Commit Graph

431 Commits

Author SHA1 Message Date
Franz Pletz
58f15c1f95
unrar: 5.5.5 -> 5.5.7 for multiple CVEs
Fixes CVE-2012-6706, CVE-2017-12940, CVE-2017-12941, CVE-2017-12942.
2017-09-28 14:52:37 +02:00
John Ericson
531e4b80c9 misc pkgs: Basic sed to get fix pkgconfig and autoreconfHook buildInputs
Only acts on one-line dependency lists.
2017-09-21 15:49:53 -04:00
Frederik Rietdijk
13bbaee21d Merge pull request #27881 from mimadrid/fix/http-https
Update homepage attributes: http -> https
2017-08-13 21:53:20 +02:00
John Ericson
a8bd415fa0 unzip: cc-wrapper has been fixed so don't need to be so clever 2017-08-07 03:05:51 -04:00
mimadrid
09e0cc7cc7
Update homepage attributes: http -> https
Homepage link "http://.../" is a permanent redirect to "https://.../" and should be updated
https://repology.org/repository/nix_stable/problems
2017-08-03 11:56:15 +02:00
Silvan Mosberger
f5fa5fa4d6 pkgs: refactor needless quoting of homepage meta attribute (#27809)
* pkgs: refactor needless quoting of homepage meta attribute

A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.

* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit

* Fixed some instances
2017-08-01 22:03:30 +02:00
Karn Kallio
bd129c2b3e unzipNLS : Fix build by removing patch fuzz. 2017-07-09 10:44:48 +02:00
Vladimír Čunát
d1a89ae9d7
Merge branch 'master' into staging 2017-07-03 09:48:58 +02:00
Vladimír Čunát
6cad339a0e
p7zip: add commit ID to the patch
We still do mirror the patch (I think), as `nix-build -Q -A p7zip.patches`
downloaded it on my machine.  I verified that only the diff headers differ;
it's still better to have another working download and Fedora's URLs are
less likely to disappear than Debian's.
/cc #27075.
2017-07-03 08:19:20 +02:00
es_github
674e46d643 p7zip: Update CVE-2016-9296 patch URL.
The debian source for this patch file has gone away, rendering this derivation
unbuildable from scratch.
This change updates the URL to a src.fedoraproject.org location that is still
serving a p7zip patch. This file is not the same bytewise, so I'm also updating
the hash; I didn't manage to find a location still serving a file with the
original hash, and my best guess is that this one is functionally equivalent.
2017-07-03 02:58:38 +01:00
John Ericson
95c8277701 misc pkgs: Remove unneeded *Platform == *Platform comparisons
PR #26007 used these to avoid causing a mass rebuild. Now that we know
things work, we do that to clean up.
2017-06-30 10:09:31 -04:00
John Ericson
87fab3d6a5 Merge some merged cross-compilation PRs into into staging 2017-06-23 20:24:27 -04:00
John Ericson
afd2bdbad2 Merge pull request #26007 from obsidiansystems/cc-wrapper-prefix
Get rid of gcc-cross-wrapper
2017-06-23 11:22:34 -04:00
John Ericson
bef622a4e8 unzip: Fix for cross 2017-06-22 17:53:54 -04:00
Franz Pletz
cfdb9769ce
unrar: 5.4.5 -> 5.5.5 (security)
Fixes arbitrary memory write.

