Commit Graph

39430 Commits

Author SHA1 Message Date
Shea Levy
9cf29b7039 llvm: Propagate ncurses and zlib
Really shouldn't be needed with shared libs, should patch llvm-config

Fixes #1601

Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-03 18:11:00 -05:00
Eelco Dolstra
34638ebc1e cleanSource: Support Mercurial 2014-02-03 23:44:11 +01:00
Eelco Dolstra
9e7fe29e41 ntpd: Don't answer status queries
Workaround for CVE-2013-5211:

http://support.ntp.org/bin/view/Main/SecurityNotice#DRDoS_Amplification_Attack_using
2014-02-03 23:44:11 +01:00
Eelco Dolstra
d451d12128 ntp: Update to 4.2.6p5 2014-02-03 23:44:11 +01:00
Shea Levy
5e72e36f95 gummiboot-builder.py: Remove old entries before adding new ones
Fixes #1483

Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-03 17:41:31 -05:00
Karn Kallio
e1b422d348 Update perl CPAN GraphViz package to work with latest graphviz. 2014-02-03 23:30:18 +01:00
Karn Kallio
1739fcf612 pure: The pure interpreter does not now build with llvm 3.4 on linux. 2014-02-03 23:30:18 +01:00
Karn Kallio
b572051882 mlton: fix build with latest version. 2014-02-03 23:30:18 +01:00
Shea Levy
f2210651eb Revert "Hide nodePackages from nix-env"
Now node packages that aren't just programs have a node- prefix in their
names.

This reverts commit 2f11bc495b.

Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-03 17:28:38 -05:00
Shea Levy
3bec816e0d Update node packages to np2nix 5.5.0
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-03 17:23:54 -05:00
Shea Levy
448dc031ed Document EFI installation
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-03 17:05:23 -05:00
Shea Levy
d6ef65cb6a Limit livecd label to 11 characters
vfat partition labels can only be 11 characters long

Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-03 17:05:04 -05:00
Moritz Maxeiner
8e74e1fded Replace the current Yubikey PBA implementation with the previous one.
Rationale:
  * The main reason for choosing to implement the PBA in accordance
    with the Yubico documentation was to prevent a MITM-USB-attack
    successfully recovering the new LUKS key.
  * However, a MITM-USB-attacker can read user id and password when
    they were entered for PBA, which allows him to recover the new
    challenge after the PBA is complete, with which he can challenge
    the Yubikey, decrypt the new AES blob and recover the LUKS key.
  * Additionally, since the Yubikey shared secret is stored in the
    same AES blob, after such an attack not only is the LUKS device
    compromised, the Yubikey is as well, since the shared secret
    has also been recovered by the attacker.
  * Furthermore, with this method an attacker could also bruteforce
    the AES blob, if he has access to the unencrypted device, which
    would again compromise the Yubikey, should he be successful.
  * Finally, with this method, once the LUKS key has been recovered
    once, the encryption is permanently broken, while with the previous
    system, the LUKS key itself it changed at every successful boot,
    so recovering it once will not necessarily result in a permanent
    breakage and will also not compromise the Yubikey itself (since
    its secret is never stored anywhere but on the Yubikey itself).

Summary:
The current implementation opens up up vulnerability to brute-forcing
the AES blob, while retaining the current MITM-USB attack, additionally
making the consequences of this attack permanent and extending it to
the Yubikey itself.
2014-02-03 22:50:17 +01:00
Domen Kožar
e96bc485db retroshare: 0.5.1d -> 0.5.5c 2014-02-03 21:54:45 +01:00
Vladimír Čunát
3fe1656376 libav: bugfix updates for both branches; maintain 2014-02-03 21:43:55 +01:00
Bjørn Forsman
15eed826b6 psqlodbc: update from 8.3 to 9.3 (fixes build) 2014-02-03 21:08:27 +01:00
Shea Levy
b4a9fff1aa Update node packages
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-03 14:43:21 -05:00
Peter Simons
c19547ad42 haskell-shelly: update to version 1.4.4 2014-02-03 18:30:02 +01:00
Peter Simons
a2d903d213 haskell-pipes-network: update to version 0.6.2 2014-02-03 18:30:02 +01:00
Peter Simons
dae7d83454 haskell-doctest: update to version 0.9.10.1 2014-02-03 18:30:02 +01:00
Peter Simons
55bcf1bcc5 haskell-atomic-primops: update to version 0.6 2014-02-03 18:30:02 +01:00
Peter Simons
aaa462c4bc haskell-abstract-deque: update to version 0.2.2.1 2014-02-03 18:30:02 +01:00
Karn Kallio
26ea10a775 proofgeneral: fix build with earlier version of texinfo. 2014-02-03 18:26:20 +01:00
Georges Dubus
8677b19c9d silver-searcher: updated to 0.19.2
Also fixed the "libgcc_s.so.1 must be installed for pthread_cancel to
work" problem.
2014-02-03 18:21:43 +01:00
Gergely Risko
8e7518f923 Added snapBlaze and sqliteSimple haskell packages 2014-02-03 18:21:42 +01:00
Bjørn Forsman
700c1323b8 sqliteodbc: fix library location
Commit d7d3c8fd82 (sqliteodbc: update to
0.995, add more metadata) mistakenly moved libraries from $out/lib to
$out (or rather stopped moving them from $out to $out/lib).

