Commit Graph

205772 Commits

Author SHA1 Message Date
Florian Klink
39b20f0986
Merge pull request #75722 from flokli/xilinx-bootgen
xilinx-bootgen: init at 2019-10-23
2019-12-15 23:55:05 +01:00
Michael Raskin
5f21b4b896
Merge pull request #75723 from andir/advancecomp
advancecomp: fix CVE-2019-9210
2019-12-15 22:53:36 +00:00
Franz Pletz
05c6009f56
Merge pull request #75715 from andir/ansible
ansible fixes for CVE-2019-10156 CVE-2019-10206 CVE-2019-14846 CVE-2019-14856 CVE-2019-14858 CVE-2019-14864
2019-12-15 22:47:28 +00:00
Franz Pletz
f98af3b8db
Merge pull request #75708 from andir/thunderbird-bin
thunderbird-bin: 68.2.2 -> 68.3.0
2019-12-15 22:42:25 +00:00
Franz Pletz
b973f7baf0
Merge pull request #67781 from jonringer/bump-errbot
errbot: 5.2.0 -> 6.1.1
2019-12-15 22:35:02 +00:00
Jonathan Ringer
d62b9919d8
errbot: 5.2.0 -> 6.1.1 2019-12-15 23:30:00 +01:00
Florian Klink
5073aab831 xilinx-bootgen: init at unstable-2019-10-23 2019-12-15 23:27:17 +01:00
Andreas Rammhold
f23627cb12
advancecomp: fix CVE-2019-9210 2019-12-15 23:15:35 +01:00
Franz Pletz
0f783bc7ca
Merge pull request #75193 from Ma27/optional-networkd-gateway
nixos/networkd: only set gateway if it's explicitly specified in the module system
2019-12-15 22:15:32 +00:00
R. RyanTM
d7125bf6b6 xmr-stak: 2.10.7 -> 2.10.8 2019-12-15 22:13:29 +00:00
Franz Pletz
ded56b2687
Merge pull request #75234 from filalex77/subfinder-2.2.2
subfinder: 2018-07-15 -> 2.2.4
2019-12-15 22:13:06 +00:00
Franz Pletz
fda130af71
Merge pull request #75474 from chkno/xsecurelock-no-longer-needs-xset-path-fixed
xsecurelock: Remove obsolete path fix
2019-12-15 22:10:55 +00:00
Franz Pletz
bbee883e6c
Merge pull request #75704 from andir/dovecot
dovecot: 2.3.8 -> 2.3.9.2
2019-12-15 22:02:35 +00:00
worldofpeace
ce549ddf26
Merge pull request #75682 from Kiwi/wire-desktop-icon
wire-desktop: fix desktop icon
2019-12-15 16:52:51 -05:00
Robert Djubek
4a73fbc367 wire-desktop: fix desktop icon
Update the Name attribute in the wire-desktop.desktop applications file
and add StartupWMClass key. This fixes the icons on plasma5 and gnome3
which, in certain places, showed a generic X.org icon instead of the Wire
icon.
2019-12-15 16:47:35 -05:00
Jonathan Ringer
4b1c34cac6 gtk-server: 2.3.1 -> 2.4.5
Also bumped gtk version from gtk2 to gtk3
2019-12-15 13:31:53 -08:00
Mario Rodas
52e9024849
pango: fix build on darwin 2019-12-15 16:20:00 -05:00
Danylo Hlynskyi
c8c30fac9b
Merge pull request #75692 from kampka/postgresql-backup-default
postgresql-backup: Use saner defaults for pg_dump
2019-12-15 23:16:50 +02:00
Mario Rodas
169fb13569
Merge pull request #75331 from r-ryantm/auto-update/python3.8-mysqlclient
python38Packages.mysqlclient: 1.4.5 -> 1.4.6
2019-12-15 16:02:28 -05:00
Mario Rodas
80af1ff9e1
Merge pull request #75368 from r-ryantm/auto-update/python3.8-sasmodels
python38Packages.sasmodels: 1.0.0 -> 1.0.1
2019-12-15 15:28:08 -05:00
Andreas Rammhold
b21b92947e ansible_2_6: 2.6.17 -> 2.6.20
This addresses the following security issues:

  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when
    invalid parameters are passed to the module (CVE-2019-14858)
  * resolves CVE-2019-10206, by avoiding templating passwords from
    prompt as it is probable they have special characters.
  * Handle improper variable substitution that was happening in
    safe_eval, it was always meant to just do 'type enforcement' and have
    Jinja2 deal with all variable interpolation. Also see CVE-2019-10156

Changelog: 9bdb89f740/changelogs/CHANGELOG-v2.6.rst
2019-12-15 21:25:07 +01:00
Andreas Rammhold
71cde971c7 ansible_2_8: 2.8.4 -> 2.8.7
This addresses the following security issues:

  * Ansible: Splunk and Sumologic callback plugins leak sensitive data in logs (CVE-2019-14864)
  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when
    invalid parameters are passed to the module (CVE-2019-14858)

Changelog: 24220a618a/changelogs/CHANGELOG-v2.8.rst
2019-12-15 21:25:02 +01:00
Andreas Rammhold
64e2791092 ansible_2_7: 2.7.11 -> 2.7.15
This fixes the following security issues:
  * Ansible: Splunk and Sumologic callback plugins leak sensitive data
    in logs (CVE-2019-14864)
  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when invalid
    parameters are passed to the module (CVE-2019-14858)
  * resolves CVE-2019-10206, by avoiding templating passwords from
    prompt as it is probable they have special characters.
  * Handle improper variable substitution that was happening in
    safe_eval, it was always meant to just do 'type enforcement' and have
    Jinja2 deal with all variable interpolation. Also see CVE-2019-10156

