~chromium-team/chromium-browser/artful-beta

« back to all changes in this revision

Viewing changes to debian/chromium-browser-etc-customizations-flash-staleness

  • Committer: Chad MILLER
  • Date: 2015-04-17 00:17:26 UTC
  • Revision ID: chad.miller@canonical.com-20150417001726-dszj422xuq86ob42
* Upstream release 42.0.2311.90:
  - CVE-2015-1235: Cross-origin-bypass in HTML parser.
  - CVE-2015-1236: Cross-origin-bypass in Blink.
  - CVE-2015-1237: Use-after-free in IPC.
  - CVE-2015-1238: Out-of-bounds write in Skia.
  - CVE-2015-1240: Out-of-bounds read in WebGL.
  - CVE-2015-1241: Tap-Jacking.
  - CVE-2015-1242: Type confusion in V8.
  - CVE-2015-1244: HSTS bypass in WebSockets.
  - CVE-2015-1245: Use-after-free in PDFium.
  - CVE-2015-1247: Scheme issues in OpenSearch.
  - CVE-2015-1248: SafeBrowsing bypass.
* Upstream release 41.0.2272.118:
  - CVE-2015-1233: A special thanks to Anonymous for a combination of V8,
    Gamepad and IPC bugs that can lead to remote code execution outside of
    the sandbox. 
  - CVE-2015-1234: Buffer overflow via race condition in GPU.
* debian/chromium-browser-etc-customizations-flash-staleness: Ask sudo users
  to update flash player.

Show diffs side-by-side

added added

removed removed

Lines of Context:
 
1
#!/bin/bash
 
2
 
 
3
set -u
 
4
 
 
5
REWARN_AT_SOONEST=3  #days
 
6
MAX_TRIES_PER_100_DAYS=5
 
7
WARN_DIR=~/.config/chromium/Ubuntu/stale-flashplayer-warned
 
8
OBSELETE_PACKAGES="flashplugin-installer adobe-flash-player"
 
9
GOOD_PACKAGE=adobe-flashplugin
 
10
 
 
11
found_obselete=""
 
12
 
 
13
mkdir -p "${WARN_DIR}"
 
14
if find $WARN_DIR -mtime -100 -type f |wc -l |xargs test $MAX_TRIES_PER_100_DAYS -ge; then
 
15
 
 
16
        if find "${WARN_DIR}" -mtime "-${REWARN_AT_SOONEST}" -type f |wc -l |xargs test 1 -gt; then   # not warned in N days
 
17
                if id -Gn |grep \\bsudo\\b >/dev/null; then   # user could change things
 
18
                        for pkg in ${OBSELETE_PACKAGES}; do
 
19
                                if test -f /var/lib/dpkg/info/${pkg}.list; then   # likely installed
 
20
                                        dpkg -l flashplugin-installer >/dev/null && found_obselete="$pkg $found_obselete"
 
21
                                fi
 
22
                        done
 
23
                else
 
24
                        echo "Even if we warned about this bad flash, user can not update it."
 
25
                        zenity --info --text "Your computer has an outdated version of Flash plugin. You should install '$GOOD_PACKAGE' package." &
 
26
                        echo >"${WARN_DIR}/sudo-not-available"  # rate limited, but never grows count more than 1
 
27
                fi
 
28
        else
 
29
                echo "Already warned about Flash in last $REWARN_AT_SOONEST days. Skipping."
 
30
        fi
 
31
 
 
32
        if test "${found_obselete}"; then
 
33
                # do we have a better suggestion?
 
34
                have_better_package=""
 
35
                apt-cache search "${GOOD_PACKAGE}" >/dev/null && have_better_package=$GOOD_PACKAGE
 
36
                warn_file="${WARN_DIR}/$(date +%Y%m%d)"
 
37
                echo >"$warn_file"
 
38
 
 
39
                if test "$have_better_package"; then
 
40
                        zenity --question --text="The Flash player plugin you have installed is out of date. Do you wish to update it now?" --title="Update flash?" --ok-label "Update" --cancel-label "Skip"
 
41
                        case $? in
 
42
                                0)
 
43
                                        trap "rm \"$warn_file\"; zenity --info --text 'Will try again later.'" ERR
 
44
                                        gksu --message "Step 1/2. Retrieve new package list. Requires owner verification" -- apt-get update
 
45
                                        gksu --message "Step 2/2. Install new package. Requires owner verification" -- apt-get -y install ${GOOD_PACKAGE}
 
46
                                        ;;
 
47
                        esac
 
48
                else
 
49
                        zenity --question --text="The Flash player plugin you have installed is out of date. Do you wish to enable the Canonical Partner software source and update it now?" --title="Update flash?" --ok-label "Enable and update" --cancel-label "Skip"
 
50
                        case $? in
 
51
                                0)
 
52
                                        trap "rm \"$warn_file\"; zenity --info --text 'Will try again later.'" ERR
 
53
                                        partner_file=$(mktemp canonical-partner-new-source-XXXXXX)
 
54
                                        distro=$(lsb_release -c -s)
 
55
                                        echo "deb http://archive.canonical.com/ubuntu ${distro:-vivid} partner" >${partner_file}
 
56
                                        gksu --message "Step 1/3. Create a new partner source. Requires owner verification" -- mv "${partner_file}" /etc/apt/sources.d/canonical-partners.list
 
57
                                        gksu --message "Step 2/3. Retrieve new package list. Requires owner verification" -- apt-get update
 
58
                                        gksu --message "Step 3/3. Install new package. Requires owner verification" -- apt-get -y install ${GOOD_PACKAGE}
 
59
                                        ;;
 
60
                        esac
 
61
                fi
 
62
        fi
 
63
else
 
64
        echo "Already warned about Flash more than $MAX_TRIES_PER_100_DAYS times in 100 days."
 
65
fi