Completely disabling the autoupdater was an extremely bad idea. Now
even various autoupdater scripts to update the global version in
/usr/lib/chromium/WidevineCdm don't work anymore - so leaving users in
a broken state.
See also #981069
Hello,
Yes, it won't be updated. If there will be a security issue/vuln, then
probably somebody will write about it and we will do something about
that.
Michel Le Bihan
Le vendredi 01 janvier 2021 à 20:34 +0100, Stephen Kitt a écrit :
> Hi,
>
> On Fri, 25 Dec 2020 20:50:04 +0100 Michel Le
Hi,
On Fri, 25 Dec 2020 20:50:04 +0100 Michel Le Bihan wrote:
> With
> https://salsa.debian.org/mimi8/chromium/-/commit/d21192e70824befdfeed5a5145275139cd6c4ffa
> the Widevine component won't be downloaded automatically. However,
> unlike when `enable_widevine=false` is set, Widevine CDM
On Fri, 2021-01-01 at 12:10 +0100, Michel Le Bihan wrote:
>
>
> That's actually intended. It would be easier to set the build flag
> that
> disables it, but some users are still interested in using it. The way
> it's done currently still allows them to use it.
Yeah, but the point is, AFAIU, for
Hello
Le vendredi 01 janvier 2021 à 02:53 +0100, Christoph Anton Mitterer a
écrit :
> Hey.
>
>
> Just wondered:
>
>
> 1) Since this is a binary blob who, by it's nature, is made for
> surveillance, it's IMO more a rather serious security issue than just
> a
> DFSG-policy problem.
> No one
Hey.
Just wondered:
1) Since this is a binary blob who, by it's nature, is made for
surveillance, it's IMO more a rather serious security issue than just a
DFSG-policy problem.
No one really knows what exactly Google ships there.
So maybe people should be told about this more actively in a
Hello,
With
https://salsa.debian.org/mimi8/chromium/-/commit/d21192e70824befdfeed5a5145275139cd6c4ffa
the Widevine component won't be downloaded automatically. However,
unlike when `enable_widevine=false` is set, Widevine CDM component will
still be used when found in
One way to deal with the automatically downloaded Widevine Content
Decryption Module might be to set the ComponentUpdatesEnabled policy to
false by default.
I guess, severity of this bug can be raised.
Package: chromium
Version: 80.0.3987.162-1~deb10u1
Severity: wishlist
Dear Maintainer,
When using Chromium and visiting websites that need DRM to be enabled, Chromium
automatically downloads and enables DRM.
These are binary blobs that are not free software.
No notification is made to the user
9 matches
Mail list logo
