Commit Graph

19173 Commits

Author SHA1 Message Date
Johannes Frankenau
36021ddaaf i3lock: 2.8 -> 2.9.1 2017-07-01 09:28:23 +02:00
Maximilian Bosch
dd4c1e2b01
i3: add configFile to enable cutom configuration locations
i3 loads its configuration from `~/.config/i3`, but in nix-based systems
you might want to build the config in `~/.nix-profile` using a nix
derivation, so `i3` needs to know where to look for the configuration
file.
2017-07-01 08:20:56 +02:00
Cray Elliott
20d31d7f49 obs-studio: 19.0.2 -> 19.0.3 2017-06-30 19:29:59 -07:00
zimbatm
3dd29b2453 ipfs: 0.4.9 -> 0.4.10 (#27001) 2017-07-01 01:31:52 +01:00
Joachim F
a8ba50db3e Merge pull request #26492 from michalpalka/new-xen
xen_4_8: init at 4.8.1
2017-06-30 20:27:04 +01:00
Joachim F
3c29fbe72a Merge pull request #26993 from romildo/upd.mkvtoolnix
mkvtoolnix: 12.0.0 -> 13.0.0
2017-06-30 19:50:42 +01:00
romildo
e521b75b9e mkvtoolnix: 12.0.0 -> 13.0.0 2017-06-30 14:01:25 -03:00
Vladimír Čunát
ddf864f8aa
Merge branch 'master' into staging
Mass rebuilds from master (>7k on x86_64-linux).
2017-06-30 18:16:58 +02:00
Peter Simons
f0c3e5f519 Merge pull request #26987 from peti/r-updates
R: update to version 3.4.1
2017-06-30 17:59:53 +02:00
Joachim F
8f73c57643 Merge pull request #26958 from np/electrum-ltc-dash-protobuf3_2
electrum-{ltc,dash}: use protobuf3_2
2017-06-30 15:47:35 +01:00
Joachim F
772ddec4f0 Merge pull request #26962 from 239/patch-1
opera: 45.0.2552.812 -> 45.0.2552.898
2017-06-30 15:47:00 +01:00
Benno Fünfstück
58a231d944 Merge pull request #26026 from Hodapp87/autotrace
autotrace: init at 0.31.1
2017-06-30 16:34:48 +02:00
Benno Fünfstück
98bd25a02e autotrace: build with pstoedit 2017-06-30 16:32:03 +02:00
John Ericson
95c8277701 misc pkgs: Remove unneeded *Platform == *Platform comparisons
PR #26007 used these to avoid causing a mass rebuild. Now that we know
things work, we do that to clean up.
2017-06-30 10:09:31 -04:00
Benno Fünfstück
a0286ca6f0 Merge pull request #26838 from rvolosatovs/init/mopidy-local-sqlite
mopidy-local-sqlite: init at 1.0.0
2017-06-30 15:25:53 +02:00
Silvan Mosberger
ab162eeffc buku: added not to remove line on next version 2017-06-30 14:47:55 +02:00
Tim Steinbach
7f9ec267a6 Merge pull request #26988 from taku0/firefox-bin-54.0.1
firefox, firefox-bin: 54.0 -> 54.0.1,  firefox-esr: 52.2.0esr -> 52.2.1esr
2017-06-30 08:40:20 -04:00
taku0
f8559ace71 firefox-esr: 52.2.0esr -> 52.2.1esr 2017-06-30 21:09:00 +09:00
Peter Simons
4c5577b504 R: update to version 3.4.1 2017-06-30 13:37:26 +02:00
Benno Fünfstück
081a071371 Merge pull request #26758 from jensbin/pidgin-sipe
pidgin-sipe: 1.22.0 -> 1.22.1
2017-06-30 11:42:58 +02:00
Silvan Mosberger
bc81760a92 buku: test & completions revision 2017-06-29 20:38:14 +02:00
taku0
2330b54470 firefox: 54.0 -> 54.0.1 2017-06-30 03:23:58 +09:00
taku0
8d4e8a73bd firefox-bin: 54.0 -> 54.0.1 2017-06-30 03:23:51 +09:00
Silvan Mosberger
fb62250664 buku: Enabled tests and added shell completion 2017-06-29 16:19:24 +02:00
239
9d9c12249d Opera: 45.0.2552.812 -> 45.0.2552.898 2017-06-29 11:48:57 +02:00
Johannes Frankenau
25d47046be neomutt: 20170602 -> 20170609 2017-06-29 10:24:57 +02:00
Nicolas Pouillard
6db9cbfa4c
electrum-{ltc,dash}: use protobuf3_2 2017-06-29 10:07:49 +02:00
Johannes Frankenau
3107f33c9d buku: 2.9 -> 3.0 2017-06-29 09:47:49 +02:00
Jörg Thalheim
793620eff4 Merge pull request #26898 from knedlsepp/update-gogs
gogs: 0.10.18 -> 0.11.19
2017-06-29 08:14:43 +01:00
Jörg Thalheim
f14cd40c4b gogs: remove old deps.nix
gogs code is now fully vendored.
2017-06-29 08:12:32 +01:00
Joachim F
332486fc13 Merge pull request #26943 from mdorman/emacs-updates
Automated Emacs Package updates
2017-06-29 07:04:01 +01:00
John Ramsden
8181b075ba
Quoted NIX_CC 2017-06-28 22:29:49 -07:00
Karn Kallio
13ab06b05a kde applications : fix builds by adding missing dependencies
Patch applied by James Cook <james.cook@utoronto.ca>.
2017-06-29 05:01:46 +00:00
Karn Kallio
815764096b Fix akonadi build.
Patch applied by James Cook <james.cook@utoronto.ca>.
2017-06-29 04:51:20 +00:00
John Ericson
16be434b0b Merge accepted cross compilation PRs into staging 2017-06-28 23:17:21 -04:00
Tim Steinbach
4cc729644e Merge pull request #26867 from michalpalka/xen-security-2017.06-new
xen: patch for XSAs: 216, 217, 218, 219, 220, 221, 222, and 224
2017-06-28 22:43:46 -04:00
Tim Steinbach
db17c508ef Merge pull request #26915 from diegs/terraform
terraform: 0.9.6 -> 0.9.9.
2017-06-28 22:39:18 -04:00
Tim Steinbach
fb8a66dcc9 Merge pull request #26945 from NeQuissimus/virtualbox_32bit
virtualbox: Add ability to disable 32-bit guest support
2017-06-28 22:32:12 -04:00
Tim Steinbach
312c2f7961
virtualbox: Add ability to disable 32-bit guest support 2017-06-28 22:24:19 -04:00
John Ericson
e1faeb574a Merge pull request #26884 from obsidiansystems/purge-stdenv-cross
Purge stdenv cross
2017-06-28 21:39:16 -04:00
Jörg Thalheim
7642a76c1a Merge pull request #26926 from dotlambda/master
dmensamenu: init at 1.0.0
2017-06-29 00:29:18 +01:00
Michael Alan Dorman
37f381a970 melpa-packages: 2017-06-28
Removals:
 - relative-line-numbers: removed from melpa
2017-06-28 18:37:31 -04:00
Michael Alan Dorman
b2e148faa0 melpa-stable-packages: 2017-06-28
Removals:
 - relative-line-numbers: removed from melpa
2017-06-28 18:37:30 -04:00
Michael Alan Dorman
e636454c40 elpa-packages: 2017-06-28 2017-06-28 18:37:30 -04:00
John Ericson
aac32fe2d1 vim: cc-wrapper can be relied on to export this env var 2017-06-28 18:31:37 -04:00
John Ericson
9c163cebdd omxplayer: Don't use stdenv.cross 2017-06-28 18:21:05 -04:00
John Ericson
ffa535a0cc fossil: Don't use stdenv.cross 2017-06-28 18:21:05 -04:00
John Ericson
ca94de8c4c offrss: cc-wrapper can be relied on to export this env var 2017-06-28 18:21:05 -04:00
John Ericson
c4443d70df fbida: cc-wrapper can be relied on to export these env vars 2017-06-28 18:21:05 -04:00
John Ericson
a11426c523 ImageMagick: Don't use stdenv.cross
I'm guessing the salient aspect here is not cross compiling itself, but
just whether the host platform is MinGW, so I simplified the logic
accordingly
2017-06-28 18:20:38 -04:00
Will Dietz
a97c803b4b mendeley: ignore errors attempting to install link handler on startup
It's not critical functionality and AFAICT only fails in environments
that wouldn't benefit from "successfully" installing it anyway.

