Commit Graph

6766 Commits

Author SHA1 Message Date
Joachim Fasting
9df35787f1
tor-browser-bundle-bin: allow unset XAUTHORITY
Apparently this can happen on e.g., fedora.

Closes https://github.com/NixOS/nixpkgs/issues/38671
2018-04-29 12:17:30 +02:00
Michael Raskin
f5268994be weechat-matrix-bridge: 2018-01-10 -> 2017-03-29 2018-04-28 22:42:39 +02:00
Michael Raskin
7cd7e4ce26 weechat: 2.0 -> 2.1 2018-04-28 22:42:38 +02:00
Jan Tojnar
f92d9364e1
Merge pull request #35410 from jtojnar/syncthing-gtk-0.9.3
syncthing-gtk: 0.9.2.7 → 0.9.3
2018-04-28 22:02:00 +02:00
Jan Tojnar
094683ac36
syncthing-gtk: 0.9.2.7 → 0.9.3.1 2018-04-28 22:00:32 +02:00
Andreas Rammhold
bf325f1bd7
quassel: 0.12.4 -> 0.12.5 (fixes RCE & remote crash)
It was found that Quassel could be remotely crashed and had an
unauthenticated RCE vulnerability. The public annoucement can be found
on the oss-sec archive [1]. The bump to 0.12.5 is supposed fixe both issues.

[1] http://seclists.org/oss-sec/2018/q2/77
2018-04-28 11:08:42 +02:00
Matthew Justin Bauer
455e4c8d5b
Merge pull request #38906 from xvapx/upd/tribler
tribler: 7.0.1 -> 7.0.2
2018-04-27 15:03:53 -05:00
Jens Binkert
53722f25ad terraform-provider-ibm: init at 0.8.0 2018-04-27 20:20:21 +02:00
zimbatm
ad7bc980d2 terraform: update all plugins 2018-04-27 12:54:40 +01:00
Jörg Thalheim
fd29514404
Merge pull request #39579 from xeji/teamviewer
teamviewer: 12.0.90041 -> 13.1.3026
2018-04-27 08:21:54 +01:00
xeji
9badee01c1 teamviewer 12.0.90041 -> 13.1.3026
bump, move to qt5, drop i686 support
2018-04-27 00:45:32 +02:00
Sarah Brofeldt
2248f98dea
Merge pull request #39570 from srhb/chromium-24h-timeout
chromium: See if Hydra obeys a 24h meta.timeout
2018-04-26 22:12:16 +02:00
Sarah Brofeldt
537d14f4e2 chromium: See if Hydra obeys a 24h meta.timeout 2018-04-26 21:59:33 +02:00
John Ericson
ba52ae5048 treewide: isArm -> isAarch32
Following legacy packing conventions, `isArm` was defined just for
32-bit ARM instruction set. This is confusing to non packagers though,
because Aarch64 is an ARM instruction set.

The official ARM overview for ARMv8[1] is surprisingly not confusing,
given the overall state of affairs for ARM naming conventions, and
offers us a solution. It divides the nomenclature into three levels:

```
ISA:             ARMv8   {-A, -R, -M}
                 /    \
Mode:     Aarch32     Aarch64
             |         /   \
Encoding:   A64      A32   T32
```

At the top is the overall v8 instruction set archicture. Second are the
two modes, defined by bitwidth but differing in other semantics too, and
buttom are the encodings, (hopefully?) isomorphic if they encode the
same mode.

The 32 bit encodings are mostly backwards compatible with previous
non-Thumb and Thumb encodings, and if so we can pun the mode names to
instead mean "sets of compatable or isomorphic encodings", and then
voilà we have nice names for 32-bit and 64-bit arm instruction sets
which do not use the word ARM so as to not confused either laymen or
experienced ARM packages.

[1]: https://developer.arm.com/products/architecture/a-profile
2018-04-25 15:28:55 -04:00
Michael Raskin
cdca27101d
Merge pull request #39450 from r-ryantm/auto-update/baresip
baresip: 0.5.8 -> 0.5.9
2018-04-24 23:10:30 +00:00
Jörg Thalheim
cf68bb33cb dino: fix checksum 2018-04-24 23:44:32 +01:00
Jörg Thalheim
296bc1e569 dino: 2018-03-10 -> 2018-04-19 2018-04-24 23:41:21 +01:00
R. RyanTM
85161629c5 baresip: 0.5.8 -> 0.5.9
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/baresip/versions.

