Commit Graph

96608 Commits

Author SHA1 Message Date
Franz Pletz
a0f05feddf
gtk3: 3.22.1 -> 3.22.4
Fixes #19945.
2016-12-01 01:54:30 +01:00
Graham Christensen
390f6a985b
Revert "Revert "bzip2: patch for CVE-2016-3189""
This reverts commit 6393ca650e.
2016-11-30 19:30:52 -05:00
Graham Christensen
ea07ad6bd9
Revert "Revert "icu: patch for multiple CVEs""
icu: patch for multiple CVEs

 - CVE-2014-6585
 - CVE-2015-4760
 - CVE-2016-0494
 - CVE-2016-6293
 - CVE-2016-7415
2016-11-30 19:29:51 -05:00
Graham Christensen
96393560d0 Merge pull request #20816 from grahamc/vulnerability-rollup-10
Vulnerability rollup 11 (WIP)
2016-11-30 19:29:19 -05:00
Graham Christensen
855b799ec9 Merge pull request #20828 from taku0/thunderbird-bin-45.5.1
thunderbird-bin: 45.5.0 -> 45.5.1 [Critical security fix]
2016-11-30 19:27:51 -05:00
Graham Christensen
897bffb0ff Merge pull request #20827 from taku0/firefox-bin-50.0.2
firefox-bin: 50.0.1 -> 50.0.2 [Critical security fix]
2016-11-30 19:25:52 -05:00
Graham Christensen
16995fc57b
boehmgc: 7.2f -> 7.2g 2016-11-30 19:19:25 -05:00
Graham Christensen
7e40e89273
rpcbind: patch for CVE-2015-7236 2016-11-30 19:18:08 -05:00
taku0
5f4b3cd34b thunderbird-bin: 45.5.0 -> 45.5.1
Critical security fix.

https://www.mozilla.org/en-US/thunderbird/45.5.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/
2016-12-01 09:11:50 +09:00
Graham Christensen
c97fda0bcf
Revert "icu: patch for multiple CVEs"
This reverts commit 892a9b1f0f.
2016-11-30 19:10:06 -05:00
taku0
097a8ee174 firefox-bin: 50.0.1 -> 50.0.2
Critical security fix
https://www.mozilla.org/en-US/firefox/50.0.2/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/
2016-12-01 09:08:16 +09:00
Graham Christensen
6393ca650e
Revert "bzip2: patch for CVE-2016-3189"
This reverts commit 9c71508c95.
2016-11-30 19:08:15 -05:00
Graham Christensen
892a9b1f0f
icu: patch for multiple CVEs
- CVE-2014-6585
 - CVE-2015-4760
 - CVE-2016-0494
 - CVE-2016-6293
 - CVE-2016-7415
2016-11-30 19:08:15 -05:00
Graham Christensen
9c71508c95
bzip2: patch for CVE-2016-3189 2016-11-30 18:43:56 -05:00
Graham Christensen
5f78980973
tomcatUnstable: 9.0.0.M10 -> 9.0.0.M13
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:27:06 -05:00
Graham Christensen
42f1ae1911
tomcat85: 8.5.5 -> 8.5.8
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:27:00 -05:00
Graham Christensen
80a475042c
tomcat8: 8.0.37 -> 8.0.39
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:55 -05:00
Graham Christensen
3d0310daf3
tomcat7: 7.0.72 -> 7.0.73
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:39 -05:00
Graham Christensen
eba91fa2bd
tomcat6: 6.0.45 -> 6.0.48
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:13 -05:00
Jörg Thalheim
fa4212e763
cheat: 2.1.26 -> 2.1.27 2016-11-30 21:10:54 +01:00
AndersonTorres
18757f3a11
XFCE plugins: update, taken from #20410
xfce4-embed-plugin   : 1.4.1 -> 1.6.0
xfce4-eyes-plugin    : 4.4.3 -> 4.4.4
xfce4-fsguard-plugin : 1.0.1 -> 1.0.2
xfce4-verve-plugin   : 1.0.1 -> 1.1.0
xfce4-xkb-plugin     : 0.5.6 -> 0.7.1
2016-11-30 18:26:14 +01:00
Frederik Rietdijk
d6ffb976fe Merge pull request #20812 from jokogr/u/syncthing-0.14.13
syncthing: 0.14.12 -> 0.14.13
2016-11-30 17:55:17 +01:00
Graham Christensen
b28d21fd50 Merge pull request #20808 from grahamc/fancy-test-tty
login test: Create and use direct reads of the TTY contents.
2016-11-30 11:27:49 -05:00
Pascal Wittmann
014a1b430a Merge pull request #20615 from vbgl/lwt-2.6.0
ocamlPackages.lwt: 2.5.2 → 2.6.0
2016-11-30 16:36:52 +01:00
Pascal Wittmann
ab2185a4b5 Merge pull request #20756 from vbgl/ocp-index-1.1.5
ocamlPackages.ocp-index: 1.1.4 -> 1.1.5
2016-11-30 16:34:56 +01:00
Eelco Dolstra
c0da5f78d6
make-tarball.nix: Don't check broken packages
They're broken after all. In particular, this prevents us from
evaluating packages that are unsupported on a particular platform.

Reverts a147ddc42c.

