Franz Pletz
f0f95d03ca
utillinux: 2.28 -> 2.28.1
2016-08-25 01:55:42 +02:00
Franz Pletz
3ce7b77517
libnl: 3.2.27 -> 3.2.28
2016-08-25 01:55:41 +02:00
Franz Pletz
a30bf645f2
sinit: 0.9.2 -> 1.0, fix glibc static linking
2016-08-24 21:31:02 +02:00
Franz Pletz
d5189fb7ad
lxc: 2.0.3 -> 2.0.4, fixes hardened build
2016-08-24 21:31:02 +02:00
Robin Gloster
c26de11551
linuxPackages.perf: fix build with new glibc and remove hack
...
elfutils now adds a eu- prefix to avoid collisions
2016-08-24 19:19:02 +00:00
Daiderd Jordan
8b8a74d5d6
Merge pull request #17864 from LnL7/darwin-libsecurity
...
darwin.libsecurity: fix for gnustep makefiles
2016-08-24 19:56:24 +02:00
Robin Gloster
9e47acb89d
otpw: disable stackprotector hardening
2016-08-24 17:19:43 +00:00
Shea Levy
8b9b9fad31
Revert "Revert "Merge branch 'modprobe-fix' of git://github.com/abbradar/nixpkgs""
...
Revert a revert of a merge that shouldn't have been in master but was intentionally in staging.
Next time I'll do this right after the revert instead of so far down the line...
This reverts commit 9adad8612b
.
2016-08-24 07:35:30 -04:00
obadz
0e8d2725dc
Merge branch 'master' into staging
2016-08-23 18:50:06 +01:00
Joachim Fasting
cf592a8969
grsecurity: 4.7.1-201608161813 -> 4.7.2-201608211829
2016-08-23 01:49:34 +02:00
obadz
24a9183f90
Merge branch 'hardened-stdenv' into staging
...
Closes #12895
Amazing work by @globin & @fpletz getting hardened compiler flags by
enabled default on the whole package set
2016-08-22 01:19:35 +01:00
obadz
ba50fd7170
Merge branch 'master' into staging
2016-08-22 01:18:11 +01:00
Tim Steinbach
175028582c
linux: 4.7.1 -> 4.7.2
2016-08-21 13:56:45 +00:00
Daiderd Jordan
a9e913ffbf
darwin.security_tool: fix for gnustep makefiles
2016-08-20 13:43:58 +02:00
Daiderd Jordan
0ec2ba9497
darwin.libsecurity: fix for gnustep makefiles
2016-08-20 13:32:10 +02:00
Mikael Brockman
1f50e2412f
libselinux: fix Python binding
...
Applies unreleased patch from upstream.
2016-08-19 19:06:25 +03:00
Nikolay Amiantov
2abe917f18
kmod: 22 -> 23, add /lib/modules to module directories
2016-08-19 17:57:08 +03:00
Nikolay Amiantov
ff22705793
treewide: replace several /sbin paths by /bin
2016-08-19 17:56:45 +03:00
Nikolay Amiantov
30c9aa2698
kmod: add patch to allow searching for modules in several directories
2016-08-19 17:56:39 +03:00
obadz
1047ed49d9
Merge branch 'master' into staging
...
Conflicts: pkgs/os-specific/linux/kmod/default.nix cc @abbradar
2016-08-19 15:28:58 +01:00
Tuomas Tynkkynen
bd68309643
kernel config: Enable SECCOMP
...
This is used by systemd >= 231 and is not enabled in the ARM
multiplatform defconfig.
2016-08-18 16:33:46 +03:00
Joachim Fasting
66a3f0e988
gradm: 3.1-201607172312 -> 3.1-201608131257
2016-08-17 15:19:33 +02:00
Joachim Fasting
ba20363f11
grsecurity: 4.7-201608151842 -> 4.7.1-201608161813
2016-08-17 15:19:27 +02:00
Franz Pletz
2571438988
linux: 4.7 -> 4.7.1
2016-08-17 05:46:00 +02:00
Franz Pletz
7a4407461b
linux: 4.6.6 -> 4.6.7
...
Fixes CVE-2016-5696.
2016-08-17 05:45:59 +02:00
Franz Pletz
da95fb368c
linux: 4.4.17 -> 4.4.18
...
Fixes CVE-2016-5696.
2016-08-17 05:45:59 +02:00
Franz Pletz
2104d28bcd
linux: 4.1.27 -> 4.1.30
...
Fixes CVE-2016-5696.
2016-08-17 05:45:59 +02:00
Frederik Rietdijk
5a501bd828
Remove top-level dbus_python and pythonDBus.
...
See #11567 .
