Commit Graph

87577 Commits

Author SHA1 Message Date
Frederik Rietdijk
70046019d9 guitarix: use python2 2017-02-10 09:35:10 +01:00
Vladimír Čunát
5efc5a4ede
pydb, libclc: fixup eval after pinning to python2 2017-02-09 08:52:22 +01:00
Vladimír Čunát
6bea415b5e
Merge branch 'master' into staging 2017-02-09 08:42:04 +01:00
Vladimír Čunát
4bf9f8afc3
Merge #22578: mesa: add enableRadv ? false
There's no hash change in default settings.
2017-02-09 08:03:34 +01:00
Graham Christensen
19f23d00fd
ntfs3g: patch for CVE-2017-0358
From the Debian advisory:

Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write
NTFS driver for FUSE, does not scrub the environment before executing
modprobe with elevated privileges. A local user can take advantage of
this flaw for local root privilege escalation.
2017-02-08 22:12:10 -05:00
John Ericson
e74ec9d84f Merge pull request #22575 from Ericson2314/localSystem
top-level: Allow nixpkgs to take localSystem directly
2017-02-08 22:10:49 -05:00
John Ericson
8cd4c31d6b top-level: Allow nixpkgs to take localSystem directly
This is instead of both system and platform, which is kind of ugly.
2017-02-08 22:06:57 -05:00
Graham Christensen
77e920d874
spice: Patch for CVE-2016-9577, CVE-2016-9578
From the Red Hat advisory:

* A vulnerability was discovered in spice in the server's protocol
  handling. An authenticated attacker could send crafted messages to
  the spice server causing a heap overflow leading to a crash or
  possible code execution. (CVE-2016-9577)

* A vulnerability was discovered in spice in the server's protocol
  handling. An attacker able to connect to the spice server could send
  crafted messages which would cause the process to crash.
  (CVE-2016-9578)
2017-02-08 22:03:11 -05:00
Graham Christensen
379144f54b
salt: 2016.3.3 -> 2016.11.2 for multiple CVEs
From the Arch Linux advisory:

- CVE-2017-5192 (arbitrary code execution): The
  `LocalClient.cmd_batch()` method client does not accept
  `external_auth` credentials and so access to it from salt-api has
  been removed for now. This vulnerability allows code execution for
  already- authenticated users and is only in effect when running
  salt-api as the `root` user.

- CVE-2017-5200 (arbitrary command execution): Salt-api allows
  arbitrary command execution on a salt-master via Salt's ssh_client.
  Users of Salt-API and salt-ssh could execute a command on the salt
  master via a hole when both systems were enabled.
2017-02-08 21:24:10 -05:00
David McFarland
4ab604b6b8 mesa: add enableRadv 2017-02-08 22:15:03 -04:00
Graham Christensen
e01278b2de Merge pull request #22573 from nlewo/master
rabbitmq: 3.5.8 -> 3.6.6
2017-02-08 20:00:59 -05:00
Tuomas Tynkkynen
05605b41d8 autofs: Some cleanup
The --with-openldap and --with-sasl flags passed here are actually wrong
as they don't point to the dev outputs of the packages. Anyway, autoconf
recognizes the packages as they are in buildInputs.

getBin is generally not needed - binaries can always be referred as
${foo}/bin/bar regardless of whether the package is multiple-output.

