Since firefox 58.0.1 the google api key is now stored at an absolute
path ($TMPDIR/ga). Since variable expansion in `configureFlags` does not
really work (as expected) the build started failing when using the
legacy firefox build system. With the newer `./mach` based builds
firefox reads the configure flags from `.mozconfig` instead.
This commit moves the `with-google-api-keyfile=` setting into the
`preConfigure` phase where we can properly expand `$TMPDIR` into
whatever the path is.
As stated by Sylvestre Ledru (@sylvestre) on Nov 22, 2017 at
https://github.com/NixOS/nixpkgs/issues/31843#issuecomment-346372756 we
have permission to use the official firefox branding.
Fur purposes of documentation the statement of @sylvestre:
> As the person who did part of the work described in the LWN article
> and release manager working for Mozilla, I can confirm the statement
> that I made in
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815006
>
> @garbas shared with me the list of patches applied for the Nix package.
> As they are just for portability and tiny modifications, they don't
> alter the experience of the product. In parallel, Rok also shared the
> build options. They seem good (even if I cannot judge the quality of the
> packaging of the underlying dependencies like sqlite, png, etc).
> Therefor, as long as you keep the patch queue sane and you don't alter
> the experience of Firefox users, you won't have any issues using the
> official branding.
Upstream changes without issue IDs:
* GUI: fixed occasional screen corruption when host screen resolution
is changed
* User interface: increase proposed disk size when creating new VMs for
Windows 7 and newer
* User interface: various improvements for high resolution screens
* VMM: Fixed problems using 256MB VRAM in raw-mode VMs
* Audio: implemented support for audio playback and recording for macOS
guests
* Audio: further timing improvements for Windows 10 guests
* Linux hosts: fixed problem accessing mini-toolbar under XFCE
The full changelog including issue IDs can be found at:
https://www.virtualbox.org/wiki/Changelog#v6
What was not mentioned in the changelog is that this release fixes
compiling the VirtualBox modules against kernel 4.15, which was added in
commit 61043ad4d1.
Tested this by running all of the tests in nixos/tests/virtualbox.nix.
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @flokli, @svanderburg
This is already tracked in upstream issue mumble-voip/mumble#3281 and a
fix has been merged in mumble-voip/mumble@caa187373e.
The patch I'm adding here is using the merged commit
mumble-voip/mumble@ea861fe867 and I've
only added it for the stable release because the patch is already
included in the git version.
@pbogdan also had a similar commit to this
(pbogdan/nixpkgs@8029edea29), but the
patch was applied to both stable and git and thus the git version would
have been broken.
Tested by building mumble and mumble_git and running the mumble NixOS VM
test.
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @viric, @jgeerds, @abbradar
Fixes: #33655
The CVE patches weren't previously applied because they depend on the
enableCopyDevicesPatch parameter. The naming of the patches attribute in
base.nix was misleading.
The new rsync release now really fixes:
* CVE-2017-15994
* CVE-2017-16548
* CVE-2017-17433
* CVE-2017-17434