Fixes #24709
Fixes #24821
2017-06-28 17:05:11 -05:00
Robert Helgesson
fa6e946383
eclipse-plugin-jdt: 4.6.2 -> 4.7 2017-06-28 20:56:48 +02:00
Robert Helgesson
556a867186
eclipse-sdk: 4.6.2 -> 4.7 2017-06-28 20:56:48 +02:00
Robert Helgesson
0a52cc1851
eclipse-platform: 4.6.2 -> 4.7 2017-06-28 20:56:43 +02:00
Daniel Peebles
09194cafa8 Merge pull request #26937 from joachifm/lkl-4_11
lkl: 2017-03-24 -> 2017-06-27
2017-06-28 14:35:36 -04:00
Joachim Fasting
0bc3429e77
lkl: 2017-03-24 -> 2017-06-27
Now based on Linux 4.11
2017-06-28 20:14:00 +02:00
Joachim F
c7278cfc0b Merge pull request #26887 from taku0/thunderbird-bin-52.2.1
Thunderbird bin 52.2.1
2017-06-28 19:06:38 +01:00
Tim Steinbach
add90948bc
docker: 17.03.1-ce -> 17.03.2-ce 2017-06-28 12:49:59 -04:00
Shea Levy
24c59a4452 neuron: enable GUI 2017-06-28 11:59:54 -04:00
Thomas Tuegel
59f94b12f3
dropbox: 28.4.14 -> 29.4.20 2017-06-28 08:38:38 -05:00
Frederik Rietdijk
8a62a9b064 Merge pull request #26125 from volth/webkitgtk-naming
rename webkitgtk24x⇒webkitgtk24x-gtk3; webkitgtk2⇒webkitgtk24x-gtk2
2017-06-28 13:54:38 +02:00
Robert Schütz
1a7745d6ec dmensamenu: init at 1.0.0 2017-06-28 11:43:39 +02:00
Jörg Thalheim
ce88027294 jetbrains.gogland: 171.4694.35 -> 171.4694.61 2017-06-28 08:31:08 +01:00
Jörg Thalheim
f849eb2018 jetbrains.datagrip: 2017.1.4 -> 2017.1.5 2017-06-28 08:30:59 +01:00
rht
fef784d09f
zcash: reinit at 1.0.8 2017-06-28 03:26:30 +02:00
John Ramsden
69ecd62a95
Switched from phases to buildCommand, and moved makeWrapper to nativeBuildInputs as reccomended. 2017-06-27 16:19:49 -07:00
Charles Strahan
8e73afb2e1 zoom-us: don't add mesa to the LD_LIBRARY_PATH
zoom-us was failing to launch under the proprietary nvidia drivers,
as described in the comments of #26596.