See https://bugs.chromium.org/p/project-zero/issues/detail?id=1286
2017-06-21 14:38:26 +02:00
John Ericson
fedcda6cda zpaqd: Modernize derivation
- Simplified platform-specific options
 - Almost ready for cross-compilation
2017-05-22 18:52:50 -04:00
Dan Peebles
9ae3f39e8e p7zip: fix purity on Darwin
This should (I hope) get Hydra to build it. Fixes #24714
2017-04-07 16:51:23 -04:00
ndowens
d455cdd34b sharutils: 4.11.1 -> 4.15.2 (#24305) 2017-04-01 11:29:55 +02:00
Vladimír Čunát
96d41e393d
treewide: purge maintainers.urkud
It's sad, but he's been inactive for the last five years.
Keeping such people in meta.maintainers is counter-productive.
2017-03-27 19:52:29 +02:00
ndowens
1e6fd6f901 dar: 2.5.3 -> 2.5.9 2017-03-24 16:06:41 -05:00
ndowens
918a4e649d
unshield: 1.3 -> 1.4.2 2017-03-06 17:24:43 -05:00
ndowens
d12df18235 undmg: 1.0.2 -> 1.0.3
undmg: Readd setup-hook
2017-03-04 15:17:45 -06:00
Philipp Gesang
b4e9bcfc12 afio: init at 2.5.1
Signed-off-by: Philipp Gesang <phg@phi-gamma.net>
2017-02-17 15:29:03 +01:00
Nikolay Amiantov
1cb3831f1c Merge pull request #21231 from abbradar/no-fmod
Update DOOM forks, remove top-level fmod
2016-12-18 00:29:46 +03:00
Nikolay Amiantov
0063c8acb4 p7zip: add setup hook 2016-12-17 15:33:12 +03:00
Graham Christensen
5cbb0f7fbf
unzip: patch for CVE-2014-9913 and CVE-2016-9844 2016-12-15 17:17:58 -05:00
Rob Vermaas
0a90a53441 Fix hash for p7zip patch (seems fetchurl hash was added, while fetch-patch function is used.
(cherry picked from commit 38b1bd9e729485d418f20c43c275c2856837f8cf)
2016-12-09 07:59:25 +00:00
Graham Christensen
0683c1a35c
p7zip: patch for CVE-2016-9296 2016-12-07 19:38:50 -05:00
Eelco Dolstra
459448727e gnutar: Fix comment 2016-11-08 10:02:37 +01:00
Shea Levy
ac59e2f184 tar: patch for CVE-2016-6321
https://lwn.net/Vulnerabilities/705216/
2016-11-04 23:05:26 -04:00
Tuomas Tynkkynen
f5dd3a703d treewide: Fix more lib.optional misuses 2016-10-02 00:44:10 +03:00
Michael Raskin
2a4e9db699 zpaq: propagate version for updater 2016-09-26 15:49:30 +02:00
Michael Raskin
6187cf1ddc zpaqd: 7.08 -> 7.15 2016-09-26 15:49:30 +02:00
Michael Raskin
abe14c13d1 zpaq: 7.14 -> 715 2016-09-26 15:49:29 +02:00
Kirill Boltaev
bccd75094f treewide: explicitly specify gtk and related package versions 2016-09-12 18:26:06 +03:00
Gabriel Ebner
4d18c6ef19 Merge pull request #18233 from mimadrid/update/unrar-5.4.5
unrar: 5.4.4 -> 5.4.5
2016-09-03 07:37:37 +02:00
mimadrid
5aaa0c8cb8
unrar: 5.4.4 -> 5.4.5 2016-09-02 23:38:30 +02:00
Eric Litak
94571e51c4 zpaq: only set -mtune on i686,x86_64 (#18214) 2016-09-02 13:34:11 +02:00
Robin Gloster
9cbb74484c cromfs: use default gcc 2016-08-24 22:41:41 +00:00
obadz
24a9183f90 Merge branch 'hardened-stdenv' into staging
Closes #12895

