JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
103,213 Commits 2 Branches 0 Tags 12 GiB
1d948ddc01
Commit Graph

21567 Commits

Author SHA1 Message Date
Thomas Tuegel
9af7f6b9d4
Remove kde4.kdenlive and dependencies 
- Already updated to KDE 5 in Nixpkgs
 2017-02-24 16:49:03 -06:00
Thomas Tuegel
9be791656f
Remove kde4.plasma-nm and its dependencies 
- Already updated to KDE 5 in Nixpkgs
- Not useful without the KDE 4 desktop
 2017-02-24 16:49:01 -06:00
Thomas Tuegel
0757d49800
Remove kde4.kdevelop 
- Already updated to KDE 5 in Nixpkgs
 2017-02-24 16:48:32 -06:00
Joachim F
5abcebe9bf Merge pull request #23131 from ljli/wlc-update 
wlc: 0.0.5 -> 0.0.8
 2017-02-24 19:23:28 +01:00
Joachim F
5502efb782 Merge pull request #23138 from leenaars/quickd 
quickder: 1.0-RC1 -> 1.0-RC2
 2017-02-24 18:54:13 +01:00
Graham Christensen
30cea5f022
libplist: mark as insecure 
Patches currently available don't seem to apply.
 2017-02-24 07:41:11 -05:00
Michiel Leenaars
29d6460084 quickder: 1.0-RC1 -> 1.0-RC2 2017-02-24 10:02:13 +01:00
Leon Isenberg
1eaf76ac7a wlc: 0.0.5 -> 0.0.8 2017-02-24 06:58:19 +01:00
Graham Christensen
59d61ef34a Revert "nixpkgs: allow packages to be marked insecure" 2017-02-23 09:41:42 -05:00
Graham Christensen
037c489b10 Merge pull request #22890 from grahamc/mark-as-insecure 
nixpkgs: allow packages to be marked insecure
 2017-02-23 07:12:18 -05:00
Graham Christensen
c8859b7264
libplist: mark as insecure 
Patches currently available don't seem to apply.
 2017-02-22 21:09:14 -05:00
Jörg Thalheim
ceac00d82b
mp4v2: 1.9.1p4 -> 2.0.0 2017-02-23 01:47:45 +01:00
Vladimír Čunát
f5eea8ba1d
libevent: apply security patches from Debian 
/cc #23072.  As with curl, it's nontrivial rebuild but security...
https://lwn.net/Alerts/714571/
 2017-02-22 19:00:04 +01:00
Vladimír Čunát
145d3ea81c
Merge branch 'master' into staging 2017-02-22 17:47:49 +01:00
Vladimír Čunát
d6cff5783e
gnutls: drop -lunistring on Darwin as well 
I didn't intend this substitution to be conditional; I looked wrong.
 2017-02-22 17:44:06 +01:00
Vladimír Čunát
a04849502d
fstrm: init at 0.3.1 2017-02-22 15:03:21 +01:00
Asumu Takikawa
85fb29bb49 ndpi: init at 1.8 2017-02-22 00:20:10 -08:00
Vladimír Čunát
4b7215368a
glibc: fixup libm.a 
Now it's not an actual archive but a linker script, and the absolute
paths in there were broken due to moving *.a into $static.
Let's fix this up in all *.a in case there are more in future.
 2017-02-21 14:19:07 +01:00
Matthias C. M. Troffaes
88cc35f1f4 wolfssl: 3.9.10b -> 3.10.3 2017-02-21 09:42:32 +01:00
David James
85fba54bc6
Attempt to update RocksDB to 5.1.2. 2017-02-20 21:50:30 -05:00
Vladimír Čunát
e688bbbee4
libunistring: split into multiple outputs 
Saves ~1 MB.  Through default gnutls, many closures are affected.
Reverse deps seem to build OK.
 2017-02-21 00:39:22 +01:00
Vladimír Čunát
b17eb34203
gnutls: don't propagate -lunistring 
This fixes systemd build.  Also put it into the generic expression,
as there's only one version in nixpkgs ATM.
 2017-02-20 23:21:28 +01:00
Vladimír Čunát
3ba1875743
mesa: maintenance 13.0.4 -> 13.0.5 
I'm being conservative here until 17.0.1 is released.
 2017-02-20 21:53:03 +01:00
Vladimír Čunát
9458018a87
dbus: 1.10.14 -> 1.10.16 
It's for "security" issue that's considered unexploitable with a sane
config.
 2017-02-20 21:38:24 +01:00
Vladimír Čunát
dbae14164b
glib: maintenance 2.50.2 -> 2.50.3 2017-02-20 21:33:03 +01:00
Vladimír Čunát
4339dca980
gdk-pixbuf: maintenance 2.36.4 -> 2.36.5 2017-02-20 21:31:41 +01:00
Vladimír Čunát
62c323bdff
gtk3: maintenance 3.22.7 -> 3.22.8 2017-02-20 21:30:12 +01:00
Vladimír Čunát
5a38ab8add
Merge branch 'master' into staging 2017-02-20 21:24:35 +01:00
Vladimír Čunát
292efffb62
libuv: 1.10.1 -> 1.11.0 
And a nitpick in the expression.
 2017-02-20 21:23:47 +01:00
Vladimír Čunát
2cb76ff1ff
Merge branch 'glibc-2.25' into staging 
The largest problem-causers should be fixed now (within).
 2017-02-20 21:18:48 +01:00
Vladimír Čunát
09d02f72f6
Re-revert "Merge: glibc: 2.24 -> 2.25" 
This reverts commit 55cc7700e9.
I hope most problems have been solved.  /cc #22874.
 2017-02-20 21:16:41 +01:00
Vladimír Čunát
0ff2179e0f
gnutls: use 3.5 and remove 3.4 
3.4 branch detects support for getrandom() call during configure-time,
which gets picked up since glibc-2.25, and consequently it will fail
with older kernels during rutime.
 2017-02-20 21:07:35 +01:00
Robin Gloster
dcba6eae1b Merge pull request #22116 from LnL7/darwin-cmus 
cmus: fix darwin
 2017-02-20 13:02:30 +01:00
aszlig
c5b2714bc7
dbus: Put DTDs into $out instead of $doc 
First of all, these "documents" are not really documentation, so it
really doesn't make much sense to put it into $doc.