Furthermore, it renames pythonPackages.dbus to pythonPackages.dbus-
python as that's the name upstream uses.
There is a small rebuild but I couldn't figure out the actual cause.
2016-08-16 22:52:37 +02:00
Domen Kožar
40da4e6ce7
fix eval
2016-08-16 22:30:15 +02:00
Robert Helgesson
f396a0b4d0
hd-idle: init at 1.05
2016-08-16 21:59:14 +02:00
Joachim Fasting
d82ddd6dc0
grsecurity: 4.7-201608131240 -> 4.7-201608151842
2016-08-16 17:50:37 +02:00
Joachim Fasting
b1cceeda84
grsecurity: enable pax size overflow plugin
2016-08-16 17:50:36 +02:00
Joachim Fasting
3fcb9e6f57
grsecurity: support non-enforcing mode
...
Until we've made sure that most things actually work out of the box, we
need to give people a way of continuing to use the system without
completely disabling grsecurity.
Set sysctl kernel.pax.softmode=1 or boot with pax.softmode=1
2016-08-16 17:50:36 +02:00
Robin Gloster
33e1c78ae3
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
2016-08-16 07:54:01 +00:00
Nikolay Amiantov
081ac25dc6
kmod: 22 -> 23, add /lib/modules to module directories
2016-08-16 02:42:19 +03:00
Shea Levy
9adad8612b
Revert "Merge branch 'modprobe-fix' of git://github.com/abbradar/nixpkgs"
...
Was meant to go into staging, sorry
This reverts commit 57b2d1e9b0
, reversing
changes made to 760b2b9048
.
2016-08-15 19:05:52 -04:00
Shea Levy
57b2d1e9b0
Merge branch 'modprobe-fix' of git://github.com/abbradar/nixpkgs
2016-08-15 19:01:44 -04:00
Nikolay Amiantov
1afd250676
treewide: replace several /sbin paths by /bin
2016-08-16 00:19:25 +03:00
Nikolay Amiantov
131fca0a85
kmod: add patch to allow searching for modules in several directories
2016-08-16 00:19:25 +03:00
Joachim Fasting
9062c67914
grsecurity: 4.6.5-201607312210 -> 4.7-201608131240
2016-08-15 20:36:46 +02:00
Moritz Ulrich
21df40f85f
systemd-cryptsetup-generator: Fix bug.
...
The annoying wrapper script also wraps `systemd-cryptsetup`. We need to
copy the original binary to $out too.
2016-08-15 12:42:44 +02:00
Nikolay Amiantov
5b296a1470
Merge branch 'master' into staging
2016-08-15 10:34:28 +03:00
Franz Pletz
64c79e8526
linux: 4.6.5 -> 4.6.6
2016-08-15 04:28:08 +02:00
Franz Pletz
2a8718fb0b
linux_4_5: remove, not support by upstream anymore
2016-08-15 04:28:02 +02:00
Robin Gloster
a37d695c95
linuxPackages.spl: remove unnecessary substituteInPlace
...
`substituteInPlace` was operating on a non-existant file.
Updated to use `autoreconfHook`.
2016-08-14 22:55:21 +00:00
Dan Peebles
ea34fe82bc
swift-corefoundation: some cleanup
...
I upstreamed some patches so I'm using those now
2016-08-14 18:22:19 -04:00
Dan Peebles
4705a9a6c1
swift-corefoundation: actually remove spurious dependency
2016-08-14 17:42:03 -04:00
Dan Peebles
6cf13bfe66
swift-corefoundation: remove spurious buildInput
...
libpthread is part of libSystem, so there's no need to depend on it
explicitly
2016-08-14 17:40:05 -04:00
Dan Peebles
1861744e7c
swift-corefoundation: init
...
This currently only produces a static library, but is a start :) soon we
might be able to incorporate it into our stdenv, but we need to get the
build system to produce a proper .framework first.
2016-08-14 17:35:44 -04:00
Dan Peebles
98b5e3a531
darwin.libpthread: fix messed-up header
...
We don't actually need the private headers and the private qos.h was
overwriting the public one, causing weird issues downstream (especially
with Swift's CoreFoundation)
2016-08-14 17:34:55 -04:00
Michele Guerini Rocco
7522de2f4b
btfs: 2.10 -> 2.11 ( #17737 )
...
(cherry picked from commit 340a9571f5
)
2016-08-14 21:14:20 +00:00
Robin Gloster
a6c5638565
Revert "btfs: 2.10 -> 2.11 ( #17737 )"
...
This reverts commit 340a9571f5
.
