Commit Graph

18699 Commits

Author SHA1 Message Date
Nicolas Truessel
74fd4de956 chromium: 58.0.3029.110 -> 59.0.3071.86 2017-06-11 13:26:03 +02:00
Michael Weiss
b615c2e992 android-studio: 2.3.2.0 -> 2.3.3.0 2017-06-09 18:46:54 +02:00
Joachim F
66e82eaea8 Merge pull request #26488 from romildo/upd.jwm
jwm: 1582 -> 1594
2017-06-09 15:33:54 +01:00
Graham Christensen
7d8218a351 Merge pull request #26489 from michalpalka/xen-security
xen: patch for XSAs: 206, 211, 212, 213, 214 and 215
2017-06-09 09:31:42 -04:00
Michał Pałka
dd3dcceb23 xen: patch for XSAs: 206, 211, 212, 213, 214 and 215
XSA-206 Issue Description:

> xenstored supports transactions, such that if writes which would
> invalidate assumptions of a transaction occur, the entire transaction
> fails.  Typical response on a failed transaction is to simply retry
> the transaction until it succeeds.
>
> Unprivileged domains may issue writes to xenstore which conflict with
> transactions either of the toolstack or of backends such as the driver
> domain. Depending on the exact timing, repeated writes may cause
> transactions made by these entities to fail indefinitely.

More: https://xenbits.xen.org/xsa/advisory-206.html

XSA-211 Issue Description:

> When a graphics update command gets passed to the VGA emulator, there
> are 3 possible modes that can be used to update the display:
>
> * blank - Clears the display
> * text - Treats the display as showing text
> * graph - Treats the display as showing graphics
>
> After the display geometry gets changed (i.e., after the CIRRUS VGA
> emulation has resized the display), the VGA emulator will resize the
> console during the next update command. However, when a blank mode is
> also selected during an update, this resize doesn't happen. The resize
> will be properly handled during the next time a non-blank mode is
> selected during an update.
>
> However, other console components - such as the VNC emulation - will
> operate as though this resize had happened. When the display is
> resized to be larger than before, this can result in a heap overflow
> as console components will expect the display buffer to be larger than
> it is currently allocated.

More: https://xenbits.xen.org/xsa/advisory-211.html

XSA-212 Issue Description:

> The XSA-29 fix introduced an insufficient check on XENMEM_exchange
> input, allowing the caller to drive hypervisor memory accesses outside
> of the guest provided input/output arrays.

More: https://xenbits.xen.org/xsa/advisory-212.html

XSA-213 Issue Description:

> 64-bit PV guests typically use separate (root) page tables for their
> kernel and user modes.  Hypercalls are accessible to guest kernel
> context only, which certain hypercall handlers make assumptions on.
> The IRET hypercall (replacing the identically name CPU instruction)
> is used by guest kernels to transfer control from kernel mode to user
> mode.  If such an IRET hypercall is placed in the middle of a multicall
> batch, subsequent operations invoked by the same multicall batch may
> wrongly assume the guest to still be in kernel mode.  If one or more of
> these subsequent operations involve operations on page tables, they may
> be using the wrong root page table, confusing internal accounting.  As
> a result the guest may gain writable access to some of its page tables.

More: https://xenbits.xen.org/xsa/advisory-213.html

XSA-214 Issue Description:

> The GNTTABOP_transfer operation allows one guest to transfer a page to
> another guest.  The internal processing of this, however, does not
> include zapping the previous type of the page being transferred.  This
> makes it possible for a PV guest to transfer a page previously used as
> part of a segment descriptor table to another guest while retaining the
> "contains segment descriptors" property.
>
> If the destination guest is a PV one of different bitness, it may gain
> access to segment descriptors it is not normally allowed to have, like
> 64-bit code segments in a 32-bit PV guest.
>
> If the destination guest is a HVM one, that guest may freely alter the
> page contents and then hand the page back to the same or another PV
> guest.
>
> In either case, if the destination PV guest then inserts that page into
> one of its own descriptor tables, the page still having the designated
> type results in validation of its contents being skipped.

More: https://xenbits.xen.org/xsa/advisory-214.html

XSA-215 Issue Description:

> Under certain special conditions Xen reports an exception resulting
> from returning to guest mode not via ordinary exception entry points,
> but via a so call failsafe callback.  This callback, unlike exception
> handlers, takes 4 extra arguments on the stack (the saved data
> selectors DS, ES, FS, and GS).  Prior to placing exception or failsafe
> callback frames on the guest kernel stack, Xen checks the linear
> address range to not overlap with hypervisor space.  The range spanned
> by that check was mistakenly not covering these extra 4 slots.

