Thomas Tuegel
4f2e7a0424
Separate Qt 5 packages from dependent libraries
2017-02-27 11:49:04 -06:00
Vladimír Čunát
78e4f9d8d7
libevent: split _openssl into a separate output
...
... to save ~3.4 MB of openssl from the default closure.
2017-02-27 18:18:39 +01:00
Shea Levy
fa84ad2593
gusb: 0.2.4 -> 0.2.9
2017-02-27 08:30:20 -05:00
Shea Levy
0c2f96a81f
appstream-glib: propagate gtk3
2017-02-27 08:29:58 -05:00
Graham Christensen
ba78819782
Merge pull request #23225 from joachifm/webkitgtk24x-broken
...
webkitgtk24x: mark as insecure
2017-02-27 07:13:54 -05:00
Bjørn Forsman
3d104ab2b3
gst-plugins-base: align attrname with pkgname
2017-02-27 12:16:26 +01:00
Bjørn Forsman
9e21b2c5e9
gst-python: align attrname with pkgname
2017-02-27 12:16:26 +01:00
Edward Tjörnhammar
5e44b5e299
protobuf3_2: init at 3.2
2017-02-27 10:52:21 +01:00
Bart Brouns
90690e71b0
fftw: 3.3.5 -> 3.3.6-pl1 ( #23226 )
2017-02-27 09:22:32 +01:00
Joachim Fasting
442b589b71
webkitgtk24x: mark as insecure
...
See https://github.com/NixOS/nixpkgs/issues/18312
2017-02-26 22:52:07 +01:00
Bjørn Forsman
392331ad58
pythonPackages.gst-python: fix source hash
...
Commit 5e937b173d
("gstreamer: 1.10.3 -> 1.10.4 for multiple CVEs") bumped the version but not
the hash.
2017-02-26 21:28:41 +01:00
Franz Pletz
8fcd1a063e
faac: fix build with glibc-2.25
...
Use patches from Arch to really build against the provided external
mp4v2 library.
2017-02-26 19:09:29 +01:00
Franz Pletz
5e937b173d
gstreamer: 1.10.3 -> 1.10.4 for multiple CVEs
...
See https://gstreamer.freedesktop.org/releases/1.10/#1.10.4 .
Fixes:
* CVE-2017-5847
* CVE-2017-5848
cc #23072
2017-02-26 18:08:42 +01:00
Thomas Tuegel
0ed156a216
Merge pull request #22977 from ttuegel/triage-kde4
...
Remove KDE 4 desktop packages
2017-02-25 12:21:44 -06:00
Jonathan Rudenberg
a6dffeecfa
libcec: 3.1.0 -> 4.0.2
2017-02-25 08:53:31 +01:00
Thomas Tuegel
16d22f1536
Remove kde4.liblikeback
...
- No longer used
2017-02-24 16:49:05 -06:00
Thomas Tuegel
82a5ddd4c3
Remove kde4.libkvkontakte
...
- No longer used
2017-02-24 16:49:05 -06:00
Thomas Tuegel
314a4de1ee
Remove kde4.libktorrent
...
- Already updated to KDE 5 in Nixpkgs
2017-02-24 16:49:05 -06:00
Thomas Tuegel
33e62902a0
Remove kde4.libalkimia
...
- No longer used
2017-02-24 16:49:05 -06:00
Thomas Tuegel
9af7f6b9d4
Remove kde4.kdenlive and dependencies
...
- Already updated to KDE 5 in Nixpkgs
2017-02-24 16:49:03 -06:00
Thomas Tuegel
9be791656f
Remove kde4.plasma-nm and its dependencies
...
- Already updated to KDE 5 in Nixpkgs
- Not useful without the KDE 4 desktop
2017-02-24 16:49:01 -06:00
Thomas Tuegel
0757d49800
Remove kde4.kdevelop
...