2016-08-14 21:12:21 +00:00
Michele Guerini Rocco
340a9571f5
btfs: 2.10 -> 2.11 ( #17737 )
2016-08-14 22:48:56 +02:00
Nikolay Amiantov
3e84cbc4ca
autofs5: 5.1.1 -> 5.1.2
2016-08-14 22:39:18 +03:00
Nikolay Amiantov
c60deb0266
quote homepages for better clickability
...
Done while I was traversing packages which I maintain to save extra clicks on
urxvt (it captures semicolon as a part of URL).
2016-08-14 22:37:10 +03:00
Nikolay Amiantov
b30f4e5e4f
android-udev-rules: 2016-04-26 -> 20160805
2016-08-14 22:37:10 +03:00
Dan Peebles
948b7f23bb
darwin.{xnu, Libc}: 10.9 -> 10.11
...
I can't submit this in smaller units because the various components all
depend on one another during the stdenv bootstrap, so I think this is
the smallest sensible change I can make.
I also removed the symbol-hiding shenanigans in Libsystem. It might mess
up compatibility with 10.9 but I don't really want to support the added
complexity and I see little evidence of anyone else wanting to support
it. If someone cares, we might be able to revive compatibility, but for
now it'll stay like this.
2016-08-14 12:53:33 -04:00
Eric Sagnes
f0fef4defb
wireguard-unstable: 2016-07-22 -> 2016-08-08 ( #17727 )
2016-08-14 10:47:16 +00:00
Robin Gloster
99cb230b47
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
2016-08-14 09:09:20 +00:00
Robin Gloster
8071cafe66
linuxPackages.rtl8812au: fix build
2016-08-14 08:59:55 +00:00
Robin Gloster
2676cf9525
linuxPackages.lttng-modules: fix build
2016-08-14 08:59:19 +00:00
Domen Kožar
a7f8787dbd
Merge pull request #17705 from womfoo/bump/hwdata-0.291
...
hwdata: 0.276 -> 0.291
2016-08-13 17:00:08 +02:00
Franz Pletz
bd4490e277
Merge branch 'master' into hardened-stdenv
2016-08-13 16:59:55 +02:00
Franz Pletz
fa3a35b241
linuxPackages.fusionio-vsl: disable pic hardening (still broken)
2016-08-13 16:55:26 +02:00
Franz Pletz
b2c6d28a1d
linuxPackages.ndiswrapper: disable pic hardening (still broken)
2016-08-13 16:50:43 +02:00
Franz Pletz
9e7d118ea2
linuxPackages.nvidia-x11: disable pic & format hardening
2016-08-13 16:49:42 +02:00
Franz Pletz
5103e70a37
linuxPackages.nvidiabl: disable pic hardening
2016-08-13 16:44:39 +02:00
Franz Pletz
73a9ce2ce3
linuxPackages.psmouse_alps: remove, driver in kernel since 3.9
2016-08-13 16:42:35 +02:00
Franz Pletz
62e6bc0bd9
linuxPackages.prl-tools: disable pic hardening
2016-08-13 16:40:42 +02:00
Franz Pletz
f55fd87c8a
linuxPackages.ixgbevf: disable pic hardening
2016-08-13 16:30:35 +02:00
Franz Pletz
5e085b7fea
linuxPackages.e1000e: disable pic hardening
2016-08-13 16:25:29 +02:00
Franz Pletz
d836b811cb
linuxPackages.cryptodev: 1.6 -> 1.8, disable pic hardening
2016-08-13 16:24:38 +02:00
Franz Pletz
f5c9f99877
linuxPackages.ati_drivers_x11: disable pic & format hardening
2016-08-13 16:06:57 +02:00
Franz Pletz
a8deb8d647
linuxPackages.frandom: disable pic hardening
2016-08-13 16:03:32 +02:00
Franz Pletz
7d9d2d6872
linuxPackages.broadcom_sta: disable pic hardening
2016-08-13 16:02:02 +02:00
Robin Gloster
0f274be2fd
linuxPackages.ena: disable pic
2016-08-13 10:12:07 +00:00
Kranium Gikos Mendoza
1bbcc7e378
hwdata: 0.276 -> 0.291
2016-08-13 10:06:34 +08:00
Luca Bruno
fda17cfd0e
Merge pull request #17703 from womfoo/bump/microcode-intel-20160714
...
microcode-intel: 20150121 -> 20160714
2016-08-12 21:44:34 +01:00
Kranium Gikos Mendoza
050452dd7f
microcode-intel: 20150121 -> 20160714
2016-08-13 03:53:03 +08:00
obadz
b2efe2babd
Revert "linux kernel 4.4: fix race during build"
...
Removes patch. Was fixed upstream.
This reverts commit 4788ec1372
.
