Commit Graph

205671 Commits

Author SHA1 Message Date
Jonathan Ringer
4b1c34cac6 gtk-server: 2.3.1 -> 2.4.5
Also bumped gtk version from gtk2 to gtk3
2019-12-15 13:31:53 -08:00
Mario Rodas
52e9024849
pango: fix build on darwin 2019-12-15 16:20:00 -05:00
Danylo Hlynskyi
c8c30fac9b
Merge pull request #75692 from kampka/postgresql-backup-default
postgresql-backup: Use saner defaults for pg_dump
2019-12-15 23:16:50 +02:00
Mario Rodas
169fb13569
Merge pull request #75331 from r-ryantm/auto-update/python3.8-mysqlclient
python38Packages.mysqlclient: 1.4.5 -> 1.4.6
2019-12-15 16:02:28 -05:00
Mario Rodas
80af1ff9e1
Merge pull request #75368 from r-ryantm/auto-update/python3.8-sasmodels
python38Packages.sasmodels: 1.0.0 -> 1.0.1
2019-12-15 15:28:08 -05:00
Andreas Rammhold
b21b92947e ansible_2_6: 2.6.17 -> 2.6.20
This addresses the following security issues:

  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when
    invalid parameters are passed to the module (CVE-2019-14858)
  * resolves CVE-2019-10206, by avoiding templating passwords from
    prompt as it is probable they have special characters.
  * Handle improper variable substitution that was happening in
    safe_eval, it was always meant to just do 'type enforcement' and have
    Jinja2 deal with all variable interpolation. Also see CVE-2019-10156

Changelog: 9bdb89f740/changelogs/CHANGELOG-v2.6.rst
2019-12-15 21:25:07 +01:00
Andreas Rammhold
71cde971c7 ansible_2_8: 2.8.4 -> 2.8.7
This addresses the following security issues:

  * Ansible: Splunk and Sumologic callback plugins leak sensitive data in logs (CVE-2019-14864)
  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when
    invalid parameters are passed to the module (CVE-2019-14858)

Changelog: 24220a618a/changelogs/CHANGELOG-v2.8.rst
2019-12-15 21:25:02 +01:00
Andreas Rammhold
64e2791092 ansible_2_7: 2.7.11 -> 2.7.15
This fixes the following security issues:
  * Ansible: Splunk and Sumologic callback plugins leak sensitive data
    in logs (CVE-2019-14864)
  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when invalid
    parameters are passed to the module (CVE-2019-14858)
  * resolves CVE-2019-10206, by avoiding templating passwords from
    prompt as it is probable they have special characters.
  * Handle improper variable substitution that was happening in
    safe_eval, it was always meant to just do 'type enforcement' and have
    Jinja2 deal with all variable interpolation. Also see CVE-2019-10156

Changelog: 0623dedf2d/changelogs/CHANGELOG-v2.7.rst (v2-7-15)
2019-12-15 21:24:59 +01:00
Mario Rodas
6b3720b395
Merge pull request #75675 from marsam/update-git-gone
gitAndTools.git-gone: 0.1.2 -> 0.2.0
2019-12-15 15:21:19 -05:00
Mario Rodas
22a8e0eb85
Merge pull request #75398 from r-ryantm/auto-update/tpm2-tools
tpm2-tools: 4.0.1 -> 4.1
2019-12-15 15:20:48 -05:00
Nikolay Korotkiy
38294e3051
gpxlab: init at 0.7.0 2019-12-15 22:53:06 +03:00
Andreas Rammhold
5d3607b2da
spamassassin: 3.4.2 -> 3.4.3
Two security issues have been fixed in this release:
  * CVE-2019-12420 for Multipart Denial of Service Vulnerability
  * CVE-2018-11805 for nefarious CF files can be configured to
    run system commands without any output or errors.

https://svn.apache.org/repos/asf/spamassassin/branches/3.4/build/announcements/3.4.3.txt
2019-12-15 20:48:56 +01:00
Graham Christensen
aa4a1b01d5
Merge pull request #75516 from ivan/chromium-79.0.3945.79
chromium: 78.0.3904.108 -> 79.0.3945.79
2019-12-15 14:48:34 -05:00
Mario Rodas
eb2d272efd
Merge pull request #75671 from clayrat/tparsec-update
idrisPackages.tparsec: 2019-06-18 -> 2019-09-19
2019-12-15 14:43:44 -05:00
Andreas Rammhold
e1699e3c71
thunderbird-bin: 68.2.2 -> 68.3.0 2019-12-15 20:37:50 +01:00
Andreas Rammhold
cd394340d8
dovecot: 2.3.8 -> 2.3.9.2
Update to latest version & updated the patch file to match with the
lastest verison.

Fixes the following security issue:
  * CVE-2019-19722: Mails with group addresses in From or To fields
    caused crash in push notification drivers.
2019-12-15 20:11:01 +01:00
cap
2978ca2180 aircrack-ng: fixed missing dependency for airmon-ng 2019-12-15 18:38:43 +01:00
Marco A L Barbosa
5425557214 tectonic: 0.1.11 -> 0.1.12 (#75396) 2019-12-15 11:27:41 -05:00
Danylo Hlynskyi
d206f2304f
nixos containers: disable NixOS manual in container config. (#75659)
This makes ~2.5x speed up of an empty container instantiate, hence reduces
rebuild time of system with many declarative containers.

