Commit Graph

100610 Commits

Author SHA1 Message Date
Vladimír Čunát
4d18d3bd87
Revert "python-requests2: use system-wide CA bundle"
This reverts commit 768c970c8d.
Moved to staging, as it causes ~16k rebuilds.
2017-02-09 17:24:36 +01:00
Daniel Peebles
7439fe083f Merge pull request #22297 from nand0p/buildbot-0.9.3
buildbot: 0.9.0.post1 -> 0.9.3
2017-02-09 11:15:03 -05:00
Franz Pletz
9dec33dc4f
linux: 4.9.8 -> 4.9.9 2017-02-09 16:27:29 +01:00
Franz Pletz
9d8248517e
linux: 4.4.47 -> 4.4.48 2017-02-09 16:27:16 +01:00
Joachim Fasting
3d9017602b
grsecurity: overrideDerivation -> overrideAttrs 2017-02-09 16:23:06 +01:00
Joachim Fasting
28b5cc7dca
grsecurity test: adapt to changes in tinycc outputs 2017-02-09 16:23:04 +01:00
Joachim Fasting
a9c347b9e3
tinycc: 20160525 -> 20170108
Per
https://www.mail-archive.com/tinycc-devel@nongnu.org/msg07274.html
http://repo.or.cz/tinycc.git/commit/77d7ea04acb56f839031993c102366e30cad5c25
onward ought to be fairly stable.
2017-02-09 16:22:57 +01:00
Herwig Hochleitner
ae33b4673d wine: 1.8.6 -> 2.0 2017-02-09 16:20:49 +01:00
Fernando J Pando
6fc34fd48a treq: init 16.12.1
Tested on NixOS unstable
2017-02-09 10:10:51 -05:00
Fernando J Pando
487229654e incremental: init 16.10.1
Tested on NixOS unstable
2017-02-09 10:08:32 -05:00
Peter Hoeg
7c435a82ce dropbox: works with qt 5.6 2017-02-09 15:49:27 +01:00
Emery Hemingway
9cd3e57cc6
obname: 1.20.2 -> 1.21 2017-02-09 15:45:04 +01:00
mingchuan
c86b781c08 opencc: 1.0.4 -> 1.0.5 (#22516) 2017-02-09 15:35:17 +01:00
Peter Hoeg
d58a20aa67 dropbox: 18.4.32 -> 19.4.13 (#22545) 2017-02-09 15:29:42 +01:00
Peter Simons
768c970c8d python-requests2: use system-wide CA bundle rather than our own
This allows the library to interact gracefully with additional certificates
users might have configured in /etc/ssl/certs/ca-certificates.crt via NixOS.
2017-02-09 15:19:36 +01:00
Stefan Siegl
f800a4b197 tomboy: init at 1.15.7 (#22589) 2017-02-09 14:17:35 +00:00
Michael Raskin
5f3fa24a20 cygwin-iso: fix the most obvious parts of bit rot
Still doesn't build though. Is anyone still using it?
2017-02-09 15:07:38 +01:00
Peter Hoeg
60cae1c173 syncthing: 0.14.21 -> 0.14.23 2017-02-09 14:51:47 +01:00
Franz Pletz
92d2d74c40
astroid: 0.6 -> 0.7, use wrapGAppsHook
cc @bdimcheff #22559
2017-02-09 14:44:04 +01:00
Brandon Dimcheff
c517e54328 astroid: fix crash due to missing icons
Astroid was unable to run in a pure environment because it couldn't find
the necessary icons.  This fixes that issue, and was tested with
`nix-shell --pure`
2017-02-09 14:42:17 +01:00
Pradeep Chhetri
72af039a4d wuzz: 2017-02-05 -> 2017-02-09 2017-02-09 14:36:20 +01:00
Frederik Rietdijk
10eb16038c Merge pull request #22564 from mdaiter/cudnn_hash_fix
cudnn51_cudatoolkit80: hash change
2017-02-09 13:43:07 +01:00
Graham Christensen
4b6692a510
graphicsmagick: patch for CVE-2016-9830 2017-02-09 07:21:07 -05:00
Franz Pletz
bfee52a967
epiphany: 3.22.5 -> 3.22.6 for security issue
From https://bugzilla.gnome.org/show_bug.cgi?id=752738:

  The page http://whatever.com has access to saved passwords of
  https://whatever.com. This was a very bad idea: it makes it easy to
  intercept passwords stored on secure websites, especially since we
  don't require any user interaction to fill in the password.

