JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
96,999 Commits 2 Branches 0 Tags 12 GiB
ca7cc96ee8
Commit Graph

5873 Commits

Author SHA1 Message Date
Joachim Fasting
cad9212813
grsecurity: 4.7.10-201611011946 -> 4.8.7-201611102210 2016-11-14 00:16:19 +01:00
Vladimír Čunát
1ac5869907
Merge #19936: vulkan / amdgpu-pro update 2016-11-13 20:06:40 +01:00
David McFarland
3d4a280c35 amdgpu-pro: 16.30.3-315407 -> 16.40-348864 2016-11-13 12:44:28 -04:00
David McFarland
e1a25aeb65 amdgpu-pro: fix kernel module for linux-4.8 2016-11-13 12:44:28 -04:00
David McFarland
6bf27c2cae vulkan-loader: allow validation layers to be enabled 
The loader now uses XDK_DATA_DIRS to find drivers and layers.
 2016-11-13 12:44:27 -04:00
Lorenzo Manacorda
b83c0783d3 bluez: 5.40 -> 5.43 2016-11-12 18:12:10 +01:00
Joachim Fasting
081a871771
Revert "Merge pull request #20302 from spacekitteh/patch-10" 
This reverts commit e02173c70c, reversing
changes made to c2b4a0d266.

Breaks all grsec packages; Not having binary substitutes for no good
reason is disruptive to my workflow, so I'll just revert this for now.
 2016-11-12 14:02:20 +01:00
Tim Steinbach
e02173c70c Merge pull request #20302 from spacekitteh/patch-10 
grsecurity_testing: 4.7.10 -> 4.8.7
 2016-11-11 22:03:39 -05:00
Sophie Taylor
fa180d0d63 grsec: 4.8.6 -> 4.8.7 2016-11-12 12:54:47 +10:00
Tim Steinbach
c2b4a0d266 Merge pull request #20327 from NeQuissimus/linux_4_9_rc4 
linux: 4.9-rc3 -> 4.9-rc4
 2016-11-11 18:11:02 -05:00
Tim Steinbach
52cc30cd87 Merge pull request #20326 from NeQuissimus/linux_3_12_67 
linux: 3.12.66 -> 3.12.67
 2016-11-11 18:10:16 -05:00
Tim Steinbach
933dfca167 Merge pull request #20322 from NeQuissimus/linux_4_8_7 
linux: 4.8.6 -> 4.8.7
 2016-11-10 21:12:06 -05:00
Tim Steinbach
ad19b9bde5
linux: 4.9-rc3 -> 4.9-rc4 2016-11-10 21:08:28 -05:00
Tim Steinbach
0a1f39eb91
linux: 4.8.6 -> 4.8.7 2016-11-10 21:07:56 -05:00
Tim Steinbach
579f5fd9dd
linux: 4.4.30 -> 4.4.31 2016-11-10 21:07:24 -05:00
Tim Steinbach
cc62ecc2d9
linux: 3.12.66 -> 3.12.67 2016-11-10 21:06:54 -05:00
Tuomas Tynkkynen
74ecbbe4e3 kernel config: Ensure SECCOMP_FILTER is enabled 
As noted in a97db109a2, SECCOMP_FILTER must be enabled or systemd gets
very unhappy.
 2016-11-11 02:10:20 +02:00
Peter Hoeg
cb93b34999 SMB2 support for CIFS 
[tuomas: removed unneeded kernel version check]
Signed-off-by: Tuomas Tynkkynen <tuomas@tuxera.com>
 2016-11-11 02:10:20 +02:00
Sophie Taylor
6476f11f40 grsecurity patch update to kernel 4.8.6 2016-11-10 12:44:22 +10:00
Daiderd Jordan
16a90832cd
darwin.Libsystem: export _mach_init_routine 2016-11-09 20:01:54 +01:00
Tim Digel
4a7cf195a4 molly-guard: init at 0.6.3 2016-11-09 14:39:44 +01:00
Tobias Geerinckx-Rice
ea301adfd1
pagemon: 0.01.08 -> 0.01.10 2016-11-09 02:24:50 +01:00
Tobias Geerinckx-Rice
11dacb7e2c
mcelog: 142 -> 144 2016-11-09 02:24:45 +01:00
Kjetil Ørbekk
0d5caf138a tpacpi-bat: init at 3.0 (#20213) 2016-11-08 02:46:34 +01:00
Guillaume Maudoux
eb9d126d2c linux_mptcp: 0.91 -> 0.91.2 2016-11-07 14:15:33 +01:00
Joachim Fasting
ae5d404509
lttng-modules: 2.8.0 -> 2.8.3 
Fixes build against linux >=4.8

