JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
109,552 Commits 2 Branches 0 Tags 13 GiB
7cfd1c8c1b
Commit Graph

95459 Commits

Author SHA1 Message Date
Franz Pletz
5e2df7039d
libmicrohttpd: 0.9.53 -> 0.9.55 2017-06-22 01:34:18 +02:00
Franz Pletz
0977c17f83
sqlite3: 3.19.2 -> 3.19.3 2017-06-22 01:33:55 +02:00
mimadrid
4d93d257f7 sqlite3: 3.17.0 -> 3.19.2 2017-06-22 01:24:31 +02:00
Franz Pletz
2296bf394e
glibc: patch CVE-2017-1000366 (stack clash) 2017-06-22 00:44:35 +02:00
Franz Pletz
aab71b31d5
linux: patch CVE-2017-1000364 (stack clash) 2017-06-22 00:44:28 +02:00
Franz Pletz
16aa92305b
exim: patch CVE-2017-1000369 (stack clash) 2017-06-22 00:44:05 +02:00
Franz Pletz
6a850d2b11
coreutils: fix tests depending on setuid/setgid bits 2017-06-22 00:41:53 +02:00
Franz Pletz
4150f5e8ba
cc-wrapper: add stackcheck hardening (stack clash) 
This fixes the Stack Clash issue rediscovered by Qualys. See
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
for more information on the topic, specifically section III.

We don't have the kernel mitigation available because it is a Grsecurity
feature which we don't support anymore. Other distributions like Gentoo
Hardened and Arch already have `-fstack-check` enabled by default.

See the Gentoo page on Stack Clash for more information on this solution:
https://wiki.gentoo.org/wiki/Hardened/Gentoo_Hardened_and_Stack_Clash

This unfortunately doesn't apply to clang because `-fstack-check` is a
noop there. Note that the GCC implementation also has problems that could
be exploited to circumvent these checks but it is still better than
keeping it disabled.
 2017-06-22 00:41:53 +02:00
Franz Pletz
6338c50a84
Merge branch 'master' into staging 2017-06-22 00:41:25 +02:00
Franz Pletz
29a485a8cd
libev: 4.22 -> 4.24 2017-06-22 00:38:44 +02:00
Franz Pletz
5389caab83
utillinux: 2.29.2 -> 2.30 2017-06-22 00:38:44 +02:00
Franz Pletz
dd3f2e648a
linux_hardened_copperhead: init at 4.11.6.c 2017-06-21 23:49:00 +02:00
Franz Pletz
febe37a24a
webkitgtk: 2.16.3 -> 2.16.4 for multiple CVEs 
Fixes:

  * CVE-2017-2538
  * CVE-2017-2424

See https://webkitgtk.org/security/WSA-2017-0005.html
 2017-06-21 23:49:00 +02:00
Daiderd Jordan
7469eb9fed
stress: enable on darwin 2017-06-21 23:26:43 +02:00
Michael Raskin
bc47794ab5 quicklispPackages: update 
Escape things by default in derivation names (i.e. digit cannot be the
first character etc.)

Update Quicklisp (tracking upstream); list new missing dependencies

Add some minimal README about ql-to-nix
 2017-06-21 22:17:48 +02:00
Jörg Thalheim
e89e96a755 linux_4_11: renable CONFIG_UPROBE_EVENTS 
CONFIG_UPROBE_EVENT was renamed to CONFIG_UPROBE_EVENTS.
 2017-06-21 17:16:46 +01:00
Domen Kožar
be4a4ef701
hydra: 2017-04-26 -> 2017-06-21 2017-06-21 15:30:02 +02:00
Franz Pletz
cfdb9769ce
unrar: 5.4.5 -> 5.5.5 (security) 
Fixes arbitrary memory write.