2016-08-12 16:42:25 +01:00
Guillaume Maudoux
b1817fa8a3
linux_mptcp: 0.90.1 (kernel 3.18) -> 0.91 (kernel 4.1) ( #17675 )
2016-08-12 15:14:24 +02:00
Robin Gloster
b7787d932e
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
2016-08-12 09:46:53 +00:00
obadz
18947c9e36
Revert "ecryptfs: fix kernel bug introduced in 4.4.14"
...
The Linux 4.4.17 release fixes the underlying issue
This reverts commit fad9a8841b
.
2016-08-11 17:15:54 +01:00
Michael Raskin
b893d84d53
firejail: 0.9.40-rc1 -> 0.9.42-rc1
2016-08-11 17:57:35 +02:00
Michael Raskin
8b4eb6fa4d
eudev: 3.1.5 -> 3.2
2016-08-11 17:57:35 +02:00
Eelco Dolstra
e26ac7afd4
linux: 4.4.16 -> 4.4.17
2016-08-11 15:20:07 +02:00
obadz
1cd9c58834
Merge pull request #17461 from rasendubi/powerpc
...
cross-compilation: fixes for powerpc-linux-uclibc
2016-08-11 00:51:51 +01:00
Kranium Gikos Mendoza
33166b7434
wireguard: require Linux >= 4.1 for module build ( #17632 )
2016-08-11 00:25:57 +02:00
Frederik Rietdijk
111d7a2af4
Merge pull request #17623 from matthewbauer/misc
...
Misc. hydra fixes
2016-08-10 11:35:44 +02:00
Franz Pletz
bba9728cd6
jool: 3.4.2 -> 3.4.4
2016-08-10 07:12:08 +02:00
Franz Pletz
aec9abc8e1
iputils: 20121221 -> 20151218
2016-08-10 07:12:08 +02:00
Matthew
0540e567a8
uksmtools: delete
...
Sources are not available from GitHub anymore and it appears to be
unmantained. A request was sent to the AUR mailing list to delete it on
May 26, 2016:
https://lists.archlinux.org/pipermail/aur-requests/2016-May/011706.html
2016-08-09 21:06:27 +00:00
Moritz Ulrich
9626707e2b
systemd-cryptsetup-generator: Add note to revert 3efadce
.
2016-08-09 19:21:58 +02:00
Moritz Ulrich
3efadce03b
systemd-cryptsetup-generator: Fix installPhase.
2016-08-09 19:21:25 +02:00
Tuomas Tynkkynen
9a5427f667
klibc: Broken on i686
2016-08-06 17:06:45 +03:00
Tuomas Tynkkynen
088bcf4ec4
kernel config: Fix 3.10, 3.12, 3.14 builds
2016-08-06 17:06:45 +03:00
Tuomas Tynkkynen
44f462bf4d
generate-config.pl: Be more verbose about missing options
...
For instance, the current 3.10 kernel build fails at the end with:
unused option: BRCMFMAC_PCIE
unused option: FW_LOADER_USER_HELPER_FALLBACK
unused option: KEXEC_FILE
unused option: RANDOMIZE_BASE
However, it's not obvious that only the _last_ one is actually fatal to
the build. After this change it's at least somewhat better:
warning: unused option: BRCMFMAC_PCIE
warning: unused option: FW_LOADER_USER_HELPER_FALLBACK
warning: unused option: KEXEC_FILE
error: unused option: RANDOMIZE_BASE
2016-08-06 17:06:45 +03:00
Robin Gloster
bc025e83bd
uclibc: disable stackprotector hardening
2016-08-05 18:15:27 +00:00
Michal Rus
7281740c2e
linux: enable DRM_GMA600 and DRM_GMA3600
...
Adds basic support for Intel GMA3600/3650 (Intel Cedar Trail) platforms
and support for GMA600 (Intel Moorestown/Oaktrail) platforms with LVDS
ports via the gma500_gfx module.
Resolves #14727 Closes #17519
2016-08-05 19:07:40 +02:00
Franz Pletz
2d6b7aa545
linux: enable some useful networking options
...
All options are enabled by default on Debian and some other
distributions, so these should be safe.
2016-08-05 04:07:31 +02:00
Robin Gloster
1b979d8384
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
2016-08-03 13:34:44 +00:00
Frederik Rietdijk
db06460257
Merge pull request #17447 from FRidh/nvidia
...
nvidia-x11: fix driSupport32Bit
2016-08-03 08:36:24 +02:00
Alexey Shmalko
5ab8e0d2aa
uclibc: claim maintainership
2016-08-03 03:35:54 +03:00
Tuomas Tynkkynen
21f17d69f6
treewide: Add lots of meta.platforms
...
