Related:
- 9fc5e7e473
- 593e11fd94
- 508ae42a0f
Since the last time I ran this script, the Repology API changed, so I had to
adapt the script used in the previous PR. The new API should be more robust, so
overall this is a positive (no more grepping the error messages for our relevant
data but just a nice json structure).
Here's the new script I used:
```sh
curl https://repology.org/api/v1/repository/nix_unstable/problems \
| jq -r '.[] | select(.type == "homepage_permanent_https_redirect") | .data | "s@\(.url)@\(.target)@"' \
| sort | uniq | tee script.sed
find -name '*.nix' | xargs -P4 -- sed -f script.sed -i
```
I will also add this script to `maintainers/scripts`.
* treewide: http -> https sources
This updates the source urls of all top-level packages from http to
https where possible.
* buildtorrent: fix url and tab -> spaces
* pkgs: refactor needless quoting of homepage meta attribute
A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.
* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit
* Fixed some instances
Security fixes:
- Message printout was vulnerable to format string injection
- dropbearconvert import of OpenSSH keys could run arbitrary code
as the local dropbearconvert user when parsing malicious key
files
- dbclient could run arbitrary code as the local dbclient user if
particular -m or -c arguments are provided
- dbclient or dropbear server could expose process memory to the
running user if compiled with DEBUG_TRACE and running with -v
Fixes:
- Fix port forwarding failure when connecting to domains that have
both IPv4 and IPv6 addresses. The bug was introduced in 2015.68
- Fix 100% CPU use while waiting for rekey to complete
Known changes:
- Fix crash when forwarded TCP connections fail to connect
(bug introduced in 2015.68)
- Avoid hang on session close when multiple sessions are started,
affects Qt Creator
- Reduce per-channel memory consumption in common case, increase default
channel limit from 100 to 1000 which should improve SOCKS forwarding
for modern webpages
- Handle multiple command line arguments in a single flag
- Manpage improvements
- Build fixes for Android
- Don't display the MOTD when an explicit command is run
- Check curve25519 shared secret isn't zero
I made it statically build by default
I had to fix the zlib static cross-build, because the native stripping corrupted the target
static library. It is not the first time I see this.
I add drobear to the cross-built packages for hydra.
svn path=/nixpkgs/trunk/; revision=20518