Thomas Gerbet
cadcf608b5
jasper: 2.0.26 -> 2.0.28
...
Fixes CVE-2021-3443.
Release notes:
https://github.com/jasper-software/jasper/releases/tag/version-2.0.27
https://github.com/jasper-software/jasper/releases/tag/version-2.0.28
2021-04-10 09:32:11 +02:00
AndersonTorres
3d15fa8ae6
jasper: init at 2.0.26
2021-03-13 17:06:30 -03:00
David Anderson
3a38cef8f9
jasper: remove, abandoned upstream.
...
Jasper has been marked insecure for a while, and upstream has not
been responsive to CVEs for over a year.
Fixes #55388 .
Signed-off-by: David Anderson <dave@natulte.net>
2020-09-09 18:29:42 +00:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs
2020-04-10 17:54:53 +01:00
c0bw3b
a0d335ff39
jasper: mark as vulnerable
...
Many memory issues remain unfixed or partially fixed:
CVE-2018-18873 CVE-2018-19539 CVE-2018-19540 CVE-2018-19541
CVE-2018-9252 CVE-2018-19542 CVE-2018-19543 CVE-2018-20570
CVE-2018-20584 CVE-2018-20622 CVE-2018-9252
Debian/Ubuntu, OpenSuSE and Gentoo removed it entirely. See:
https://github.com/mdadams/jasper/issues/208
2019-11-20 19:46:15 +01:00
volth
46420bbaa3
treewide: name -> pname (easy cases) ( #66585 )
...
treewide replacement of
stdenv.mkDerivation rec {
name = "*-${version}";
version = "*";
to pname
2019-08-15 13:41:18 +01:00
Pascal Wittmann
96e93d6fa0
japser: 2.0.14 -> 2.0.16
2019-03-15 11:59:17 +01:00
Markus Kowalewski
b13ab27360
jasper: add license
2018-11-01 23:27:14 +01:00
John Ericson
db965063b3
treewide: Make configureFlags lists
2018-08-03 17:06:03 -04:00
Jan Malakhovski
7438083a4d
tree-wide: disable doCheck
and doInstallCheck
where it fails (the trivial part)
2018-04-25 04:18:46 +00:00
Pascal Wittmann
1ca71377f3
jasper: include cve name in patch for auto-detection in vulnix
2018-04-21 15:32:41 +02:00
Pascal Wittmann
bbbbbbc349
jasper: add patch to fix CVE-2018-9055
...
Part of vulnerability roundup 39 (issue #38993 )
2018-04-17 15:01:26 +02:00
Pascal Wittmann
3cd6c76ae6
jasper: 2.0.13 -> 2.0.14
2017-11-10 21:47:21 +01:00
Pascal Wittmann
fcf205024a
jasper: 2.0.12 -> 2.0.13, fixes CVE-2017-6850
2017-06-14 20:16:28 +02:00
ndowens
6c17ad677c
jasper: 2.0.10 -> 2.0.12
2017-03-26 08:20:27 -04:00
Graham Christensen
18e2639924
jasper: 2.0.6 -> 2.0.10 for null pointer dereference
2017-01-11 20:11:30 -05:00
Graham Christensen
eb7ea181f1
jasper: 1.900.28 -> 2.0.6
2016-12-15 17:17:57 -05:00
Graham Christensen
1eb545df05
jasper: 1.900.21 -> 1.900.28
2016-11-16 22:06:02 -05:00
Franz Pletz
624de33091
jasper: 1.900.2 -> 1.900.21 (security)
...
Incorporates fixes from all patches for the CVEs listed and some more
security-related issues like:
http://www.openwall.com/lists/oss-security/2016/11/04/11
2016-11-06 03:19:46 +01:00
Graham Christensen
0dd1381451
jasper: 1.900.1 -> 1.900.2
2016-10-05 20:36:51 -04:00
Graham Christensen
3a59a84715
jasper: Apply patches for CVES
2016-09-27 08:51:57 -04:00
Tuomas Tynkkynen
a17216af4c
treewide: Shuffle outputs
...
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
Tuomas Tynkkynen
21f17d69f6
treewide: Add lots of meta.platforms
...
Build-tested on x86_64 Linux & Mac.
2016-08-02 21:42:43 +03:00
Vladimír Čunát
09af15654f
Merge master into closure-size
...
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
Graham Christensen
77134ea4a5
jasper: patch for CVE-2016-1867
2016-02-27 14:48:29 -06:00
Vladimír Čunát
8c811ea13a
jasper: fixup
2015-10-03 14:37:07 +02:00
Vladimír Čunát
5227fb1dd5
Merge commit staging+systemd into closure-size
...