Full changelog at
https://git.lttng.org/?p=lttng-tools.git;a=blob_plain;f=ChangeLog;hb=13dc409a5ea439b96b805c3c71886a3fcfad18e8

Tested with nix-build -A linuxPackages.lttng-modules -A linuxPackages_latest.lttng-modules
 2016-11-06 13:57:34 +01:00
Lorenzo Manacorda
98fb9ded4e light: 0.9 -> 1.0 (#20193) 
Update to version 1.0
 2016-11-06 03:47:22 +01:00
Tobias Geerinckx-Rice
cd2d81ab52
mcelog: 138 -> 142 2016-11-05 18:44:10 +01:00
Tim Steinbach
cc7c28332b
Remove ttysnoop 
No longer exists
 2016-11-04 11:18:52 -04:00
Tim Steinbach
20c2980640
Remove cryopid 
No longer builds / exists
 2016-11-03 21:43:17 -04:00
Yochai Meir
e70560ff98 rtl8812au: compiles on linux 4.8 2016-11-03 19:53:37 +02:00
Bjørn Forsman
a6283c1126 devmem2: init at 2004-08-05 
A simple program to read/write from/to any location in memory.

Unfortunately the homepage doesn't have a versioned source code download
URL. On the other hand, the program is pretty stable, with no change for
the last 12 years...
 2016-11-03 15:44:56 +01:00
Joachim Fasting
d9b5cd41c5
grsecurity: 4.7.10-201610262029 -> 201611011946 2016-11-03 13:55:23 +01:00
Bart Brouns
af0f12299b alsa-utils: 1.1.0 -> 1.1.2 2016-11-02 13:07:28 +01:00
Bart Brouns
01fe648552 alsa-plugins: 1.1.0 -> 1.1.1 2016-11-02 13:07:21 +01:00
Bart Brouns
2e1871fdd9 alsa-lib: 1.1.1 -> 1.1.2 2016-11-02 13:07:15 +01:00
Tim Steinbach
874abe694a
linux: 4.8.5 -> 4.8.6 2016-11-01 08:58:53 -04:00
Shea Levy
2dbaf3a336 lksctp-tools: init at 1.0.17 2016-11-01 07:28:41 -04:00
Eelco Dolstra
ef1a188e07 linux: 4.4.28 -> 4.4.30 2016-11-01 11:31:00 +01:00
Franz Pletz
cbd4c9f78b
iputils: install manpage for traceroute6 2016-10-31 14:33:59 +01:00
Moritz Ulrich
7e4c7d6af0 wpa_supplicant_gui: Add forgotten patch. 2016-10-30 22:29:44 +01:00
Moritz Ulrich
19bdc31ed6 wpa_supplicant_gui: Replace inkscape with imagemagick in build process. 2016-10-30 22:28:08 +01:00
Vladimír Čunát
3be635b9b5
Merge linux kernel maintenance updates 
PRs: #19995 #19996 #19997
 2016-10-30 17:29:43 +01:00
Jörg Thalheim
c1b0ec5266
android-udev-rules: 20160805 -> 20161014 2016-10-30 17:05:11 +01:00
Tim Steinbach
f154459cf4
linux: 4.9-rc2 -> 4.9-rc3 2016-10-30 10:30:07 -04:00
Tim Steinbach
1af5b2a80c
linux: 4.4.27 -> 4.4.28 2016-10-30 10:29:37 -04:00
Tim Steinbach
8073430d95
linux: 4.8.4 -> 4.8.5 2016-10-30 10:28:55 -04:00
Tim Steinbach
4a70445fff Merge pull request #19903 from carlsverre/update/sysdig 
sysdig: 0.10.0 -> 0.12.0
 2016-10-27 14:10:39 -04:00
Tim Steinbach
81b0db3915 Merge pull request #19910 from NeQuissimus/busybox_1_25_1 
busybox: 1.24.2 -> 1.25.1
 2016-10-27 12:47:46 -04:00
Tim Steinbach
a5c1985fef
busybox: 1.24.2 -> 1.25.1 2016-10-27 09:31:21 -04:00
Joachim Fasting
dfdaea1240
grsecurity: 4.7.10-201610222037 -> 201610262029 2016-10-27 15:03:27 +02:00
Graham Christensen
2f3b62375f Merge pull request #19891 from NeQuissimus/kernel_4_9_rc2 
kernel: 4.9-rc1 -> 4.9-rc2
 2016-10-27 08:36:23 -04:00
Graham Christensen
ad2deee7d1 Merge pull request #19894 from NeQuissimus/kernel_3_18_44 
kernel: 3.18.42 -> 3.18.44
 2016-10-27 08:36:17 -04:00
Graham Christensen
c654ec0f25 Merge pull request #19893 from NeQuissimus/kernel_3_12_66 
kernel: 3.12.63 -> 3.12.66
 2016-10-27 08:36:10 -04:00
Graham Christensen
