JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

gitlab: 8.16.6 -> 8.17.4 for CVE-2017-0882

Browse Source
This commit is contained in:
Franz Pletz 2017-03-02 04:18:19 +01:00
parent 37c31c635d
commit 29f57ac447
No known key found for this signature in database
GPG Key ID: 846FDED7792617B4
4 changed files with 101 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
pkgs/applications/version-management/gitlab/Gemfile
View File

@ -7,7 +7,6 @@ gem 'rails-deprecated_sanitizer', '~> 1.0.3'
gem 'responders', '~> 2.0'
gem 'sprockets', '~> 3.7.0'
gem 'sprockets-es6', '~> 0.9.2'
# Default values for AR models
gem 'default_value_for', '~> 3.0.0'
@ -36,7 +35,7 @@ gem 'omniauth-twitter', '~> 1.2.0'
gem 'omniauth_crowd', '~> 2.2.0'
gem 'omniauth-authentiq', '~> 0.2.0'
gem 'rack-oauth2', '~> 1.2.1'
gem 'jwt'
gem 'jwt', '~> 1.5.6'
# Spam and anti-bot protection
gem 'recaptcha', '~> 3.0', require: 'recaptcha/rails'
@ -48,6 +47,9 @@ gem 'rqrcode-rails3', '~> 0.1.7'
gem 'attr_encrypted', '~> 3.0.0'
gem 'u2f', '~> 0.2.1'
# GitLab Pages
gem 'validates_hostname', '~> 1.0.6'
# Browser detection
gem 'browser', '~> 2.2'
@ -109,7 +111,7 @@ gem 'org-ruby', '~> 0.9.12'
gem 'creole', '~> 0.5.0'
gem 'wikicloth', '0.8.1'
gem 'asciidoctor', '~> 1.5.2'
gem 'asciidoctor-plantuml', '0.0.6'
gem 'asciidoctor-plantuml', '0.0.7'
gem 'rouge', '~> 2.0'
gem 'truncato', '~> 0.7.8'
@ -219,10 +221,12 @@ gem 'oj', '~> 2.17.4'
gem 'chronic', '~> 0.10.2'
gem 'chronic_duration', '~> 0.10.6'
gem 'webpack-rails', '~> 0.9.9'
gem 'rack-proxy', '~> 0.6.0'
gem 'sass-rails', '~> 5.0.6'
gem 'coffee-rails', '~> 4.1.0'
gem 'uglifier', '~> 2.7.2'
gem 'gitlab-turbolinks-classic', '~> 2.5', '>= 2.5.6'
gem 'addressable', '~> 2.3.8'
gem 'bootstrap-sass', '~> 3.3.0'
@ -280,6 +284,7 @@ group :development, :test do
gem 'rspec-retry', '~> 0.4.5'
gem 'spinach-rails', '~> 0.2.1'
gem 'spinach-rerun-reporter', '~> 0.0.2'
gem 'rspec_profiling'
# Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826)
gem 'minitest', '~> 5.7.0'
@ -291,13 +296,9 @@ group :development, :test do
gem 'capybara-screenshot', '~> 1.0.0'
gem 'poltergeist', '~> 1.9.0'
gem 'teaspoon', '~> 1.1.0'
gem 'teaspoon-jasmine', '~> 2.2.0'
gem 'spring', '~> 1.7.0'
gem 'spring-commands-rspec', '~> 1.0.4'
gem 'spring-commands-spinach', '~> 1.1.0'
gem 'spring-commands-teaspoon', '~> 0.0.2'
gem 'rubocop', '~> 0.46.0', require: false
gem 'rubocop-rspec', '~> 1.9.1', require: false