Closes #26916
2017-06-27 18:43:20 -04:00
Diego Pontoriero
5b90fa0151
terraform: 0.9.6 -> 0.9.9. 2017-06-27 15:04:11 -07:00
Karn Kallio
07dc20e436 kcachegrind : Fix build by adding missing dependencies. 2017-06-27 22:33:06 +02:00
Shea Levy
4d2597981d Partially revert "terraform: 0.9.4 -> 0.9.6."
Terraform point releases are significant changes, we need to keep old ones around

This reverts commit 6a27b46dee.
2017-06-27 16:26:07 -04:00
Karn Kallio
c710ddf7cd okteta : Fix build by adding missing dependencies. 2017-06-27 22:10:00 +02:00
Joachim F
2c30e5e754 Merge pull request #25441 from Hodapp87/draftsight
draftsight: init at 2017-SP1
2017-06-27 21:04:30 +01:00
Joachim F
bccd3feed2 Merge pull request #26450 from oxij/pkg/fix/tor-browser
firefoxPackages: tor-browser: use gtk2 by default (like tor-browser-bin does)
2017-06-27 20:41:27 +01:00
Joachim F
4e44b63892 Merge pull request #26453 from oxij/pkg/fix/ranger
ranger: add imagePreviewSupport option and make previews work out of the box
2017-06-27 20:40:57 +01:00
Karn Kallio
67e4072282 k3b : Fix build by adding missing dependencies. 2017-06-27 21:14:00 +02:00
Joachim F
c27fc66856 Merge pull request #26904 from Ma27/geogebra/make-language-configurable
geogebra: make `language` configurable
2017-06-27 16:21:00 +01:00
Joachim F
bcbf45ff1f Merge pull request #26886 from jonafato/remove-thunderbird-bin-updater
Remove old thunderbird-bin update script
2017-06-27 16:12:37 +01:00
Tim Steinbach
493ae24872 Merge pull request #26870 from lsix/update_nano
nano: 2.8.4 -> 2.8.5
2017-06-27 08:12:52 -04:00
Tim Steinbach
719b506bad Merge pull request #26803 from NeQuissimus/rkt_1_27_0
rkt: 1.26.0 -> 1.27.0
2017-06-27 08:09:40 -04:00
Michał Pałka
7b5d72ce04 xen: patch for XSAs: 216, 217, 218, 219, 220, 221, 222, and 224 (xen 4.8)
This commit contains security patches for xen 4.8. The patches
for XSA-216 applied to the kernel are omitted, as they are part of
80e0cda7ff.

XSA-216 Issue Description:

> The block interface response structure has some discontiguous fields.
> Certain backends populate the structure fields of an otherwise
> uninitialized instance of this structure on their stacks, leaking
> data through the (internal or trailing) padding field.

More: https://xenbits.xen.org/xsa/advisory-216.html

XSA-217 Issue Description:

> Domains controlling other domains are permitted to map pages owned by
> the domain being controlled.  If the controlling domain unmaps such a
> page without flushing the TLB, and if soon after the domain being
> controlled transfers this page to another PV domain (via
> GNTTABOP_transfer or, indirectly, XENMEM_exchange), and that third
> domain uses the page as a page table, the controlling domain will have
> write access to a live page table until the applicable TLB entry is
> flushed or evicted.  Note that the domain being controlled is
> necessarily HVM, while the controlling domain is PV.

More: https://xenbits.xen.org/xsa/advisory-217.html

XSA-218 Issue Description:

> We have discovered two bugs in the code unmapping grant references.
>
> * When a grant had been mapped twice by a backend domain, and then
> unmapped by two concurrent unmap calls, the frontend may be informed
> that the page had no further mappings when the first call completed rather
> than when the second call completed.
>
> * A race triggerable by an unprivileged guest could cause a grant
> maptrack entry for grants to be "freed" twice.  The ultimate effect of
> this would be for maptrack entries for a single domain to be re-used.

More: https://xenbits.xen.org/xsa/advisory-218.html

XSA-219 Issue Description:

> When using shadow paging, writes to guest pagetables must be trapped and
> emulated, so the shadows can be suitably adjusted as well.
>
> When emulating the write, Xen maps the guests pagetable(s) to make the final
> adjustment and leave the guest's view of its state consistent.
>
> However, when mapping the frame, Xen drops the page reference before
> performing the write.  This is a race window where the underlying frame can
> change ownership.
>
> One possible attack scenario is for the frame to change ownership and to be
> inserted into a PV guest's pagetables.  At that point, the emulated write will
> be an unaudited modification to the PV pagetables whose value is under guest
> control.

More: https://xenbits.xen.org/xsa/advisory-219.html

XSA-220 Issue Description:

> Memory Protection Extensions (MPX) and Protection Key (PKU) are features in
> newer processors, whose state is intended to be per-thread and context
> switched along with all other XSAVE state.
>
> Xen's vCPU context switch code would save and restore the state only
> if the guest had set the relevant XSTATE enable bits.  However,
> surprisingly, the use of these features is not dependent (PKU) or may
> not be dependent (MPX) on having the relevant XSTATE bits enabled.
>
> VMs which use MPX or PKU, and context switch the state manually rather
> than via XSAVE, will have the state leak between vCPUs (possibly,
> between vCPUs in different guests).  This in turn corrupts state in
> the destination vCPU, and hence may lead to weakened protections
>
> Experimentally, MPX appears not to make any interaction with BND*
> state if BNDCFGS.EN is set but XCR0.BND{CSR,REGS} are clear.  However,
> the SDM is not clear in this case; therefore MPX is included in this
> advisory as a precaution.

More: https://xenbits.xen.org/xsa/advisory-220.html

XSA-221 Issue Description:

> When polling event channels, in general arbitrary port numbers can be
> specified.  Specifically, there is no requirement that a polled event
> channel ports has ever been created.  When the code was generalised
> from an earlier implementation, introducing some intermediate
> pointers, a check should have been made that these intermediate
> pointers are non-NULL.  However, that check was omitted.

More: https://xenbits.xen.org/xsa/advisory-221.html

XSA-222 Issue Description:

> Certain actions require removing pages from a guest's P2M
> (Physical-to-Machine) mapping.  When large pages are in use to map
> guest pages in the 2nd-stage page tables, such a removal operation may
> incur a memory allocation (to replace a large mapping with individual
> smaller ones).  If this allocation fails, these errors are ignored by
> the callers, which would then continue and (for example) free the
> referenced page for reuse.  This leaves the guest with a mapping to a
> page it shouldn't have access to.
>
> The allocation involved comes from a separate pool of memory created
> when the domain is created; under normal operating conditions it never
> fails, but a malicious guest may be able to engineer situations where
> this pool is exhausted.