Build-tested on x86_64 Linux & Mac.
2016-08-02 21:42:43 +03:00
Tuomas Tynkkynen
2258b21e4b
treewide: Add lots of platforms to packages with no meta
...
Build-tested on x86_64 Linux and on Darwin.
2016-08-02 21:17:44 +03:00
Tuomas Tynkkynen
59ce911810
treewide: Some EOF-whitespace fixes
2016-08-02 21:17:44 +03:00
Franz Pletz
f2a66d4c16
criu: fix merge fail
...
d020caa5b2
vs. e3d0fe898b
2016-08-02 17:52:51 +02:00
Robin Gloster
1be4907ca2
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
2016-08-02 13:46:36 +00:00
Frederik Rietdijk
8eb4b3af10
nvidia-x11: fix driSupport32Bit
2016-08-02 13:03:44 +02:00
aszlig
fef4b62657
broadcom_sta: Add patch to fix NULL pointer deref
...
The patch is from the following Gentoo bug:
https://bugs.gentoo.org/show_bug.cgi?id=523326#c24
Built successfully against Linux 3.18.36, 4.4.16 and 4.7.0.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @phreedom, @vcunat
2016-08-01 21:05:15 +02:00
aszlig
8f08399671
broadcom_sta: Reindent file, no code changes
...
Let's make sure we indent using two spaces, because the unpackPhase was
indented using four spaces.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-08-01 21:05:15 +02:00
aszlig
4d3545f2a5
broadcom_sta: Add patch for supporting Linux 4.7
...
Patch is from Arch Linux at:
https://aur.archlinux.org/cgit/aur.git/tree/?h=broadcom-wl
I've tested building against 3.18.36, 4.4.16 and 4.7.0.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @phreedom, @vcunat
2016-08-01 21:05:15 +02:00
aszlig
bd7ce1581d
broadcom_sta: 6.30.223.248 -> 6.30.223.271
...
The patch for kernel version 3.18 is already applied upstream, so we
don't need it any longer.
Without i686-build-failure.patch, the build for i686-linux fails because
it references rdtscl(), which is no longer available in Linux 4.3.0.
Patch for missing rdtscl() is from Arch Linux:
https://aur.archlinux.org/cgit/aur.git/tree/002-rdtscl.patch?h=broadcom-wl-ck
I've tested building against 32 and 64 bit Linux versions 3.18.36,
4.4.16 and 4.7.0.
The hashes were verified using the ones from the AUR (using the 16 bit
hashes of course):
$ nix-hash --type sha256 --to-base16 1kaqa2dw3nb8k23ffvx46g8jj3wdhz8xa6jp1v3wb35cjfr712sg
4f8b70b293ac8cc5c70e571ad5d1878d0f29d133a46fe7869868d9c19b5058cd
$ nix-hash --type sha256 --to-base16 1gj485qqr190idilacpxwgqyw21il03zph2rddizgj7fbd6pfyaz
5f79774d5beec8f7636b59c0fb07a03108eef1e3fd3245638b20858c714144be
AUR hashes can be found at:
https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=broadcom-wl&id=9d6f10b1b7745fbf5d140ac749e2253caf70daa8#n26
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @phreedom, @vcunat
2016-08-01 21:05:15 +02:00
Karn Kallio
5d11dac8bb
nvidia-x11: advance to 365.35 and patch kernel 4.7.
2016-08-01 10:19:57 -04:00
Joachim Fasting
76f2e827a7
grsecurity: 4.6.5-201607272152 -> 4.6.5-201607312210
2016-08-01 12:46:48 +02:00
Robin Gloster
63c7b4f9a7
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
2016-07-31 20:51:34 +00:00
Robin Gloster
43ba8d295f
nvidia-x11: disable pic/format hardening
2016-07-31 20:38:38 +00:00
Eric Sagnes
d6452987fb
wireguard: 20160708 -> 2016-07-22 ( #17362 )
2016-07-31 13:57:37 +02:00
Franz Pletz
2fa9bd5059
hostapd: add patch to fix build with libressl
...
Fixes #17315 .
2016-07-29 12:03:08 +02:00
Joachim Fasting
83f783c00f
grsecurity: 4.6.4-201607242014 -> 4.6.5-201607272152
2016-07-29 00:24:00 +02:00
Franz Pletz
9aee2a17af
linux: 4.6.4 -> 4.6.5
...
Removed patch was applied upstream.
