Fix for CVE-2019-5786 Chrome vulnerability
Posted:
Thu Mar 07, 2019 11:50 amby callum
How long is it likely to be before a fix for the Chrome CVE-2019-5786 vulnerability makes its way into a CEF builds for both Windows and macOS and can you outline steps to take in order to track progress of the fix from the Chromium source to a CEF build at the Spotify open source site?
Thank you.
Re: Fix for CVE-2019-5786 Chrome vulnerability
Posted:
Thu Mar 07, 2019 1:40 pmby magreenblatt
Spotify builds with the fix should be available tomorrow. If you wish to patch your own local builds see
https://bitbucket.org/chromiumembedded/ ... ty-in/diff
Re: Fix for CVE-2019-5786 Chrome vulnerability
Posted:
Thu Mar 07, 2019 4:19 pmby magreenblatt
Chromium infrastructure is experiencing some issues (
https://crbug.com/939075) so builds may be delayed.
Re: Fix for CVE-2019-5786 Chrome vulnerability
Posted:
Fri Mar 08, 2019 11:15 amby callum
I see a new version appeared today on the Spotify site but I imagine that one was already in the pipeline before the fix was put in place.
We're looking for a version built with Chromium 72.0.3626.121 I think aren't we?
Re: Fix for CVE-2019-5786 Chrome vulnerability
Posted:
Fri Mar 08, 2019 11:40 amby magreenblatt
Looks like 3.3626.1895.g7001d56 has been uploaded with Chromium version 72.0.3626.121 but the index.html cache hasn't expired yet (at least for me) so they're not showing up on that page. You can search for them in the JSON file instead:
http://opensource.spotify.com/cefbuilds/index.json