Fixes #20817.
2016-11-30 15:21:30 +01:00
Eelco Dolstra
e3a873479e
Remove fetchMD5warn
Deprecation warnings should not be used in Nixpkgs because they spam
innocent "nix-env -qa" users with (in this case) dozens of messages
that they can't do anything about.

This also reverts commit 2ca8833383.
2016-11-30 15:14:30 +01:00
Graham Christensen
0cff959e79
maatkit: update URL 2016-11-30 09:07:17 -05:00
Graham Christensen
7d09138cae
perlPackages.DBDmysql: 4.033 -> 4.039 2016-11-30 08:37:48 -05:00
Graham Christensen
0707962235
mujs: 2016-09-21 -> 2016-11-30 for multiple CVEs
- CVE-2016-7504
 - CVE-2016-7505
 - CVE-2016-7506
 - CVE-2016-9017
 - CVE-2016-9108
 - CVE-2016-9109
 - CVE-2016-9294

See more information: https://lwn.net/Vulnerabilities/707361/
2016-11-30 08:29:44 -05:00
Frederik Rietdijk
f26ff0b1bd Merge pull request #20813 from lsix/update_pytest_30
pythonPackages.pytest_30: 3.0.3 -> 3.0.4
2016-11-30 14:26:02 +01:00
Graham Christensen
a9611a52f3
mcabber: 1.0.3 -> 1.0.4 for 'roster push attack' 2016-11-30 08:23:42 -05:00
Peter Simons
c0ec503dce Merge pull request #20803 from NeQuissimus/2_11_0
git: 2.10.2 -> 2.11.0
2016-11-30 14:17:57 +01:00
Peter Simons
cc3e61006f Merge pull request #20811 from Profpatsch/hdbc-odbc-haddock
haskellPackages.HDBC-odbc: remove haddock fix again
2016-11-30 14:00:30 +01:00
Ioannis Koutras
58faa138d4 syncthing: 0.14.12 -> 0.14.13 2016-11-30 14:17:36 +02:00
Lancelot SIX
de4dba37a1
pythonPackages.pytest_30: 3.0.3 -> 3.0.4 2016-11-30 13:11:36 +01:00
Profpatsch
10cf3b150e haskellPackages.HDBC-odbc: remove haddock fix again 2016-11-30 13:04:48 +01:00
Matthew Daiter
705bdce17e
hexRegistrySnapshot: d58a937 -> e5e494a 2016-11-30 12:16:21 +01:00
Frederik Rietdijk
c517718ffc Merge pull request #20152 from igsha/fix-mezzanine
pythonPackages.mezzanine: fixes #19989
2016-11-30 10:43:34 +01:00
Frederik Rietdijk
1b68772f2b Merge pull request #20799 from vbgl/camlp5-6.17
camlp5: 6.16 -> 6.17
2016-11-30 10:32:00 +01:00
Frederik Rietdijk
1c0e51e3f8 Merge pull request #20616 from matthewbauer/pugixml-darwin
pugixml: fix darwin build
2016-11-30 10:30:41 +01:00
Frederik Rietdijk
07dcc4f43a pythonPackages.Theano: move and rename variants
We have two derivations, one that supports Cuda, and one that does not.
The names, TheanoWithCuda and TheanoWithoutCuda, now reflect that.
Furthermore, a boolean passthru.cudaSupport was added.

In the future the two derivations should be merged in one, with a
parameter `cudaSupport`.
2016-11-30 10:04:54 +01:00
Peter Simons
2605149d15 ghc-8.0.2: cosmetic 2016-11-30 09:47:37 +01:00
Peter Simons
fb9f9926cd ghc-8.0.2: drop use of the obsolete response file patch
Our gcc wrapper has been fixed to deal with those files properly.
2016-11-30 09:46:44 +01:00
Graham Christensen
cb74fd75d7
login test: Create and use direct reads of the TTY contents. 2016-11-30 00:17:18 -05:00
Joachim Fasting
0028abeb4e
libffcall: 2009-05-27 -> 1.10
Use the release tarball provided by the clisp maintainer.

Tested build by nix-build -A clisp -A clisp_2_44_1 -A gtk-server;
only clisp run-tested.

Of particular note is that the .so files no longer have executable
stacks.  This also avoids executable stack in clisp lisp.run

Before:

   $ readelf -lW $(nix-build -A clisp)/lib/clisp-2.49/base/lisp.run|grep GNU_STACK
   GNU_STACK      [...] RWE 0x10

After:

   $ readelf -lW $(nix-build -A clisp)/lib/clisp-2.49/base/lisp.run|grep GNU_STACK
   GNU_STACK      [...] RW 0x10
2016-11-30 06:01:10 +01:00
Tim Steinbach
f1a0cadaec
git: 2.10.2 -> 2.11.0 2016-11-29 18:37:24 -05:00
Tim Steinbach
18a3225dac
linux: 3.12.67 -> 3.12.68 2016-11-29 17:40:17 -05:00
Tuomas Tynkkynen
8a4d6516ee Merge remote-tracking branch 'upstream/staging' into master 2016-11-30 00:34:23 +02:00
Vincent Laporte
431c564993 hol_light: fix build with Camlp5-6.17 2016-11-29 18:34:21 +00:00