Many non-conflict problems weren't (fully) resolved in this commit yet.
2015-10-03 13:33:37 +02:00
Vladimír Čunát
88c9f8b574
xlibs: replace occurrences by xorg
...
This seems to have been confusing people, using both xlibs and xorg, etc.
- Avoided renaming local (and different) xlibs binding in gcc*.
- Fixed cases where both xorg and xlibs were used.
Hopefully everything still works as before.
2015-09-15 12:54:34 +02:00
Vladimír Čunát
bf414c9d4f
Merge 'staging' into closure-size
...
- there were many easy merge conflicts
- cc-wrapper needed nontrivial changes
Many other problems might've been created by interaction of the branches,
but stdenv and a few other packages build fine now.
2015-04-18 11:22:20 +02:00
Domen Kožar
eaeef0377f
jasper: CVE-2014-8157, CVE-2014-8158, fixes #6114
2015-02-04 11:37:49 +01:00
James Cook
1b5c9c24de
jasper: Patch for CVE-2014-8138 via RedHat.
2014-12-21 14:38:00 -08:00
James Cook
951ac10ae1
jasper: Patch for CVE-2014-8137 via RedHat.
2014-12-21 14:36:29 -08:00
James Cook
90162e7dbd
jasper: Patch for CVE-2014-9029 via RedHat.
...
Also update homepage.
2014-12-21 14:26:53 -08:00
Vladimír Čunát
8da52a642a
Merge branch 'staging' into v/modular
...
Conflicts (easy):
pkgs/development/interpreters/perl/5.10/setup-hook.sh
pkgs/development/interpreters/perl/5.8/setup-hook.sh
pkgs/development/libraries/gtk+/2.x.nix
2014-08-31 12:23:18 +02:00
Vladimír Čunát
abbc93f783
WIP: getting better
2014-08-30 19:11:52 +02:00
Bjørn Forsman
c9baba9212
Fix many package descriptions
...
(My OCD kicked in today...)
Remove repeated package names, capitalize first word, remove trailing
periods and move overlong descriptions to longDescription.
I also simplified some descriptions as well, when they were particularly
long or technical, often based on Arch Linux' package descriptions.
I've tried to stay away from generated expressions (and I think I
succeeded).
Some specifics worth mentioning:
* cron, has "Vixie Cron" in its description. The "Vixie" part is not
mentioned anywhere else. I kept it in a parenthesis at the end of the
description.
* ctags description started with "Exuberant Ctags ...", and the
"exuberant" part is not mentioned elsewhere. Kept it in a parenthesis
at the end of description.
* nix has the description "The Nix Deployment System". Since that
doesn't really say much what it is/does (especially after removing
the package name!), I changed that to "Powerful package manager that
makes package management reliable and reproducible" (borrowed from
nixos.org).
* Tons of "GNU Foo, Foo is a [the important bits]" descriptions
is changed to just [the important bits]. If the package name doesn't
contain GNU I don't think it's needed to say it in the description
either.
2014-08-24 22:31:37 +02:00
Eelco Dolstra
cb3fc2c902
libjpeg, jasper: Split into multiple outputs
2013-06-11 13:45:35 +02:00
Eelco Dolstra
ab3eeabfed
Rename buildNativeInputs -> nativeBuildInputs
...
Likewise for propagatedBuildNativeInputs, etc. "buildNativeInputs"
sounds like an imperative rather than a noun phrase.
2012-12-28 19:20:09 +01:00
Yury G. Kudryashov
81b4eef864
jasper: propagate libjpeg, kopete: remove 'fix'
...
svn path=/nixpkgs/trunk/; revision=31595
2012-01-16 17:36:59 +00:00
Eelco Dolstra
4af55f9dc8
* Jasper needs an explicit --enable-shared.
...
svn path=/nixpkgs/branches/stdenv-updates/; revision=15236
2009-04-22 07:05:09 +00:00
Eelco Dolstra
94d7d1fdbb
* Got rid of all --disable-static flags; they're redundant now.
...
* Also a bunch of style cleanups (tabs, with args, ...).
svn path=/nixpkgs/branches/stdenv-updates/; revision=15235
2009-04-21 23:18:09 +00:00
Eelco Dolstra
bec9f4b0c3
* JasPer: build without OpenGL/X support - it's only used to build a
...
trivial example program (a barebones image viewer), but it gives
everybody else a dependency on Mesa ;-)
svn path=/nixpkgs/trunk/; revision=14633
2009-03-20 16:27:32 +00:00
Yury G. Kudryashov
296936ed73
Added JasPer JPEG 2000 library
...
svn path=/nixpkgs/trunk/; revision=10335
2008-01-28 19:41:03 +00:00