Commit Graph

101302 Commits

Author SHA1 Message Date
Robin Gloster
449c895f31
podofo: 0.9.4 -> 0.9.5 2017-02-17 00:14:01 +01:00
Robin Gloster
d9d66375ec
pythonPackages.boto3: 1.4.2 -> 1.4.4 2017-02-17 00:13:49 +01:00
Robin Gloster
54018c8f63
xmlsec: 1.2.20 -> 1.2.23 2017-02-17 00:13:45 +01:00
Robin Gloster
0abc829590
pythonPackages.pyopenssl: 16.1.0 -> 16.2.0 2017-02-17 00:13:42 +01:00
Robin Gloster
e400eb36d1
nodejs: 6.9.1 -> 6.9.5 2017-02-17 00:13:34 +01:00
Robin Gloster
5063a8099b
serf: 1.3.7 -> 1.3.9 2017-02-17 00:13:32 +01:00
Robin Gloster
38ef3bbc08
perlPackages.CryptOpenSSLRandom: 0.10 -> 0.11 2017-02-17 00:13:27 +01:00
Robin Gloster
73ba9b0ef0
facter: 3.5.1 -> 3.6.0 2017-02-17 00:13:23 +01:00
Robin Gloster
b1d24a0472
libressl: default to 2.4 due to recent breakages 2017-02-17 00:13:21 +01:00
Robin Gloster
9593049e06
pkcs11helper: 1.11 -> 1.21 2017-02-17 00:13:18 +01:00
Robin Gloster
c505564fc5
yara: 3.4.0 -> 3.5.0 2017-02-17 00:13:15 +01:00
Robin Gloster
fa98d41787
umurmr: 0.2.16 -> 0.2.16a 2017-02-17 00:13:11 +01:00
Robin Gloster
e1eda97649
uftp: 4.9.2 -> 4.9.3 2017-02-17 00:13:07 +01:00
Robin Gloster
395ca86018
tcpcrypt: 0.4 -> 0.5 2017-02-17 00:12:43 +01:00
Robin Gloster
22bea837f4
tcltls: 1.6 -> 1.6.7 2017-02-17 00:12:12 +01:00
Robin Gloster
79e6596993
s3backer: 1.4.2 -> 1.4.3 2017-02-17 00:12:09 +01:00
Robin Gloster
643703366d
pam_ssh_agent_auth: 0.9.5 -> 0.10.3 2017-02-17 00:12:01 +01:00
Robin Gloster
96b4d69136
openisns: 0.95 -> 0.97 2017-02-17 00:11:58 +01:00
Robin Gloster
900cc90fbe
openfortivpn: 1.1.4 -> 1.2.0 2017-02-17 00:11:55 +01:00
Robin Gloster
7977cc4451
ngircd: 21 -> 24 2017-02-17 00:11:52 +01:00
Robin Gloster
bee26ba6b2
lastpass-cli: 1.0.0 -> 1.1.1 2017-02-17 00:11:49 +01:00
Robin Gloster
6729b9e23b
ircdHybrid: 8.2.2 -> 8.2.21 2017-02-17 00:11:45 +01:00
Robin Gloster
46966ad4e5
ipmitool: 1.8.15 -> 1.8.17 2017-02-17 00:11:41 +01:00
Robin Gloster
df58ed2f13
hostapd: 2.5 -> 2.6 2017-02-17 00:11:37 +01:00
Robin Gloster
f6778c8137
aircrack-ng: 1.2-rc3 -> 1.2-rc4 2017-02-17 00:11:32 +01:00
Robin Gloster
c3011fde96
neon: 0.30.1 -> 0.30.2 2017-02-17 00:11:29 +01:00
Robin Gloster
80d8b8c716
mongoc: 1.1.10 -> 1.5.4 2017-02-17 00:11:26 +01:00
Robin Gloster
9d39e8b974
imapfilter: 2.6.3 -> 2.6.10 2017-02-17 00:11:22 +01:00
Robin Gloster
4277978fb2
gsoap: 2.8.37 -> 2.8.42 2017-02-17 00:11:18 +01:00
Robin Gloster
71e8ef6e76
afflib: 3.7.6 -> 3.7.15 2017-02-17 00:11:14 +01:00
Robin Gloster
108c6d1a03
socat: 1.7.3.1 -> 1.7.3.2
fixes compatibility with openssl 1.1.0 (and libressl)
2017-02-17 00:11:03 +01:00
Robin Gloster
31ff2ac057
systemd: add patch to fix docker
843d5baf6a

"don't use the unified hierarchy for the systemd cgroup yet"

fixes #22472
2017-02-16 23:56:27 +01:00
Vladimír Čunát
6c1ba72878
kde5.khotkey: fix patch hash wrongly added in b719852 2017-02-16 22:17:51 +01:00
Vladimír Čunát
5ad81ab09c
libxml2: bugfix updates from git upstream
This should solve CVE-2016-5131 and some other bugs, but not what Suse
calls CVE-2016-9597: https://bugzilla.suse.com/show_bug.cgi?id=1017497
The bugzilla discussion seems to indicate that the CVE is referenced
incorrectly and only shows reproducing when using command-line flags
that are considered "unsafe".

