Commit Graph

308 Commits

Author SHA1 Message Date
Franz Pletz
2709079569 postgresql: security updates for all versions
Fixes CVE-2016-5423 and CVE-2016-5424.

See https://www.postgresql.org/about/news/1688/.
2016-08-16 18:35:22 +02:00
Dan Peebles
ccd16f87d5 mariadb: re-enable jemalloc on darwin and fix impurity
CMake in its usual infinite wisdom searches all over the system for java
and finds the host OSX java and JNI headers. It then decides to build the
connector and fails later on because we didn't actually tell Nix that we
wanted java in scope. So instead, we just tell CMake that we don't want
the jdbc connector. I believe it does the same with GSS, so I disable
that stuff too. None of this should affect Linux, but let me know if it
does somheow.
2016-08-14 15:08:23 -04:00
Vladimír Čunát
1c9307d348 mariadb on Darwin: another attempt to fix
Adding jemalloc to buildInputs didn't work out a97df891,
as jemalloc doesn't build correctly on Darwin ATM.
2016-08-13 09:03:33 +02:00
Vladimír Čunát
a97df891fe mariadb: use jemalloc on every platform
It seems to be failing to configure without it on Darwin:
http://hydra.nixos.org/build/38440660/nixlog/1/raw
This doesn't cause a rebuild on Linux platforms.
2016-08-11 19:25:51 +02:00
Vladimír Čunát
6f5c6fb6a1 mariadb: remove darwin patch that no longer applies
Hopefully it isn't needed anymore.
2016-08-10 22:07:33 +02:00
Vladimír Čunát
b94559dc7f mariadb: make the attribute point to the full build
It will create least surprises. Only those who want to go light
have to choose.
2016-08-07 22:44:57 +02:00
Vladimír Čunát
9a072482e6 mariadb: completely separate a server-less build
libmysqlclient is all that most closures need; now it's smaller and
quick to build. For cases that need a server (via executable or lib),
there's a full build for now; later it could be slimmed by removing the
client stuff.
2016-08-07 20:46:36 +02:00
Tuomas Tynkkynen
21f17d69f6 treewide: Add lots of meta.platforms
Build-tested on x86_64 Linux & Mac.
2016-08-02 21:42:43 +03:00
Tuomas Tynkkynen
2258b21e4b treewide: Add lots of platforms to packages with no meta
Build-tested on x86_64 Linux and on Darwin.
2016-08-02 21:17:44 +03:00
Franz Pletz
8605d76f17 Revert "mariadb: 10.1.9 -> 10.1.16 (security)"
This reverts commit 55bd6da9fb.

Fixes #17340.
2016-07-28 22:31:43 +02:00
Franz Pletz
55bd6da9fb mariadb: 10.1.9 -> 10.1.16 (security) 2016-07-28 06:56:14 +02:00
Franz Pletz
975d33e640 mysql51: remove, not maintained anymore 2016-07-28 06:56:13 +02:00
Graham Christensen
f4d5d6e73e mysql: 5.5.49 -> 5.5.50 for CVEs (#17160)
Problems include buffer overflows, null pointer dereferences, and
other bugfixes.

 - CVE-2016-3477
 - CVE-2016-3521
 - CVE-2016-3615
 - CVE-2016-5440

Details:
https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-50.html
2016-07-23 01:13:28 +02:00
Matthias Beyer
0ac6b862ac postgresql: 9.5.1 -> 9.5.3, potentially fixes CVE-2016-2193, CVE-2016-3065 2016-05-31 15:51:23 +02:00
Matthias Beyer
c5ab5b7750 postgresql94: 9.4.6 -> 9.4.7 2016-05-31 15:51:22 +02:00
Matthias Beyer
f62bd73225 postgresql93: 9.3.11 -> 9.3.12 2016-05-31 15:51:22 +02:00
Matthias Beyer
fe5e3c2e59 postgresql92: 9.2.15 -> 9.2.16 2016-05-31 15:51:22 +02:00
Matthias Beyer
8b5c712648 postgresql91: 9.1.20 -> 9.1.21 2016-05-31 15:51:22 +02:00
Vladimír Čunát
81039713fa Merge branch 'master' into staging
... to get the systemd update (rebuilding ~7k jobs).
2016-05-26 16:50:22 +02:00
Tobias Geerinckx-Rice
fd0a4c3910
mysql55: 5.5.48 -> 5.5.49
Should fix CVE-2016-0666, -0648, -0647, -0643, and -0642. CC @vcunat.
2016-05-24 15:00:49 +02:00
Vladimír Čunát
c4661e9643 Merge: make dev output references explicit
This is a rebase of most commits from #14766,
resolving conflicts and a few other evaluation problems.
2016-05-22 12:09:23 +02:00
Vladimír Čunát
019e9a9aa6 Merge #15421: mariadb: wrap mysqld with --basedir 2016-05-20 10:50:13 +02:00
Tuomas Tynkkynen
8d473f107c treewide: Make explicit that 'dev' output of readline is used 2016-05-19 10:03:35 +02:00
Tuomas Tynkkynen
2a73de6e6c treewide: Make explicit that 'dev' output of openssl is used 2016-05-19 10:02:23 +02:00
Sebastián Bernardo Galkin
edaecb41db
postgis: fix build after output splits
Fixes #15236