See https://bugs.chromium.org/p/project-zero/issues/detail?id=1286
 2017-06-21 14:38:26 +02:00
Domen Kožar
f237eeb6a8
moreutils: address comment on 14a320ace8 2017-06-21 13:44:17 +02:00
Franz Pletz
5521b542a2
openvpn: 2.4.2 -> 2.4.3 
See https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243

Fixed:

  * CVE-2017-7508
  * CVE-2017-7520
  * CVE-2017-7521
  * CVE-2017-7512
  * CVE-2017-7522
 2017-06-21 13:36:10 +02:00
Tim Steinbach
f1ea37c1b4 Merge pull request #26735 from NeQuissimus/minikube_0_19_1 
minikube: 0.19.0 -> 0.19.1
 2017-06-21 07:31:29 -04:00
Jörg Thalheim
d3ceaccb42 nerdtree-git-plugin: init at 2017-03-12 2017-06-21 10:23:21 +01:00
Jörg Thalheim
a3f054d8ad
dino: 2017-06-13 -> 2017-06-21 2017-06-21 09:42:46 +01:00
Peter Hoeg
b8297ff08a bundler: 1.15.0 -> 1.15.1 2017-06-21 15:29:05 +08:00
Frederik Rietdijk
0d20c7e2f5 python.pkgs: several maintenance bumps 2017-06-21 09:03:40 +02:00
Daiderd Jordan
031d26eb24 Merge pull request #26709 from robx/fix-python-protobuf-v2 
python-modules/protobuf: fix darwin build by passing C++ includes exp…
 2017-06-21 08:52:13 +02:00
Michael Raskin
bb65640784 Merge pull request #26728 from MP2E/wine-staging-update 
wineStaging, wineUnstable: 2.7 -> 2.10
 2017-06-21 08:09:07 +02:00
Tim Steinbach
fdc7cf8238
minikube: 0.19.0 -> 0.19.1 2017-06-20 19:32:29 -04:00
Michael Weiss
d04286be34 quiterss: 0.18.5 -> 0.18.6 2017-06-20 23:31:02 +02:00
Pascal Wittmann
065bb61330
moreutils: fix darwin build 2017-06-20 22:39:51 +02:00
Volth
8fe525b6c7 mtr: do not do 'setcap' on installPhase, it would fail anyway 2017-06-20 22:22:29 +02:00
Shea Levy
a21ddfb158 pythonPackages.bcdoc: Disable tests 2017-06-20 16:08:47 -04:00
Isaac Shapira
6fd606bdf3 awscli: 1.11.95 -> 1.11.105 2017-06-20 14:00:14 -06:00
Cray Elliott
922d706e81 wineStaging: 2.7 -> 2.10 
wineUnstable: 2.7 -> 2.10
 2017-06-20 11:23:37 -07:00
Domen Kožar
14a320ace8
moreutils: fix build on darwin 2017-06-20 16:42:49 +02:00
Domen Kožar
53c5b9163e
vulnix: fix eval 2017-06-20 14:12:56 +02:00
Domen Kožar
843b3faa18
Revert "cli53: 0.4.4 -> 0.8.8" 
This reverts commit c25b145815.
 2017-06-20 14:04:14 +02:00
Domen Kožar
8ae8e51dc3
Revert "fix eval" 
This reverts commit 650f64c779.
 2017-06-20 14:03:57 +02:00
Domen Kožar
650f64c779
fix eval 2017-06-20 14:01:53 +02:00
schneefux
c02e26f8a0
wallabag: 2.2.2 -> 2.2.3 2017-06-20 13:30:38 +02:00
Robin Gloster
908157c6c5
prometheus-blackbox-exporter: 0.4.0 -> 0.5.0 2017-06-20 12:04:55 +02:00
Jörg Thalheim
b6bacc4bb2 llvmPackage_{3.4,3.5,3.7,3.8,3.9}: fix output of llvm-config 
llvm-config is a tool to output compile and linker flags, when compiling against llvm.

The tool however outputs static library names despite libllvm is build
as shared library on nixos. This was fixed for llvm 3.4, 3.5 and 3.7.

