JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
206,150 Commits 2 Branches 0 Tags 13 GiB
e36af0f32a
Commit Graph

23792 Commits

Author SHA1 Message Date
Michael Raskin
5f21b4b896
Merge pull request #75723 from andir/advancecomp 
advancecomp: fix CVE-2019-9210
 2019-12-15 22:53:36 +00:00
Franz Pletz
05c6009f56
Merge pull request #75715 from andir/ansible 
ansible fixes for CVE-2019-10156 CVE-2019-10206 CVE-2019-14846 CVE-2019-14856 CVE-2019-14858 CVE-2019-14864
 2019-12-15 22:47:28 +00:00
Florian Klink
5073aab831 xilinx-bootgen: init at unstable-2019-10-23 2019-12-15 23:27:17 +01:00
Andreas Rammhold
f23627cb12
advancecomp: fix CVE-2019-9210 2019-12-15 23:15:35 +01:00
Franz Pletz
ded56b2687
Merge pull request #75234 from filalex77/subfinder-2.2.2 
subfinder: 2018-07-15 -> 2.2.4
 2019-12-15 22:13:06 +00:00
Franz Pletz
fda130af71
Merge pull request #75474 from chkno/xsecurelock-no-longer-needs-xset-path-fixed 
xsecurelock: Remove obsolete path fix
 2019-12-15 22:10:55 +00:00
Andreas Rammhold
b21b92947e ansible_2_6: 2.6.17 -> 2.6.20 
This addresses the following security issues:

  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when
    invalid parameters are passed to the module (CVE-2019-14858)
  * resolves CVE-2019-10206, by avoiding templating passwords from
    prompt as it is probable they have special characters.
  * Handle improper variable substitution that was happening in
    safe_eval, it was always meant to just do 'type enforcement' and have
    Jinja2 deal with all variable interpolation. Also see CVE-2019-10156

Changelog: 9bdb89f740/changelogs/CHANGELOG-v2.6.rst
 2019-12-15 21:25:07 +01:00
Andreas Rammhold
64e2791092 ansible_2_7: 2.7.11 -> 2.7.15 
This fixes the following security issues:
  * Ansible: Splunk and Sumologic callback plugins leak sensitive data
    in logs (CVE-2019-14864)
  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when invalid
    parameters are passed to the module (CVE-2019-14858)
  * resolves CVE-2019-10206, by avoiding templating passwords from
    prompt as it is probable they have special characters.
  * Handle improper variable substitution that was happening in
    safe_eval, it was always meant to just do 'type enforcement' and have
    Jinja2 deal with all variable interpolation. Also see CVE-2019-10156

Changelog: 0623dedf2d/changelogs/CHANGELOG-v2.7.rst (v2-7-15)
 2019-12-15 21:24:59 +01:00
Mario Rodas
22a8e0eb85
Merge pull request #75398 from r-ryantm/auto-update/tpm2-tools 
tpm2-tools: 4.0.1 -> 4.1
 2019-12-15 15:20:48 -05:00
Frederik Rietdijk
49b3d9ae62 Merge staging into staging-next 2019-12-15 18:49:26 +01:00
Robert Scott
183ef82f98 libreswan: 3.18 -> 3.29 (security) 
addressing CVE-2019-12312 & CVE-2019-10155
 2019-12-15 18:48:53 +01:00
Robert Scott
d17ecebcf0 unbound: install headers etc for libevent support as postInstall step 2019-12-15 18:48:53 +01:00
cap
2978ca2180 aircrack-ng: fixed missing dependency for airmon-ng 2019-12-15 18:38:43 +01:00
Marco A L Barbosa
5425557214 tectonic: 0.1.11 -> 0.1.12 (#75396) 2019-12-15 11:27:41 -05:00
Frederik Rietdijk
c20cd71d60 Merge master into staging-next 2019-12-15 16:09:28 +01:00
Andrew Childs
6e71ffbabf tio: expand platforms to "unix" to include darwin 2019-12-15 21:23:16 +09:00
Gabriel Ebner
86ed15dcce
Merge pull request #75678 from marsam/fix-vdirsyncer-darwin 
vdirsyncer: fix build on darwin
 2019-12-15 10:37:53 +01:00
Oleksii Filonenko
608c65b671
subfinder: 2.2.2 -> 2.2.4 2019-12-15 10:36:39 +02:00
Bernardo Meurer
171ceb38ff
beets.externalPlugins.check: init at 0.12.0 2019-12-14 21:52:21 -08:00
Austin Seipp
3e88e1b144
vector: 0.5.0 -> 0.6.0 
Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2019-12-14 20:33:59 -06:00
Austin Seipp
1446f6ca38
Revert "vector: make some more options override-able" 
See the comments in that commit for more information.