meta.version is unnecessary.
2017-02-09 02:50:48 +02:00
Dan Peebles
3e7dffd2b3 pythonPackages.twitter-common-*: add meta
I'd like to share the common meta fields across all of them but it didn't
seem worth it.
2017-02-08 18:24:59 -05:00
Antoine Eiche
b2e7b4b0d7 rabbitmq: 3.5.8 -> 3.6.6
Fix CVE-2015-8786.
2017-02-09 00:12:49 +01:00
Franz Pletz
4494b18fe4
electricsheep: 2.7b33-598d93d90 -> 2.7b33-2017-02-04
Also some cleanups like removed unused buildInputs.
2017-02-08 23:51:02 +01:00
Franz Pletz
6d0806d061
pythonPackages.searx: 0.10.0 -> 0.11.0 2017-02-08 23:51:02 +01:00
Franz Pletz
2ae5b82cb7
pythonPackages.pysocks: 1.5.7 -> 1.6.6 2017-02-08 23:51:01 +01:00
Franz Pletz
603ca4be35
pythonPackages.lxml: 3.7.0 -> 3.7.2 2017-02-08 23:51:01 +01:00
Franz Pletz
de82ce901e
pythonPackages.flask: 0.11.1 -> 0.12 2017-02-08 23:51:00 +01:00
Franz Pletz
4bb27d8622
pythonPackages.ndg-httpsclient: 0.4.0 -> 0.4.2 2017-02-08 23:51:00 +01:00
Franz Pletz
7bb81a5a7b
pythonPackages.certifi: 2016.2.28 -> 2017.1.23 2017-02-08 23:51:00 +01:00
Franz Pletz
dced724c00
linux_3_18: remove due to EOL 2017-02-08 23:50:59 +01:00
Dan Peebles
554bfea26f pythonPackages.pex: add meta 2017-02-08 15:22:05 -05:00
Dan Peebles
e012e12402 pythonPackages.pathspec: add meta 2017-02-08 15:10:49 -05:00
Frederik Rietdijk
b846a53d2a python34: 3.4.5 -> 3.4.6 2017-02-08 20:48:14 +01:00
Frederik Rietdijk
939f426906 python35: 3.5.2 -> 3.5.3 2017-02-08 20:48:14 +01:00
Dan Peebles
825ef235ba pythonPackages.pants: fix typo in license 2017-02-08 14:46:05 -05:00
Dan Peebles
84542bb6f4 pythonPackages.pants: add meta 2017-02-08 14:43:12 -05:00
Dan Peebles
4fef9bf857 pythonPackages.ansicolors: add meta 2017-02-08 14:05:13 -05:00
Frederik Rietdijk
923793f99a xpf: use python2 2017-02-08 19:58:00 +01:00
Frederik Rietdijk
392a57b568 qpid-cpp: use python2 2017-02-08 19:54:52 +01:00
Frederik Rietdijk
4d51b6cda5 pydb: use python2 2017-02-08 19:53:23 +01:00
Frederik Rietdijk
a805b1206d mapnik: use python2
because python3 is not yet supported.
2017-02-08 19:51:11 +01:00
Frederik Rietdijk
bce69c9cec librepo: use python2
python3 support is experimental. Let's wait with changing.
2017-02-08 19:48:21 +01:00
Frederik Rietdijk
0673e7b38a libpsl: use python2 2017-02-08 19:44:52 +01:00
Frederik Rietdijk
b469952348 liberation_ttf_from_source: use python2 2017-02-08 19:41:22 +01:00
Frederik Rietdijk
b620ad24be libctemplate: use python2 2017-02-08 19:38:53 +01:00
Frederik Rietdijk
e7395434db pythonPackages.libclc: use python2 2017-02-08 19:38:03 +01:00
Frederik Rietdijk
576740f7f2 i3minator: fix for python3
Fixes for when changing to Python 3. Haven't tested the program though.
2017-02-08 19:36:05 +01:00
Nikolay Amiantov
1900f22760 jre_headless: add alias 2017-02-08 21:35:58 +03:00
Frederik Rietdijk
c558a5d46c hexchat: use python2 2017-02-08 19:31:35 +01:00
Frederik Rietdijk
d452487db7 libimobiledevice: use python2
because python 3 isn't supported yet.
2017-02-08 19:27:50 +01:00
Rok Garbas
17f14c893b Merge pull request #22528 from garbas/fix-networkmanager-openvpn
updating networkmanager and friends
2017-02-08 17:44:23 +01:00
Andrew Cann
3082647e74 trezord: init at 1.2.0 (#22054) 2017-02-08 17:18:22 +01:00
Graham Christensen
ae02508c2a Merge pull request #22555 from peterhoeg/u/wavpack
wavpack: 4.80.0 -> 5.1.0
2017-02-08 10:02:03 -05:00
Moritz Ulrich
827009adb2
digikam5: 5.3.0 -> 5.4.0 2017-02-08 15:41:33 +01:00
Moritz Ulrich
403eb76cc1
rawtherapee: 5.0 -> 5.0-r1 2017-02-08 15:41:32 +01:00
Peter Hoeg
5eaec77732 wavpack: 4.80.0 -> 5.1.0 2017-02-08 22:41:24 +08:00
Nikolay Amiantov
45368ed49d haskellPackages.typed-process: disable tests
Networking is required for them.
2017-02-08 17:39:55 +03:00
Graham Christensen
afd59811a1
gstreamer-*: 1.10.2 -> 1.10.3 for multiple CVEs
gst-plugins-bad:
From the Arch Linux advisory:
 - CVE-2017-5843 (arbitrary code execution): A double-free issue has
 been found in gstreamer before 1.10.3, in
 gst_mxf_demux_update_essence_tracks.

- CVE-2017-5848 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in gst_ps_demux_parse_psm.
More: https://lwn.net/Vulnerabilities/713772/

gst-plugins-base:
From the Arch Linux advisory:

- CVE-2017-5837 (denial of service): A floating point exception issue
  has been found in gstreamer before 1.10.3, in
  gst_riff_create_audio_caps.

- CVE-2017-5839 (denial of service): An endless recursion issue
  leading to stack overflow has been found in gstreamer before 1.10.3,
  in gst_riff_create_audio_caps.

- CVE-2017-5842 (arbitrary code execution): An off-by-one write has
  been found in gstreamer before 1.10.3, in
  html_context_handle_element.

- CVE-2017-5844 (denial of service): A floating point exception issue
  has been found in gstreamer before 1.10.3, in
  gst_riff_create_audio_caps.
More: https://lwn.net/Vulnerabilities/713773/

gst-plugins-good:
From the Arch Linux advisory:

- CVE-2016-10198 (denial of service): An invalid memory read flaw has
  been found in gstreamer before 1.10.3, in
  gst_aac_parse_sink_setcaps.

- CVE-2016-10199 (denial of service): An out of bounds read has been
  found in gstreamer before 1.10.3, in qtdemux_tag_add_str_full.

- CVE-2017-5840 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in qtdemux_parse_samples.

- CVE-2017-5841 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in gst_avi_demux_parse_ncdt.

- CVE-2017-5845 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in gst_avi_demux_parse_ncdt.
More: https://lwn.net/Vulnerabilities/713774/

gst-plugins-ugly:
From the Arch Linux advisory:

- CVE-2017-5846 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in
  gst_asf_demux_process_ext_stream_props.

- CVE-2017-5847 (denial of service): An out-of-bounds read has been
  found in gstreamer before 1.10.3, in
  gst_asf_demux_process_ext_content_desc.
More: https://lwn.net/Vulnerabilities/713775/

gstreamer:
From the Arch Linux advisory:

An out of bounds read has been found in gstreamer before 1.10.3, in
gst_date_time_new_from_iso8601_string.
More: https://lwn.net/Vulnerabilities/713776/
2017-02-08 08:30:23 -05:00