2016-07-28 23:05:27 +02:00
Franz Pletz
b68fe1a572
linux: 4.5.6 -> 4.5.7
2016-07-28 23:05:27 +02:00
Eelco Dolstra
42f8df10a2
linux: 4.4.16 -> 4.4.16
2016-07-28 17:03:55 +02:00
Eelco Dolstra
51871dfb37
systemd: 230 -> 231
2016-07-28 17:03:55 +02:00
rnhmjoj
50cbb5bd30
rewritefs: 2016-02-08 -> 2016-07-27
2016-07-27 03:51:08 +02:00
Vladimír Čunát
375ae11a34
tiptop: init at 2.3
2016-07-26 11:55:23 +02:00
Robin Gloster
f222d98746
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
2016-07-25 12:47:13 +00:00
Joachim Fasting
e725c927d4
grsecurity: 4.6.4-201607192040 -> 4.6.4-201607242014
2016-07-25 09:11:28 +02:00
Shea Levy
ac93e9f2c8
Linux 4.7
2016-07-24 18:30:08 -04:00
Joachim Fasting
f1187c4605
gradm: ensure that udev rules are actually installed
...
Another regression on my part: gradm won't install the rules unless
$(DESTDIR)/etc/udev/rules.d exists.
2016-07-24 12:54:07 +02:00
Tuomas Tynkkynen
9cccf35f98
dmraid: Fix typo
2016-07-23 13:24:18 +03:00
Matthew Robbetts
e434ce8f49
hostapd: 2.4 -> v2.5, fixes #17164
2016-07-23 00:56:53 +02:00
Daiderd Jordan
44c5b729b8
osx-private-sdk: Fix hash ( #17185 )
...
- use fetchFromGitHub
2016-07-23 00:54:25 +02:00
Joachim Fasting
e4b7b7b028
gradm: 3.1-201507191652 -> 3.1-201607172312
2016-07-22 17:57:26 +02:00
Lluís Batlle i Rossell
dd02b6f118
perf: depend on libiberty to get c++ demangling.
2016-07-21 17:27:15 +02:00
Robin Gloster
1f04b4a566
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
2016-07-21 00:56:43 +00:00
Robin Gloster
cc540843fe
linuxPackages.wireguard: disable pic
2016-07-21 00:01:20 +00:00
Markus Hauck
2a3fe4df43
sysdig: 0.10.0 -> 0.11.0
2016-07-20 21:27:40 +02:00
Joachim Fasting
55120ac4cb
grsecurity: 4.6.4-201607112205 -> 4.6.4-201607192040
2016-07-20 10:17:35 +02:00
Joachim Fasting
c93ffb95bc
grsecurity: enable support for setting pax flags via xattrs
...
While useless for binaries within the Nix store, user xattrs are a convenient
alternative for setting PaX flags to executables outside of the store.
To use disable secure memory protections for a non-store file foo, do
$ setfattr -n user.pax.flags -v em foo
2016-07-20 10:17:11 +02:00
Tuomas Tynkkynen
2fefa331e7
busybox: Fix cross build with musl
2016-07-20 02:38:10 +03:00
Graham Christensen
46655e4524
Merge pull request #17085 from j1r1k/gfxtablet-1.4
...
gfxtablet: git-2013-10-21 -> 1.4
2016-07-19 19:23:47 +00:00
Jiri Marsicek
4a86f9a44f
gfxtablet: git-2013-10-21 -> 1.4
2016-07-19 20:47:00 +02:00
Robin Gloster
04d873a626
osx-private-sdk: Fix hash
2016-07-19 12:19:58 +00:00
Joachim F
bb6fb70d6b
Merge pull request #16979 from markus1189/sysdig
...
sysdig: 0.9.0 -> 0.10.0
2016-07-19 12:49:05 +02:00
Robin Gloster
203846b9de
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
2016-07-19 10:37:02 +00:00
Franz Pletz
039f0e5cb0
firmwareLinuxNonfree: 2016-05-18 -> 2016-07-12
2016-07-19 07:55:27 +02:00
Nikolay Amiantov
28740462e7
busybox: fix static build
2016-07-19 05:20:02 +03:00
Tuomas Tynkkynen
6e0ab36de0
Merge pull request #16963 from womfoo/init/cking-kernel-tools
...