For llvm 3.8 and 3.9 it printed the library extension twice (.so.so).
This was fixed in 4.0 and the patch is backported to 3.8 and 3.9 in
this pull request.

```
$ for i in 34 35 37 38 39; do echo "\nllvm-$i"; nix-shell -p llvmPackages_$i.llvm --run 'llvm-config --libnames'; done

llvm-34
libLLVMInstrumentation.so libLLVMIRReader.so libLLVMAsmParser.so
...

llvm-35
libLLVMLTO.so libLLVMObjCARCOpts.so libLLVMLinker.so libLLVMipo.so
...

llvm-37
libLLVMLTO.so libLLVMObjCARCOpts.so libLLVMLinker.so libLLVMBitWriter.so
...

llvm-38
libLLVM-3.8.1.so

llvm-39
libLLVM-3.9.so
```

fixes #26713
 2017-06-20 10:22:06 +01:00
Franz Pletz
fe9c7ad83f
libcpuid: 0.2.2 -> 0.4.0 2017-06-20 07:51:34 +02:00
Franz Pletz
0227471cc9
librsvg: 2.40.16 -> 2.40.17 2017-06-20 07:48:14 +02:00
Franz Pletz
76de6e4f39
libcroco: 0.6.11 -> 0.6.12 2017-06-20 07:47:52 +02:00
Franz Pletz
2d5ede04fc
libinput: 1.7.2 -> 1.7.3 2017-06-20 07:43:59 +02:00
Franz Pletz
2ddcdac01c
libftdi1: 1.2 -> 1.3 2017-06-20 07:43:38 +02:00
Franz Pletz
a01f1c0a42
sniproxy: 0.4.0 -> 0.5.0 2017-06-20 07:43:14 +02:00
Franz Pletz
1f2a47c70f
libhttpseverywhere: 0.4.2 -> 0.4.5 2017-06-20 07:28:34 +02:00
Franz Pletz
57a889bcfa
liblockfile: 1.09 -> 1.14 2017-06-20 07:24:20 +02:00
Franz Pletz
7bddc28176
libmikmod: 3.3.10 -> 3.3.11 2017-06-20 07:20:41 +02:00
Franz Pletz
c2a271e825
libmtp: 1.1.11 -> 1.1.13 2017-06-20 07:19:41 +02:00
Franz Pletz
7d1eb8a563
libnice: 0.1.13 -> 0.1.14 2017-06-20 07:12:32 +02:00
Franz Pletz
12a31293ad
quagga: 1.2.0 -> 1.2.1 2017-06-20 07:04:16 +02:00
Franz Pletz
f4734e75db
libnl: 3.2.29 -> 3.3.0 2017-06-20 07:03:53 +02:00
Franz Pletz
84a3f1c672
libnotify: 0.7.6 -> 0.7.7 2017-06-20 06:48:21 +02:00
Franz Pletz
3c33ceadb6
libpfm: 4.5.0 -> 4.8.0 2017-06-20 06:27:25 +02:00
Franz Pletz
baf28b60e4
libcap_ng: 0.7.7 -> 0.7.8 2017-06-20 05:57:03 +02:00
Franz Pletz
17026869c8
libpwquality: 1.3.0 -> 1.4.0 2017-06-20 05:56:06 +02:00
Franz Pletz
45035b74df
libchardet: 1.0.4 -> 1.0.5 2017-06-20 05:45:10 +02:00
Franz Pletz
63eb0e9c37
libbsd: 0.8.3 -> 0.8.4 2017-06-20 05:36:46 +02:00
Franz Pletz
cacc16c390
libass: 0.13.4 -> 0.13.7 2017-06-20 05:30:43 +02:00
Franz Pletz
e9840d0482
librepo 1.7.18 -> 1.7.20 2017-06-20 05:27:48 +02:00
Franz Pletz
b6cf652e08
boinc: 7.4.42 -> 7.8.0 2017-06-20 05:19:31 +02:00
Franz Pletz
127937f0b6
aptly: 0.9.7 -> 1.0.1 2017-06-20 05:06:03 +02:00
Franz Pletz
47f7aa96b0
sudo: 1.8.20p1 -> 1.8.20p2 2017-06-20 04:57:40 +02:00
Franz Pletz
03d1e8a14e