More: https://xenbits.xen.org/xsa/advisory-222.html

XSA-224 Issue Description:

> We have discovered a number of bugs in the code mapping and unmapping
> grant references.
>
> * If a grant is mapped with both the GNTMAP_device_map and
> GNTMAP_host_map flags, but unmapped only with host_map, the device_map
> portion remains but the page reference counts are lowered as though it
> had been removed. This bug can be leveraged cause a page's reference
> counts and type counts to fall to zero while retaining writeable
> mappings to the page.
>
> * Under some specific conditions, if a grant is mapped with both the
> GNTMAP_device_map and GNTMAP_host_map flags, the operation may not
> grab sufficient type counts.  When the grant is then unmapped, the
> type count will be erroneously reduced.  This bug can be leveraged
> cause a page's reference counts and type counts to fall to zero while
> retaining writeable mappings to the page.
>
> * When a grant reference is given to an MMIO region (as opposed to a
> normal guest page), if the grant is mapped with only the
> GNTMAP_device_map flag set, a mapping is created at host_addr anyway.
> This does *not* cause reference counts to change, but there will be no
> record of this mapping, so it will not be considered when reporting
> whether the grant is still in use.

More: https://xenbits.xen.org/xsa/advisory-224.html
2017-06-27 12:02:59 +00:00
Michał Pałka
9e6bfbb2f9 xen_4_8: init at 4.8.1
This commit adds the xen_4_8 package to be used instead of
xen (currently at 4.5.5):
 * Add packages xen_4_8, xen_4_8-slim and xen_4_8-light
 * Add packages qemu_xen_4_8 and qemu_xen_4_8-light to be used
   with xen_4_8-slim and xen_4_8-light respectively.
 * Add systemd to buildInputs of xen (it is required by oxenstored)
 * Adapt xen service to work with the new version of xen
 * Use xen-init-dom0 to initlilise dom0 in xen-store
 * Currently, the virtualisation.xen.stored option is ignored
   if xen 4.8 is used
2017-06-27 12:01:53 +00:00
Josef Kemetmueller
2cb5246dd8 gogs: 0.10.18 -> 0.11.19 2017-06-27 11:41:19 +00:00
Maximilian Bosch
9516bbf172
geogebra: make language configurable 2017-06-27 09:51:06 +02:00
Jon Banafato
d8e5c75f75 Remove old thunderbird-bin update script
`thunderbird-bin` appears to now use the
`maintainers/scripts/update.nix` script instead of this ruby script, so
the latter should be removed.
2017-06-26 19:54:24 -04:00
Frederik Rietdijk
9dbfd87ab6 Merge pull request #26849 from vbgl/skrooge-2.8
skrooge: 2.7.0 -> 2.8.1
2017-06-26 22:23:36 +02:00
Frederik Rietdijk
25b12febee Merge pull request #26857 from jerith666/krfb-qtx11extras
krfb: add new qtx11extras dependency
2017-06-26 22:16:28 +02:00
Vincent Laporte
ac83ef3994 glsurf: 3.3 -> 3.3.1 2017-06-26 19:24:33 +02:00
David McFarland
f254af9c19 w3m: remove old cygwin patch 2017-06-26 09:26:10 -03:00
Lancelot SIX
1b792b4edf
nano: 2.8.4 -> 2.8.5
See http://lists.gnu.org/archive/html/info-gnu/2017-06/msg00012.html
for release information.
2017-06-26 11:01:55 +02:00
Nicolas Truessel
813feae594 chromium: 59.0.3071.86 -> 59.0.3071.109 2017-06-26 09:24:56 +02:00
Emmanuel Rosa
994998e475 thunderbird: 52.2.0 -> 52.2.1 2017-06-26 09:01:45 +02:00
Michał Pałka
80e0cda7ff xen: patch for XSAs: 216, 217, 218, 219, 220, 221, 222, and 224
XSA-216 Issue Description:

> The block interface response structure has some discontiguous fields.
> Certain backends populate the structure fields of an otherwise
> uninitialized instance of this structure on their stacks, leaking
> data through the (internal or trailing) padding field.

More: https://xenbits.xen.org/xsa/advisory-216.html

XSA-217 Issue Description:

> Domains controlling other domains are permitted to map pages owned by
> the domain being controlled.  If the controlling domain unmaps such a
> page without flushing the TLB, and if soon after the domain being
> controlled transfers this page to another PV domain (via
> GNTTABOP_transfer or, indirectly, XENMEM_exchange), and that third
> domain uses the page as a page table, the controlling domain will have
> write access to a live page table until the applicable TLB entry is
> flushed or evicted.  Note that the domain being controlled is
> necessarily HVM, while the controlling domain is PV.

More: https://xenbits.xen.org/xsa/advisory-217.html

XSA-218 Issue Description:

> We have discovered two bugs in the code unmapping grant references.
>
> * When a grant had been mapped twice by a backend domain, and then
> unmapped by two concurrent unmap calls, the frontend may be informed
> that the page had no further mappings when the first call completed rather
> than when the second call completed.
>
> * A race triggerable by an unprivileged guest could cause a grant
> maptrack entry for grants to be "freed" twice.  The ultimate effect of
> this would be for maptrack entries for a single domain to be re-used.

More: https://xenbits.xen.org/xsa/advisory-218.html

XSA-219 Issue Description:

> When using shadow paging, writes to guest pagetables must be trapped and
> emulated, so the shadows can be suitably adjusted as well.
>
> When emulating the write, Xen maps the guests pagetable(s) to make the final
> adjustment and leave the guest's view of its state consistent.
>
> However, when mapping the frame, Xen drops the page reference before
> performing the write.  This is a race window where the underlying frame can
> change ownership.
>
> One possible attack scenario is for the frame to change ownership and to be
> inserted into a PV guest's pagetables.  At that point, the emulated write will
> be an unaudited modification to the PV pagetables whose value is under guest
> control.