Init {fnotify,fork,power,smem}stat kernel tools
2016-07-16 21:15:23 +03:00
Tuomas Tynkkynen
a4dfa90139
Merge pull request #17012 from womfoo/fix/lightum
...
lightum: fix build against systemd-230
2016-07-16 17:12:27 +03:00
Kranium Gikos Mendoza
eb34cf1b6d
lightum: fix build against systemd-230
2016-07-16 21:57:23 +08:00
Rickard Nilsson
8fa4dc174f
Merge pull request #16899 from kragniz/lxc-2.0.3
...
lxc: 2.0.1 -> 2.0.3
2016-07-16 10:37:12 +02:00
Kranium Gikos Mendoza
b68689ebb2
smemstat: init at 0.01.14
2016-07-16 12:09:40 +08:00
Kranium Gikos Mendoza
a28dda1102
powerstat: init at 0.02.10
2016-07-16 12:09:40 +08:00
Kranium Gikos Mendoza
f88f31c4f0
forkstat: init at 0.01.13
2016-07-16 12:09:32 +08:00
Robin Gloster
5185bc1773
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
2016-07-15 14:41:01 +00:00
Markus Hauck
36c906e7c0
sysdig: 0.9.0 -> 0.10.0
2016-07-15 10:35:19 +02:00
Arseniy Seroka
658579cc57
Merge pull request #16961 from womfoo/bump/eventstat-0.03.02
...
eventstat: 0.02.02 -> 0.03.02
2016-07-14 22:19:33 +04:00
Kranium Gikos Mendoza
b795186f2e
fnotifystat: init at 0.01.14
2016-07-15 00:44:41 +08:00
Kranium Gikos Mendoza
cbeb320c47
eventstat: 0.02.02 -> 0.03.02
2016-07-15 00:06:39 +08:00
Vladimír Čunát
1b5ac05845
Merge branch 'staging'
...
Includes security fixes in gd and libarchive.
2016-07-14 15:51:28 +02:00
Eric Sagnes
c6f99a3a92
wireguard: split module and tools ( #16883 )
2016-07-13 21:15:11 +02:00
obadz
927a984de6
kernel: make KEXEC_FILE & KEXEC_JUMP optional to fix i686 build
...
cc @edolstra @dezgeg @domenkozar
2016-07-13 12:49:18 +02:00
obadz
fad9a8841b
ecryptfs: fix kernel bug introduced in 4.4.14
...
Introduced by mainline commit 2f36db7
Patch is from http://www.spinics.net/lists/stable/msg137350.html
Fixes #16766
2016-07-13 11:04:07 +02:00
Nikolay Amiantov
d9aafc885f
Merge branch 'early-kbd' into staging
2016-07-13 03:56:07 +03:00
Nikolay Amiantov
1848bfc92d
Merge branch 'plymouth' into staging
2016-07-13 03:54:38 +03:00
Louis Taylor
f51f6a36e8
lxc: 2.0.1 -> 2.0.3
2016-07-13 00:35:20 +01:00
Vladimír Čunát
40785f0dac
Merge branch 'master' into staging
...
Hydra nixpkgs: ?compare=1282763
2016-07-12 22:00:10 +02:00
Nikolay Amiantov
6e21246dc4
plymouth: 0.9.0 -> 0.9.2
...
Use system-wide directories for various resources.
2016-07-12 22:22:28 +03:00
Franz Pletz
dde259dfb5
linux: Add patch to fix CVE-2016-5829 ( #16824 )
...
Fixed for all available 4.x series kernels.
From CVE-2016-5829:
Multiple heap-based buffer overflows in the hiddev_ioctl_usage function
in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow
local users to cause a denial of service or possibly have unspecified
other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl
call.
2016-07-12 20:56:50 +02:00
Joachim Fasting
416120e0c7
grsecurity: 4.6.3-201607070721 -> 4.6.4-201607112205
2016-07-12 15:15:09 +02:00
Tim Steinbach
47da65923b
kernel: 4.6.3 -> 4.6.4 ( #16875 )
2016-07-12 09:54:57 +02:00
Tim Steinbach
9672c36651
conky: 1.10.1 -> 1.10.3
2016-07-11 23:20:25 +00:00
Eric Sagnes
1b41283eb3
wireguard: init at 20160708 ( #16856 )
2016-07-11 18:05:23 +02:00
Louis Taylor
b2b8a89945
linux-testing: 4.7-rc6 -> 4.7-rc7 ( #16854 )
2016-07-11 17:53:41 +02:00
Eelco Dolstra
ecc26d7a40
linux: Disable the old IDE subsystem
...
This has long been deprecated in favour of the new ATA support
(CONFIG_ATA).
2016-07-11 15:05:21 +02:00
Eelco Dolstra
7b9c493d60
linux: Enable some kernel features
...
This enables a few features that should be useful and safe (they're
all used by the default Ubuntu kernel config), in particular zswap,
wakelocks, kernel load address randomization, userfaultfd (useful for
QEMU), paravirtualized spinlocks and automatic process group
scheduling.
Also removes some configuration conditional on kernel versions that we
no longer support.
2016-07-11 15:04:56 +02:00
Eelco Dolstra
1cd7dbc00b
linux: Bump NR_CPUS
...