- Already updated to KDE 5 in Nixpkgs
2017-02-24 16:48:32 -06:00
Joachim F
5abcebe9bf
Merge pull request #23131 from ljli/wlc-update
...
wlc: 0.0.5 -> 0.0.8
2017-02-24 19:23:28 +01:00
Joachim F
5502efb782
Merge pull request #23138 from leenaars/quickd
...
quickder: 1.0-RC1 -> 1.0-RC2
2017-02-24 18:54:13 +01:00
Graham Christensen
30cea5f022
libplist: mark as insecure
...
Patches currently available don't seem to apply.
2017-02-24 07:41:11 -05:00
Michiel Leenaars
29d6460084
quickder: 1.0-RC1 -> 1.0-RC2
2017-02-24 10:02:13 +01:00
Leon Isenberg
1eaf76ac7a
wlc: 0.0.5 -> 0.0.8
2017-02-24 06:58:19 +01:00
Graham Christensen
59d61ef34a
Revert "nixpkgs: allow packages to be marked insecure"
2017-02-23 09:41:42 -05:00
Graham Christensen
037c489b10
Merge pull request #22890 from grahamc/mark-as-insecure
...
nixpkgs: allow packages to be marked insecure
2017-02-23 07:12:18 -05:00
Graham Christensen
c8859b7264
libplist: mark as insecure
...
Patches currently available don't seem to apply.
2017-02-22 21:09:14 -05:00
Jörg Thalheim
ceac00d82b
mp4v2: 1.9.1p4 -> 2.0.0
2017-02-23 01:47:45 +01:00
Vladimír Čunát
f5eea8ba1d
libevent: apply security patches from Debian
...
/cc #23072 . As with curl, it's nontrivial rebuild but security...
https://lwn.net/Alerts/714571/
2017-02-22 19:00:04 +01:00
Vladimír Čunát
145d3ea81c
Merge branch 'master' into staging
2017-02-22 17:47:49 +01:00
Vladimír Čunát
d6cff5783e
gnutls: drop -lunistring on Darwin as well
...
I didn't intend this substitution to be conditional; I looked wrong.
2017-02-22 17:44:06 +01:00
Vladimír Čunát
a04849502d
fstrm: init at 0.3.1
2017-02-22 15:03:21 +01:00
Asumu Takikawa
85fb29bb49
ndpi: init at 1.8
2017-02-22 00:20:10 -08:00
Vladimír Čunát
4b7215368a
glibc: fixup libm.a
...
Now it's not an actual archive but a linker script, and the absolute
paths in there were broken due to moving *.a into $static.
Let's fix this up in all *.a in case there are more in future.
2017-02-21 14:19:07 +01:00
Matthias C. M. Troffaes
88cc35f1f4
wolfssl: 3.9.10b -> 3.10.3
2017-02-21 09:42:32 +01:00
David James
85fba54bc6
Attempt to update RocksDB to 5.1.2.
2017-02-20 21:50:30 -05:00
Vladimír Čunát
e688bbbee4
libunistring: split into multiple outputs
...
Saves ~1 MB. Through default gnutls, many closures are affected.
Reverse deps seem to build OK.
2017-02-21 00:39:22 +01:00
Vladimír Čunát
b17eb34203
gnutls: don't propagate -lunistring
...
This fixes systemd build. Also put it into the generic expression,
as there's only one version in nixpkgs ATM.
2017-02-20 23:21:28 +01:00
Vladimír Čunát
3ba1875743
mesa: maintenance 13.0.4 -> 13.0.5
...
I'm being conservative here until 17.0.1 is released.
2017-02-20 21:53:03 +01:00
Vladimír Čunát
9458018a87
dbus: 1.10.14 -> 1.10.16
...
It's for "security" issue that's considered unexploitable with a sane
config.
2017-02-20 21:38:24 +01:00
Vladimír Čunát
dbae14164b
glib: maintenance 2.50.2 -> 2.50.3
2017-02-20 21:33:03 +01:00
Vladimír Čunát
4339dca980
gdk-pixbuf: maintenance 2.36.4 -> 2.36.5
2017-02-20 21:31:41 +01:00
Vladimír Čunát
62c323bdff
gtk3: maintenance 3.22.7 -> 3.22.8
2017-02-20 21:30:12 +01:00
Vladimír Čunát
5a38ab8add
Merge branch 'master' into staging
2017-02-20 21:24:35 +01:00
Vladimír Čunát
292efffb62
libuv: 1.10.1 -> 1.11.0
...