Two changes were needed:

- pg_config from postgresql package wasn't reporting the correct location for
the pgxs extension system, after the output split
- json_c is now split in dev and out outputs, postgis configure doesn't find the
library location properly

Closes #15470
2016-05-15 11:49:59 +02:00
Phil Wetzel
6ce89e174f mariadb: wrap mysqld with --basedir 2016-05-12 18:22:53 -04:00
Robin Gloster
9820cb1bf2 use dontBuild instead of hacks
changes:
 * buildPhase = "true"
 * buildPhase = ":"
2016-05-04 10:11:04 +00:00
Arseniy Seroka
0b3827d04a Merge pull request #14772 from cleverca22/mariadb
mariadb: fix arm builds
2016-04-17 22:16:24 +03:00
Dan Peebles
5ced92f83b mariadb: fix build on darwin
My simplistic test seemed to work just fine, so I assume the
install_name_tool shenanigans became unnecessary at some point.
2016-04-17 14:49:25 -04:00
michael bishop
437468d5ea
mariadb: fix arm builds 2016-04-17 00:40:10 -03:00
Vladimír Čunát
d1df28f8e5 Merge 'staging' into closure-size
This is mainly to get the update of bootstrap tools.
Otherwise there were mysterious segfaults:
https://github.com/NixOS/nixpkgs/pull/7701#issuecomment-203389817
2016-04-07 14:40:51 +02:00
Vladimír Čunát
ab15a62c68 Merge branch 'master' into closure-size
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
Domen Kožar
b07e7bfc7b Merge remote-tracking branch 'origin/staging' 2016-03-27 13:19:04 +01:00
Eelco Dolstra
523f4f2f69 mariadb: Disable parallel building again
It still fails intermittently on lex_token.h.

http://hydra.nixos.org/build/33571559
2016-03-23 20:11:07 +01:00
Johannes Bornhold
67b1acd989 mysql55: Allow to build on darwin 2016-03-18 14:23:14 +01:00
Graham Christensen
dbf41ebee7 mysql_jdbc: 5.1.32 -> 5.1.38 2016-03-14 20:16:30 -05:00
Thomas Tuegel
3ef7671cea ncurses: combine $lib and $out outputs
The $lib output refers to the terminfo database in $out, which is about
10x larger than the ncurses shared library. Splitting these outputs
saves a small amount of space for any derivations that use the terminfo
database but not the ncurses library, but we do not have evidence that
any such exist.
2016-03-08 11:35:24 -06:00
Vladimír Čunát
09af15654f Merge master into closure-size
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
Graham Christensen
0a2c3ec971 mysql: 5.5.45 -> 5.5.48 for multiple CVEs: CVE-2015-4792 CVE-2015-4802 CVE-2015-4815 CVE-2015-4816 CVE-2015-4819 CVE-2015-4826 CVE-2015-4830 CVE-2015-4836 CVE-2015-4858 CVE-2015-4861 CVE-2015-4870 CVE-2015-4879 CVE-2015-4913 2016-02-27 15:31:52 -06:00
Vladimír Čunát
d039c87984 Merge branch 'master' into closure-size 2016-02-14 08:33:51 +01:00
Eelco Dolstra
5e6962ff2e postgresql: Update to 9.5.1, 9.4.6, 9.3.11, 9.2.15, 9.1.20 2016-02-12 13:20:11 +01:00
Eelco Dolstra
0140591eab postgresql: Remove EOL 9.0 branch 2016-02-12 13:20:11 +01:00
Tuomas Tynkkynen
8eb5d7d037 treewide: Mass replace 'ncurses}/lib' to refer the 'lib' output 2016-01-24 10:03:38 +02:00
Vladimír Čunát
716aac2519 Merge branch 'staging' into closure-size 2016-01-19 09:55:31 +01:00
Tom Burdick
2c23a311cd postgresql: (94 -> 95)
Updates postgresql to its latest versions
2016-01-08 10:13:01 -06:00
Luca Bruno
5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
Ryan Trinkle
5729cf7714 mariadb: 10.1.8 -> 10.1.9
Fixes build on darwin; might be related to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777996;msg=2
2015-12-07 13:21:25 -05:00
Luca Bruno
e289717414 rename moveToOutput and propagatedBuildInputs 2015-12-02 10:05:36 +01:00
Luca Bruno
a412927924 Merge remote-tracking branch 'origin/master' into closure-size 2015-11-25 21:37:30 +01:00
Vladimír Čunát
333d69a5f0 Merge staging into closure-size
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00