Commit Graph

101272 Commits

Author SHA1 Message Date
Robin Gloster
108c6d1a03
socat: 1.7.3.1 -> 1.7.3.2
fixes compatibility with openssl 1.1.0 (and libressl)
2017-02-17 00:11:03 +01:00
Robin Gloster
31ff2ac057
systemd: add patch to fix docker
843d5baf6a

"don't use the unified hierarchy for the systemd cgroup yet"

fixes #22472
2017-02-16 23:56:27 +01:00
Vladimír Čunát
6c1ba72878
kde5.khotkey: fix patch hash wrongly added in b719852 2017-02-16 22:17:51 +01:00
Vladimír Čunát
5ad81ab09c
libxml2: bugfix updates from git upstream
This should solve CVE-2016-5131 and some other bugs, but not what Suse
calls CVE-2016-9597: https://bugzilla.suse.com/show_bug.cgi?id=1017497
The bugzilla discussion seems to indicate that the CVE is referenced
incorrectly and only shows reproducing when using command-line flags
that are considered "unsafe".

CVE-2016-9318 also remains unfixed, as I consider their reasoning OK:
https://lwn.net/Alerts/714411/

/cc #22826.
2017-02-16 20:18:17 +01:00
Vladimír Čunát
524de86db0
findutils: plug a memory leak (close #22857)
Using the upstream patch directly.  It's copied in nixpkgs, because:
 - fetchpatch isn't usable at this point in bootstrapping,
 - the upstream patch creates collisions in NEWS.
2017-02-16 19:16:51 +01:00
Vladimír Čunát
e962a3c95f
Merge branch 'master' into staging 2017-02-16 19:02:37 +01:00
Daniel Peebles
19a9099eb2 Merge pull request #22869 from copumpkin/amazon-init-fix
amazon-init NixOS module: fix (I think) race condition with network
2017-02-16 12:44:49 -05:00
Vladimír Čunát
55cc7700e9
Revert "Merge: glibc: 2.24 -> 2.25"
This reverts commit 1daf2e26d2, reversing
changes made to c0c50dfcb7.

It seems this is what has been causing all the reliability problems
on Hydra.  I'm currently unable to find why it happens, so I'm forced
to revert the update for now.  Discussion: #22874.
2017-02-16 18:16:06 +01:00
Rob Vermaas
1c366b4e06
nixops: update to 1.5
(cherry picked from commit 780a38c611162c34229c9d06b09dd4ec2f8466f4)
2017-02-16 17:03:12 +00:00
Frederik Rietdijk
624cd8ae9e Merge pull request #22593 from teh/master
Update scrapy & dependencies
2017-02-16 17:27:57 +01:00
Tom Hunger
69363e9611 Move scrapy to its own module and add patch to fix broken permission code.
Scrapy is usually installed via pip where copying all permissions
makes sense. In Nix the files copied are owned by root and
readonly. As a consequence scrapy can't edit the project templates so

  scrapy startproject

fails.
2017-02-16 16:21:46 +00:00
Thomas Tuegel
7c260ad2cc Merge pull request #22813 from benley/pam-kwallet
nixos: add optional pam_kwallet5 integration
2017-02-16 10:20:47 -06:00
Dan Peebles
b172684c17 amazon-init NixOS module: fix (I think) race condition with network
The initialization code is now a systemd service that explicitly
waits for network-online, so the occasional failure I was seeing
because the `nixos-rebuild` couldn't get anything from the binary
cache should stop. I hope!
2017-02-16 16:03:58 +00:00
Nikolay Amiantov
a72dc9f3bf compton: 0.1_beta2 -> 0.1_beta2.5 2017-02-16 17:50:58 +03:00
Graham Christensen
cfbddd3ae0 Merge pull request #22867 from maurer/openssl-cve-2017-3733
openssl: 1.1.0d -> 1.1.0e for High severity CVE-2017-3733
2017-02-16 09:29:29 -05:00
Matthew Maurer
0d2ba7ef2b openssl: 1.1.0d -> 1.1.0e for High severity CVE-2017-3733 2017-02-16 09:16:41 -05:00
Nikolay Amiantov
0c81594a29 kbd service: use /dev/tty1 for systemd-vconsole-setup
Fixes #22470
2017-02-16 17:08:14 +03:00
Nikolay Amiantov
109ee2a338 kbd service: use systemd-vconsole-setup even with early setup
This way we have fonts reloaded on switches.
2017-02-16 17:08:13 +03:00
Joachim Fasting
bc2f53fd29
grsecurity: 4.9.8-201702071801 -> 4.9.10-201702152052 2017-02-16 14:51:25 +01:00
Joachim Fasting
2d643613f3
mozart: refactoring
- Append emacs to the oz wrapper's command search path rather than the
  rpath.  Previously, emacs would end up in the closure but the oz
  shell script would not be helped by it. Now a user without emacs in
  their PATH can still get the complete Oz experience (which depends
  crucially on emacs).  To build a variant without emacs, do
  mozart.override { emacs = null; }
- Patch full path to oz executable into the oz desktop item to make the
  output less reliant on the runtime PATH
- Compress .elc files to save a little bit of space
- Make it easier to extend platform support
- Inline builder.sh
- Be more specific about patching.  oz and ozc are capable of inferring
  OZHOME themselves; thus we generate wrappers only for the binary
  executable components.

