Commit Graph

34 Commits

Author SHA1 Message Date
Graham Christensen
5cbb0f7fbf
unzip: patch for CVE-2014-9913 and CVE-2016-9844 2016-12-15 17:17:58 -05:00
Franz Pletz
aff1f4ab94 Use general hardening flag toggle lists
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
2016-03-05 18:55:26 +01:00
Robin Gloster
f6d3b7a2ae switch hardening flags 2016-01-30 16:36:57 +00:00
Franz Pletz
954e9903ad Use a hardened stdenv by default 2016-01-30 16:36:57 +00:00
Domen Kožar
aff3a23d67 unzip: CVE-2015-7696, CVE-2015-7697 2015-11-01 09:39:45 +01:00
mancha
f43d759bc4 unzip: fix CVE-2014-9636 patch
Close #6544, fixes #6543.
vcunat: no security impact; just fixes false rejections of some rarer
inputs - a problem introduced by the CVE patch.
2015-03-09 15:55:24 +01:00
Domen Kožar
d50bfd7515 unzip: CVE-2014-9636, fixes #6128 2015-02-04 11:17:19 +01:00
James Cook
173f41cf0b unzip: Patch for CVE-2014-81{39,40,41}. 2015-01-08 11:29:40 -08:00
Eelco Dolstra
0518ccf5af Merge remote-tracking branch 'origin/master' into staging
Conflicts:
	pkgs/stdenv/generic/default.nix
2014-11-06 10:16:39 +01:00
Mateusz Kowalczyk
007f80c1d0 Turn more licenses into lib.licenses style
Should eval cleanly, as far as -A tarball tells me.

Relevant: issue #2999, issue #739
2014-11-06 00:48:16 +00:00
Eelco Dolstra
42ee226184 Fix unzip setup hook 2014-09-08 22:32:37 +02:00
Eelco Dolstra
2def8e7499 Remove addHook
Just use bash arrays directly. I.e.

  addHook preConfigure myPreConfigure

is now

  preConfigureHooks+=(myPreConfigure)
2014-08-09 12:45:53 +02:00
Eelco Dolstra
d7b356f73b stdenv: Move unzip support to unzip's setup hook 2014-08-09 12:44:50 +02:00
Eelco Dolstra
f97ee61255 unzip: Clean up expression 2014-08-09 12:44:49 +02:00
Domen Kozar
0f8a1b29d2 unzip: add bzip2 as native build input 2013-05-26 13:22:55 +02:00
Yury G. Kudryashov
c81f618a34 svn merge ^/nixpkgs/trunk
svn path=/nixpkgs/branches/stdenv-updates/; revision=32273
2012-02-14 14:33:10 +00:00
Yury G. Kudryashov
215a07c1a9 svn merge ^/nixpkgs/trunk
Merge conflicts:
* unzip (almost trivial)
* dvswitch (trivial)
* gmp (copied result of `git merge`)

The last item introduced gmp-5.0.3, thus full rebuild.
+ensureDir->mkdir -p in TeX packages was catched by git but not svn.

svn path=/nixpkgs/branches/stdenv-updates/; revision=32091
2012-02-06 23:03:12 +00:00
Yury G. Kudryashov
75262bcbed zip, unzip: add NLS support
svn path=/nixpkgs/trunk/; revision=31961
2012-02-01 22:32:16 +00:00
David Guibert
565cdcc3e1 unzip: add support for file greater than 2 GB (unix only)
svn path=/nixpkgs/branches/stdenv-updates/; revision=28622
2011-08-16 18:21:05 +00:00
Shea Levy
e861fb2bcd Remove unzip 5.52, make unzip 6.0 default
As per TODO in all-packages.nix comments

svn path=/nixpkgs/branches/stdenv-updates/; revision=28101
2011-08-01 04:53:21 +00:00
Eelco Dolstra
1608964306 svn path=/nixpkgs/trunk/; revision=17689 2009-10-07 11:29:23 +00:00
Eelco Dolstra
672d3856df * Unzip 6.0.
svn path=/nixpkgs/trunk/; revision=17687
2009-10-07 11:18:54 +00:00
Eelco Dolstra
7689a348c4 * Got rid of a lot of "postInstall=postInstall" and similar lines in
builders.  These are redundant now.
* Inlined some trivial builders.
* Removed a few explicit setup-hook creations.  This is done
  automatically now if setupHook is set.
* Deleted the initscripts package.  NixOS doesn't use it anymore.