52
pkgs/applications/version-management/gitlab/Gemfile.lock
View File

@ -56,7 +56,7 @@ GEM
faraday_middleware-multi_json (~> 0.0)
oauth2 (~> 1.0)
asciidoctor (1.5.3)
asciidoctor-plantuml (0.0.6)
asciidoctor-plantuml (0.0.7)
asciidoctor (~> 1.5)
ast (2.3.0)
attr_encrypted (3.0.3)
@ -74,10 +74,6 @@ GEM
descendants_tracker (~> 0.0.4)
ice_nine (~> 0.11.0)
thread_safe (~> 0.3, >= 0.3.1)
babel-source (5.8.35)
babel-transpiler (0.7.0)
babel-source (>= 4.0, < 6)
execjs (~> 2.0)
babosa (1.0.2)
base32 (0.3.2)
bcrypt (3.1.11)
@ -268,8 +264,6 @@ GEM
mime-types (>= 1.16, < 3)
posix-spawn (~> 0.3)
gitlab-markup (1.5.1)
gitlab-turbolinks-classic (2.5.6)
coffee-rails
gitlab_omniauth-ldap (1.2.1)
net-ldap (~> 0.9)
omniauth (~> 1.0)
@ -381,7 +375,7 @@ GEM
json (1.8.3)
json-schema (2.6.2)
addressable (~> 2.3.8)
jwt (1.5.4)
jwt (1.5.6)
kaminari (0.17.0)
actionpack (>= 3.0.0)
activesupport (>= 3.0.0)
@ -550,6 +544,8 @@ GEM
rack (>= 1.1)
rack-protection (1.5.3)
rack
rack-proxy (0.6.0)
rack
rack-test (0.6.3)
rack (>= 1.0)
rails (4.2.7.1)
@ -644,6 +640,11 @@ GEM
rspec-retry (0.4.5)
rspec-core
rspec-support (3.5.0)
rspec_profiling (0.0.4)
activerecord
pg
rails
sqlite3
rubocop (0.46.0)
parser (>= 2.3.1.1, < 3.0)
powerpack (~> 0.1)
@ -662,7 +663,7 @@ GEM
sexp_processor (~> 4.1)
rubyntlm (0.5.2)
rubypants (0.2.0)
rubyzip (1.2.0)
rubyzip (1.2.1)
rufus-scheduler (3.1.10)
rugged (0.24.0)
safe_yaml (1.0.4)
@ -732,19 +733,14 @@ GEM
spring (>= 0.9.1)
spring-commands-spinach (1.1.0)
spring (>= 0.9.1)
spring-commands-teaspoon (0.0.2)
spring (>= 0.9.1)
sprockets (3.7.0)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-es6 (0.9.2)
babel-source (>= 5.8.11)
babel-transpiler
sprockets (>= 3.0.0)
sprockets-rails (3.1.1)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
sqlite3 (1.3.11)
stackprof (0.2.10)
state_machines (0.4.0)
state_machines-activemodel (0.4.0)
@ -757,10 +753,6 @@ GEM
sys-filesystem (1.1.6)
ffi
sysexits (1.2.0)
teaspoon (1.1.5)
railties (>= 3.2.5, < 6)
teaspoon-jasmine (2.2.0)
teaspoon (>= 1.0.0)
temple (0.7.7)
test_after_commit (1.1.0)
activerecord (>= 3.2)
@ -795,6 +787,9 @@ GEM
get_process_mem (~> 0)
unicorn (>= 4, < 6)
uniform_notifier (1.10.0)
validates_hostname (1.0.6)
activerecord (>= 3.0)
activesupport (>= 3.0)
version_sorter (2.1.0)
virtus (1.0.5)
axiom-types (~> 0.1)
@ -812,6 +807,8 @@ GEM
webmock (1.21.0)
addressable (>= 2.3.6)
crack (>= 0.3.2)
webpack-rails (0.9.9)
rails (>= 3.2.0)
websocket-driver (0.6.3)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.2)
@ -838,7 +835,7 @@ DEPENDENCIES
allocations (~> 1.0)
asana (~> 0.4.0)
asciidoctor (~> 1.5.2)
asciidoctor-plantuml (= 0.0.6)
asciidoctor-plantuml (= 0.0.7)
attr_encrypted (~> 3.0.0)
awesome_print (~> 1.2.0)
babosa (~> 1.0.2)
@ -888,7 +885,6 @@ DEPENDENCIES
github-linguist (~> 4.7.0)
gitlab-flowdock-git-hook (~> 1.0.1)
gitlab-markup (~> 1.5.1)
gitlab-turbolinks-classic (~> 2.5, >= 2.5.6)
gitlab_omniauth-ldap (~> 1.2.1)
gollum-lib (~> 4.2)
gollum-rugged_adapter (~> 0.4.2)
@ -909,7 +905,7 @@ DEPENDENCIES
jquery-rails (~> 4.1.0)
jquery-ui-rails (~> 5.0.0)
json-schema (~> 2.6.2)
jwt
jwt (~> 1.5.6)
kaminari (~> 0.17.0)
knapsack (~> 1.11.0)
kubeclient (~> 2.2.0)
@ -952,6 +948,7 @@ DEPENDENCIES
rack-attack (~> 4.4.1)
rack-cors (~> 0.4.0)
rack-oauth2 (~> 1.2.1)
rack-proxy (~> 0.6.0)
rails (= 4.2.7.1)
rails-deprecated_sanitizer (~> 1.0.3)
rainbow (~> 2.1.0)
@ -968,6 +965,7 @@ DEPENDENCIES
rqrcode-rails3 (~> 0.1.7)
rspec-rails (~> 3.5.0)
rspec-retry (~> 0.4.5)
rspec_profiling
rubocop (~> 0.46.0)
rubocop-rspec (~> 1.9.1)
ruby-fogbugz (~> 0.2.1)
@ -992,15 +990,11 @@ DEPENDENCIES
spring (~> 1.7.0)
spring-commands-rspec (~> 1.0.4)
spring-commands-spinach (~> 1.1.0)
spring-commands-teaspoon (~> 0.0.2)
sprockets (~> 3.7.0)
sprockets-es6 (~> 0.9.2)
stackprof (~> 0.2.10)
state_machines-activerecord (~> 0.4.0)
sys-filesystem (~> 1.1.6)
teaspoon (~> 1.1.0)
teaspoon-jasmine (~> 2.2.0)
test_after_commit (~> 0.4.2)
test_after_commit (~> 1.1)
thin (~> 1.7.0)
timecop (~> 0.8.0)
truncato (~> 0.7.8)
@ -1010,12 +1004,14 @@ DEPENDENCIES
unf (~> 0.1.4)
unicorn (~> 5.1.0)
unicorn-worker-killer (~> 0.4.4)
validates_hostname (~> 1.0.6)
version_sorter (~> 2.1.0)
virtus (~> 1.0.1)
vmstat (~> 2.3.0)
web-console (~> 2.0)
webmock (~> 1.21.0)
webpack-rails (~> 0.9.9)
wikicloth (= 0.8.1)
BUNDLED WITH
1.13.7
1.14.5