00e2bc22db Merge pull request #19890 from NeQuissimus/kernel_3_10_104 
kernel: 3.10.103 -> 3.10.104
 2016-10-27 08:35:54 -04:00
Tim Steinbach
b86310fccf wpa_supplicant: 2.5 -> 2.6 (#19913) 2016-10-27 13:57:56 +02:00
Tim Steinbach
b02646f93b
kernel: 3.18.42 -> 3.18.44 2016-10-26 19:23:43 -04:00
Tim Steinbach
e5e84ecbbd
kernel: 3.12.63 -> 3.12.66 2016-10-26 19:17:46 -04:00
Tim Steinbach
e4773819f4
kernel: 3.10.103 -> 3.10.104 2016-10-26 19:13:21 -04:00
Vladimír Čunát
6404a30afb
Merge #19892: kernel: 4.1.33 -> 4.1.35 2016-10-26 22:11:30 +02:00
Carl Sverre
96a3e00929 sysdig: 0.10.0 -> 0.12.0 2016-10-26 11:19:41 -07:00
Franz Pletz
6e17ee638c
wireguard: 2016-10-01 -> 2016-10-25 2016-10-26 16:49:52 +02:00
Tim Steinbach
e9a5cf3f6f
kernel: 4.9-rc1 -> 4.9-rc2 2016-10-26 09:11:00 -04:00
Tim Steinbach
89cd922a6a
kernel: 4.1.33 -> 4.1.35 2016-10-26 09:04:37 -04:00
Frederik Rietdijk
7077a270bf Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-26 13:06:43 +02:00
Tim Steinbach
b3f7d626c1
kernel: remove 4.7 2016-10-24 21:30:00 -04:00
Joachim Fasting
5440c1a64c
grsecurity: 4.7.9-201610200819 -> 4.7.10-201610222037 
Notably, this pulls in the dirtycow fix from upstream (but I've been
unable to execute the POC exploits on grsec kernels without that fix
...)
 2016-10-23 17:14:40 +02:00
Tim Steinbach
a3989b87df Merge pull request #19772 from NeQuissimus/linux_4_8_4 
linux: 4.8.3 -> 4.8.4
 2016-10-22 12:14:59 -04:00
Tim Steinbach
72d91f95cb Merge pull request #19771 from NeQuissimus/linux_4_7_10 
linux: 4.7.9 -> 4.7.10
 2016-10-22 12:14:26 -04:00
Tim Steinbach
8d0ca31849
linux: 4.8.3 -> 4.8.4 2016-10-22 12:11:37 -04:00
Tim Steinbach
adbe0e0a13
linux: 4.7.9 -> 4.7.10 2016-10-22 12:11:09 -04:00
Tim Steinbach
4489454b83
linux: 4.4.26 -> 4.4.27 2016-10-22 12:10:34 -04:00
Frederik Rietdijk
e56832d730 Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-22 17:23:24 +02:00
Joachim Fasting
ed5d146e9d
grsecurity: 4.7.7-201610101902 -> 4.7.9-201610200819 2016-10-21 01:50:53 +02:00
Vladimír Čunát
4d5b893002 Merge #19081: gnome-3.22 
Also master commits are brought in.
 2016-10-20 23:04:10 +02:00
Vladimír Čunát
fabfb0a900 Merge #19725: kernel: 4.7.8 -> 4.7.9 2016-10-20 19:45:25 +02:00
Tim Steinbach
963804ba8e
kernel: 4.7.8 -> 4.7.9 2016-10-20 13:08:53 -04:00
Tim Steinbach
0c3e5217fc
kernel: 4.8.2 -> 4.8.3 2016-10-20 13:06:03 -04:00
Eelco Dolstra
76a57d83b5 linux: 4.4.25 -> 4.4.26 2016-10-20 13:37:19 +02:00
Tim Steinbach
dac481d999 Merge pull request #19648 from NeQuissimus/linux_4_7_8 
linux_4_7: 4.7.7 -> 4.7.8
 2016-10-19 14:48:47 -04:00
Tim Steinbach
84e4dcb34b Merge pull request #19649 from NeQuissimus/linux_4_8_2 
linux_4_8: 4.8.1 -> 4.8.2
 2016-10-19 14:38:11 -04:00
Tim Steinbach
70c8de0536 Merge pull request #19652 from NeQuissimus/linux_4_9_rc1 
linux_testing: 4.8-rc6 -> 4.9-rc1
 2016-10-19 14:35:21 -04:00
Eelco Dolstra
13f43c7ebc linux: 4.4.24 -> 4.4.25 2016-10-19 17:11:53 +02:00
Tuomas Tynkkynen
59f12d9394 kernel config: Add some filesystem options 
Enable encryption support for both F2FS and ext4. For ext4 this is a bit
tricky, since pre-4.8 the way to enable it as a module was just
"EXT4_ENCRYPTION=m" but after that it changed to "FS_ENCRYPTION=m &&
EXT4_ENCRYPTION=y".