Note that gmp and boost would be removed by patchelf --shrink-path; I've
no idea whether they are used somehow, so we leave them in and forego
rpath shrinking for now.
2017-02-16 14:51:08 +01:00
José Romildo Malaquias
a46258ed0a lxappearance: 0.6.2 -> 0.6.3 (#22865) 2017-02-16 13:31:42 +00:00
Nikolay Amiantov
5125ecb2c1 blueman: add librsvg 2017-02-16 16:08:28 +03:00
Graham Christensen
073ca2b34f
aspcu: 1.9.0 -> 1.9.1 2017-02-16 07:55:25 -05:00
Graham Christensen
52026edf98 Merge pull request #22839 from ilya-kolpakov/master
boost: 1.63.0 (not default)
2017-02-16 07:42:40 -05:00
Nikolay Amiantov
434affb14d openbox: fix openbox-xdg-autostart
Also add more optional dependencies.
2017-02-16 15:32:03 +03:00
Peter Simons
3c0b1919e7 git-annex: update sha256 hash for the new version 2017-02-16 11:49:42 +01:00
Peter Simons
5e910bcbf6 hackage-packages.nix: automatic Haskell package set update
This update was generated by hackage2nix v2.0.4-12-gf83834c from Hackage revision
2701517fd6.
2017-02-16 11:49:11 +01:00
Peter Simons
918a5926c6 hackage2nix: drop obsolete extra packages 2017-02-16 11:48:10 +01:00
Peter Simons
34584b2c3c hackage: update snapshot to 2017-02-12T15:49:03Z 2017-02-16 11:48:10 +01:00
Robin Gloster
790e5bf4d8
ecryptfs: fix after security wrapper change
The replacements matched to much due to wrapperDir having `/bin` in its
path now.

cc #16654
2017-02-16 11:35:41 +01:00
Peter Hoeg
de31599f3f Merge pull request #22859 from peterhoeg/u/tf
terraform: 0.8.6 -> 0.8.7
2017-02-16 18:33:11 +08:00
Eelco Dolstra
97fc806a7b
nix-prefetch-zip: Remove
This script is not needed anymore since "nix-prefetch-url --unpack
<url>" and "nix-prefetch-url -A foo.src" (where "foo.src" is a
fetchzip / fetchFromGitHub call) work fine.
2017-02-16 11:28:23 +01:00
Peter Hoeg
0418f784b2 terraform: 0.8.6 -> 0.8.7 2017-02-16 16:19:41 +08:00
Benjamin Staffin
463e90273f pam: add optional pam_kwallet5 integration 2017-02-16 02:26:42 -05:00
Graham Christensen
7943dc8978 Merge pull request #22843 from bendlas/update-webkitgtk
webkitgtk212x: remove
2017-02-15 21:28:35 -05:00
Graham Christensen
b3c6449e13 Merge pull request #22844 from LnL7/vim-8.0.0329
vim: 8.0.0075 -> 8.0.0329
2017-02-15 21:27:43 -05:00
Graham Christensen
395182330c Merge pull request #22853 from kierdavis/fix-22677-quassel
Fix typo introduced by #22677
2017-02-15 21:24:16 -05:00
Graham Christensen
b207bf523b
redis: 3.2.5 -> 3.2.7 for two vulnerabilities
more: https://www.reddit.com/r/redis/comments/5r8wxn/redis_327_is_out_important_security_fixes_inside/
2017-02-15 19:46:46 -05:00
Stefan Goetz
61f2f8c98a youtube-dl: 2017.02.04.1 -> 2017.02.16 (#22851) 2017-02-16 00:46:10 +01:00
Kier Davis
5e3a26e07b
Fix typo introduced by #22677 2017-02-15 23:44:11 +00:00
Bjørn Forsman
d4e5bb34b7 nixos/geoip-updater: run as user 'geoip' instead of 'nobody'
That way 'nobody' is prevented from messing with the databases.
2017-02-15 23:25:27 +01:00
Tom Hunger
c10b0e7bc4 scrapy: 1.1.2 -> 1.3.1 2017-02-15 22:13:16 +00:00
Tom Hunger
dde5350971 w3lib: 1.14.2 -> 1.17.0 2017-02-15 22:13:16 +00:00
Tom Hunger
17e9f21b9c parsel: 1.0.3 -> 1.1.0 2017-02-15 22:13:16 +00:00
Jascha Geerds
900fc49013 Merge pull request #22775 from peterhoeg/u/qtox
tox clients and libraries updates
2017-02-15 23:05:14 +01:00
Vladimír Čunát
7832806e20
fontconfig: fixup fragile build after ab5fe171a
Sometimes it might fail due to timestamps suggesting some files needed
regenerating and failing to find gperf.  Now it should be OK, I hope.
2017-02-15 21:06:27 +01:00
Daiderd Jordan
d2d12c2f4c
vim: 8.0.0075 -> 8.0.0329 2017-02-15 21:00:59 +01:00
Robert Helgesson
0969569902
eclipse-plugin-yedit: init at 1.0.20.201509041456 2017-02-15 20:53:37 +01:00
Herwig Hochleitner
54e3fad0f4 webkitgtk212x: remove
2.12 isn't maintained anymore and superseded by the (compatible) 2.14
2017-02-15 20:29:05 +01:00
Franz Pletz
eda8ee2830 Merge pull request #22752 from LumiGuide/syslog-ng-3.9.1
syslog-ng: 3.6.2 -> 3.9.1
2017-02-15 20:12:02 +01:00