svn path=/nixpkgs/branches/stdenv-updates/; revision=15276
2009-04-23 13:31:10 +00:00
Eelco Dolstra
aa84bce64d * Get rid of all references to nix.cs.uu.nl.
svn path=/nixpkgs/trunk/; revision=13299
2008-11-14 16:57:19 +00:00
Yury G. Kudryashov
4d5a4ea903 More homepages
svn path=/nixpkgs/trunk/; revision=10419
2008-01-31 10:11:09 +00:00
Eelco Dolstra
82e678362f * "." -> "source".
svn path=/nixpkgs/trunk/; revision=4335
2005-12-05 14:11:09 +00:00
Eelco Dolstra
454707da23 * catamaran.labs.cs.uu.nl -> nix.cs.uu.nl.
svn path=/nixpkgs/trunk/; revision=3660
2005-08-22 08:39:27 +00:00
Eelco Dolstra
7775caaa35 * Evacuate tarballs.
svn path=/nixpkgs/trunk/; revision=2527
2005-04-11 13:09:01 +00:00
Eelco Dolstra
1af17b9d7f * Rename new unzip.
svn path=/nixpkgs/trunk/; revision=2515
2005-04-11 08:26:36 +00:00
Eelco Dolstra
d8a0bdebf2 * Get rid of the old unzip.
svn path=/nixpkgs/trunk/; revision=2514
2005-04-11 08:22:23 +00:00
Eelco Dolstra
e42507d182 * Move tarballs to catamaran so that we are no longer dependent on a
gazillion different servers.  Resurrected some 25 missing files.

svn path=/nixpkgs/trunk/; revision=2237
2005-02-15 14:44:19 +00:00
Eelco Dolstra
12ae5363ea * Remove trivial builders.
* Make builders unexecutable by removing the hash-bang line and
  execute permission.
* Convert calls to `derivation' to `mkDerivation'.
* Remove `system' and `stdenv' attributes from calls to
  `mkDerivation'.  These transformations were all done automatically,
  so it is quite possible I broke stuff.
* Put the `mkDerivation' function in stdenv/generic.

svn path=/nixpkgs/trunk/; revision=874
2004-03-29 17:23:01 +00:00
Eelco Dolstra
5941f66f0e * The stdenv setup script now defines a generic builder that allows
builders for typical Autoconf-style to be much shorten, e.g.,

    . $stdenv/setup
    genericBuild

  The generic builder does lots of stuff automatically:

  - Unpacks source archives specified by $src or $srcs (it knows about
    gzip, bzip2, tar, zip, and unpacked source trees).
  - Determines the source tree.
  - Applies patches specified by $patches.
  - Fixes libtool not to search for libraries in /lib etc.
  - Runs `configure'.
  - Runs `make'.
  - Runs `make install'.
  - Strips debug information from static libraries.
  - Writes nested log information (in the format accepted by
    `log2xml').

  There are also lots of hooks and variables to customise the generic
  builder.  See `stdenv/generic/docs.txt'.

* Adapted the base packages (i.e., the ones used by stdenv) to use the
  generic builder.

* We now use `curl' instead of `wget' to download files in `fetchurl'.

* Neither `curl' nor `wget' are part of stdenv.  We shouldn't
  encourage people to download stuff in builders (impure!).

* Updated some packages.

* `buildinputs' is now `buildInputs' (but the old name also works).

* `findInputs' in the setup script now prevents inputs from being
  processed multiple times (which could happen, e.g., if an input was
  a propagated input of several other inputs; this caused the size
  variables like $PATH to blow up exponentially in the worst case).

* Patched GNU Make to write nested log information in the format
  accepted by `log2xml'.  Also, prior to writing the build command,
  Make now writes a line `building X' to indicate what is being
  built.  This is unfortunately often obscured by the gigantic tool
  invocations in many Makefiles.  The actual build commands are marked
  `unimportant' so that they don't clutter pages generated by
  `log2html'.


svn path=/nixpkgs/trunk/; revision=845
2004-03-19 16:53:04 +00:00
Eelco Dolstra
7953d11e3a * Added unzip.
svn path=/nixpkgs/trunk/; revision=541
2003-11-25 14:40:02 +00:00