This reverts commit b964f4b421.
 2019-12-14 20:33:59 -06:00
Andreas Rammhold
928bc00ec4
Merge pull request #75673 from flokli/exa-broken-symlinks 
exa: apply patch to not panic on broken symlinks
 2019-12-15 02:28:29 +01:00
Mario Rodas
3f9333064b
vdirsyncer: fix build on darwin 2019-12-14 20:20:20 -05:00
Florian Klink
d41dca2f5f exa: apply patch to not panic on broken symlinks 
Currently, exa fails when being executed in a git repository with
symlinks pointing to a non-existing location.

This can happen quite often with garbage-collected result links, or in
bazel repositories.

A fix was PR'ed in September at https://github.com/ogham/exa/pull/584,
but upstream seems to be not responding.

Let's apply this patch until there's a release containing the fixes.
 2019-12-15 02:18:50 +01:00
Eduardo Quirós
297604cb35 pfetch: init at 0.4.0 
* pfetch: init at 0.4.0
 2019-12-14 23:28:44 +01:00
Jan Tojnar
429561978b
Merge branch 'master' into staging-next 2019-12-14 23:09:06 +01:00
Renaud
a189ffc45e
Merge pull request #75258 from srhb/bump-openapi-generator 
openapi-generator-cli: 4.2.1 -> 4.2.2
 2019-12-14 22:59:23 +01:00
Maximilian Bosch
ed8de578a0
Merge pull request #75653 from ivan/cargo-outdated-0.9.1 
cargo-outdated: unstable-2019-04-13 -> 0.9.1
 2019-12-14 18:37:35 +01:00
itsHMR
a46e3ebae5 tigervnc: add perl to buildInputs (#75367) 
tigervnc ships vncserver, quote from the documentation:
vncserver - a wrapper script which makes starting Xvnc more convenient vncserver requires Perl.
 2019-12-14 18:06:01 +01:00
Michael Weiss
e69c094227
html-proofer: 3.14.1 -> 3.15.0 2019-12-14 17:44:50 +01:00
Ivan Kozik
1896f2b2b0 cargo-outdated: unstable-2019-04-13 -> 0.9.1 2019-12-14 15:41:19 +00:00
Renaud
dd465ba6b6
wpscan: 3.5.3 -> 3.7.5 (#75580) 2019-12-14 15:55:33 +01:00
Jörg Thalheim
fbfd77b158
Merge pull request #75546 from averelld/jdgui-update 
jd-gui: 1.4.0 -> 1.6.5
 2019-12-14 07:41:01 +00:00
Jörg Thalheim
259139f1c3
Merge pull request #75565 from xwvvvvwx/wg-tools-20191212 
wireguard-tools: 0.0.20191127 -> 0.0.20191212
 2019-12-14 07:27:39 +00:00
Mario Rodas
6d34fb89eb fluent-bit: 1.3.2 -> 1.3.4 2019-12-13 22:46:22 -08:00
Mario Rodas
98634341e9
Merge pull request #75629 from filalex77/starship-0.30.1 
starship: 0.29.0 -> 0.30.1
 2019-12-13 23:12:20 -05:00
Maximilian Bosch
ca1a918d4c
Merge pull request #74422 from r-ryantm/auto-update/ibus-typing-booster 
ibus-engines.typing-booster-unwrapped: 2.7.0 -> 2.7.2
 2019-12-14 04:22:12 +01:00
Oleksii Filonenko
0ee049be99
starship: 0.29.0 -> 0.30.1 2019-12-14 01:00:11 +02:00
Averell Dalton
bc5f25a714 jd-gui: 1.4.0 -> 1.6.5 2019-12-13 21:29:24 +01:00
Silvan Mosberger
89eccbf985
Merge pull request #71052 from turboMaCk/imwheel-service 
services.xserver.imwheel: add module
 2019-12-13 19:37:59 +01:00
Dmitry Kalinkin
c644c7578d
texlive.bin.dvipng: fix "Fatal error, PK file ends prematurely" 
Closes: #75605
 2019-12-13 13:14:35 -05:00
Marek Fajkus
7406c0af98
services.xserver.imwheel: add module 2019-12-13 18:19:29 +01:00
Frederik Rietdijk
dfdf1597a7 Merge master into staging-next 2019-12-13 11:43:39 +01:00
Stig Palmquist
5f19aab912 arp-scan: 1.9.5 -> 1.9.7 
- 1.9.5 -> 1.9.7
- Fixes perl shebang and PERL5LIB for get-{oui,iab} scripts