Also make sure UDF is enabled.
 2016-10-19 16:44:08 +03:00
Frederik Rietdijk
58c41ecd35 crda: use python2 2016-10-18 23:16:08 +02:00
Frederik Rietdijk
e9f8ee3ab4 iotop: use python2 2016-10-18 23:14:35 +02:00
Tuomas Tynkkynen
ba42683e9a libselinux: Fix ARM build failure 
Avoid this warning (which is in turn an error via -Werror):
````
avc_internal.c: In function 'avc_netlink_receive':
avc_internal.c:105:25: error: cast increases required alignment of target type [-Werror=cast-align]
 struct nlmsghdr *nlh = (struct nlmsghdr *)buf;
                        ^
````

The code allocates abuffer with "__attribute__ ((aligned))",
then passes it via a 'char*' parameter, which is then finally cast,
causing the warning. So the code is ok but compiler is not smart
enough to see it.

It seems that -Wcast-align is a no-op on x86, so this shows up on ARM
only.
 2016-10-18 23:54:29 +03:00
Tim Steinbach
51c9c2f851
linux_testing: 4.8-rc6 -> 4.9-rc1 2016-10-18 11:19:46 -04:00
Tim Steinbach
0acfbaa5b2
linux_4_8: 4.8.1 -> 4.8.2 2016-10-18 10:13:02 -04:00
Tim Steinbach
55adff59f1
linux_4_7: 4.7.7 -> 4.7.8 2016-10-18 10:12:26 -04:00
Graham Christensen
3bd1e62a6d Merge pull request #19578 from grahamc/facetimehd 
facetimehd: 2016-05-02 -> 2016-10-09
 2016-10-17 17:11:18 -04:00
Dan Peebles
4f8a1094bd cctools: add patch I forgot 2016-10-17 08:51:48 -04:00
Dan Peebles
ead2424981 cctools: fix triple for the assembler 
This was breaking `boost155` and would probably break anything else that
calls `as` with no explicit architecture.
 2016-10-16 20:46:36 -04:00
Dan Peebles
b91d64463f Libsystem: update to 10.11.6 version 
This actually has no effect but it bugged me to keep seeing an old version
in the package names :) and since we're making a bunch of stdenv changes
at once, I might as well.
 2016-10-16 20:44:14 -04:00
Jörg Thalheim
756a6949f8 Merge pull request #19603 from aneeshusa/adopt-google-authenticator 
[WIP] Adopt google authenticator
 2016-10-16 22:06:40 +02:00
Nikolay Amiantov
40547dd4c4 cachefilesd: init at 0.10.9 2016-10-16 19:58:29 +03:00
Aneesh Agrawal
31b4fcd0b7 google-authenticator: adopt package 2016-10-16 12:42:51 -04:00
Graham Christensen
634a098940
linuxPackages.nvidia_x11: Remove us prefix from mirror 
At the time of the last upgrade, the new driver wasn't available on
anything but their US mirror. Pinning to the US mirror isn't
recommended or preferable, but I did it anyway to be able to get the
upgrade out.
 2016-10-16 11:08:17 -04:00
Graham Christensen
37bc2c0bbf
broadcom-sta: Support linux-4.8 2016-10-15 08:06:30 -04:00
Graham Christensen
2525a3d682
facetimehd: 2016-05-02 -> 2016-10-09 2016-10-15 07:42:08 -04:00
Tim Steinbach
b43c0dab8e
conky: 1.10.3 -> 1.10.5 2016-10-14 23:16:45 -04:00
Vladimír Čunát
061758490f Merge branch 'master' into staging 