CVE-2016-9318 also remains unfixed, as I consider their reasoning OK:
https://lwn.net/Alerts/714411/

/cc #22826.
2017-02-16 20:18:17 +01:00
Vladimír Čunát
524de86db0
findutils: plug a memory leak (close #22857)
Using the upstream patch directly.  It's copied in nixpkgs, because:
 - fetchpatch isn't usable at this point in bootstrapping,
 - the upstream patch creates collisions in NEWS.
2017-02-16 19:16:51 +01:00
Vladimír Čunát
e962a3c95f
Merge branch 'master' into staging 2017-02-16 19:02:37 +01:00
Daniel Peebles
19a9099eb2 Merge pull request #22869 from copumpkin/amazon-init-fix
amazon-init NixOS module: fix (I think) race condition with network
2017-02-16 12:44:49 -05:00
Vladimír Čunát
55cc7700e9
Revert "Merge: glibc: 2.24 -> 2.25"
This reverts commit 1daf2e26d2, reversing
changes made to c0c50dfcb7.

It seems this is what has been causing all the reliability problems
on Hydra.  I'm currently unable to find why it happens, so I'm forced
to revert the update for now.  Discussion: #22874.
2017-02-16 18:16:06 +01:00
Rob Vermaas
1c366b4e06
nixops: update to 1.5
(cherry picked from commit 780a38c611162c34229c9d06b09dd4ec2f8466f4)
2017-02-16 17:03:12 +00:00
Frederik Rietdijk
624cd8ae9e Merge pull request #22593 from teh/master
Update scrapy & dependencies
2017-02-16 17:27:57 +01:00
Tom Hunger
69363e9611 Move scrapy to its own module and add patch to fix broken permission code.
Scrapy is usually installed via pip where copying all permissions
makes sense. In Nix the files copied are owned by root and
readonly. As a consequence scrapy can't edit the project templates so

  scrapy startproject

fails.
2017-02-16 16:21:46 +00:00
Thomas Tuegel
7c260ad2cc Merge pull request #22813 from benley/pam-kwallet
nixos: add optional pam_kwallet5 integration
2017-02-16 10:20:47 -06:00
Dan Peebles
b172684c17 amazon-init NixOS module: fix (I think) race condition with network
The initialization code is now a systemd service that explicitly
waits for network-online, so the occasional failure I was seeing
because the `nixos-rebuild` couldn't get anything from the binary
cache should stop. I hope!
2017-02-16 16:03:58 +00:00
Nikolay Amiantov
a72dc9f3bf compton: 0.1_beta2 -> 0.1_beta2.5 2017-02-16 17:50:58 +03:00
Graham Christensen
cfbddd3ae0 Merge pull request #22867 from maurer/openssl-cve-2017-3733
openssl: 1.1.0d -> 1.1.0e for High severity CVE-2017-3733
2017-02-16 09:29:29 -05:00
Matthew Maurer
0d2ba7ef2b openssl: 1.1.0d -> 1.1.0e for High severity CVE-2017-3733 2017-02-16 09:16:41 -05:00
Nikolay Amiantov
0c81594a29 kbd service: use /dev/tty1 for systemd-vconsole-setup
Fixes #22470
2017-02-16 17:08:14 +03:00
Nikolay Amiantov
109ee2a338 kbd service: use systemd-vconsole-setup even with early setup
This way we have fonts reloaded on switches.
2017-02-16 17:08:13 +03:00
Joachim Fasting
bc2f53fd29
grsecurity: 4.9.8-201702071801 -> 4.9.10-201702152052 2017-02-16 14:51:25 +01:00
Joachim Fasting
2d643613f3
mozart: refactoring
- Append emacs to the oz wrapper's command search path rather than the
  rpath.  Previously, emacs would end up in the closure but the oz
  shell script would not be helped by it. Now a user without emacs in
  their PATH can still get the complete Oz experience (which depends
  crucially on emacs).  To build a variant without emacs, do
  mozart.override { emacs = null; }
- Patch full path to oz executable into the oz desktop item to make the
  output less reliant on the runtime PATH
- Compress .elc files to save a little bit of space
- Make it easier to extend platform support
- Inline builder.sh
- Be more specific about patching.  oz and ozc are capable of inferring
  OZHOME themselves; thus we generate wrappers only for the binary
  executable components.

Note that gmp and boost would be removed by patchelf --shrink-path; I've
no idea whether they are used somehow, so we leave them in and forego
rpath shrinking for now.
2017-02-16 14:51:08 +01:00