More: https://xenbits.xen.org/xsa/advisory-219.html

XSA-220 Issue Description:

> Memory Protection Extensions (MPX) and Protection Key (PKU) are features in
> newer processors, whose state is intended to be per-thread and context
> switched along with all other XSAVE state.
>
> Xen's vCPU context switch code would save and restore the state only
> if the guest had set the relevant XSTATE enable bits.  However,
> surprisingly, the use of these features is not dependent (PKU) or may
> not be dependent (MPX) on having the relevant XSTATE bits enabled.
>
> VMs which use MPX or PKU, and context switch the state manually rather
> than via XSAVE, will have the state leak between vCPUs (possibly,
> between vCPUs in different guests).  This in turn corrupts state in
> the destination vCPU, and hence may lead to weakened protections
>
> Experimentally, MPX appears not to make any interaction with BND*
> state if BNDCFGS.EN is set but XCR0.BND{CSR,REGS} are clear.  However,
> the SDM is not clear in this case; therefore MPX is included in this
> advisory as a precaution.

More: https://xenbits.xen.org/xsa/advisory-220.html

XSA-221 Issue Description:

> When polling event channels, in general arbitrary port numbers can be
> specified.  Specifically, there is no requirement that a polled event
> channel ports has ever been created.  When the code was generalised
> from an earlier implementation, introducing some intermediate
> pointers, a check should have been made that these intermediate
> pointers are non-NULL.  However, that check was omitted.

More: https://xenbits.xen.org/xsa/advisory-221.html

XSA-222 Issue Description:

> Certain actions require removing pages from a guest's P2M
> (Physical-to-Machine) mapping.  When large pages are in use to map
> guest pages in the 2nd-stage page tables, such a removal operation may
> incur a memory allocation (to replace a large mapping with individual
> smaller ones).  If this allocation fails, these errors are ignored by
> the callers, which would then continue and (for example) free the
> referenced page for reuse.  This leaves the guest with a mapping to a
> page it shouldn't have access to.
>
> The allocation involved comes from a separate pool of memory created
> when the domain is created; under normal operating conditions it never
> fails, but a malicious guest may be able to engineer situations where
> this pool is exhausted.

More: https://xenbits.xen.org/xsa/advisory-222.html

XSA-224 Issue Description:

> We have discovered a number of bugs in the code mapping and unmapping
> grant references.
>
> * If a grant is mapped with both the GNTMAP_device_map and
> GNTMAP_host_map flags, but unmapped only with host_map, the device_map
> portion remains but the page reference counts are lowered as though it
> had been removed. This bug can be leveraged cause a page's reference
> counts and type counts to fall to zero while retaining writeable
> mappings to the page.
>
> * Under some specific conditions, if a grant is mapped with both the
> GNTMAP_device_map and GNTMAP_host_map flags, the operation may not
> grab sufficient type counts.  When the grant is then unmapped, the
> type count will be erroneously reduced.  This bug can be leveraged
> cause a page's reference counts and type counts to fall to zero while
> retaining writeable mappings to the page.
>
> * When a grant reference is given to an MMIO region (as opposed to a
> normal guest page), if the grant is mapped with only the
> GNTMAP_device_map flag set, a mapping is created at host_addr anyway.
> This does *not* cause reference counts to change, but there will be no
> record of this mapping, so it will not be considered when reporting
> whether the grant is still in use.

More: https://xenbits.xen.org/xsa/advisory-224.html
2017-06-26 07:01:24 +00:00
Jörg Thalheim
7df83abe85 keepassx-community: 2.1.4 -> 2.2.0 2017-06-26 07:31:44 +01:00
Franz Pletz
3156263876
rsync: build with iconv, zlib & popt from nixpkgs
The rsync binary was previously built without iconv support which is needed
for utf-8 conversions on darwin. Fixes #26864.

Additionally rsync used to be built with bundled versions of zlib and popt
that were outdated. This decreases the size of the rsync binary by ~82KB.
2017-06-26 03:48:41 +02:00
Tim Steinbach
1a25495b63
git: 2.13.1 -> 2.13.2 2017-06-25 21:13:23 -04:00
Franz Pletz
40a04291c9
Merge branch 'master' into staging 2017-06-26 02:23:38 +02:00
taku0
800deb5273 thunderbird: 52.2.0 -> 52.2.1 2017-06-26 09:08:38 +09:00
taku0
22773a20e5 thunderbird-bin: 52.2.0 -> 52.2.1 2017-06-26 09:08:28 +09:00
aszlig
bd63daae03
chromium: Add installation of libGLESv2.so
The following errors occur when you start Chromium prior to this commit:

[2534:2534:0625/202928.673160:ERROR:gl_implementation.cc(246)] Failed to
load .../libexec/chromium/swiftshader/libGLESv2.so:
../libexec/chromium/swiftshader/libGLESv2.so: cannot open shared object
file: No such file or directory
[2534:2534:0625/202928.674434:ERROR:gpu_child_thread.cc(174)] Exiting
GPU process due to errors during initialization

While in theory we do not strictly need libGLESv2.so, in practice this
means that the GPU process isn't starting up at all which in turn leads
to crawling rendering performance on some sites.

So let's install all shared libraries in swiftshader.