The main point however is that the installer tests are failing since
this was introduced in ac0cdc1952.

One way to circumvent this is putting dbus.doc into
system.extraDependencies of the installer tests, but given the first
point this sounds a bit odd to me.

So I went for the second way of putting it into $out, because it's now
basically necessary to build a NixOS system.

With this the NixOS installer tests should now work again, although I
have only tested this with the installer.simple test.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @abbradar
 2017-02-20 03:24:38 +01:00
aszlig
fc6684054d
make-dbus-conf: Use libxslt.bin instead of .dev 
The problem with using libxslt as buildInputs is that the dev output is
used for building the dbus config.

This is one of the reasons why the installer tests are failing since
ac0cdc1952, because the tests do not have
libxslt.dev in their closure and really shouldn't.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @abbradar
 2017-02-20 03:24:34 +01:00
aszlig
edce2b759c
make-dbus-conf: Don't try to access network 
This is the output of the builder:

building path(s) `/nix/store/khkcfb8433i9mabb6wnb8ik6p9skg644-dbus-1'
error : connection refused
error : connection refused

However, even when using --nonet we'd still get this:

I/O error : Attempt to load network entity
http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd

So in order to avoid this, we now provide an XML catalog file, mapping
the public URLs to the local DTD paths inside the store instead of using
--path (which doesn't seem to work with xsltproc).

Tested this by comparing the SHA256 (nix-hash --type sha256) of the
output path generated by:

nix-build -E '(import ./. {}).makeDBusConf {
  suidHelper = "SUIDHELPER";
  serviceDirectories = [ "SERVICEDIR1" "SERVICEDIR1" ];
}'

... with the SHA256 of the generated output path prior to this commit
and they have the same hash:

6f3f9594b12fddbff9407b85252b6f649da11f56b7fd514f761966c11399a7ab

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @abbradar
 2017-02-20 03:24:26 +01:00
Benjamin Saunders
bfdfd6c3df vulkan-loader: fix search paths in suid processes 
Fixes #22990
 2017-02-20 01:39:48 +03:00
Michael Raskin
febda39df3 qca2: 2.1.1 -> 2.1.3 2017-02-19 18:38:10 +01:00
Michele Guerini Rocco
1ae9b50a77 vapoursynth: disable OCR by default (#22943) 2017-02-19 02:11:08 +01:00
rushmorem
3f09f8fa4d czmq: v3.0.2 -> v4.0.2 2017-02-18 23:54:50 +02:00
rushmorem
467f7d3f6c zmq: v4.2.0 -> v4.2.2 2017-02-18 22:52:02 +02:00
Vladimír Čunát
432dba859e
Merge branch 'staging' 
A security update of libxml2 is within.
 2017-02-18 08:59:29 +01:00
Vladimír Čunát
714eabc5af
guile rev-deps: fix build by adding pkgconfig 
Without it packages fail to find the headers, after guile has split
them into a separate output in 218713a.
 2017-02-18 08:23:07 +01:00
Thomas Tuegel
580bdde06c
kde5.frameworks: update instructions 2017-02-17 11:48:14 -06:00
Nikolay Amiantov
8ecd5c4019 Merge pull request #22864 from abbradar/dbus-etc 
Redo DBus configuration
 2017-02-17 11:47:51 +03:00
David Terry
90d225db76 microsoft_gsl: init at 2017-02-13 2017-02-17 02:14:12 +01:00
Robin Gloster
101d90d18b
libzrtpcpp: remove 2017-02-17 00:14:15 +01:00
Robin Gloster
449c895f31
podofo: 0.9.4 -> 0.9.5 2017-02-17 00:14:01 +01:00
Robin Gloster
54018c8f63
xmlsec: 1.2.20 -> 1.2.23 2017-02-17 00:13:45 +01:00
Robin Gloster
5063a8099b
serf: 1.3.7 -> 1.3.9 2017-02-17 00:13:32 +01:00
Robin Gloster
9593049e06
pkcs11helper: 1.11 -> 1.21 2017-02-17 00:13:18 +01:00
Robin Gloster
22bea837f4
tcltls: 1.6 -> 1.6.7 2017-02-17 00:12:12 +01:00
Robin Gloster
c3011fde96
neon: 0.30.1 -> 0.30.2 2017-02-17 00:11:29 +01:00
Robin Gloster
80d8b8c716
mongoc: 1.1.10 -> 1.5.4 2017-02-17 00:11:26 +01:00
Robin Gloster
4277978fb2
gsoap: 2.8.37 -> 2.8.42 2017-02-17 00:11:18 +01:00
Robin Gloster
71e8ef6e76
afflib: 3.7.6 -> 3.7.15 2017-02-17 00:11:14 +01:00
Lluís Batlle i Rossell
0c42efd9d7 SDL2: fix creation of libSDL2main.a 
It's required by a trigger rally update I will commit next.
And other games use that too.
 2017-02-16 22:24:40 +01:00
Vladimír Čunát
5ad81ab09c
libxml2: bugfix updates from git upstream 
This should solve CVE-2016-5131 and some other bugs, but not what Suse
calls CVE-2016-9597: https://bugzilla.suse.com/show_bug.cgi?id=1017497
The bugzilla discussion seems to indicate that the CVE is referenced
incorrectly and only shows reproducing when using command-line flags
that are considered "unsafe".

