# Chrome ebuild outdated or patched?

## deltamalloc

When I attempt to use the Google Chrome browser I'm informed the version is outdated and should be updated.

However, I have the latest version installed:

```

*  www-client/google-chrome

      Latest version installed: 44.0.2403.130_p1

      Homepage:      http://www.google.com/chrome

      Description:   The web browser from Google

      License:       google-chrome

```

Note the version: 44.0.2403.130_p1

Whereas the latest version is 57.0.2987 (https://en.wikipedia.org/wiki/Google_Chrome_version_history)

Is this particular version 44 patched for vulnerability, but perhaps just lacking new features present in the later builds? Or is it really as old as it looks, both in version number and in vulnerabilities present?

Am I using the wrong ebuild for chrome?

----------

## fedeliallalinea

The latest version in portage tree is

```
* www-client/google-chrome

     Available versions:  ~57.0.2987.110^msd {+plugins L10N="+am +ar +bg +bn +ca +cs +da +de +el +en-GB +es +es-419 +et +fa +fi +fil +fr +gu +he +hi +hr +hu +id +it +ja +kn +ko +lt +lv +ml +mr +ms +nb +nl +pl +pt-BR +pt-PT +ro +ru +sk +sl +sr +sv +sw +ta +te +th +tr +uk +vi +zh-CN +zh-TW"}

     Homepage:            https://www.google.com/chrome

     Description:         The web browser from Google
```

google-chrome is not patched because is the same binary version that you can download from official web site.

You have sync your portage tree (emerge --sync)?

----------

## Hu

OP: please post the output of emerge --info ; emerge --pretend --verbose '>www-client/google-chrome-57'.

----------

## deltamalloc

 *Hu wrote:*   

> OP: please post the output of emerge --info ; emerge --pretend --verbose '>www-client/google-chrome-57'.

 

I do emerge --sync quite often, last time this week (and again while investigating this issue).

```

emerge --info