And a nitpick in the expression.
2017-02-20 21:23:47 +01:00
Vladimír Čunát
2cb76ff1ff
Merge branch 'glibc-2.25' into staging
...
The largest problem-causers should be fixed now (within).
2017-02-20 21:18:48 +01:00
Vladimír Čunát
09d02f72f6
Re-revert "Merge: glibc: 2.24 -> 2.25"
...
This reverts commit 55cc7700e9
.
I hope most problems have been solved. /cc #22874 .
2017-02-20 21:16:41 +01:00
Vladimír Čunát
0ff2179e0f
gnutls: use 3.5 and remove 3.4
...
3.4 branch detects support for getrandom() call during configure-time,
which gets picked up since glibc-2.25, and consequently it will fail
with older kernels during rutime.
2017-02-20 21:07:35 +01:00
Robin Gloster
dcba6eae1b
Merge pull request #22116 from LnL7/darwin-cmus
...
cmus: fix darwin
2017-02-20 13:02:30 +01:00
aszlig
c5b2714bc7
dbus: Put DTDs into $out instead of $doc
...
First of all, these "documents" are not really documentation, so it
really doesn't make much sense to put it into $doc.
The main point however is that the installer tests are failing since
this was introduced in ac0cdc1952
.
One way to circumvent this is putting dbus.doc into
system.extraDependencies of the installer tests, but given the first
point this sounds a bit odd to me.
So I went for the second way of putting it into $out, because it's now
basically necessary to build a NixOS system.
With this the NixOS installer tests should now work again, although I
have only tested this with the installer.simple test.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @abbradar
2017-02-20 03:24:38 +01:00
aszlig
fc6684054d
make-dbus-conf: Use libxslt.bin instead of .dev
...
The problem with using libxslt as buildInputs is that the dev output is
used for building the dbus config.
This is one of the reasons why the installer tests are failing since
ac0cdc1952
, because the tests do not have
libxslt.dev in their closure and really shouldn't.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @abbradar
2017-02-20 03:24:34 +01:00
aszlig
edce2b759c
make-dbus-conf: Don't try to access network
...
This is the output of the builder:
building path(s) `/nix/store/khkcfb8433i9mabb6wnb8ik6p9skg644-dbus-1'
error : connection refused
error : connection refused
However, even when using --nonet we'd still get this:
I/O error : Attempt to load network entity
http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd
So in order to avoid this, we now provide an XML catalog file, mapping
the public URLs to the local DTD paths inside the store instead of using
--path (which doesn't seem to work with xsltproc).
Tested this by comparing the SHA256 (nix-hash --type sha256) of the
output path generated by:
nix-build -E '(import ./. {}).makeDBusConf {
suidHelper = "SUIDHELPER";
serviceDirectories = [ "SERVICEDIR1" "SERVICEDIR1" ];
}'
... with the SHA256 of the generated output path prior to this commit
and they have the same hash:
6f3f9594b12fddbff9407b85252b6f649da11f56b7fd514f761966c11399a7ab
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @abbradar
2017-02-20 03:24:26 +01:00
Benjamin Saunders
bfdfd6c3df
vulkan-loader: fix search paths in suid processes
...
Fixes #22990
2017-02-20 01:39:48 +03:00
Michael Raskin
febda39df3
qca2: 2.1.1 -> 2.1.3
2017-02-19 18:38:10 +01:00
Michele Guerini Rocco
1ae9b50a77
vapoursynth: disable OCR by default ( #22943 )
2017-02-19 02:11:08 +01:00
rushmorem
3f09f8fa4d
czmq: v3.0.2 -> v4.0.2
2017-02-18 23:54:50 +02:00
rushmorem
467f7d3f6c
zmq: v4.2.0 -> v4.2.2
2017-02-18 22:52:02 +02:00
Vladimír Čunát
432dba859e
Merge branch 'staging'
...
A security update of libxml2 is within.
2017-02-18 08:59:29 +01:00
Vladimír Čunát
714eabc5af
guile rev-deps: fix build by adding pkgconfig
...