... to get the openssl mass rebuild: 942dbf89c.
 2016-10-14 13:16:11 +02:00
Daniel Peebles
9615afa04b Merge pull request #19517 from dipinhora/darwin-yosemite-support 
Re-enable support for OS X 10.10 for darwin.
 2016-10-13 22:46:33 -04:00
Vladimír Čunát
6eeea6effd Python: more evaluation fixups. 2016-10-14 00:03:12 +02:00
Franz Pletz
f30f7d0cff
powertop: add homepage, cleanup 2016-10-14 00:02:30 +02:00
dipinhora
6152c1ea7f Re-enable support for OS X 10.10 for darwin. 2016-10-13 11:09:37 -04:00
Graham Christensen
88a47f1950 Merge pull request #19467 from grahamc/nvidia-x11-master 
nvidia-x11: 367.35 -> 367.57
 2016-10-12 19:07:29 -04:00
Daniel Peebles
77d1fb94f1 Merge pull request #19470 from copumpkin/fix-sierra 
Fix Darwin stdenv to work on Sierra
 2016-10-12 19:04:03 -04:00
Dan Peebles
d8a0307a5d [darwin.stdenv] Fix to work on Sierra 
This reinstates the libSystem selective symbol export machinery we used
to have, but locks it to the symbols that were present in 10.11 and skips
the actual compiled code we put into that library in favor of the system
initialization code. That should make it more stable and less likely to
do weird stuff than the last time we did this.
 2016-10-12 00:08:13 -04:00
Graham Christensen
b98c0a668e
nvidia-x11: 367.35 -> 367.57 2016-10-11 19:43:58 -04:00
Vladimír Čunát
9d1dfc9ed0 Merge #18861: add AMDGPU-PRO driver 2016-10-11 19:57:30 +02:00
David McFarland
3b4ce62451 amdgpu-pro: Init at 16.30.3-315407 2016-10-11 14:19:38 -03:00
Joachim Fasting
ce73a3ea0f grsecurity: 4.7.6-201609301918 -> 4.7.7-201610101902 2016-10-11 13:15:16 +02:00
Eelco Dolstra
88f10ad409 aggregateModules: Preserve kernel's modules.{builtin,order} 
Fixes #19426.
 2016-10-11 11:42:41 +02:00
sternenseemann
3fb2993cb3 maintainers: rename lukasepple according to github account name 2016-10-09 22:04:22 +02:00
Aneesh Agrawal
f0602d2d36 kernel: Make SECURITY_YAMA optional 
It's highly recommended, but not required to run NixOS.
 2016-10-08 17:46:33 +02:00
Aneesh Agrawal
a000ed181c linux config: enable the Yama LSM (#14392) 
The Yama Linux Security Module restricts the use of ptrace so that
processes cannot ptrace processes that are not their children. This
prevents attackers from compromising one user-level processes and
snooping on the memory and runtime state of other processes owned
by the same user.
 2016-10-08 16:40:12 +02:00
Tim Steinbach
a699eb4798 linux: 4.4.23 -> 4.4.24 (#19346) 2016-10-08 07:02:07 +02:00
Tim Steinbach
9481edec56 linux: 4.7.6 -> 4.7.7 (#19345) 2016-10-08 07:01:51 +02:00
Tim Steinbach
07e67b33af linux: 4.8.0 -> 4.8.1 (#19344) 2016-10-08 07:01:27 +02:00
Marco Maggesi
435673b948 Revert "Revert "linux*: remove 3.14, as it's no longer maintained"" 
In the end, it is too dangerous to have an unmaintained kernel in
nixpkgs.  Revert the revert.