CVE-2016-9318 also remains unfixed, as I consider their reasoning OK:
https://lwn.net/Alerts/714411/

/cc #22826.
 2017-02-16 20:18:17 +01:00
Vladimír Čunát
e962a3c95f
Merge branch 'master' into staging 2017-02-16 19:02:37 +01:00
Vladimír Čunát
55cc7700e9
Revert "Merge: glibc: 2.24 -> 2.25" 
This reverts commit 1daf2e26d2, reversing
changes made to c0c50dfcb7.

It seems this is what has been causing all the reliability problems
on Hydra.  I'm currently unable to find why it happens, so I'm forced
to revert the update for now.  Discussion: #22874.
 2017-02-16 18:16:06 +01:00
Graham Christensen
cfbddd3ae0 Merge pull request #22867 from maurer/openssl-cve-2017-3733 
openssl: 1.1.0d -> 1.1.0e for High severity CVE-2017-3733
 2017-02-16 09:29:29 -05:00
Matthew Maurer
0d2ba7ef2b openssl: 1.1.0d -> 1.1.0e for High severity CVE-2017-3733 2017-02-16 09:16:41 -05:00
Graham Christensen
52026edf98 Merge pull request #22839 from ilya-kolpakov/master 
boost: 1.63.0 (not default)
 2017-02-16 07:42:40 -05:00
Nikolay Amiantov
3e23ec4450 makeDBusConf: init 
Use XSLT transform to modify stock dbus configuration file. This is needed
because some dbus components doesn't support <include> so we need to put our
core configuration in the main file.
 2017-02-16 15:41:23 +03:00
Nikolay Amiantov
300c9a6c3d dbus: use /etc as datadir, install dtd 2017-02-16 15:41:23 +03:00
Graham Christensen
7943dc8978 Merge pull request #22843 from bendlas/update-webkitgtk 
webkitgtk212x: remove
 2017-02-15 21:28:35 -05:00
Tuomas Tynkkynen
da1f93f445 mesa: Remove obsolete patching 
The code we're patching was removed in 2015:

http://comments.gmane.org/gmane.comp.video.mesa3d.devel/102524
 2017-02-16 01:29:42 +02:00
Tuomas Tynkkynen
4d54324f7c mesa: 13.0.4 -> 17.0.0 
Also enable the etnaviv driver on ARM, which got added in this release
(and I've confirmed that it can run glmark2 relatively successfully).
 2017-02-16 01:29:42 +02:00
Ignat Loskutov
d1a9f2e8be gpgme: fix build on macOS 2017-02-16 01:13:23 +03:00
Jascha Geerds
900fc49013 Merge pull request #22775 from peterhoeg/u/qtox 
tox clients and libraries updates
 2017-02-15 23:05:14 +01:00
Vladimír Čunát
7832806e20
fontconfig: fixup fragile build after ab5fe171a 
Sometimes it might fail due to timestamps suggesting some files needed
regenerating and failing to find gperf.  Now it should be OK, I hope.
 2017-02-15 21:06:27 +01:00
Herwig Hochleitner
54e3fad0f4 webkitgtk212x: remove 
2.12 isn't maintained anymore and superseded by the (compatible) 2.14
 2017-02-15 20:29:05 +01:00
Franz Pletz
eda8ee2830 Merge pull request #22752 from LumiGuide/syslog-ng-3.9.1 
syslog-ng: 3.6.2 -> 3.9.1
 2017-02-15 20:12:02 +01:00
Herwig Hochleitner
2640c87fb9 webkitgtk: 2.14.4 -> 2.14.5 2017-02-15 20:10:56 +01:00
Ilya Kolpakov
6d8235210d boost: 1.63.0 (not default) 2017-02-15 18:29:39 +01:00
Peter Simons
d583e013e1 Merge pull request #22825 from areina/add-catalan-to-aspell 
aspell-dict-ca: init at 2.1.5-1
 2017-02-15 17:47:44 +01:00
Peter Simons
9e0867586c Merge pull request #21396 from laMudri/stdlib-v0.13 
AgdaStdlib: v0.12 -> v0.13
 2017-02-15 13:03:50 +01:00
Franz Pletz
1e65d0b9e9
gnutls: 3.5.8 -> 3.5.9 
Bugfix release.
 2017-02-15 09:35:28 +01:00
Franz Pletz
07309d740a
webkitgtk: 2.14.3 -> 2.14.4 for multiple CVEs 
Fixes:

  * CVE-2017-2350
  * CVE-2017-2354
  * CVE-2017-2355
  * CVE-2017-2356
  * CVE-2017-2362
  * CVE-2017-2363
  * CVE-2017-2364
  * CVE-2017-2365
  * CVE-2017-2366
  * CVE-2017-2369
  * CVE-2017-2371
  * CVE-2017-2373

See https://webkitgtk.org/security/WSA-2017-0002.html.
 2017-02-15 09:35:28 +01:00
Franz Pletz
e8af5dcd8e
ffmpeg: 3.2.2 -> 3.2.4 for multiple CVEs 
Fixes CVE-2017-5024 & CVE-2017-5025.

See https://ffmpeg.org/security.html.
 2017-02-15 09:35:28 +01:00
Franz Pletz
d2426f0aa8
ffmpeg: 3.1.6 -> 3.1.7 for multiple CVEs 
Fixes CVE-2017-5024 & CVE-2017-5025.

See https://ffmpeg.org/security.html.
 2017-02-15 09:35:27 +01:00
Franz Pletz
78f59f1223
ffmpeg: 2.8.10 -> 2.8.11 for multiple CVEs 
Fixes CVE-2017-5024 & CVE-2017-5025.

See https://ffmpeg.org/security.html.
 2017-02-15 09:35:27 +01:00
Vladimír Čunát
35b2159671
Merge branch 'master' into staging 
Over 11k rebuilds on master.
 2017-02-15 08:41:35 +01:00
Franz Pletz
bf565a4635
libivykis: 0.40 -> 0.41 2017-02-15 01:58:57 +01:00
Thomas Tuegel
f228ea5215 Merge pull request #22698 from FRidh/kde 
KDE: update frameworks and applications
 2017-02-14 12:54:39 -06:00
Eelco Dolstra
314dd9215b Merge pull request #16654 from awakenetworks/parnell/setcap-wrappers 
Adding setcap-wrapper functionality to Nix
 2017-02-14 16:25:06 +01:00
Toni Reina
4e72d2da50 aspell-dict-ca: init at 2.1.5-1 2017-02-14 15:17:28 +01:00
Eelco Dolstra
1a9cf94ba2
Revert "opensubdiv: Remove cudatoolkit from the closure" 
This reverts commit 6a472cf4c1. On
second thought, this is not a good idea, because it means that a
CUDA-enabled Blender doesn't work on non-CUDA systems anymore (since
they don't have libOpenCL.so in /run/opengl-driver). I guess a better
solution will be to split cudatoolkit into multiple outputs.
 2017-02-14 12:59:02 +01:00
Vladimír Čunát
61236eb7ee
lmdb on Darwin: fix bogus library name 2017-02-14 10:51:22 +01:00
Eelco Dolstra
6a472cf4c1 opensubdiv: Remove cudatoolkit from the closure 
This reduces Blender's closure size by around ~2 GiB when CUDA support
is enabled.
 2017-02-14 09:43:04 +01:00
Peter Hoeg
8cef304ede libtoxcore: init at 0.1.6 and move old versions away 2017-02-14 14:57:48 +08:00
Parnell Springmeyer
9e36a58649
Merging against upstream master 2017-02-13 17:16:28 -06:00
Vladimír Čunát
1daf2e26d2
Merge: glibc: 2.24 -> 2.25 2017-02-13 22:14:15 +01:00
Vladimír Čunát
1a55974cef
lmdb: split outputs and add lmdb.pc 
lmdb.a is removed, until someone needs it.
 2017-02-13 16:50:39 +01:00
Frederik Rietdijk
a35ffe3c01 kde frameworks: 5.30 -> 5.31 2017-02-13 09:55:40 +01:00
Graham Christensen
63d7ff883e Merge pull request #22457 from peterhoeg/u/suil 
suil: 0.8.2 -> 0.8.4
 2017-02-12 19:00:21 -05:00
Vladimír Čunát
2dba30af72
Merge recent staging 
It's almost finished by Hydra now.
 2017-02-12 19:51:01 +01:00
Vladimír Čunát
ab5fe171af
fontconfig: patch to build with glibc-2.25 2017-02-12 11:14:45 +01:00
Vincent Laporte
af9857ef47 proj: disable tests on 32 bit 2017-02-12 10:00:24 +00:00
Franz Pletz
5e599035f4
libidn2: fix darwin build 
cc #22595
 2017-02-12 02:31:41 +01:00
Vincent Laporte
0045f932bb proj: 4.9.2 -> 4.9.3 2017-02-11 23:37:59 +00:00
Vladimír Čunát
a01f8a4c38
glibc: security 2.24 -> 2.25 
https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html