Without it packages fail to find the headers, after guile has split
them into a separate output in 218713a
.
2017-02-18 08:23:07 +01:00
Thomas Tuegel
580bdde06c
kde5.frameworks: update instructions
2017-02-17 11:48:14 -06:00
Nikolay Amiantov
8ecd5c4019
Merge pull request #22864 from abbradar/dbus-etc
...
Redo DBus configuration
2017-02-17 11:47:51 +03:00
David Terry
90d225db76
microsoft_gsl: init at 2017-02-13
2017-02-17 02:14:12 +01:00
Robin Gloster
101d90d18b
libzrtpcpp: remove
2017-02-17 00:14:15 +01:00
Robin Gloster
449c895f31
podofo: 0.9.4 -> 0.9.5
2017-02-17 00:14:01 +01:00
Robin Gloster
54018c8f63
xmlsec: 1.2.20 -> 1.2.23
2017-02-17 00:13:45 +01:00
Robin Gloster
5063a8099b
serf: 1.3.7 -> 1.3.9
2017-02-17 00:13:32 +01:00
Robin Gloster
9593049e06
pkcs11helper: 1.11 -> 1.21
2017-02-17 00:13:18 +01:00
Robin Gloster
22bea837f4
tcltls: 1.6 -> 1.6.7
2017-02-17 00:12:12 +01:00
Robin Gloster
c3011fde96
neon: 0.30.1 -> 0.30.2
2017-02-17 00:11:29 +01:00
Robin Gloster
80d8b8c716
mongoc: 1.1.10 -> 1.5.4
2017-02-17 00:11:26 +01:00
Robin Gloster
4277978fb2
gsoap: 2.8.37 -> 2.8.42
2017-02-17 00:11:18 +01:00
Robin Gloster
71e8ef6e76
afflib: 3.7.6 -> 3.7.15
2017-02-17 00:11:14 +01:00
Lluís Batlle i Rossell
0c42efd9d7
SDL2: fix creation of libSDL2main.a
...
It's required by a trigger rally update I will commit next.
And other games use that too.
2017-02-16 22:24:40 +01:00
Vladimír Čunát
5ad81ab09c
libxml2: bugfix updates from git upstream
...
This should solve CVE-2016-5131 and some other bugs, but not what Suse
calls CVE-2016-9597: https://bugzilla.suse.com/show_bug.cgi?id=1017497
The bugzilla discussion seems to indicate that the CVE is referenced
incorrectly and only shows reproducing when using command-line flags
that are considered "unsafe".
CVE-2016-9318 also remains unfixed, as I consider their reasoning OK:
https://lwn.net/Alerts/714411/
/cc #22826 .
2017-02-16 20:18:17 +01:00
Vladimír Čunát
e962a3c95f
Merge branch 'master' into staging
2017-02-16 19:02:37 +01:00
Vladimír Čunát
55cc7700e9
Revert "Merge: glibc: 2.24 -> 2.25"
...
This reverts commit 1daf2e26d2
, reversing
changes made to c0c50dfcb7
.
It seems this is what has been causing all the reliability problems
on Hydra. I'm currently unable to find why it happens, so I'm forced
to revert the update for now. Discussion: #22874 .
2017-02-16 18:16:06 +01:00
Graham Christensen
cfbddd3ae0
Merge pull request #22867 from maurer/openssl-cve-2017-3733
...
openssl: 1.1.0d -> 1.1.0e for High severity CVE-2017-3733
2017-02-16 09:29:29 -05:00
Matthew Maurer
0d2ba7ef2b
openssl: 1.1.0d -> 1.1.0e for High severity CVE-2017-3733
2017-02-16 09:16:41 -05:00
Graham Christensen
52026edf98
Merge pull request #22839 from ilya-kolpakov/master
...
boost: 1.63.0 (not default)
2017-02-16 07:42:40 -05:00
Nikolay Amiantov
3e23ec4450
makeDBusConf: init
...
Use XSLT transform to modify stock dbus configuration file. This is needed
because some dbus components doesn't support <include> so we need to put our
core configuration in the main file.