Amazing work by @globin & @fpletz getting hardened compiler flags by
enabled default on the whole package set
2016-08-22 01:19:35 +01:00
Ram Kromberg
db862d8271 unar: init at 1.10.1 (#17830) 2016-08-19 13:44:19 +02:00
Robin Gloster
1b979d8384 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-03 13:34:44 +00:00
Tuomas Tynkkynen
16d48b8280 Re-enable bunch of packages on Darwin
Prior to 1bf5ded193 these contained
`hydraPlatforms = platforms.linux`, which was apparently misleading.
2016-08-03 00:55:42 +03:00
Tuomas Tynkkynen
21f17d69f6 treewide: Add lots of meta.platforms
Build-tested on x86_64 Linux & Mac.
2016-08-02 21:42:43 +03:00
Tuomas Tynkkynen
1bf5ded193 treewide: Lots of meta.hydraPlatforms -> meta.platforms
In all of these files, there is no meta.platforms but only
meta.hydraPlatforms, which doesn't seem to have any purpose except being
inconsistent.
2016-08-02 21:17:44 +03:00
Robin Gloster
63c7b4f9a7 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-31 20:51:34 +00:00
Miguel Madrid
aa2629cedf unrar: 5.4.2 -> 5.4.4 (#17361) 2016-07-30 01:19:45 +01:00
Robin Gloster
f222d98746 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-25 12:47:13 +00:00
Tobias Geerinckx-Rice
d21727991b
zpaq: 7.13 -> 7.14 2016-07-23 21:44:09 +02:00
mimadrid
2ac6dda96e
xarchiver: 0.5.4.6 -> 0.5.4.7 2016-07-23 13:18:42 +02:00
Robin Gloster
203846b9de Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-19 10:37:02 +00:00
Miguel Madrid
c09338d037 p7zip: 15.14.1 -> 16.02 (#17025) 2016-07-19 09:25:35 +02:00
mimadrid
8856cfa619
xarchiver: 0.5.4 -> 0.5.4.6 2016-07-15 18:23:26 +02:00
Robin Gloster
5185bc1773 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-15 14:41:01 +00:00
Miguel Madrid
746de51073 unrar: 5.3.11 -> 5.4.2 2016-07-07 19:13:26 +02:00
Tobias Geerinckx-Rice
7de7a35d59
zpaqd: 7.07 -> 7.08
Fixes double close in r command to output file.
2016-06-23 12:37:54 +02:00
Robin Gloster
2d382f3d98 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-30 19:39:34 +00:00
Robin Gloster
527a605ad7 dar: disable format hardening 2016-05-30 19:34:16 +00:00
Vladimír Čunát
e4832c7541 Merge branch 'staging'
Includes a security update of libxml2.
2016-05-27 15:58:40 +02:00
Chris Jefferson
ac2625e3b1 p7zip: Fix darwin build 2016-05-26 09:59:55 +01:00
Vladimír Čunát
dc5bbc4700 gnutar: remove patch already applied upstream
Fallout from #15567. Only Darwin is affected, hashes of the rest remain.
2016-05-22 18:06:07 +02:00
Alexander Ried
1ffcc12bf6 gnutar: 1.28 -> 1.29 2016-05-20 01:51:43 +02:00
Franz Pletz
f8d481754c
Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-05-18 17:10:02 +02:00
Domen Kožar
b49bf121b8 rename iElectric to domenkozar to match GitHub 2016-05-17 13:00:47 +01:00
Rahul Gopinath
8dd753dedc pxattr: Init at 2.1.0
pxattr provides a single interface to extended file system attributes. It can
be used to save and restore extended file system attributes before using
a utility such as tar for backup which does not understand extended fsattr.
2016-05-09 15:13:20 -07:00
Tobias Geerinckx-Rice
666250bd3b
unarj: mark as broken
And ‘maintain’ to help keep an eye on it.

Closes #7332.
2016-05-08 03:29:45 +02:00
Tobias Geerinckx-Rice
982f83d310
zpaq: 7.12 -> 7.13 2016-05-06 13:47:48 +02:00
Tobias Geerinckx-Rice
9c7f71cd61
unarj: 2.63a -> 2.65 2016-05-03 04:00:25 +02:00
Robin Gloster
c92bca56f8 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-02 22:58:02 +00:00
Tobias Geerinckx-Rice
ad3a4cf7d4
zpaq: remove unused .upstream file 2016-04-28 14:20:11 +02:00
Tobias Geerinckx-Rice
ae8dce8d16
zpaq: 7.11 -> 7.12
Faster extract. Removes -encrypt (combined with -repack).