Changelog: 0623dedf2d/changelogs/CHANGELOG-v2.7.rst (v2-7-15)
2019-12-15 21:24:59 +01:00
Mario Rodas
6b3720b395
Merge pull request #75675 from marsam/update-git-gone
gitAndTools.git-gone: 0.1.2 -> 0.2.0
2019-12-15 15:21:19 -05:00
Mario Rodas
22a8e0eb85
Merge pull request #75398 from r-ryantm/auto-update/tpm2-tools
tpm2-tools: 4.0.1 -> 4.1
2019-12-15 15:20:48 -05:00
Nikolay Korotkiy
38294e3051
gpxlab: init at 0.7.0 2019-12-15 22:53:06 +03:00
Andreas Rammhold
5d3607b2da
spamassassin: 3.4.2 -> 3.4.3
Two security issues have been fixed in this release:
  * CVE-2019-12420 for Multipart Denial of Service Vulnerability
  * CVE-2018-11805 for nefarious CF files can be configured to
    run system commands without any output or errors.

https://svn.apache.org/repos/asf/spamassassin/branches/3.4/build/announcements/3.4.3.txt
2019-12-15 20:48:56 +01:00
Graham Christensen
aa4a1b01d5
Merge pull request #75516 from ivan/chromium-79.0.3945.79
chromium: 78.0.3904.108 -> 79.0.3945.79
2019-12-15 14:48:34 -05:00
Mario Rodas
eb2d272efd
Merge pull request #75671 from clayrat/tparsec-update
idrisPackages.tparsec: 2019-06-18 -> 2019-09-19
2019-12-15 14:43:44 -05:00
Andreas Rammhold
e1699e3c71
thunderbird-bin: 68.2.2 -> 68.3.0 2019-12-15 20:37:50 +01:00
Andreas Rammhold
cd394340d8
dovecot: 2.3.8 -> 2.3.9.2
Update to latest version & updated the patch file to match with the
lastest verison.

Fixes the following security issue:
  * CVE-2019-19722: Mails with group addresses in From or To fields
    caused crash in push notification drivers.
2019-12-15 20:11:01 +01:00
Christian Kampka
229a0afb28
nixosTests.paperless: Port tests to python 2019-12-15 20:10:57 +01:00
Christian Kampka
d76ab647e6
nixosTests.pdns-recursor: Port tests not python 2019-12-15 20:08:02 +01:00
Christian Kampka
d58814ac5a
nixosTests.peerflix: Port tests to python 2019-12-15 20:08:01 +01:00
Christian Kampka
a20683acbe
nixosTests.pgmanage: Port tests to python 2019-12-15 20:08:00 +01:00
Christian Kampka
1bf1ec35bc
nixosTests.php-pcre: Port tests to python 2019-12-15 20:07:59 +01:00
Christian Kampka
d029e28b78
nixosTests.postgis: Port tests to python 2019-12-15 20:07:58 +01:00
Christian Kampka
e96802ccb2
nixosTests.quagga: Port tests to python 2019-12-15 20:07:52 +01:00
Robert Scott
e1e3df423a allowInsecureDefaultPredicate: fix to use getName
this allows correct operation with packages only having pname and version
specified, resolving issue #73737
2019-12-15 18:01:19 +00:00
cap
2978ca2180 aircrack-ng: fixed missing dependency for airmon-ng 2019-12-15 18:38:43 +01:00
Christian Kampka
bcf6aa5519
nixosTests.sonarr: Port tests to python 2019-12-15 18:24:45 +01:00
Christian Kampka
aeeabe0b89
nixosTests.switch-test: Port tests to python 2019-12-15 18:22:35 +01:00
Christian Kampka
69b1b0cff0
nixosTests.systemd-timesyncd: Port tests to python 2019-12-15 18:16:00 +01:00
Marco A L Barbosa
5425557214 tectonic: 0.1.11 -> 0.1.12 (#75396) 2019-12-15 11:27:41 -05:00
Danylo Hlynskyi
d206f2304f
nixos containers: disable NixOS manual in container config. (#75659)
This makes ~2.5x speed up of an empty container instantiate, hence reduces
rebuild time of system with many declarative containers.

Note that this doesn't affect production systems much, becaseu those most
likely already include `minimal.nix` profile.
2019-12-15 18:21:52 +02:00
Robert Hensing
9696d79fea
Merge pull request #75691 from thefloweringash/chromium-maintainer
chromium: add thefloweringash (myself) as maintainer
2019-12-15 16:44:57 +01:00
Frederik Rietdijk
08eaac6be3
Merge pull request #75452 from NixOS/staging-next
Staging next
2019-12-15 16:28:08 +01:00
WilliButz
7eaaf728e4
Merge pull request #75679 from marsam/fix-loki-darwin
grafana-loki: fix build on darwin
2019-12-15 16:16:50 +01:00
nyanloutre
2abd0a559c treewide: replace kcalcore dependencies with kcalendarcore 2019-12-15 16:13:49 +01:00
nyanloutre
3ccb0bef9c kdeFrameworks.kcalendarcore: init 2019-12-15 16:13:49 +01:00