The default limit (64) is too low for systems like EC2 x1.* instances
or Xeon Phis, so let's increase it.
2016-07-11 14:32:18 +02:00
Eelco Dolstra
8710672225
ena: Init at 20160629
...
This adds the Amazon Elastic Network Adapter kernel module required by
EC2 x1.* instances.
2016-07-11 14:32:18 +02:00
Franz Pletz
0f96c69026
batman-adv: 2016.1 -> 2016.2
2016-07-11 04:04:49 +02:00
Vladimír Čunát
6f07fdf469
v4l-utils: 1.6.3 -> 1.10.1
...
This fixes build after libjpeg(-turbo) update.
/cc maintainers: @codypoel, @viric.
2016-07-09 18:54:44 +02:00
Nikolay Amiantov
da97ba359e
busybox: set default keymap path
2016-07-08 20:44:01 +03:00
Nikolay Amiantov
8b92103ae8
Merge branch 'master' into staging
2016-07-08 20:36:44 +03:00
Nikolay Amiantov
4ae98c2064
Merge branch 'kbd-paths' into staging
...
Closes #16642
2016-07-08 20:35:25 +03:00
Nikolay Amiantov
00e67f0df0
systemd: use plymouth from system path
2016-07-08 15:23:47 +03:00
Nikolay Amiantov
8bbfba48c4
systemd: move hwdb patch to the fork itself
2016-07-08 15:23:47 +03:00
Nikolay Amiantov
1ac6f1fe25
systemd: update fork revision
2016-07-08 15:23:07 +03:00
Nikolay Amiantov
c89843b604
kbd: split keymaps into kbdKeymaps
2016-07-08 12:52:39 +03:00
zimbatm
2459ddd4f6
Merge pull request #16703 from zimbatm/nologin-error
...
Nologin error
2016-07-07 22:58:53 +01:00
Joachim Fasting
a2ebf45b47
grsecurity: 4.5.7-201606302132 -> 4.6.3-201607070721
2016-07-07 19:34:58 +02:00
Eelco Dolstra
04eb7492dc
ixgbevf: Init at 3.2.2
...
This driver is necessary for Enhanced Networking on most EC2 instance
types.
2016-07-07 17:51:10 +02:00
Joachim Fasting
2dd009ec97
Merge pull request #16622 from womfoo/bump/sysstat-11.2.5
...
sysstat: 11.0.7 -> 11.2.5
2016-07-05 19:53:58 +02:00
Tobias Geerinckx-Rice
cb86518fd3
radeontop: 2016-07-03 -> 2016-07-04
...
Add support for unprivileged use on both the Linux console and X.
2016-07-05 09:29:42 +02:00
zimbatm
c1a202de05
shadow: fix passthru
...
The shadow package's shellPath wasn't detected properly
Fixes #16428
2016-07-04 15:12:27 +01:00
Eelco Dolstra
03fcbf6317
Merge pull request #16697 from mimadrid/update/perf-tools-20160418
...
perf-tools: 20150723 -> 20160418
2016-07-04 14:26:05 +02:00
Tuomas Tynkkynen
4085f4de5f
Merge branch 'pr-newest-uboot' into master
2016-07-04 15:17:46 +03:00
Tuomas Tynkkynen
55aecd308e
linux-rpi: 4.1.20-XXX -> 4.4.13-1.20160620-1
...
- Add a patch to unset CONFIG_LOCALVERSION in the v7 build.
- Copy all the device trees to match the upstream names so U-Boot can
find them. (This is a hack.)
2016-07-04 15:13:29 +03:00
mimadrid
b9315a6e24
perf-tools: 20150723 -> 20160418
2016-07-04 12:29:31 +02:00
aszlig
566c990f33
linux-testing: 4.6-rc6 -> 4.7-rc6
...
The config option DEVPTS_MULTIPLE_INSTANCES now no longer exists since
torvalds/linux@eedf265aa0 .
Built successfully on my Hydra instance:
https://headcounter.org/hydra/log/r4n6sv0zld0aj65r7l494757s2r8w8sr-linux-4.7-rc6.drv
Verified unpacked tarball with GnuPG:
ABAF 11C6 5A29 70B1 30AB E3C4 79BE 3E43 0041 1886
gpg: Signature made Mon 04 Jul 2016 08:13:05 AM CEST
gpg: using RSA key 79BE3E4300411886
gpg: Good signature from "Linus Torvalds <torvalds@linux-foundation.org>"
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-07-04 10:46:48 +02:00
Tuomas Tynkkynen
1d069ff6ac
rtl8723bs: Support all Linux
2016-07-04 02:07:13 +03:00