```

```

Portage 2.3.3 (python 2.7.12-final-0, default/linux/amd64/13.0/desktop, gcc-4.9.4, glibc-2.23-r3, 4.4.39-gentoo x86_64)

=================================================================

System uname: Linux-4.4.39-gentoo-x86_64-Intel-R-_Core-TM-_i7_CPU_920_@_2.67GHz-with-gentoo-2.3

KiB Mem:    12276012 total,   1294668 free

KiB Swap:    2097148 total,   1685044 free

Timestamp of repository gentoo: Mon, 27 Mar 2017 21:30:01 +0000

sh bash 4.3_p48-r1

ld GNU ld (Gentoo 2.26.1 p1.0) 2.26.1

app-shells/bash:          4.3_p48-r1::gentoo

dev-java/java-config:     2.2.0-r3::gentoo

dev-lang/perl:            5.22.3_rc4::gentoo

dev-lang/python:          2.7.12::gentoo, 3.4.5::gentoo

dev-util/cmake:           3.7.2::gentoo

dev-util/pkgconfig:       0.28-r2::gentoo

sys-apps/baselayout:      2.3::gentoo

sys-apps/openrc:          0.23.2::gentoo

sys-apps/sandbox:         2.10-r3::gentoo

sys-devel/autoconf:       2.13::gentoo, 2.69::gentoo

sys-devel/automake:       1.11.6-r1::gentoo, 1.15::gentoo

sys-devel/binutils:       2.26.1::gentoo

sys-devel/gcc:            4.9.3::gentoo, 4.9.4::gentoo

sys-devel/gcc-config:     1.7.3::gentoo

sys-devel/libtool:        2.4.6-r3::gentoo

sys-devel/make:           4.2.1::gentoo

sys-kernel/linux-headers: 4.4::gentoo (virtual/os-headers)

sys-libs/glibc:           2.23-r3::gentoo

Repositories:

gentoo

    location: /usr/portage

    sync-type: rsync

    sync-uri: rsync://rsync.gentoo.org/gentoo-portage

    priority: -1000

x-portage

    location: /usr/local/portage

    masters: gentoo

    priority: 0

mva

    location: /var/lib/layman/mva

    masters: gentoo

    priority: 50

pentoo

    location: /var/lib/layman/pentoo

    masters: gentoo

    priority: 50

x11

    location: /var/lib/layman/x11

    masters: gentoo

    priority: 50

ACCEPT_KEYWORDS="amd64"

ACCEPT_LICENSE="* -@EULA"

CBUILD="x86_64-pc-linux-gnu"

CFLAGS="-O2 -march=native"

CHOST="x86_64-pc-linux-gnu"

CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt"

CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"

CXXFLAGS="-O2 -march=native"

DISTDIR="/usr/portage/distfiles"

FCFLAGS="-O2 -pipe"

FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"

FFLAGS="-O2 -pipe"

GENTOO_MIRRORS="rsync://ftp.snt.utwente.nl/gentoo ftp://ftp.snt.utwente.nl/pub/os/linux/gentoo ftp://mirror.bytemark.co.uk/gentoo/ ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo http://gd.tuwien.ac.at/opsys/linux/gentoo/"

LANG="en_US"

LDFLAGS="-Wl,-O1 -Wl,--as-needed"

MAKEOPTS="-j4"

PKGDIR="/usr/portage/packages"

PORTAGE_CONFIGROOT="/"

PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"

PORTAGE_TMPDIR="/var/tmp"

USE="X a52 aac acl acpi alsa amd64 berkdb bindist bluetooth branding bzip2 cairo cdda cdr cli consolekit cracklib crypt cups cxx dbus dri dts dvd dvdr emboss encode exif fam firefox flac fortran gdbm gif glamor gpm gtk iconv ipv6 jpeg lcms ldap libnotify lock mad mmx mmxext mng modules mp3 mp4 mpeg multilib ncurses nls nptl ogg opengl openmp pam pango pcre pdf png policykit popcnt ppds qt3support readline sdl seccomp session spell sse sse2 sse3 sse4_1 sse4_2 ssl ssse3 startup-notification svg tcpd threads thunar tiff truetype udev udisks unicode upower usb vdpau vorbis wxwidgets x264 xattr xcb xinerama xml xv xvid zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext popcnt sse sse2 sse3 sse4_1 sse4_2 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-6" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_4" RUBY_TARGETS="ruby21" USERLAND="GNU" VIDEO_CARDS="radeon" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"

USE_PYTHON="3.3"

Unset:  CC, CPPFLAGS, CTARGET, CXX, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

```

```

emerge --pretend --verbose '>www-client/google-chrome-57'

```

```

These are the packages that would be merged, in order:

Calculating dependencies... done!

[ebuild     U ~] www-client/google-chrome-57.0.2987.110::gentoo [44.0.2403.130_p1::gentoo] USE="plugins" L10N="am%* ar%* bg%* bn%* ca%* cs%* da%* de%* el%* en-GB%* es%* es-419%* et%* fa%* fi%* fil%* fr%* gu%* he%* hi%* hr%* hu%* id%* it%* ja%* kn%* ko%* lt%* lv%* ml%* mr%* ms%* nb%* nl%* pl%* pt-BR%* pt-PT%* ro%* ru%* sk%* sl%* sr%* sv%* sw%* ta%* te%* th%* tr%* uk%* vi%* zh-CN%* zh-TW%*" LINGUAS="(-am%*) (-ar%*) (-bg%*) (-bn%*) (-ca%*) (-cs%*) (-da%*) (-de%*) (-el%*) (-en_GB%*) (-es%*) (-es_LA%*) (-et%*) (-fa%*) (-fi%*) (-fil%*) (-fr%*) (-gu%*) (-he%*) (-hi%*) (-hr%*) (-hu%*) (-id%*) (-it%*) (-ja%*) (-kn%*) (-ko%*) (-lt%*) (-lv%*) (-ml%*) (-mr%*) (-ms%*) (-nb%*) (-nl%*) (-pl%*) (-pt_BR%*) (-pt_PT%*) (-ro%*) (-ru%*) (-sk%*) (-sl%*) (-sr%*) (-sv%*) (-sw%*) (-ta%*) (-te%*) (-th%*) (-tr%*) (-uk%*) (-vi%*) (-zh_CN%*) (-zh_TW%*)" 46,204 KiB

Total: 1 package (1 upgrade), Size of downloads: 46,204 KiB

The following keyword changes are necessary to proceed:

 (see "package.accept_keywords" in the portage(5) man page for more details)

# required by >www-client/google-chrome-57 (argument)

=www-client/google-chrome-57.0.2987.110 ~amd64