iproute: 4.9.0 -> 4.11.0 2017-06-20 03:56:43 +02:00
Franz Pletz
b0b9182241
gnuradio: 3.7.10.1 -> 3.7.11 2017-06-20 03:56:43 +02:00
Franz Pletz
1466bdd98f
wireshark: 2.2.6 -> 2.2.7 2017-06-20 03:56:42 +02:00
Franz Pletz
22fbdc9032
uhd: 3.10.1 -> 3.10.1.1 2017-06-20 03:56:42 +02:00
Franz Pletz
f33708bb7d
opusTools: 0.1.9 -> 0.1.10 2017-06-20 03:56:41 +02:00
Franz Pletz
22e0683aa8
thermald: 1.5.4 -> 1.6 2017-06-20 03:56:41 +02:00
Franz Pletz
83a4180947
thc-hydra: 8.2 -> 8.5 2017-06-20 03:56:40 +02:00
Franz Pletz
726645a94f
tpacpi-bat: 3.0 -> 3.1 2017-06-20 03:56:40 +02:00
Franz Pletz
5d851e8be8
ipv6calc: 0.99.1 -> 0.99.2 2017-06-20 03:56:39 +02:00
Franz Pletz
c8948e9109
josm: 11826 -> 12275 2017-06-20 03:56:39 +02:00
Franz Pletz
1ae0f2a1d4
ipmitool: 1.8.17 -> 1.8.18 2017-06-20 03:56:38 +02:00
Franz Pletz
d7624d6677
icecast: 2.4.1 -> 2.4.3 2017-06-20 03:56:25 +02:00
Franz Pletz
ffb0ddc516
bandwidth: 1.3.1 -> 1.4.2 2017-06-20 03:45:49 +02:00
Franz Pletz
65b3f5e8e7
kea: 1.1.0 -> 1.2.0 2017-06-20 03:45:49 +02:00
Franz Pletz
c9268482e0
lxd: 2.12 -> 2.14 2017-06-20 03:45:48 +02:00
Franz Pletz
9da4cb176a
lxcfs: 2017-03-02 -> 2.0.7 2017-06-20 03:45:48 +02:00
Franz Pletz
eb8c14751a
lxc: 2.0.7 -> 2.0.8 2017-06-20 03:45:47 +02:00
Franz Pletz
a7210764eb
squid4: 4.0.17 -> 4.0.20 2017-06-20 03:45:47 +02:00
Franz Pletz
fcbf28d6b5
squid: 3.5.23 -> 3.5.26 2017-06-20 03:45:46 +02:00
Franz Pletz
294a20ea02
smcroute: 2.1.0 -> 2.3.1 2017-06-20 03:45:46 +02:00
Franz Pletz
e60c958811
prometheus: 1.5.2 -> 1.7.1 2017-06-20 03:45:45 +02:00
Franz Pletz
05cb49625d
powertop: 2.8 -> 2.9 2017-06-20 03:45:45 +02:00
Franz Pletz
aa58307973
mbedtls: 2.4.0 -> 2.4.2 2017-06-20 03:45:44 +02:00
Franz Pletz
11bf721290
mbedtls_1_3: 1.3.18 -> 1.3.19 2017-06-20 03:45:44 +02:00
Franz Pletz
e7f5e7fe3b
whois: 5.2.15 -> 5.2.16 2017-06-20 03:45:43 +02:00
Franz Pletz
bc3ee6bfd4
dnsmasq: 2.76 -> 2.77 2017-06-20 03:45:43 +02:00
Franz Pletz
ed71a3a678
chrony: 3.0 -> 3.1 2017-06-20 03:45:42 +02:00
Franz Pletz
735dcc1a27
charybdis: 3.5.3 -> 3.5.5 2017-06-20 03:45:42 +02:00
Franz Pletz
c34d43a4ce
openttd: 1.6.1 -> 1.7.1 2017-06-20 03:45:41 +02:00
Franz Pletz
99bd99db3d
bzflag: 2.4.8 -> 2.4.10 2017-06-20 03:45:41 +02:00
Franz Pletz
42dcabf414
mitmproxy: 2.0.0 -> 2.0.2 2017-06-20 03:45:40 +02:00
Franz Pletz
7f1fc9f838
collectd: 5.7.0 -> 5.7.2 2017-06-20 03:45:40 +02:00
Franz Pletz
60cddbe3da
screen-message: 0.24 -> 0.25 2017-06-20 03:45:39 +02:00
Franz Pletz
19a840cb66
jenkins: 2.65 -> 2.66 2017-06-20 03:45:39 +02:00