read in media filters. Credit to Holger Fuhrmannek.
  • [$1000][330663] Medium CVE-2014-1747: UXSS with local MHTML file. Credit to packagesu.
  • [$500][331168] Medium CVE-2014-1748: UI spoofing with scrollbar. Credit to Jordan Milne.

I also updated the accompanying package for chromium-pepperflash-plugin (extracted from the official Chrome binaries) to 13.0.0.214. This is a security update.

The version 35 of Chromium has a major side effect that many people are not going to like. The support for browser plugins that use Mozilla’s NPAPI protocol to communicate with the browser has been removed and only Google’s own PPAPI protocol is supported as of now (MS Windows users still have a bit of time before the same happens to their Chrome browser – removal of NPAPI support in Windows is scheduled for the end of 2014). This step was of course announced long time ago and many reminders were posted, but if you need Java support in your browser, or want to watch Netflix using pipelight, then you are out of luck. PPAPI versions for these browser plugins do not exist and in the case of pipelight, are very hard to create.

You’re forced to switch (back) to Firefox in these cases.

Pipelight

pipelight-logo Speaking of Pipelight… there was a new pipelight release a couple of days back, and this is accompanied by a new web site: pipelight.net. These guys really like writing their own CMS-es! The source code to the new CMS is available on github by the way. With the new release of pipelight you’ll get more supported browser plugins, security updates for all relevant plugins such as Flash, and many bug fixes. Also, for people with an AMD graphics card the good news is that hardware acceleration is now supported and enabled by default.Also note that I have enabled support for WoW64 (meaning that apart from the regular 32-bit applications, 64-bit Windows plugins are also supported on Slackware 64-bit)

Luckily this all still works on Slackware-current’s kernel – there were fears that 32-bit Wine applications would stop working on the 3.14.4 and newer kernels.

Remember that you can always get the latest Windows plugin releases (an important feature in case of security fixes) without having to wait for me creating a new package. Just run the command “pipelight-plugin –update” as root. After doing that, the next time your browser loads the pipelight plugin, it will automatically download the newest version of your installed Windows plugin(s).

Together with this pipelight release, the pipelight developers released their latest “wine-compholio patches“, a set of patches for the official Wine sources which are needed for proper Windows plugin support in your Linux browser. Naturally I created new wine-pipelight packages for you, based on Wine 1.7.19.

In my original post about pipelight, you will find full installation and configuration instructions, as well as a troubleshooting section. That blog article is also referred to on the pipelight.net support page.

Package location:

 

Have fun! Eric

« Older posts Newer posts »

© 2025 Alien Pastures

Theme by Anders NorenUp ↑