This reverts commit e921725176.
 2016-10-07 23:26:32 +02:00
Marco Maggesi
e921725176 Revert "linux*: remove 3.14, as it's no longer maintained" 
This is the simplest way to reenable the use of BLCR
(which at present requires linux version >3.12 <3.18)
until we find a better solution.

This reverts commit 6a9e765e27.
 2016-10-07 14:31:24 +02:00
Jude Taylor
3dee596ed1 reinstate libiconv/libcharset wrapper 2016-10-06 11:56:32 -07:00
Thomas Tuegel
2e255a2edd
Merge branch 'staging' 2016-10-06 09:51:02 -05:00
Eelco Dolstra
a8b61b0aad Merge pull request #19278 from anderspapitto/local 
perf: add dependency on libaudit
 2016-10-06 11:45:54 +02:00
Anders Papitto
aa44330963 perf: add dependency on libaudit 
the `trace` subcommand of perf is only enabled when libaudit is
available at compile time
 2016-10-05 17:59:44 -07:00
Jörg Thalheim
638d4b4d71 Merge pull request #19265 from Mic92/rtkit 
rtkit: apply security relevant patch
 2016-10-06 00:07:35 +02:00
Eelco Dolstra
f084274eeb Merge pull request #19251 from groxxda/patch-2 
kernel: Disable RT_GROUP_SCHED
 2016-10-05 20:05:18 +02:00
Vladimír Čunát
30f551d8b2 Merge branch 'master' into staging 2016-10-05 19:02:48 +02:00
Jörg Thalheim
c684eb756a
rtkit: *security* Pass uid of caller to polkit 
Otherwise, we force polkit to look up the uid itself in /proc, which is racy if
they execve() a setuid binary.
 2016-10-05 18:11:02 +02:00
Alexander Ried
96fbdf8594 kernel: Disable RT_GROUP_SCHED 
Follow systemd recommendation
fd74fa791f/README (L96-L103)
 2016-10-05 12:52:45 +02:00
Alexander Ried
4e91e8cb3d rtkit: add patch from debian to remove ControlGroup stanza 
fixes log clutter:
systemd[1]: [/nix/store/....-rtkit-0.11/etc/systemd/system/rtkit-daemon.service:32] Unknown lvalue 'ControlGroup' in section 'Service'
 2016-10-05 11:23:11 +02:00
Thomas Tuegel
d067b7bd35
Merge branch 'kde-5' into staging 2016-10-04 21:50:17 -05:00
Shea Levy
e54313d183 Revert "Revert "Linux 4.8"" 
Now featuring @aszlig's modinst_arg_list_too_long patch.

