This patch adds the luakit browser. It has to be build using lua5.1, I
tried 5.2 but I couldn't run luakit due to a runtime error with it.
It also uses gtk3 here, override to use gtk2, which should also work.
Suggested-by: Benno Fünfstück <benno.fuenfstueck@gmail.com>
We're propagating the plugin flags by importing from another Nix
expression file, which in turn exports the Nix path to the wrapper. This
causes that the store path isn't referenced in the wrapper and the path
isn't recognized by scanning the wrapper script (only those already
referenced at build time are).
So let's add the activated plugins to the buildInputs of the wrapper.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This brings a new stable version 40.0.2214.91 along with a beta update
to version 41.0.2272.16, the dev channel is still stuck at version
41.0.2272.12 and within the next days will jump to version 42.
For this reason, I've done some cheating here and brought the beta
channel in par with the dev channel, because dev is older than beta on
OmahaProxy.
Here's an overview of the channel upgrades:
stable: 39.0.2171.65 -> 40.0.2214.91 [1]
beta: 40.0.2214.10 -> 41.0.2272.16 [1] [2] [3]
dev: 41.0.2224.3 -> 41.0.2272.16 [1] [2] [3]
[1]: We needed to patch in locations of lib{pci,udev}.so, because
Chromium tries to load them at runtime. For version 41 startup will
fail if it is unable to load libudev, but it also has the advantage
that this fixes GPU detection using libpci in the stable version,
which in turn could fix a few bugs on NixOS.
[2]: The upstream Debian package for the binary plugins now uses XZ
compression for the enclosed data tarball.
[3]: Chromium 41 needs {shapshot,natives}_blob.bin in order to start up,
so let's cp it among with the .pak files to avoid adding a
conditional for version 40.
The release annoucement of the stable channel update can be found here:
http://googlechromereleases.blogspot.de/2015/01/stable-update.html
Note that this release contains 62 security fixes(!) and I'm hereby
apologizing for the delay of this update.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This adds enhanced-ctorrent (ctorrent) which is a CLI-based bittorrent
client written in C++. It is very fast for those times when one wants to
simply add a torrent quick'n'dirty-style.
Writing the gid_map is already non-fatal, but the actual sandbox process
still tries to setresgid() to nogroup (usually 65534). This however
fails, because if user namespace sandboxing is present, the namespace
doesn't have CAP_SETGID at this point.
Fortunately, the effective GID is already 65534, so we just need to
check whether the target gid matches and only(!) setresgid() if it
doesn't.
So if someone would run a SUID version of the sandbox, it would still
work nonetheless without a negative impact on security.
Fixes#5730, thanks to @wizeman for reporting and initial debugging.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The following vulnerabilities have been fixed.
- wnpa-sec-2015-01
The WCCP dissector could crash. (Bug 10720, Bug 10806) CVE-2015-0559,
CVE-2015-0560
- wnpa-sec-2015-02
The LPP dissector could crash. (Bug 10773) CVE-2015-0561
- wnpa-sec-2015-03
The DEC DNA Routing Protocol dissector could crash. (Bug 10724) CVE-2015-0562
- wnpa-sec-2015-04
The SMTP dissector could crash. (Bug 10823) CVE-2015-0563
- wnpa-sec-2015-05
Wireshark could crash while decypting TLS/SSL sessions. Discovered by Noam
Rathaus. CVE-2015-0564
See more at https://www.wireshark.org/docs/relnotes/wireshark-1.12.3.html
This add profanity and dependencies and a few cleanups from me for the
profanity package expression.
Thanks to @devhell and apologies for pestering him with my nitpicking.
* Commit summary:
profanity: Add option for autoAwaySupport.
profanity: Clean up package expression file.
profanity: Add libnotifySupport config option
all-packages: Add libnotify option to profanity
profanity: Add "platforms" meta information
profanity: Add libXScrnSaver and libX11 buildInputs
libstrophe: Add "platforms" meta information
libstrophe: Fix typo
profanity: Add profanity, a ncurses XMPP client
libstrophe: Add new package
Actually, two dependencies used for notifySupport are for
autoAwaySupport and have nothing to do with notifications, so let's
split them apart.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
No real changes in functionality, other than renaming libnotifySupport
to just notifySupport.
I've wrapped the lines to a maximum of 80 characters in width, so the
file looks less cluttered up. Which includes setting apart the attribute
for notifySupport and its respective dependencies from the main
dependencies.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Originally I had in mind to introduce an attribute like "enableGPG", but
it seems that other distro include it per default, so I guess most users
coming from other distros would expect it that way. And so it is now.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This is more of an attempt rather than a real fix (or maybe it is? let's
see) for the corrupted .pyc files during build. I believe the reason we
get these are likely due to several instances of the Python interpreter
that run in parallel and one of these processes might still be writing
the .pyc file.
So, rather than deleting all .pyc files, we now precompile then in order
to avoid any build process trying to generate any .pyc file.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This commit includes a patch to telepathy's derivation, written by
Lethalman. This patch makes public the Telepathy's dependency to
dbus_glib. This patch will become problematic with the next pkgconfig
upgrade but this upgrade should make the patch irrelevant. See these 2
links for more information:
- https://bugs.freedesktop.org/show_bug.cgi?id=15199
- https://bugzilla.redhat.com/show_bug.cgi?id=436773
Modified by Luca Bruno:
- Moved telepathy_idle to propagatedUserEnvPkgs
- Added myself to maintainers
- Enable parallel building
This update is necessary due to API changes in libtoxcore. Sad to say that
the recent stable version doesn't work with our libtoxcore. We need to
update to the recent dev version.
As from now qtox depends on openalSoft instead of openal. This is due to
incompatibilities between those to two implementations. Anyway, this
should be okay because their official debian package depends on
openalSoft as well.