No CVE has been assigned as of now.

cc #22549
2017-02-09 12:18:04 +01:00
Jörg Thalheim
f3c6acde1e Merge pull request #22572 from Mic92/dwarfdump
dwarfdump: init at 20161124
2017-02-09 12:00:18 +01:00
Jörg Thalheim
e72857bae1 Merge pull request #22576 from andrewthad/elasticsearch_2_classpath
set elasticsearch classpath to nix store
2017-02-09 11:35:14 +01:00
Pradeep Chhetri
60246cedc5 terraform: 0.8.5 -> 0.8.6 (#22584) 2017-02-09 10:23:25 +00:00
Franz Pletz
6820e74ff0 Merge pull request #22583 from DerTim1/asterisk
asterisk: 14.1.2 -> 14.2.1, add speex
2017-02-09 11:21:18 +01:00
Rahul Gopinath
a4d952178c mlterm: 3.7.2 -> 3.8.0 2017-02-09 11:20:46 +01:00
Peter Simons
055ab6ba74 Merge pull request #21589 from NixOS/ghc-split-sections
GHC 8.0.2: use -split-sections
2017-02-09 11:17:31 +01:00
Franz Pletz
da5eaa3c21
bind: 9.10.4-P5 -> 9.10.4-P6 for CVE-2017-3135
See https://kb.isc.org/article/AA-01453.

cc #22549
2017-02-09 10:44:16 +01:00
Mica Semrick
c06b6d9446 gimp: 2.8.18 -> 2.8.20 2017-02-09 10:32:25 +01:00
Vladimír Čunát
333e36eca0
pythonPackages.gst-python: fix hash after afd59811a1
/cc #22549.
2017-02-09 09:40:36 +01:00
Pascal Wittmann
5de04f6d55 Revert "ocaml-lablgl: use camlp5"
This reverts commit 7a6aac9076.
2017-02-09 09:14:51 +01:00
Pascal Wittmann
b6cc6bd088 yodl: 3.08.01 -> 3.08.02 2017-02-09 09:11:28 +01:00
Michael Raskin
386ecdcb4d rtmpdump: 2015-01-15 -> 2015-12-30 2017-02-09 08:45:12 +01:00
Tim Digel
d8da56984b asterisk: 14.1.2 -> 14.2.1 2017-02-09 08:29:09 +01:00
Tim Digel
3053e07caa asterisk: add speex codec 2017-02-09 08:29:09 +01:00
Vladimír Čunát
4bf9f8afc3
Merge #22578: mesa: add enableRadv ? false
There's no hash change in default settings.
2017-02-09 08:03:34 +01:00
Graham Christensen
19f23d00fd
ntfs3g: patch for CVE-2017-0358
From the Debian advisory:

Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write
NTFS driver for FUSE, does not scrub the environment before executing
modprobe with elevated privileges. A local user can take advantage of
this flaw for local root privilege escalation.
2017-02-08 22:12:10 -05:00
John Ericson
e74ec9d84f Merge pull request #22575 from Ericson2314/localSystem
top-level: Allow nixpkgs to take localSystem directly
2017-02-08 22:10:49 -05:00
John Ericson
8cd4c31d6b top-level: Allow nixpkgs to take localSystem directly
This is instead of both system and platform, which is kind of ugly.
2017-02-08 22:06:57 -05:00
Graham Christensen
77e920d874
spice: Patch for CVE-2016-9577, CVE-2016-9578
From the Red Hat advisory:

* A vulnerability was discovered in spice in the server's protocol
  handling. An authenticated attacker could send crafted messages to
  the spice server causing a heap overflow leading to a crash or
  possible code execution. (CVE-2016-9577)

* A vulnerability was discovered in spice in the server's protocol
  handling. An attacker able to connect to the spice server could send
  crafted messages which would cause the process to crash.
  (CVE-2016-9578)
2017-02-08 22:03:11 -05:00
Graham Christensen
379144f54b
salt: 2016.3.3 -> 2016.11.2 for multiple CVEs
From the Arch Linux advisory:

- CVE-2017-5192 (arbitrary code execution): The
  `LocalClient.cmd_batch()` method client does not accept
  `external_auth` credentials and so access to it from salt-api has
  been removed for now. This vulnerability allows code execution for
  already- authenticated users and is only in effect when running
  salt-api as the `root` user.

- CVE-2017-5200 (arbitrary command execution): Salt-api allows
  arbitrary command execution on a salt-master via Salt's ssh_client.
  Users of Salt-API and salt-ssh could execute a command on the salt
  master via a hole when both systems were enabled.
2017-02-08 21:24:10 -05:00
David McFarland
4ab604b6b8 mesa: add enableRadv 2017-02-08 22:15:03 -04:00
Graham Christensen
e01278b2de Merge pull request #22573 from nlewo/master
rabbitmq: 3.5.8 -> 3.6.6
2017-02-08 20:00:59 -05:00
Tuomas Tynkkynen
05605b41d8 autofs: Some cleanup
The --with-openldap and --with-sasl flags passed here are actually wrong
as they don't point to the dev outputs of the packages. Anyway, autoconf
recognizes the packages as they are in buildInputs.

getBin is generally not needed - binaries can always be referred as
${foo}/bin/bar regardless of whether the package is multiple-output.

meta.version is unnecessary.
2017-02-09 02:50:48 +02:00
Andrew Martin
02bbf843be set elasticsearch classpath to nix store 2017-02-08 19:24:00 -05:00
Dan Peebles
3e7dffd2b3 pythonPackages.twitter-common-*: add meta
I'd like to share the common meta fields across all of them but it didn't
seem worth it.
2017-02-08 18:24:59 -05:00
Antoine Eiche
b2e7b4b0d7 rabbitmq: 3.5.8 -> 3.6.6
Fix CVE-2015-8786.
2017-02-09 00:12:49 +01:00