Note that this doesn't affect production systems much, becaseu those most
likely already include `minimal.nix` profile.
2019-12-15 18:21:52 +02:00
Robert Hensing
9696d79fea
Merge pull request #75691 from thefloweringash/chromium-maintainer
chromium: add thefloweringash (myself) as maintainer
2019-12-15 16:44:57 +01:00
Frederik Rietdijk
08eaac6be3
Merge pull request #75452 from NixOS/staging-next
Staging next
2019-12-15 16:28:08 +01:00
WilliButz
7eaaf728e4
Merge pull request #75679 from marsam/fix-loki-darwin
grafana-loki: fix build on darwin
2019-12-15 16:16:50 +01:00
nyanloutre
2abd0a559c treewide: replace kcalcore dependencies with kcalendarcore 2019-12-15 16:13:49 +01:00
nyanloutre
3ccb0bef9c kdeFrameworks.kcalendarcore: init 2019-12-15 16:13:49 +01:00
Frederik Rietdijk
c20cd71d60 Merge master into staging-next 2019-12-15 16:09:28 +01:00
Erlend Pedersen
6e87213291 spamassassin: enable IPv6 support with Socket6
Communication between spamc and spamd would fail with messages about
addresses being too long:

  error: Bad arg length for Socket::unpack_sockaddr_in, length is 28,
  should be 16

By adding Socket6 as a buildInput, spamd is now able to process emails
without choking on IPv6 addresses.
2019-12-15 15:25:38 +01:00
Mario Rodas
ad3c49da0e
Merge pull request #75686 from matthiasbeyer/update-mutt
mutt: 1.13.0 -> 1.13.1
2019-12-15 09:14:20 -05:00
Mario Rodas
74877f8bd9
Merge pull request #75690 from thefloweringash/tio-platforms
tio: expand platforms to "unix" to include darwin
2019-12-15 09:11:29 -05:00
Florian Klink
0380ed20db
Merge pull request #75657 from flokli/gtkwave-gtk3
gtkwave: build with gtk3
2019-12-15 15:07:07 +01:00
Renaud
2a1a4cad38
Merge pull request #75388 from Lassulus/xplanet
xplanet: 1.3.0 -> 1.3.1
2019-12-15 14:57:48 +01:00
lassulus
3772d04e1c xplanet: 1.3.0 -> 1.3.1 2019-12-15 14:02:36 +01:00
Andrew Childs
b29e3582ac chromium: add thefloweringash (myself) as maintainer
I have an interest in making Chromium available on Aarch64. I'm adding
myself here on a recommendation from @ivan [1].

[1] https://github.com/NixOS/nixpkgs/pull/74015#issuecomment-565780595
2019-12-15 21:34:22 +09:00
Andrew Childs
6e71ffbabf tio: expand platforms to "unix" to include darwin 2019-12-15 21:23:16 +09:00
Christian Kampka
2387deec3d
postgresql-backup: Use saner defaults for pg_dump 2019-12-15 13:14:21 +01:00
Matthias Beyer
1915711d87 mutt: 1.13.0 -> 1.13.1
Signed-off-by: Matthias Beyer <mail@beyermatthias.de>
2019-12-15 10:51:20 +01:00
Gabriel Ebner
86ed15dcce
Merge pull request #75678 from marsam/fix-vdirsyncer-darwin
vdirsyncer: fix build on darwin
2019-12-15 10:37:53 +01:00
Jonathan Ringer
1f7ee3e040 python3Packages.ipython: 7.8.0 -> 7.10.1 2019-12-15 01:12:37 -08:00
Oleksii Filonenko
608c65b671
subfinder: 2.2.2 -> 2.2.4 2019-12-15 10:36:39 +02:00
Vincent Laporte
ed5c0443c1 ocamlPackages.lua-ml: init at 0.9 2019-12-15 08:23:32 +01:00
Philipp Middendorf
2b298a3ef1 quake3e: 2019-09-09 -> 2019-11-29 (#75511) 2019-12-15 02:16:53 -05:00
Vincent Laporte
788148f93c ocaml-top: 1.1.5 → 1.2.0-rc 2019-12-15 08:11:56 +01:00
worldofpeace
80475128fc
Merge pull request #75136 from lovesegfault/beets-check
beets.externalPlugins.check: init at 0.12.0
2019-12-15 00:53:28 -05:00
Bernardo Meurer
171ceb38ff
beets.externalPlugins.check: init at 0.12.0 2019-12-14 21:52:21 -08:00
worldofpeace
1d8ef857ee aesop: fix build
See https://github.com/lainsce/aesop/pull/33
2019-12-15 00:45:38 -05:00
worldofpeace
be13df6c76
Merge pull request #75465 from worldofpeace/gnome-args
doc/gnome: update wrapper args example, remove proliferated uses
2019-12-15 00:13:17 -05:00
worldofpeace
abe3475df8 treewide: remove bash snippets in flags
Co-Authored-By: Jan Tojnar <jtojnar@gmail.com>
2019-12-15 00:10:41 -05:00
Ivan Kozik
af006f9ff3 chromium: fix enableWideVine for v79 which needs the manifest.json in WidevineCdm/ 2019-12-15 04:56:01 +00:00
Ivan Kozik
3d71db8abb chromium: explain enable_widevine = true 2019-12-15 04:55:59 +00:00
Ivan Kozik
950230bc84 chromium: remove enableNaCl option
This hasn't worked since 2016 (https://github.com/NixOS/nixpkgs/issues/13983)
and is being removed very soon, per "Q4 2019" in
https://developer.chrome.com/native-client/migration

(It's staying around for "Chrome Apps", but those only run on ChromeOS now.)

earth.google.com users can use https://earth.google.com/web/?beta=1 to get
the wasm version instead of the PNaCl version.
2019-12-15 04:55:30 +00:00
Jan Tojnar
6842813bb1
aegisub: slight clean up 2019-12-15 05:44:17 +01:00