I've tested this with the chromium.stable NixOS VM test and also locally
on my machine and the errors as well as the performance issues are gone.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-06-25 22:43:25 +02:00
Matt McHenry
cbb39f4382 krfb: add new qtx11extras dependency 2017-06-25 15:35:59 -04:00
Vincent Laporte
999892fd1e skrooge: 2.7.0 -> 2.8.1 2017-06-25 18:45:39 +02:00
Joachim F
90d3a0314c Merge pull request #26836 from Ma27/update/geogebra
geogebra: 5-0-361-0 -> 5-0-369-0
2017-06-25 16:35:13 +01:00
Joachim F
c235bf3e3d Merge pull request #26792 from mdorman/emacs-updates
Automated Emacs package updates
2017-06-25 15:33:19 +01:00
Roman Volosatovs
fd0f02628b
mopidy-local-sqlite: init at 1.0.0 2017-06-25 14:26:15 +02:00
Franz Pletz
ed515c8080
weechat: 1.8 -> 1.9 2017-06-25 14:03:18 +02:00
Maximilian Bosch
f5665e9ab4
geogebra: 5-0-361-0 -> 5-0-369-0 2017-06-25 12:39:30 +02:00
Jörg Thalheim
46427b77f4 Merge pull request #26690 from DIzFer/telegram-update
tdesktop: 1.0.27 -> 1.1.7
2017-06-25 11:37:21 +01:00
Jörg Thalheim
bc488d4cb5 Merge pull request #26834 from calvertvl/upgrade-calibre-to-3.1.1
calibre: 2.84.0 -> 3.1.1
2017-06-25 10:22:50 +01:00
Jörg Thalheim
f506b72308 krita: 3.1.3 -> 3.1.4 2017-06-25 10:18:45 +01:00
Jörg Thalheim
de21c43257 Merge pull request #26829 from dywedir/tiled
tiled: 0.18.2 -> 1.0.1
2017-06-25 09:48:10 +01:00
Jörg Thalheim
24e9ec3166 marble: fix src hash 2017-06-25 09:38:32 +01:00
Jörg Thalheim
f319442b77 keepassxc: fix 4.9 compatibility 2017-06-25 09:36:06 +01:00
Jörg Thalheim
ad42e5f6e5 Merge pull request #26795 from veprbl/root_6.10.00
root: 6.09.02 -> 6.10.00
2017-06-25 09:14:30 +01:00
Frederik Rietdijk
fcd5804d7f konversation: 1.6.2 -> 1.7.2 and fix build 2017-06-25 09:56:34 +02:00
Frederik Rietdijk
fdf181237b yakuake: fix build 2017-06-25 09:56:34 +02:00
Frederik Rietdijk
c7bc8b42f2 kdeconnect: fix build 2017-06-25 09:56:34 +02:00
Victor Calvert
e600317768 calibre: 2.84.0 -> 3.1.1
links-privacy patch was removed as the content server was
rewritten in calibre 3.0.

The rewrite also needed a couple more python packages.
2017-06-25 03:52:36 -04:00
Roman Volosatovs
4ebaed854f
mopidy-local-images: init at 1.0.0 2017-06-25 00:26:02 +02:00
dywedir
33e4afa172 tiled: 0.18.2 -> 1.0.1 2017-06-25 01:08:00 +03:00
Jörg Thalheim
c0303c7110 Merge pull request #26822 from 4z3/bitlbee-facebook
bitlbee-facebook: 1.1.0 -> 1.1.1
2017-06-24 20:45:18 +01:00
Der Pfirsich
2c6fbc737f spotify: 1.0.55.487.g256699aa-16 -> 1.0.57.474.gca9c9538-30 (#26794) 2017-06-24 20:41:05 +01:00
Jörg Thalheim
6741b3ac7c Merge pull request #26807 from ajevans85/crashplan-4-8-3
crashplan: 4.8.2 -> 4.8.3
2017-06-24 19:57:28 +01:00
tv
267ea50604 bitlbee-facebook: 1.1.0 -> 1.1.1 2017-06-24 20:37:32 +02:00
Dmitry Kalinkin
ada12f46dc
root: 6.09.02 -> 6.10.00
also workaround #26197
2017-06-24 13:38:25 -04:00
Yann Hodique
1be7323f5a hugo: 0.24 -> 0.24.1 2017-06-24 08:26:44 -07:00
Jörg Thalheim
40ccf99373 Merge pull request #26743 from sigma/pr/hugo-0.24
hugo: 0.23 -> 0.24
2017-06-24 16:23:52 +01:00
ajevans
76e019ad9f crashplan: 4.8.2 -> 4.8.3 2017-06-24 16:19:30 +10:00
John Ericson
87fab3d6a5 Merge some merged cross-compilation PRs into into staging 2017-06-23 20:24:27 -04:00
Tim Steinbach
328617accd
rkt: 1.26.0 -> 1.27.0 2017-06-23 19:24:19 -04:00
aszlig
06271b6eba
krita: Fix build dependencies
First of all, we need a newer version of Vc, because at least version
1.1.0 is required for Krita 3.1.3.

Also, qtmultimedia and qtx11extras were missing.

Built and tested successfully on my machine.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @abbradar
2017-06-23 22:15:05 +02:00
John Ericson
afd2bdbad2 Merge pull request #26007 from obsidiansystems/cc-wrapper-prefix
Get rid of gcc-cross-wrapper
2017-06-23 11:22:34 -04:00
Michael Alan Dorman
eea95af5d1 melpa-packages: 2017-06-23
Removals:
 - todochiku - Removed from melpa
2017-06-23 11:05:12 -04:00
Michael Alan Dorman
40e17794ce melpa-stable-packages: 2017-06-23 2017-06-23 11:05:12 -04:00
Michael Alan Dorman
a10c8a97b4 org-packages: 2017-06-23 2017-06-23 11:05:12 -04:00
Michael Alan Dorman
8a714e3bb6 elpa-packages: 2017-06-23 2017-06-23 11:05:11 -04:00
Frederik Rietdijk
4f0d812abc python.pkgs.spyder: remove maintainers
since we both do not use this package anymore.
cc @bjornfor
2017-06-23 10:44:42 +02:00
Jörg Thalheim
f3b626cf4d Merge pull request #26770 from volth/jetbrains-update-script-2
jetbrains updater: use perlPackages.LWPProtocolhttps
2017-06-23 09:42:51 +01:00
aszlig
63fb845fcf
virtualbox: Rebase hardened.patch on top of 5.1.22
The merge of the version bump in
6fb9f89238 didn't take care of our patch
for the hardening mode and thus enabling VirtualBox without also
force-disabling hardening mode will result in a build error.