Stripping was failing on libm.a; I don't know why.
 2017-02-11 22:14:49 +01:00
David Terry
a3523022e7 range-v3: init at 2017-01-30 (#22661) 2017-02-11 19:10:46 +01:00
Peter Hoeg
9550686be8 subsurface: 4.5.97 -> 4.6.0 (#22615) 
We do a few more things:

 - libmarble and libdivecomputer with the subsurface patches have both been
   inlined for 2 reasons:
   a) nobody else is using these forks
   b) they need to be updated in lockstep with subsurface

 - instead of building libmarble against qtquick1, we now build using
   qtquickcontrols (qtquick2)

 - getting rid of qtquick1 also allows us to use the default qt (currently 5.6)

 - we get rid of some hacks to deal with library dependencies

 - instead of manually overriding various phases, we simply use cmakeFlags to
   pass proper parameters
 2017-02-11 15:48:18 +01:00
Vladimír Čunát
2ce45fbf0d
Merge branch 'master' into staging 2017-02-11 12:11:22 +01:00
Vladimír Čunát
686d3fb63f
Merge #22577: glew: 1.13.0 -> 2.0.0 2017-02-11 12:08:50 +01:00
Vladimír Čunát
db8ac6144e
Merge #22649: libxml2: add icuSupport ? false 
This causes no rebuilds by default.
 2017-02-11 11:55:54 +01:00
Vladimír Čunát
4927aa0d84
Merge #22654: SDL: fix very long filename of patch 2017-02-11 11:25:46 +01:00
Vladimír Čunát
8f5b3ae07a
Merge branch 'master' into staging 2017-02-11 11:22:29 +01:00
Peter Hoeg
52d6927413 libxml2: add optional icu support 2017-02-11 18:16:38 +08:00
Vladimír Čunát
205376e226
Merge #22534: nghttp2: 1.17.0 -> 1.19.0 2017-02-11 11:12:09 +01:00
Peter Hoeg
c5fcd96970 sdl: fix very long filename 2017-02-11 12:26:17 +08:00
Nikolay Amiantov
442b4d65c3 Merge pull request #22304 from abbradar/nvidia 
Refactor NVidia drivers
 2017-02-10 23:53:34 +03:00
Tuomas Tynkkynen
8c6f81145e libvpx: 1.5.0 -> 1.6.1 
The 'use-x86inc' option has simply disappeared from the upstream build
file.
 2017-02-10 20:11:08 +02:00
Vladimír Čunát
66fe4af226
Merge recent staging 
It's the version last built on Hydra, almost fully.
 2017-02-10 18:07:14 +01:00
Frederik Rietdijk
9ef6850221 Merge pull request #22344 from lsix/update_netcdf 
Update netcdf (including python binding)
 2017-02-10 17:22:23 +01:00
Frederik Rietdijk
616f358f7e hamlib: use python2 2017-02-10 09:35:10 +01:00
Adam Beckmeyer
4000489266 olm: init at 2.2.1 2017-02-10 02:22:15 +01:00
Edward Tjörnhammar
b1e254ac55 Merge pull request #22597 from knedlsepp/bump-armadillo 
armadillo: 7.200.2 -> 7.700.0
 2017-02-09 21:33:37 +01:00
Josef Kemetmueller
ce1a3e3242 armadillo: 7.200.2 -> 7.700.0 
This release fixes compatibility with cmake 3.7.1.
Additionally I found out that armadillo only needs the hdf5-C library
and not the C++ layer.
 2017-02-09 20:43:56 +01:00
Frederik Rietdijk
10eb16038c Merge pull request #22564 from mdaiter/cudnn_hash_fix 
cudnn51_cudatoolkit80: hash change
 2017-02-09 13:43:07 +01:00
Jörg Thalheim
f3c6acde1e Merge pull request #22572 from Mic92/dwarfdump 
dwarfdump: init at 20161124
 2017-02-09 12:00:18 +01:00
Vladimír Čunát
333e36eca0
pythonPackages.gst-python: fix hash after afd59811a1 
/cc #22549.
 2017-02-09 09:40:36 +01:00
Vladimír Čunát
5efc5a4ede
pydb, libclc: fixup eval after pinning to python2 2017-02-09 08:52:22 +01:00
Vladimír Čunát
6bea415b5e
Merge branch 'master' into staging 2017-02-09 08:42:04 +01:00
Vladimír Čunát
4bf9f8afc3
Merge #22578: mesa: add enableRadv ? false 
There's no hash change in default settings.
 2017-02-09 08:03:34 +01:00
Graham Christensen
77e920d874
spice: Patch for CVE-2016-9577, CVE-2016-9578 
From the Red Hat advisory:

* A vulnerability was discovered in spice in the server's protocol
  handling. An authenticated attacker could send crafted messages to
  the spice server causing a heap overflow leading to a crash or
  possible code execution. (CVE-2016-9577)

* A vulnerability was discovered in spice in the server's protocol
  handling. An attacker able to connect to the spice server could send
  crafted messages which would cause the process to crash.
  (CVE-2016-9578)
 2017-02-08 22:03:11 -05:00
David McFarland
4ab604b6b8 mesa: add enableRadv 2017-02-08 22:15:03 -04:00
Jörg Thalheim
b1b0e9f6ab
dwarfdump: init at 20161124 2017-02-08 20:45:31 +01:00
Frederik Rietdijk
a805b1206d mapnik: use python2 
because python3 is not yet supported.
 2017-02-08 19:51:11 +01:00
Frederik Rietdijk
0673e7b38a libpsl: use python2 2017-02-08 19:44:52 +01:00
Frederik Rietdijk
b620ad24be libctemplate: use python2 2017-02-08 19:38:53 +01:00
Frederik Rietdijk
e7395434db pythonPackages.libclc: use python2 2017-02-08 19:38:03 +01:00
Frederik Rietdijk
d452487db7 libimobiledevice: use python2 
because python 3 isn't supported yet.
 2017-02-08 19:27:50 +01:00
Matthew Daiter
82835f7eb3 cudnn51_cudatoolkit80: hash change 2017-02-08 18:40:32 +01:00
Graham Christensen
ae02508c2a Merge pull request #22555 from peterhoeg/u/wavpack 
wavpack: 4.80.0 -> 5.1.0
 2017-02-08 10:02:03 -05:00
Peter Hoeg
5eaec77732 wavpack: 4.80.0 -> 5.1.0 2017-02-08 22:41:24 +08:00
Nikolay Amiantov
750e7ba0d9 libglvnd: init at 2016-12-22 2017-02-08 16:56:50 +03:00
Graham Christensen
afd59811a1
gstreamer-*: 1.10.2 -> 1.10.3 for multiple CVEs 
gst-plugins-bad:
From the Arch Linux advisory:
 - CVE-2017-5843 (arbitrary code execution): A double-free issue has
 been found in gstreamer before 1.10.3, in
 gst_mxf_demux_update_essence_tracks.

- CVE-2017-5848 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in gst_ps_demux_parse_psm.
More: https://lwn.net/Vulnerabilities/713772/

gst-plugins-base:
From the Arch Linux advisory:

- CVE-2017-5837 (denial of service): A floating point exception issue
  has been found in gstreamer before 1.10.3, in
  gst_riff_create_audio_caps.

- CVE-2017-5839 (denial of service): An endless recursion issue
  leading to stack overflow has been found in gstreamer before 1.10.3,
  in gst_riff_create_audio_caps.

- CVE-2017-5842 (arbitrary code execution): An off-by-one write has
  been found in gstreamer before 1.10.3, in
  html_context_handle_element.

- CVE-2017-5844 (denial of service): A floating point exception issue
  has been found in gstreamer before 1.10.3, in
  gst_riff_create_audio_caps.
More: https://lwn.net/Vulnerabilities/713773/

gst-plugins-good:
From the Arch Linux advisory:

- CVE-2016-10198 (denial of service): An invalid memory read flaw has
  been found in gstreamer before 1.10.3, in
  gst_aac_parse_sink_setcaps.

- CVE-2016-10199 (denial of service): An out of bounds read has been
  found in gstreamer before 1.10.3, in qtdemux_tag_add_str_full.

- CVE-2017-5840 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in qtdemux_parse_samples.

- CVE-2017-5841 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in gst_avi_demux_parse_ncdt.

- CVE-2017-5845 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in gst_avi_demux_parse_ncdt.
More: https://lwn.net/Vulnerabilities/713774/

gst-plugins-ugly:
From the Arch Linux advisory:

- CVE-2017-5846 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in
  gst_asf_demux_process_ext_stream_props.

- CVE-2017-5847 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in
  gst_asf_demux_process_ext_content_desc.
More: https://lwn.net/Vulnerabilities/713775/

gstreamer:
From the Arch Linux advisory:

An out of bounds read has been found in gstreamer before 1.10.3, in
gst_date_time_new_from_iso8601_string.
More: https://lwn.net/Vulnerabilities/713776/
 2017-02-08 08:30:23 -05:00
David McFarland
7b169579c4 glew: 1.13.0 -> 2.0.0 2017-02-07 23:49:54 -04:00
Rahul Gopinath
bac5a018a0 libsixel: 1.6.1 -> 1.7.3 2017-02-07 17:11:13 -08:00
Renaud
f586e4befe nghttp2: 1.17.0 -> 1.19.0 
Package update.
New features as documented in changelogs : https://github.com/nghttp2/nghttp2/releases
 2017-02-07 21:09:54 +01:00
Vincent Laporte
3a526deaee libgdiplus: fix install on darwin 2017-02-07 19:58:44 +00:00
Graham Christensen
34157f7a04 Merge pull request #22509 from joachifm/jbig2dec 
jbig2dec: update & security patch
 2017-02-07 08:28:52 -05:00
Joachim Fasting
83f83ca434
jbig2dec: patch for CVE-2016-9601 
Upstream bug: https://bugs.ghostscript.com/show_bug.cgi?id=697457