These checks were done:

- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 0.5.9 with grep in /nix/store/qh69vw5jdwnw82vb6gkwz4f0k8gpjjry-baresip-0.5.9
- directory tree listing: https://gist.github.com/f67689bcf18570ad0408e54fa06db37c
2018-04-24 15:33:02 -07:00
Kamil Chmielewski
3cdb8f581d spark: provided-hadoop -> nixpkgs hadoop
spark should use nixpkgs provided hadoop to make it consistent
for bigger Nix hadoop + spark setup
2018-04-23 20:48:33 +02:00
xeji
a586011b58 firefox-wrapper: fix icon linking (#39315)
don't try to link non-existing icons
2018-04-23 08:33:09 +01:00
Corbin Simpson
69f23d9e73 enhanced-ctorrent: fix CVE-2009-1759 (#39311)
Patches from Debian.
2018-04-22 22:42:20 +01:00
Marti Serra
e9baa47a3b tribler: 7.0.1 -> 7.0.2 2018-04-22 10:42:10 +02:00
Matthew Justin Bauer
c8e58113b2
Merge pull request #38801 from worldofpeace/wire-desktop
wire-desktop: init at 3.0.2816
2018-04-21 20:47:56 -05:00
Herwig Hochleitner
2b29e40153 chromium: 65.0.3325.181 -> 66.0.3359.117
Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28
Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30
High CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous on 2018-02-20
High CVE-2018-6088: Use after free in PDFium. Reported by Anonymous on 2018-03-15
High CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by Rob Wu on 2018-02-04
High CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song on 2018-03-12
High CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05
High CVE-2018-6092: Integer overflow in WebAssembly. Reported by Natalie Silvanovich of Google Project Zero on 2018-03-08
Medium CVE-2018-6093: Same origin bypass in Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-01
Medium CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris Rohlf on 2016-08-01
Medium CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. Reported by Abdulrahman Alqabandi (@qab) on 2016-08-11
Medium CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-19
Medium CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr of Tencent's Xuanwu Lab on 2018-01-26
Medium CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-03
Medium CVE-2018-6099: CORS bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-02-03
Medium CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-02-11
Medium CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . Reported by Rob Wu on 2018-02-19
Medium CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-20
Medium CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani on 2018-02-24
Medium CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-08
Medium CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-18
Medium CVE-2018-6106: Incorrect handling of promises in V8. Reported by lokihardt of Google Project Zero on 2018-01-25
Medium CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-02
Medium CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-27
Low CVE-2018-6109: Incorrect handling of files by FileAPI. Reported by Dominik Weber (@DoWeb_) on 2017-04-10
Low CVE-2018-6110: Incorrect handling of plaintext files via file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24
Low CVE-2018-6111: Heap-use-after-free in DevTools. Reported by Khalil Zhani on 2017-11-02
Low CVE-2018-6112: Incorrect URL handling in DevTools. Reported by Rob Wu on 2017-12-29
Low CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani on 2018-01-25
Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on 2018-02-13
Low CVE-2018-6115: SmartScreen bypass in downloads. Reported by James Feher on 2018-03-07
Low CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by Jin from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. on 2018-03-15
Low CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey on 2018-03-15
Low CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS. Reported by Ian Beer of Google Project Zero on 2018-03-15
2018-04-21 14:57:45 +02:00
R. RyanTM
951d6a9f93 inboxer: 1.0.4 -> 1.1.2 (#39233)
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/inboxer/versions.

These checks were done:

- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 1.1.2 with grep in /nix/store/dbk6jvgi9kc56yh5grh1d3yndcwd0965-inboxer-1.1.2
- directory tree listing: https://gist.github.com/fd594eb2f8f8083359d8736e32edee72
2018-04-20 16:03:24 +02:00
Michael Weiss
5131977f1b gns3Packages.{server,gui}{Stable,Preview}: 2.1.4 -> 2.1.5 2018-04-19 22:34:32 +02:00
worldofpeace
754b30ef00 wire-desktop: init at 3.0.2816 2018-04-19 13:50:35 -04:00
Matthew Justin Bauer
78cfa7bbd0
Merge pull request #38976 from volth/patch-124
tixati: 2.55 -> 2.57
2018-04-19 11:59:15 -05:00
Peter Hoeg
da4695009c freerdp: 2.0.0-rc1 -> 2.0.0-rc2 2018-04-19 10:31:19 +08:00
Jörg Thalheim
d308ac9233
Merge pull request #39064 from r-ryantm/auto-update/frostwire
frostwire-bin: 6.6.3 -> 6.6.5
2018-04-17 20:26:28 +01:00
Matthew Bauer
52893d5276 treewide: move "extensions" drvs to dir
This cleans up the tree for pkgs/applications somewhat. Should not
change any hashes.
2018-04-17 13:50:49 -05:00
Michael Weiss
9cb0b49673 signal-desktop-beta: Mark as broken (really outdated) 2018-04-17 18:26:53 +02:00
Michael Weiss
b500edc44c quiterss: 0.18.9 -> 0.18.10 2018-04-17 18:16:23 +02:00
Matthew Justin Bauer
2f0f9b4d0f
Merge pull request #37512 from MHOOO/patch-1
Fix spark scripts that use dirname
2018-04-17 10:41:12 -05:00
Matthew Justin Bauer
0418f5ee65
Merge pull request #38321 from jensbin/openshift_mount_fix
openshift: Fix binary paths for oc cluster up to work
2018-04-17 10:11:07 -05:00
Matthew Justin Bauer
80facf99da
Merge pull request #38189 from r-ryantm/auto-update/palemoon
palemoon: 27.8.0 -> 27.8.3
2018-04-17 09:57:06 -05:00
Matthew Justin Bauer
3207b7e71d
Merge pull request #38311 from qfjp/submit/finch-fix
Use lib/purple-2 directory instead of lib/pidgin
2018-04-17 09:55:00 -05:00
Peter Hoeg
5b3c2b189b
Merge pull request #38828 from luke-clifton/ipfs-update
ipfs: 0.4.13 -> 0.4.14
2018-04-17 14:23:01 +00:00
R. RyanTM
d4cc20c0cc frostwire-bin: 6.6.3 -> 6.6.5
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/frostwire/versions.

These checks were done:

- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 6.6.5 with grep in /nix/store/6cgry9k7i6ni9a7axglsm5akmibryimi-frostwire-6.6.5
- directory tree listing: https://gist.github.com/e29014b6db646e0dd934f79b2e387703
2018-04-17 05:07:21 -07:00
adisbladis
195d5679e8
Merge pull request #38986 from scode/scode/signal-171-update
signal-desktop: 0.7.0 -> 0.7.1
2018-04-16 20:12:43 +08:00
Jörg Thalheim
5ad99e6b05 firefox-bin: add hint on how to update 2018-04-16 11:38:04 +01:00
Peter Schuller
70588bc82e signal-desktop: 0.7.0 -> 0.7.1 2018-04-15 21:19:20 -07:00
volth
fa9359110b
tixati: 2.55 -> 2.57 2018-04-15 21:38:32 +00:00
Jörg Thalheim
fb9d7e0aa0
Merge pull request #38902 from Ekleog/nheko-0.3.1
nheko: 0.3.0 -> 0.3.1
2018-04-15 19:54:55 +01:00
S. Nordin Abouzahra
92f0d31b94
purple-discord: init at 2018-04-10 2018-04-15 11:20:23 +02:00
Matthias Beyer
792c99df34 mutt: 1.9.4 -> 1.9.5 2018-04-15 08:27:58 +02:00
Elis Hirwing
8b19b14bda testssl: 2.9.5-4 -> 2.9.5-5 (#38936)
Changelog:
https://github.com/drwetter/testssl.sh/releases/tag/v2.9.5-5

Also improved expression.
2018-04-14 21:17:44 +02:00
Alexandre Peyroux
256b0b5a2d c14: 2017-05-15 -> 0.3 (#38905) 2018-04-14 08:29:30 +01:00
Léo Gaspard
59bf698238
nheko: 0.3.0 -> 0.3.1 2018-04-13 15:57:41 +02:00
Tim Steinbach
32d620d739
hipchat: 4.30.3.1670 -> 4.30.4.1672 2018-04-13 09:39:06 -04:00