30
pkgs/applications/version-management/gitlab/default.nix
View File

@ -1,5 +1,5 @@
{ stdenv, lib, bundler, fetchFromGitHub, bundlerEnv, libiconv, ruby
, tzdata, git, nodejs, procps
{ stdenv, lib, bundler, fetchurl, fetchFromGitHub, bundlerEnv, libiconv, ruby
, tzdata, git, nodejs, procps, dpkg
}:
/* When updating the Gemfile add `gem "activerecord-nulldb-adapter"`
@ -18,19 +18,27 @@ let
};
};
version = "8.17.4";
gitlabDeb = fetchurl {
url = "https://packages.gitlab.com/gitlab/gitlab-ce/packages/debian/jessie/gitlab-ce_${version}-ce.0_amd64.deb/download";
sha256 = "1fd6y9lyavzsm2ac10sip01dnvcd73ymcn2rqdljr4sq4f222mry";
};
in
stdenv.mkDerivation rec {
name = "gitlab-${version}";
version = "8.16.6";
buildInputs = [ env ruby bundler tzdata git nodejs procps ];
buildInputs = [
env ruby bundler tzdata git nodejs procps dpkg
];
src = fetchFromGitHub {
owner = "gitlabhq";
repo = "gitlabhq";
rev = "v${version}";
sha256 = "03rzms2frwx4c09l2rig1amlxj965s2iq421i52j8wj2khb7pd7g";
sha256 = "1yrbbf55pz7863xngl2mxwj9w4imdlqvmqywd1zpnswdsjqxa5xj";
};
patches = [
@ -64,9 +72,15 @@ stdenv.mkDerivation rec {
buildPhase = ''
mv config/gitlab.yml.example config/gitlab.yml
GITLAB_DATABASE_ADAPTER=nulldb \
SKIP_STORAGE_VALIDATION=true \
rake assets:precompile RAILS_ENV=production
dpkg -x ${gitlabDeb} .
mv -v opt/gitlab/embedded/service/gitlab-rails/public/assets public
rm -rf opt
export GITLAB_DATABASE_ADAPTER=nulldb
export SKIP_STORAGE_VALIDATION=true
rake assets:precompile RAILS_ENV=production
mv config/gitlab.yml config/gitlab.yml.example
rm config/secrets.yml
mv config config.dist