A new release containing this fix is expected in march; until then,
apply patch from upstream. Note that there have been essentially no
changes between 0.13 and this patch.
 2017-02-07 04:07:15 +01:00
Graham Christensen
267813f4f7
Revert "firefox-wrapper: remove gnash support, see #22342" 
Accidentally committed other changes

This reverts commit f77bc59af6.
 2017-02-06 21:39:09 -05:00
Graham Christensen
f77bc59af6
firefox-wrapper: remove gnash support, see #22342 2017-02-06 21:29:58 -05:00
Joachim Fasting
12284fff17
jbig2dec: 0.11 -> 0.13, new upstream location 
The most recent version on the sourceforge page is 0.11 which is quite
old; the official upstream site has 0.13; judging by the commit delta,
there've been quite a few bug fixes etc since 0.11.
 2017-02-07 03:09:27 +01:00
Shea Levy
41ba205dda ming: remove. 
The project seems dead and there are recent security issues.

See https://lwn.net/Vulnerabilities/712664/
 2017-02-06 21:08:57 -05:00
Franz Pletz
8b9e2010b4
libidn2: init at 0.16 
wget now needs libidn2 instead of libidn.

cc #22416
 2017-02-06 13:18:20 +01:00
Franz Pletz
f629f4e234
libpsl: 0.15.0 -> 0.17.0 2017-02-06 13:18:00 +01:00
Nikolay Amiantov
23d47ac2e6 Merge pull request #22354 from abbradar/dbus-etc 
dbus: don't search for units in current-system
 2017-02-06 14:04:01 +03:00
Vladimír Čunát
5887affc26
gtk3: maintenance 3.22.6 -> 3.22.7 2017-02-05 15:02:11 +01:00
Vladimír Čunát
768d445cb5
gdk-pixbuf: maintenance 2.36.3 -> 2.36.4 2017-02-05 14:59:04 +01:00
Vladimír Čunát
5ced6c7e1b
libdrm: 2.4.74 -> 2.4.75 2017-02-05 14:58:41 +01:00
Vladimír Čunát
35dffbdf54
mesa: maintenance 13.0.3 -> 13.0.4 2017-02-05 14:29:46 +01:00
Vladimír Čunát
6d2c381e3e
libssh: bugfix 0.7.3 -> 0.7.4 2017-02-05 14:22:20 +01:00
Lengyel Balázs
372cb3760e
Merge #17694: curl: add gnutlsSupport ? false 
(incl. a nitpick change from vcunat)
 2017-02-05 13:37:16 +01:00
Vladimír Čunát
150cddca6f
zlib: 1.2.10 -> 1.2.11 2017-02-05 13:30:44 +01:00
Nikolay Amiantov
41c1534aed qt5.qtwebengine: fix ca bundle path 2017-02-05 15:05:51 +03:00
Pascal Wittmann
91869fb848 Merge pull request #22452 from kirelagin/libnfc-osx 
libnfc: Add missing dependency on readline
 2017-02-05 11:15:33 +01:00
Tuomas Tynkkynen
321b639d76 gnu-efi: Remove unneeded aarch64 patch 
Not needed after the upgrade to 3.0.5. Yay!
 2017-02-05 09:34:31 +02:00
Thomas Tuegel
f9c684e152 Merge pull request #22404 from cpages/jsoncpp 
jsoncpp: update and drop old version
 2017-02-04 20:06:53 -06:00
Joachim F
f050f3b9cf Merge pull request #22446 from rnhmjoj/vapoursynth 
vapoursynth: R35 -> R36
 2017-02-05 01:53:54 +01:00
Joachim F
c8a19af1a0 Merge pull request #22445 from rnhmjoj/zimg 
zimg: 2.3 -> 2.4
 2017-02-05 01:29:22 +01:00
Kirill Elagin
ade80db751 libnfc: Add missing dependency on readline 
readline is used by the pn53x-tamashell example.
 2017-02-05 03:21:59 +03:00
Vladimír Čunát
a2c867fd39
Merge branch 'staging' 2017-02-04 21:02:46 +01:00
Vladimír Čunát
73d798549f
protobuf, perf: fix my bad condition on gcc version 2017-02-04 20:58:47 +01:00
rnhmjoj
c9f4358e37
vapoursynth: R35 -> R36 2017-02-04 19:56:50 +01:00
Michael Raskin
98eb852dee libzmf: configure with --disable-werror, needed on i686 2017-02-04 19:52:05 +01:00
rnhmjoj
4e83364a1d
zimg: 2.3 -> 2.4 2017-02-04 19:33:46 +01:00
Carles Pagès
67dcb6aa4c jsoncpp: fix build on darwin 
Also, fixed maintainer attrib