Also, we now correctly follow upstream's versioning and no longer
multiply the version number by 100. You may need to update manually.
2016-04-28 14:17:24 +02:00
Tuomas Tynkkynen
a3466e300d dar: 2.5.2 -> 2.5.3
While at it, add xz support and enable parallel build.
2016-04-18 21:32:36 +03:00
Robin Gloster
d020caa5b2 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-18 13:49:22 +00:00
Tobias Geerinckx-Rice
11ee4c394d
zpaq: 710 -> 711 2016-04-17 18:43:44 +02:00
Michael Raskin
f52af3b5a2 zpaqd: 633 -> 707 2016-04-13 14:47:04 +02:00
Nikolay Amiantov
acf06763f4 unshield: 0.7pre3955 -> 1.3 2016-04-13 14:07:09 +03:00
Vladimír Čunát
39ebb01d6e Merge branch 'staging', containing closure-size #7701 2016-04-13 09:25:28 +02:00
Tobias Geerinckx-Rice
d6c50706be
zpaq: 709 -> 710
Adds multi-part archives, -index. Some UI changes.
2016-04-11 23:39:47 +02:00
Vladimír Čunát
30f14243c3 Merge branch 'master' into closure-size
Comparison to master evaluations on Hydra:
  - 1255515 for nixos
  - 1255502 for nixpkgs
2016-04-10 11:17:52 +02:00
Marius Bakke
5d15c0f5fd p7zip: 9.38 -> 15.14.1 2016-04-09 14:05:23 +01:00
Tobias Geerinckx-Rice
feca1695f6
zpaq: 7.08 -> 7.09
Fixes bug in extracting streaming archive with empty first file name.
2016-04-07 23:55:11 +02:00
Robin Gloster
3e68106afd Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-07 21:52:26 +00:00
Tobias Geerinckx-Rice
56ff116f2a zpaq: 7.07 -> 7.08
Changes:
- Removes multi-part archive support, -nodelete, add -test, and
  -key prompt.
- Updated to libzpaq v7.08 (smaller decoder buffer).
- Updated Makefile to link libzpaq.o statically.
2016-04-05 03:25:45 +02:00
Vladimír Čunát
ab15a62c68 Merge branch 'master' into closure-size
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
Robin Gloster
f60c9df0ba Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-03-28 15:16:29 +00:00
Marius Bakke
8db43cbd9d innoextract: 1.5 -> 1.6 2016-03-25 06:16:31 +00:00
Tobias Geerinckx-Rice
d7a0a99f7f zpaq: 706 -> 707
Fixes v7.06 bug in creating multipart encrypted archives with
incorrectly salted index.
2016-03-20 23:20:56 +01:00
Tobias Geerinckx-Rice
fb6786de36 zpaq: 705 -> 706
Changes:
- Fixes handling of some corrupted archives.
- Conforms to new spec zpaq205.pdf.
- New man page.
- Add Makefile [and adapt Nix expression to use it].
2016-03-18 08:03:48 +01:00
Robin Gloster
3f45f0948d Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-03-15 01:44:24 +00:00
Allan Espinosa
b80f823789 unrar: build on darwin 2016-03-11 19:15:02 -06:00
Vladimír Čunát
09af15654f Merge master into closure-size
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
Franz Pletz
cb3d27df93 Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-03-05 18:55:30 +01:00
Franz Pletz
aff1f4ab94 Use general hardening flag toggle lists
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
2016-03-05 18:55:26 +01:00
Nikolay Amiantov
9e9a2f1096 unrar: 5.3.9 -> 5.3.11
Also build shared library.
2016-03-05 09:34:33 +03:00
Marc Scholten
8b5b57fb96 undmg: init at 1.0.2 2016-03-03 18:08:48 +01:00
Robin Gloster
3477e662e6 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-02-27 00:08:08 +00:00
Graham Christensen
483a130f89 cpio: patch CVE-2016-2037, out of bounds write (close #13489) 2016-02-26 22:46:13 +01:00
Robin Gloster
56ceca9d46 cromfs: use default gcc 2016-02-25 00:58:02 +00:00
Robin Gloster
8cbb8331a7 xarchive: disable format hardening 2016-02-24 16:01:51 +00:00
Tuomas Tynkkynen
1085701293 gnutar: Depend on 'acl' only on Linux
I'm not sure why but the 'acl' dependency only exists in the
multiple-outputs branch...
2016-02-03 17:33:18 +01:00