While the patch is largely identical with the old version, I've removed
one particular change around the following code:

    if (pFsObjState->Stat.st_mode & S_IWOTH)
        return supR3HardenedSetError3(VERR_SUPLIB_WORLD_WRITABLE, pErrInfo,
                                      "World writable: '", pszPath, "'");

In the old version of the patch we have checked whether the path is
within the Nix store and suppressed the error return if that's the case.

The reason why I did that in the first place was because we had a bunch
of symlinks which were writable.

In VirtualBox 5.1.22 the code specifically checks whether the file is a
symlink, so we can safely drop our change.

Tested via all of the "virtualbox" NixOS VM subtests and they now all
succeed.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-06-23 05:48:54 +02:00
Tim Steinbach
6fb9f89238 Merge pull request #25368 from bachp/virtualbox-5.1.22
virtualbox: 5.1.18 -> 5.1.22
2017-06-22 21:23:47 -04:00
Tim Steinbach
56761c9b3d
minikube: 0.19.1 -> 0.20.0 2017-06-22 20:27:33 -04:00
John Ericson
7c754b1e3b mpg123: Modernize and fix for cross
Do not even think about configureFlags unless in cross, to avoid hash
breaking when not in cross.
2017-06-22 17:53:55 -04:00
John Ericson
502902f1c6 lynx: Fix for cross
Needed C toolchain targeting build platform
2017-06-22 17:53:55 -04:00
John Ericson
7bdacad8b3 ed: Modernize and fix for cross 2017-06-22 17:53:53 -04:00
John Ericson
8b22e497f2 vim: Modernize derivation, hopefully fixing cross 2017-06-22 17:53:53 -04:00
John Ericson
594d264205 cross stdenv adaptor: Support --host --build --target across the board
Packages get --host and --target by default, but can explicitly request
any subset to be passed as needed. See docs for more info.

rustc: Avoid hash breakage by using the old (ignored)
dontSetConfigureCross when not cross building
2017-06-22 17:52:28 -04:00
Volth
a2605322c6 fixed regexp, it did not match the last block 2017-06-22 19:16:19 +00:00
Volth
7fa29f39d1 a little simpification (use File::Slurp) 2017-06-22 19:08:19 +00:00
aszlig
1f65182272
electrum: Unify protobuf dependencies
Since 9c57f3b5c0 bumped the protobuf
version because the new upstream requires it, electrum now gets
protobuf3_0 *and* protobuf3_2 instead of just one version.

This leads to the following build errer:

Found duplicated packages in closure for dependency 'protobuf':
  protobuf 3.0.2 (...-python2.7-protobuf-3.0.2/lib/python2.7/site-packages)
  protobuf 3.2.0 (...-python2.7-protobuf-3.2.0/lib/python2.7/site-packages)

Using protobuf3_2 for keepkey and electrum fixes the build.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @np
2017-06-22 21:06:17 +02:00
Volth
00101eb7c9 jetbrains updater: use perlPackages.LWPProtocolhttps 2017-06-22 19:00:28 +00:00
Jörg Thalheim
d1eefba3a4 jetbrains: use nix-shell shebang in update script 2017-06-22 17:34:04 +01:00
Volth
1a87975910 update script for jetbrains products 2017-06-22 16:06:23 +00:00
Jörg Thalheim
c89efa3cbc Merge pull request #26753 from volth/jetbrains-update-2017.1.4
jetbrains.{ruby-mine,webstorm,datagrip,phpstorm}: 2017.1 -> 2017.1.4
2017-06-22 16:37:32 +01:00
David Izquierdo
aa2b643e4b tdesktop: 1.0.27 -> 1.1.7 2017-06-22 09:20:51 +02:00
Jens Binkert
aff15c4b7b pidgin-sipe: 1.22.0 -> 1.22.1 2017-06-22 06:02:07 +02:00
Volth
bf5c57e1b8 jetbrains.{ruby-mine,webstorm,datagrip,phpstorm}: 2017.1 -> 2017.1.4 2017-06-21 19:35:02 +00:00
Yann Hodique
0d72dfdcdf hugo: fix github repo owner 2017-06-21 06:13:31 -07:00
Yann Hodique
66a5e0c8e0 hugo: 0.23 -> 0.24 2017-06-21 06:04:09 -07:00
Tim Steinbach
f1ea37c1b4 Merge pull request #26735 from NeQuissimus/minikube_0_19_1
minikube: 0.19.0 -> 0.19.1
2017-06-21 07:31:29 -04:00
Jörg Thalheim
a3f054d8ad
dino: 2017-06-13 -> 2017-06-21 2017-06-21 09:42:46 +01:00
Tim Steinbach
fdc7cf8238
minikube: 0.19.0 -> 0.19.1 2017-06-20 19:32:29 -04:00
Michael Weiss
d04286be34 quiterss: 0.18.5 -> 0.18.6 2017-06-20 23:31:02 +02:00
Jan Malakhovski
08ba40ae9c ranger: add imagePreviewSupport option and make previews work out of the box
Before one had to turn it on manually and update the preview script in dotfiles
manually when ranger updates.

Now it requires zero configuration. Just run `ranger` and it works, and
should continue to work automagically when ranger updates.