 2017-02-04 19:05:12 +01:00
Vladimír Čunát
45fcefd4be
qt4: another attempt to fix build on Darwin 2017-02-04 11:28:33 +01:00
Thomas Tuegel
74f5672a1c Merge pull request #22406 from abbradar/qtenv 
Qt 5: Use buildEnv for env, don't use it for packages
 2017-02-03 09:57:58 -06:00
Nikolay Amiantov
99a83fbe1d qt5.env: use buildEnv 
This both simplifies the code and ensures that libraries are linked too.
 2017-02-03 18:16:51 +03:00
Vladimír Čunát
2ba076e99c
Merge branch 'master' into staging 
>11k more build jobs on master, just for Linux :-/
This way staging will never catch up.
 2017-02-03 15:32:08 +01:00
Carles Pagès
ba596c9ce9 jsoncpp: remove unused 1.6 version 2017-02-03 13:21:57 +01:00
Carles Pagès
0cde365745 jsoncpp: 1.7.2->1.8.0 
I also re-added some stuff lost in previous update (83fd63995a), like
darwin support and maintainers info.
 2017-02-03 13:21:56 +01:00
Michael Raskin
d042a831a3 libzmf: init at 0.0.1 2017-02-03 13:14:39 +01:00
Michael Raskin
ae5a279836 libmwaw: 0.3.9 -> 0.3.10 2017-02-03 13:14:39 +01:00
Michael Raskin
426dddd83d harfbuzz: 1.4.1 -> 1.4.2 2017-02-03 13:14:39 +01:00
Josef Kemetmueller
fd005d0d72
catch: use upstream install target 2017-02-03 13:13:54 +01:00
Vladimír Čunát
adab4cd58b
Merge branch 'master' into staging 2017-02-03 11:47:38 +01:00
Cray Elliott
d62d26251d SDL2: 2.0.4 -> 2.0.5 2017-02-02 15:36:00 -08:00
Edward Tjörnhammar
db73e446b4
catch: 1.5.0 -> 1.7.0 2017-02-02 21:23:57 +01:00
Carles Pagès
d211d7c440
kodiPlugins.pvr-hts: update to 3.4.4 for kodi17 
Updated pvr-hts plugin to latest version to work with kodi 17. Had to
update libcec as well, to pick the name change.
 2017-02-02 21:12:54 +01:00
Dan Peebles
7bc17013f8 aws-sdk-cpp: 1.0.48 -> 1.0.60 2017-02-02 16:28:48 +01:00
Graham Christensen
16f8f0d313
ffmpeg_3: 3.1.4 -> 3.1.6 2017-02-02 08:47:01 -05:00
Vladimír Čunát
787c1add0b
qt4: fixup missing space between flags on Darwin 
Since 9aae2991f2, /cc @globin.
 2017-02-02 13:44:41 +01:00
Franz Pletz
2a63aae299
nlohmann_json: 2.0.7 -> 2.1.0 2017-02-02 11:13:04 +01:00
Michael Raskin
57e7f8ff66 libgphoto2: 2.5.11 -> 2.5.12 2017-02-02 11:12:16 +01:00
Peter Hoeg
f7871d3433 suil: 0.8.2 -> 0.8.4 
We can now also build against qt5 but not qt4 and qt5 at the same time.
 2017-02-02 13:41:23 +08:00
Pascal Bach
47f392d3c7 mbedtls: 1.3.17 -> 1.3.18 
See https://tls.mbed.org/tech-updates/releases/mbedtls-2.4.0-2.1.6-and-1.3.18-released.
 2017-02-02 02:52:26 +01:00
Dan Peebles
d34ee526a8 aws-sdk-cpp: fix on darwin 
The LD_LIBRARY_PATH variable does nothing on Darwin, but
DYLD_LIBRARY_PATH does the same thing, so splice in the right variable
based on which system we're working on.
 2017-02-02 02:18:42 +01:00
Robin Gloster
2110d59fa1
libressl_2_5: 2.5.0 -> 2.5.1 
security update, no CVE assigned AFAICS

/cc @grahamc
 2017-02-02 00:26:47 +01:00
Robin Gloster
0b19f2f742
libressl_2_4: 2.4.4 -> 2.4.5 
security update, no CVE assigned AFAICS

/cc @grahamc
 2017-02-02 00:25:51 +01:00
Nikolay Amiantov
4877a5664e dbus: don't search for units in current-system 2017-02-02 00:58:45 +03:00
Daiderd Jordan
7a1dd5fb55 Merge pull request #22227 from lsix/update_glpk 
glpk: 4.56 -> 4.61
 2017-02-01 22:17:06 +01:00
Michael Raskin
c1f6eeb822 botan: 1.10.14 -> 1.10.14 2017-02-01 19:28:45 +01:00
Vladimír Čunát
a2e7770b51
Merge branch 'master' into staging 
There have been some larger security rebuilds on master.
 2017-02-01 15:56:35 +01:00