More: https://xenbits.xen.org/xsa/advisory-215.html
2017-06-09 13:09:01 +00:00
romildo
44681c53d6 jwm: 1582 -> 1594 2017-06-09 09:30:20 -03:00
Vladimír Čunát
cc9a72a286
virtualboxGuestAdditions: don't install setuid/setgid 2017-06-09 13:09:21 +02:00
Frederik Rietdijk
184ab11fc9 Merge pull request #26484 from michalpalka/xen-python-fix
xen: fix pygrub by making sure it is wrapped
2017-06-09 12:45:03 +02:00
romildo
f2e075a241 mkvtoolnix: 11.0.0 -> 12.0.0 2017-06-09 12:44:17 +02:00
Joachim F
7badb92629 Merge pull request #26404 from ambrop72/kdevelop-511
kdevelop: 5.0.4 -> 5.1.1
2017-06-09 08:44:01 +01:00
Michał Pałka
965668903a xen: fix pygrub by making sure it is wrapped
Recent commit #c10af9e744c91dff1ccc07a52a0b57d1e4d339f3 changed the
behaviour of wrapPythonPrograms, which caused pygrub to no longer
being wrapped. This commit fixes this.
2017-06-09 06:22:03 +00:00
Peter Hoeg
bcf9af560a ncmpc: 0.24 -> 0.27
Upstream has moved to github as well.
2017-06-09 12:55:20 +08:00
Peter Hoeg
292f121fb2 mpc: 0.27 -> 0.28
Upstream has also moved to github
2017-06-09 12:04:58 +08:00
Jörg Thalheim
ffdfa662fc Merge pull request #26476 from romildo/upd.jetbrains
jetbrains.clion: 2017.1.1 -> 2017.1.3, jetbrains.idea-community: 2017.1.3 -> 2017.1.4, jetbrains.idea-ultimate: 2017.1.3 -> 2017.1.4
2017-06-08 21:35:24 +01:00
Tuomas Tynkkynen
97d29ffbfd nano: 2.8.3 -> 2.8.4 2017-06-08 23:13:06 +03:00
romildo
277b562324 jetbrains.idea-community: 2017.1.3 -> 2017.1.4 2017-06-08 16:57:50 -03:00
romildo
bc1f59fb4f jetbrains.idea-ultimate: 2017.1.3 -> 2017.1.4 2017-06-08 16:45:14 -03:00
romildo
b57a14810b jetbrains.clion: 2017.1.1 -> 2017.1.3 2017-06-08 15:54:51 -03:00
Rok Garbas
a0afc4f0d1 firefox-*-bin: updates (#26462)
* firefox-beta-bin: 51.0b8 -> 54.0b13

* firefox-devedition-bin: init at 54.0b14

Firefox DevEdition became a new product of Mozilla and is "repackaged"
Firefox Beta with its own release channel and six weeks release cycle as
other channels. It is no longer being built on nightly basis

* updated the update.nix script to facilitata firefox-devedition-bin

* disabling automatic updates by pointing to non existing channel

* f firefoxWrapper looks for gtk3 attribute to wrap the executable gtk3 to wrap the binary with needed ``XDG_DATA_DIRS``
2017-06-08 15:33:24 +02:00
Jörg Thalheim
340b3148c6 Merge pull request #26425 from uskudnik/idea-ultimate-minor-2017.1.3
idea.idea-ultimate: 2017.1.2 -> 2017.1.3
2017-06-08 09:32:02 +01:00
Joachim Fasting
5b5f3f542a
tor-browser-bundle-bin: 6.5.2 -> 7.0
Now requires pulseaudio for audio playback.