108
pkgs/applications/version-management/gitlab/gemset.nix
View File

@ -146,10 +146,10 @@
asciidoctor-plantuml = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "0rd8yh0by5sxhg1c3cb1mzkp4jp3j8v6vzbyv1mx492s9ml451fx";
sha256 = "00ax9r822n4ykl6jizaxp03wqzknr7nn20mmqjpiwajy9j0zvr88";
type = "gem";
};
version = "0.0.6";
version = "0.0.7";
};
ast = {
source = {
@ -207,22 +207,6 @@
};
version = "0.1.1";
};
babel-source = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1ncq8h82k6hypzfb5dk7z95mmcdwnhsxmc53xz17m1nbklm25vvr";
type = "gem";
};
version = "5.8.35";
};
babel-transpiler = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "0w0minwxj56w96xps1msm6n75fs0y7r1vqcr9zlsn74fksnz81jc";
type = "gem";
};
version = "0.7.0";
};
babosa = {
source = {
remotes = ["https://rubygems.org"];
@ -944,14 +928,6 @@
};
version = "1.5.1";
};
gitlab-turbolinks-classic = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1zfqwa1pahhcz1yxvwigg94bck2zsqk2jsrc0wdcybhr0iwi5jra";
type = "gem";
};
version = "2.5.6";
};
gitlab_omniauth-ldap = {
source = {
remotes = ["https://rubygems.org"];
@ -1235,10 +1211,10 @@
jwt = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "0s5llb4mhpy0phzbrc4jd2jd2b91h1axy4bhci7g1bdz1w2m3a2i";
sha256 = "124zz1142bi2if7hl5pcrcamwchv4icyr5kaal9m2q6wqbdl6aw4";
type = "gem";
};
version = "1.5.4";
version = "1.5.6";
};
kaminari = {
source = {
@ -1848,6 +1824,14 @@
};
version = "1.5.3";
};
rack-proxy = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1bpbcb9ch94ha2q7gdri88ry7ch0z6ian289kah9ayxyqg19j6f4";
type = "gem";
};
version = "0.6.0";
};
rack-test = {
source = {
remotes = ["https://rubygems.org"];
@ -2152,6 +2136,14 @@
};
version = "3.5.0";
};
rspec_profiling = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "01qrs189r0q08ys8vax269ff858q9ypsc94n1d700m9da44zi3wg";
type = "gem";
};
version = "0.0.4";
};
rubocop = {
source = {
remotes = ["https://rubygems.org"];
@ -2227,10 +2219,10 @@
rubyzip = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "10a9p1m68lpn8pwqp972lv61140flvahm3g9yzbxzjks2z3qlb2s";
sha256 = "06js4gznzgh8ac2ldvmjcmg9v1vg9llm357yckkpylaj6z456zqz";
type = "gem";
};
version = "1.2.0";
version = "1.2.1";
};
rufus-scheduler = {
source = {
@ -2464,14 +2456,6 @@
};
version = "1.1.0";
};
spring-commands-teaspoon = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1g7n4m2s9d0frh7y1xibzpphqajfnx4fvgfc66nh545dd91w2nqz";
type = "gem";
};
version = "0.0.2";
};
sprockets = {
source = {
remotes = ["https://rubygems.org"];
@ -2480,14 +2464,6 @@
};
version = "3.7.0";
};
sprockets-es6 = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "0508h3vnjz08c64k11za6cqnbvvifka9pmdrycamzzjd4dmf10y3";
type = "gem";
};
version = "0.9.2";
};
sprockets-rails = {
source = {
remotes = ["https://rubygems.org"];
@ -2496,6 +2472,14 @@
};
version = "3.1.1";
};
sqlite3 = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "19r06wglnm6479ffj9dl0fa4p5j2wi6dj7k6k3d0rbx7036cv3ny";
type = "gem";
};
version = "1.3.11";
};
stackprof = {
source = {
remotes = ["https://rubygems.org"];
@ -2552,22 +2536,6 @@
};
version = "1.2.0";
};
teaspoon = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1xz5f1w8jm2fg1g194kf17gh36imd7sgs9cx0adqx1l22p7jrkvv";
type = "gem";
};
version = "1.1.5";
};
teaspoon-jasmine = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "00wygrv1jm4aj15p1ab9d5fdrj6y83kv26xgp52mx4lp78h2ms9q";
type = "gem";
};
version = "2.2.0";
};
temple = {
source = {
remotes = ["https://rubygems.org"];
@ -2728,6 +2696,14 @@
};
version = "1.10.0";
};
validates_hostname = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "04p1l0v98j4ffvaks1ig9mygx5grpbpdgz7haq3mygva9iy8ykja";
type = "gem";
};
version = "1.0.6";
};
version_sorter = {
source = {
remotes = ["https://rubygems.org"];
@ -2776,6 +2752,14 @@
};
version = "1.21.0";
};
webpack-rails = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "02jxkpdbi48yhcgldgl5jxnhnad83rdgpkkcwh8w1h6iyg04d42j";
type = "gem";
};
version = "0.9.9";
};
websocket-driver = {
source = {
remotes = ["https://rubygems.org"];