This reverts commit 43bedb970d.

Fixes #19213
 2016-10-04 10:10:36 -04:00
Shea Levy
43bedb970d Revert "Linux 4.8" 
This reverts commit e4958d54b1.
 2016-10-03 22:04:43 -04:00
Vladimír Čunát
1525568c74 util-linux: fixup patch hash from grandparent merge 
And name the file, too.
 2016-10-03 23:06:51 +02:00
Jörg Thalheim
45f64a37c9 Merge pull request #19175 from Mic92/util-linux 
util-linux: workaround CVE-2016-2779
 2016-10-03 22:53:21 +02:00
Jörg Thalheim
888f6a1280 Merge pull request #19199 from wizeman/u/fix-help2man-hash 
help2man: fix hash
 2016-10-03 19:26:44 +02:00
Franz Pletz
beca8946ee
jool: 3.4.5 -> 3.5.0 2016-10-03 18:25:28 +02:00
Shea Levy
e4958d54b1 Linux 4.8 2016-10-03 08:45:45 -04:00
Eric Sagnes
58d44a376e wireguard: 2016-08-08 -> 2016-10-01 2016-10-03 17:06:11 +09:00
Jörg Thalheim
ba00ba65eb
util-linux: workaround CVE-2016-2779 
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2779
 2016-10-03 08:49:56 +02:00
Joachim Fasting
9a9237e0aa
grsecurity: revamp nixos kernel config 
Cleanup:
- Restructure & add some commentary
- Remove redundant option specs given the auto config
  constraints (some are left in for documentation purposes)

Changes:
- GRKERNSEC_CONFIG_VIRT_HOST -> GUEST
  The former deselects paravirtualization and friends
- PAX_LATENT_ENTROPY n -> y (implied by auto)
- GRKERNSEC_ACL_HIDEKERN y -> n
  Possibly useless with redistribution
 2016-10-02 19:25:58 +02:00
Joachim Fasting
1bb7b44cd7
grsecurity: make GRKERNSEC y and PAX y implicit 
These options should always be specified. Note, an implication of this
change is that not specifying any grsec/PaX options results in a build
failure.
 2016-10-02 19:25:58 +02:00
Tuomas Tynkkynen
19225bf5cc Merge remote-tracking branch 'upstream/master' into staging 2016-10-02 10:36:47 +03:00
Tuomas Tynkkynen
f5dd3a703d treewide: Fix more lib.optional misuses 2016-10-02 00:44:10 +03:00
Aneesh Agrawal
fcee1d0b28
Remove redundant -DCMAKE_BUILD_TYPE=Release flags 
Since commit 183d05a0 in 2012, this is the default.

fixes #18000
 2016-10-01 16:13:41 +02:00
Joachim Fasting
2ec9a1a955
grsecurity: 4.7.5-201609261522 -> 4.7.6-201609301918 2016-10-01 08:47:30 +02:00
Joachim Fasting
22108b7a10
linux_4_7: 4.7.5 -> 4.7.6 2016-10-01 08:46:31 +02:00
Eelco Dolstra
613a12a8bd linux: 4.4.22 -> 4.4.23 2016-09-30 14:41:19 +02:00