https://blog.torproject.org/blog/tor-browser-70-released
2017-06-07 19:08:25 +02:00
Shea Levy
5365166a5d Merge branch 'zoom-us' of git://github.com/danbst/nixpkgs 2017-06-07 12:24:42 -04:00
Urban Škudnik
df8837ccfa jetbrains.idea-ultimate: 2017.1.2 -> 2017.1.3 2017-06-07 17:17:28 +02:00
danbst
7179b01199 zoom-us: little fixes after review by @k0001 2017-06-07 17:20:00 +03:00
Jan Malakhovski
6696378911 ImageMagick: 6.9.8-6 -> 6.9.8-9 2017-06-07 15:27:03 +02:00
danbst
e9da05ee8b zoom-us: init at 2.0.91373.0502
Actually, reintroduce after removal (bb99babc5a)
and use bundled Qt.
2017-06-07 12:01:01 +03:00
Ryan Mulligan
110e03897f xterm: install desktop file and icon 2017-06-07 07:31:49 +02:00
Franz Pletz
48996dba46
gitlab: fix build, add nokogiri exception to Gemfile.lock 2017-06-07 06:55:39 +02:00
Franz Pletz
5788bd82c1
synergy: broken on darwin 2017-06-07 06:14:18 +02:00
Franz Pletz
dc1473efd3 Merge pull request #26432 from benley/synergy-1.8.8
synergy: 1.7.6 -> 1.8.8
2017-06-07 06:13:07 +02:00
Franz Pletz
e864345d37
irssi: 1.0.2 -> 1.0.3 (security)
See https://irssi.org/security/irssi_sa_2017_06.txt.
2017-06-07 05:59:28 +02:00
Benjamin Staffin
1800838364
synergy: 1.7.6 -> 1.8.8 2017-06-06 16:38:30 -04:00
Tim Steinbach
d7a5f07650 Merge pull request #26398 from NeQuissimus/git_2_13_1
git: 2.13.0 -> 2.13.1
2017-06-06 13:18:50 -04:00
Ambroz Bizjak
8f4619bb3d kdevelop: 5.0.4 -> 5.1.1
Including also a patch for bug https://bugs.kde.org/show_bug.cgi?id=379433
which is a quite annoying regression from 5.0.4. The patch is the same as
the change committed upstream.
2017-06-06 18:50:43 +02:00
José Luis Lafuente
0a280a3460
hyper: 1.3.1 -> 1.3.3 2017-06-06 14:47:35 +02:00
Jörg Thalheim
17e9420726 Merge pull request #26408 from jluttine/add-rssguard
rssguard: init at 3.4.0
2017-06-06 06:36:32 +01:00
Jörg Thalheim
85aa14fa37
rssguard: use fetchgit; wrapGAppsHook 2017-06-06 06:34:29 +01:00
Peter Hoeg
086c2efb19 syncthing: 0.14.28 -> 0.14.29 2017-06-06 10:30:52 +08:00
Franz Pletz
ddff44364f Merge pull request #26375 from midchildan/fix-virt-manager
virtmanager: Fix python import error
2017-06-06 04:17:04 +02:00
Jörg Thalheim
dffec16abd Merge pull request #26410 from kierdavis/hooks
Fix hooks not being called when overriding phases in various packages
2017-06-05 22:23:01 +01:00
Jörg Thalheim
3a40dbced2 Merge pull request #26337 from johnramsden/ipmiview
Ipmiview: 2.11.0 -> 2.12.0
2017-06-05 22:15:58 +01:00
Joachim F
d2ac9b192a Merge pull request #25435 from volth/far2l-desktop
far2l: add .desktop file
2017-06-05 19:17:26 +01:00
Jaakko Luttinen
fe53a6c17c
rssguard: init at 3.4.0 2017-06-05 21:14:29 +03:00
Kier Davis
b81124b4fb
Fix hooks not being called when overriding phases in various packages
It's necessary to do this in order to fix ckb's compilation, now that
fixupPhase rejects derivation results containing references to the temporary
build directory. It seems like good practice so I've added it to the
other packages that I maintain.
2017-06-05 19:13:19 +01:00
Joachim F
4dda105db6 Merge pull request #26370 from gnidorah/master5
rambox: 0.5.3 -> 0.5.9
2017-06-05 18:31:01 +01:00
Edward Tjörnhammar
677f194a10
kodiPlugins.steam-controller: init at 0.9.0 2017-06-05 17:19:12 +02:00
Edward Tjörnhammar
fe0b858113
kodiPlugins.joystick: init at 1.3.6 2017-06-05 17:17:57 +02:00
Edward Tjörnhammar
4f410bfc8d
kodiPlugins.advanced-emulator-launcher: init at 0.9.6 2017-06-05 17:17:57 +02:00
Edward Tjörnhammar
513e66e310
kodiPlugins: move build funs to common 2017-06-05 17:17:57 +02:00
midchildan
7060a692c5
virtmanager: Fix python import error 2017-06-05 23:42:25 +09:00