```

So www-client/google-chrome-57.0.2987.110 exists, why doesn't it emerge it automatically when I attempt to emerge google-chrome as normal?

This is all I have regarding chrome in /etc/portage:

```

portage # grep -Ri chrome *

package.accept_keywords:# required by www-client/google-chrome (argument)

package.accept_keywords:=www-client/google-chrome-44.0.2403.130_p1 ~amd64

package.accept_keywords:=www-client/google-chrome-57.0.2987.110 ~amd64

package.license:# required by www-client/google-chrome (argument)

package.license:>=www-client/google-chrome-44.0.2403.130_p1 google-chrome

```

----------

## Hu

The error message shown by the command I gave you explains it.  Your package configuration did not permit Portage to pull in ~testing packages, so a keyword change was required.  It looks like you made that change in response to the command I gave, since your grep now shows an entry that, had it been present when you ran the emerge --pretend --verbose, would have prevented the message telling you to keyword it.

----------

## deltamalloc

 *Hu wrote:*   

> The error message shown by the command I gave you explains it.  Your package configuration did not permit Portage to pull in ~testing packages, so a keyword change was required.  It looks like you made that change in response to the command I gave, since your grep now shows an entry that, had it been present when you ran the emerge --pretend --verbose, would have prevented the message telling you to keyword it.

 

I understand, thank you.

However, I don't understand why portage didn't ask for this flag before?

Is it supposed to be up to the user to manually check if there are new versions available of an ebuild that need such a flag added? In my experience portage will ask for various flags to be added as needed when new versions become available. Is there something particular about this specific ebuild (Chrome) or about my system configuration in general for this case that prevented that from working as intended?

----------

## Hu

Portage will ask for a keyword/flag change if that is required to satisfy the constraints you give it.  If you give it an open-ended request like "install any acceptable version of Chrome" and it can find a version that satisfies your current keywords, it will install that in preference to asking you to change keywords.  If there are no keyword-acceptable versions that match the constraint you gave, then it will request a keyword change.  That is why I told you to use a version qualifier.  Based on your output, I expected that the only versions which could match the version-qualified command would require a keyword change, which provoked Portage to tell you to change the keywords.

Since old versions of Chrome no longer exist in tree, I find it a bit odd that a simple emerge www-client/google-chrome was insufficient.  However, since you never posted exactly what commands led you to the conclusion that Portage was not attempting to install a new version, I cannot rule out user error.  If you still have the scrollback history where you ran emerge www-client/google-chrome from before you ran the command I proposed, please post it.  Subsequent commands did modify your keywords and may have modified @world, so rerunning the command now is very likely not to produce the information required to diagnose this.

As an aside, you may want to change your package.accept_keywords file to use version-unqualified atom for Chrome.  It appears that the Gentoo packagers for Chrome follow a strange design where, rather than using ~testing for recent versions and stable for proven versions, they keep all versions in ~testing and use separate package names for stable/testing.  This makes version-locked accept_keywords entries irrelevant and using them increases the maintenance burden on you.

----------