2017-02-16 15:41:23 +03:00
Nikolay Amiantov
300c9a6c3d
dbus: use /etc as datadir, install dtd
2017-02-16 15:41:23 +03:00
Graham Christensen
7943dc8978
Merge pull request #22843 from bendlas/update-webkitgtk
...
webkitgtk212x: remove
2017-02-15 21:28:35 -05:00
Tuomas Tynkkynen
da1f93f445
mesa: Remove obsolete patching
...
The code we're patching was removed in 2015:
http://comments.gmane.org/gmane.comp.video.mesa3d.devel/102524
2017-02-16 01:29:42 +02:00
Tuomas Tynkkynen
4d54324f7c
mesa: 13.0.4 -> 17.0.0
...
Also enable the etnaviv driver on ARM, which got added in this release
(and I've confirmed that it can run glmark2 relatively successfully).
2017-02-16 01:29:42 +02:00
Jascha Geerds
900fc49013
Merge pull request #22775 from peterhoeg/u/qtox
...
tox clients and libraries updates
2017-02-15 23:05:14 +01:00
Vladimír Čunát
7832806e20
fontconfig: fixup fragile build after ab5fe171a
...
Sometimes it might fail due to timestamps suggesting some files needed
regenerating and failing to find gperf. Now it should be OK, I hope.
2017-02-15 21:06:27 +01:00
Herwig Hochleitner
54e3fad0f4
webkitgtk212x: remove
...
2.12 isn't maintained anymore and superseded by the (compatible) 2.14
2017-02-15 20:29:05 +01:00
Franz Pletz
eda8ee2830
Merge pull request #22752 from LumiGuide/syslog-ng-3.9.1
...
syslog-ng: 3.6.2 -> 3.9.1
2017-02-15 20:12:02 +01:00
Herwig Hochleitner
2640c87fb9
webkitgtk: 2.14.4 -> 2.14.5
2017-02-15 20:10:56 +01:00
Ilya Kolpakov
6d8235210d
boost: 1.63.0 (not default)
2017-02-15 18:29:39 +01:00
Peter Simons
d583e013e1
Merge pull request #22825 from areina/add-catalan-to-aspell
...
aspell-dict-ca: init at 2.1.5-1
2017-02-15 17:47:44 +01:00
Peter Simons
9e0867586c
Merge pull request #21396 from laMudri/stdlib-v0.13
...
AgdaStdlib: v0.12 -> v0.13
2017-02-15 13:03:50 +01:00
Franz Pletz
1e65d0b9e9
gnutls: 3.5.8 -> 3.5.9
...
Bugfix release.
2017-02-15 09:35:28 +01:00
Franz Pletz
07309d740a
webkitgtk: 2.14.3 -> 2.14.4 for multiple CVEs
...
Fixes:
* CVE-2017-2350
* CVE-2017-2354
* CVE-2017-2355
* CVE-2017-2356
* CVE-2017-2362
* CVE-2017-2363
* CVE-2017-2364
* CVE-2017-2365
* CVE-2017-2366
* CVE-2017-2369
* CVE-2017-2371
* CVE-2017-2373
See https://webkitgtk.org/security/WSA-2017-0002.html .
2017-02-15 09:35:28 +01:00
Franz Pletz
e8af5dcd8e
ffmpeg: 3.2.2 -> 3.2.4 for multiple CVEs
...
Fixes CVE-2017-5024 & CVE-2017-5025.
See https://ffmpeg.org/security.html .
2017-02-15 09:35:28 +01:00
Franz Pletz
d2426f0aa8
ffmpeg: 3.1.6 -> 3.1.7 for multiple CVEs
...
Fixes CVE-2017-5024 & CVE-2017-5025.
See https://ffmpeg.org/security.html .
2017-02-15 09:35:27 +01:00
Franz Pletz
78f59f1223
ffmpeg: 2.8.10 -> 2.8.11 for multiple CVEs
...
Fixes CVE-2017-5024 & CVE-2017-5025.
See https://ffmpeg.org/security.html .
2017-02-15 09:35:27 +01:00