Move them back to $out/lib where they're expected to be and referred to
by the /etc/odbcinst.ini snippet.
2014-02-03 18:13:26 +01:00
Bjørn Forsman
34484e65f3 arp-scan: new package
Arp-scan is a command-line tool that uses the ARP protocol to discover
and fingerprint IP hosts on the local network.

http://www.nta-monitor.com/tools-resources/security-tools/arp-scan
2014-02-03 12:37:51 +01:00
Vladimír Čunát
9dd9e52c0c pidgin: bugfix 2.10.8 -> .9
Fixes connection to some servers broken by the previous update.
2014-02-03 10:05:47 +01:00
Shea Levy
2cf7bc982b idris requires llvm-general-3.3 currently
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-02 20:40:29 -05:00
Shea Levy
134546bca2 clang: Fix linking with -flto
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-02 20:39:16 -05:00
Shea Levy
06ef22bcdd llvm-general: Fix build
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-02 20:36:50 -05:00
Shea Levy
86c587134b llvm-3.4: Try to fix build on darwin
Signed-off-by: Shea Levy <shea@shealevy.com>
2014-02-02 19:47:59 -05:00
Peter Simons
710ddf7662 haskell-trifecta: update jail-breaking code 2014-02-02 23:36:22 +01:00
Peter Simons
c6053075bd haskell-hakyll: jailbreak to fix build with recent versions of regex-tdfa
https://github.com/NixOS/nixos/issues/281
2014-02-02 23:16:29 +01:00
Peter Simons
e3651da23e haskell-lens: add version 4.0 2014-02-02 22:36:13 +01:00
Peter Simons
f16f44662f haskell-aeson: fix build of version 0.7.x 2014-02-02 22:36:13 +01:00
Peter Simons
422eda499e haskell-hlint: update to version 1.8.56 2014-02-02 22:36:13 +01:00
Peter Simons
4675368065 haskell-yesod-form: update to version 1.3.5 2014-02-02 22:36:13 +01:00
Peter Simons
012006bd96 haskell-yesod-core: update to version 1.2.6.6 2014-02-02 22:36:12 +01:00
Peter Simons
c21822f64f haskell-yesod-bin: update to version 1.2.5.8 2014-02-02 22:36:12 +01:00
Peter Simons
b5041566b4 haskell-web-routes: update to version 0.27.5 2014-02-02 22:36:12 +01:00
Peter Simons
1dfed43619 haskell-web-routes-boomerang: update to version 0.28.2 2014-02-02 22:36:12 +01:00
Peter Simons
c162ba42e5 haskell-warp: update to version 2.0.2.1 2014-02-02 22:36:12 +01:00
Peter Simons
f834ae003f haskell-snap: update to version 0.13.2.2 2014-02-02 22:36:12 +01:00
Peter Simons
b409b23fa0 haskell-shelly: update to version 1.4.3.1 2014-02-02 22:36:12 +01:00
Peter Simons
e78bcf3b16 haskell-safe: update to version 0.3.4 2014-02-02 22:36:12 +01:00
Peter Simons
99c930d791 haskell-pipes: update to version 4.1.0 2014-02-02 22:36:12 +01:00
Peter Simons
599d0e193c haskell-pipes-safe: update to version 2.0.2 2014-02-02 22:36:12 +01:00
Peter Simons
3212a49491 haskell-pipes-parse: update to version 3.0.0 2014-02-02 22:36:12 +01:00
Peter Simons
7ff0169247 haskell-pipes-concurrency: update to version 2.0.2 2014-02-02 22:36:12 +01:00