Everything still can be (de)configured via `rc.conf` in dotfiles.
2017-06-20 13:54:42 +00:00
Franz Pletz
a01f1c0a42
sniproxy: 0.4.0 -> 0.5.0 2017-06-20 07:43:14 +02:00
Franz Pletz
b6cf652e08
boinc: 7.4.42 -> 7.8.0 2017-06-20 05:19:31 +02:00
Franz Pletz
b0b9182241
gnuradio: 3.7.10.1 -> 3.7.11 2017-06-20 03:56:43 +02:00
Franz Pletz
1466bdd98f
wireshark: 2.2.6 -> 2.2.7 2017-06-20 03:56:42 +02:00
Franz Pletz
f33708bb7d
opusTools: 0.1.9 -> 0.1.10 2017-06-20 03:56:41 +02:00
Franz Pletz
c8948e9109
josm: 11826 -> 12275 2017-06-20 03:56:39 +02:00
Franz Pletz
aea08dd53e
kanboard: 1.0.40 -> 1.0.44 2017-06-20 03:45:38 +02:00
Rok Garbas
b1f76ebb73 firefox-devedition-bin: 54.0b14 -> 55.0b2 2017-06-19 16:09:10 +02:00
Rok Garbas
a19514df76 firefox-beta-bin: 54.0b13 -> 55.0b2 2017-06-19 16:09:10 +02:00
Joachim F
babfd23364 Merge pull request #26663 from vandenoever/musescore
musescore: 2.0.3 -> 2.1.0
2017-06-19 14:29:03 +01:00
Peter Hoeg
9193bcb6b4 kde-applications: 17.04.1 -> 17.04.2
use https as the remote server expects it
2017-06-19 19:26:52 +08:00
Peter Hoeg
392f4acee9 kde-applications: fix command in doc 2017-06-19 19:26:52 +08:00
Peter Hoeg
63011015b9 virtmanager-qt: 0.43.70.2 -> 0.43.72 2017-06-19 19:26:19 +08:00
Frederik Rietdijk
d159271516 Merge pull request #26705 from jerith666/cp-ver-fix
crashplan: move version and rev inside 'mkDerivation rec', simplify src
2017-06-19 09:41:17 +02:00
Pascal Wittmann
d1ca00d79b Merge pull request #26701 from marsam/master
mopidy-spotify: 3.0.0 -> 3.1.0
2017-06-19 09:38:08 +02:00
Bart Brouns
d454675ef6 faust: 2.0.a51 -> 2.1.0 2017-06-19 09:37:48 +02:00
Mario Rodas
3d5a0f8c2f mopidy-spotify: 3.0.0 -> 3.1.0 2017-06-18 17:25:46 -05:00
Daiderd Jordan
59634a6639 Merge pull request #26700 from gleber/fix-qmakeHook
qt: fix qmakeHook -> qmake in few packages.
2017-06-18 21:31:12 +02:00
Gabriel Ebner
89e02c7516 lean: 3.1.0 -> 3.2.0 2017-06-18 20:04:30 +02:00
Gleb Peregud
2fb67d9b83 qt: fix qmakeHook -> qmake in few packages.
This seem to have been broken in #26336.
2017-06-18 19:32:51 +02:00
Jörg Thalheim
413d84f9f8 Merge pull request #26694 from romildo/upd.vivaldi
vivaldi: 1.9.818.44-1 -> 1.10.867.38-1
2017-06-18 16:33:50 +01:00
Thomas Tuegel
dab7700f6c
qt58: determine plugin and import paths from PATH
Plugin and QML import paths were previously determined by NIX_PROFILES. Using
PATH instead allows Qt applications to work under nix-shell without further
modification.
2017-06-18 08:44:47 -05:00
Thomas Tuegel
faf0d3e91d
kdeFrameworks: fixup inputs and outputs
- Reduce environment pollution with a separate $bin output containing programs,
  plugins, and shared data. Libraries remain in $out and are not installed into
  the environment.
- Only propagate build inputs as required.
2017-06-18 08:44:45 -05:00
Thomas Tuegel
fceb3794a2
akonadi: do not store path to pg_ctl in configuration 2017-06-18 08:44:44 -05:00
Thomas Tuegel
be9a4fe6ca
akonadi: do not store path to mysqld in configuration 2017-06-18 08:44:44 -05:00
Thomas Tuegel
3acfd31050
akonadi: fix runtime paths 2017-06-18 08:44:44 -05:00
Thomas Tuegel
d9f29afa64
qt5: use one output by default 2017-06-18 08:44:43 -05:00
Thomas Tuegel
c816bbc8a8
qt5: remove makeQtWrapper 2017-06-18 08:44:42 -05:00
Thomas Tuegel
870c07cc2b
sddm: take themes from system environment 2017-06-18 08:43:39 -05:00
Thomas Tuegel
be7b7d908f
Remove kdeWrapper 2017-06-18 08:43:39 -05:00
romildo
f6763c80e1 vivaldi: 1.9.818.44-1 -> 1.10.867.38-1
- Update to version 1.10.867.38-1
- Drop i386 arch. Vivaldi has suspended support for Linux 32-bit for
  Vivaldi 1.10. Unfortunately, this is due to Chromium suspending support
  for it and maintaining it themselves would take too much resources.
  See https://forum.vivaldi.net/post/142489.
- Update dependency on gtk2 to gtk3.
- Move dependency patchelf from buildInputs to nativeBuildInputs.
2017-06-18 10:43:01 -03:00
Thomas Tuegel
6beea32ab1
kdeApplications: rename kdeApp to mkDerivation 2017-06-18 08:42:20 -05:00
Thomas Tuegel
7b6f8dc77f
qt5: move kdeDerivation to qt5.mkDerivation 2017-06-18 08:42:19 -05:00
Thomas Tuegel
210f688802
qt5: rename qmakeHook to qmake 2017-06-18 08:41:57 -05:00
Thomas Tuegel
3f3d33a078
qt5: use distinct lib/qt-5.x prefix for each minor version
Using a distinct prefix for plugins and QML libraries allows multiple Qt 5 minor
versions to coexist in the same environment.
2017-06-18 08:41:57 -05:00
Jörg Thalheim
130082d012
communi: fix forbidden build references 2017-06-18 12:40:58 +01:00
Peter Hoeg
4eeefadf4f krename: 20161228 -> 20170610 2017-06-18 18:40:30 +08:00
Pascal Wittmann
4e89e18852
shotwell: 0.26.1 -> 0.26.2 2017-06-18 12:33:57 +02:00