- Quoted meta.homepage
 2019-12-13 07:04:07 +01:00
Markus Kowalewski
476547eb66 snapper: 0.8.5 -> 0.8.6 2019-12-12 21:12:53 -08:00
xrelkd
9649340977 powerline-go: 1.13.0 -> 1.15.0 2019-12-12 17:32:58 -08:00
worldofpeace
cf5c943f45
Merge pull request #75472 from ianmjones/snippetpixie 
snippetpixie: init at 1.2.2
 2019-12-12 18:29:05 -05:00
Ian M. Jones
374d587e73 snippetpixie: init at 1.2.2 2019-12-12 22:55:50 +00:00
Mario Rodas
97d1968185
Merge pull request #75557 from marsam/update-chezmoi 
chezmoi: 1.7.5 -> 1.7.7
 2019-12-12 17:47:02 -05:00
Daiderd Jordan
9fb0c2ea82
Merge pull request #75572 from shahrukh330/shahrukh330/aws-okta-fix-darwin-build 
aws-okta: fix build on darwin
 2019-12-12 23:18:57 +01:00
Jaka Hudoklin
b090446824
Merge pull request #75556 from peterhoeg/u/overlayfs_0_7_2 
fuse-overlayfs: 0.7 -> 0.7.2
 2019-12-12 21:12:40 +00:00
Shahrukh Khan
a0d608f259 aws-okta: fix build on darwin 2019-12-13 01:28:26 +05:00
David Terry
bbb9f053b4
wireguard-tools: 0.0.20191127 -> 0.0.20191212 2019-12-12 15:39:46 +01:00
Domen Kožar
c49ca3e505
nixpart: ignore useNixUdev as it's now required by hetzner 2019-12-12 15:04:31 +01:00
Peter Hoeg
af1b93f571 fuse-overlayfs: 0.7 -> 0.7.2 2019-12-12 19:41:03 +08:00
Mario Rodas
20ca6763df
chezmoi: 1.7.5 -> 1.7.7 2019-12-12 04:20:00 -05:00
Mario Rodas
a8d70a07df
Merge pull request #75530 from filalex77/starship-0.29.0 
starship: 0.28.0 -> 0.29.0
 2019-12-11 19:31:47 -05:00
Oleksii Filonenko
6df0e2cd92
starship: 0.28.0 -> 0.29.0 
https://github.com/starship/starship/releases/tag/v0.29.0
 2019-12-11 23:39:03 +02:00
Lancelot SIX
8af07181d0
Merge pull request #75518 from Pamplemousse/update_tmux 
tmux: 3.0 -> 3.0a
 2019-12-11 22:03:04 +01:00
Christian Kauhaus
5c0d9d6fe4 vulnix: 1.9.2 -> 1.9.4 
The new version requires zodbpickle >=2.0.0, which has recently landed
in master.
 2019-12-11 19:44:48 +01:00
Pamplemousse
9297c0cef6 tmux: 3.0 -> 3.0a 2019-12-11 09:23:46 -07:00
Georges Dubus
5d775b153a
Merge pull request #75299 from r-ryantm/auto-update/openfortivpn 
openfortivpn: 1.10.0 -> 1.11.0
 2019-12-11 16:49:20 +01:00
Dmitry Kalinkin
9e58ecd4ad
Merge pull request #75335 from veprbl/pr/texlive-bin-dvisvgm_fix 
texlive.bin.dvisvgm: fix
 2019-12-11 00:21:41 -05:00
worldofpeace
7cae93c29c bootchart: remove 2019-12-10 22:40:44 -05:00
worldofpeace
5027d9f9e2 oblogout: remove 
The repo is archived.
https://github.com/nikdoof/oblogout
 2019-12-10 22:40:18 -05:00
worldofpeace
865b203471 winswitch: remove 2019-12-10 22:38:19 -05:00
Jonathan Ringer
8f8d977f2a azure-cli: freeze azure-mgmt-recoveryservicesbackup 2019-12-10 18:28:21 -08:00
Chuck
5b28e2251a xsecurelock: Remove obsolete path fix 
helpers/saver_blank became trivial in xsecurelock commit
d4a817ae5e071540a1b11825908dd91a8697591a, which first appeared
in release 1.4.0.
 2019-12-10 18:00:18 -08:00
Frederik Rietdijk
f3618342ec Merge staging-next into staging 2019-12-10 19:01:27 +01:00
Lancelot SIX
84c16b7d39 gnupg: 2.2.18 -> 2.2.19 
See https://lists.gnu.org/archive/html/info-gnu/2019-12/msg00001.html
for release information.
 2019-12-10 18:56:32 +01:00
Marco A L Barbosa
b2b2330c35 curl: add option to use wolfssl backend 2019-12-10 18:55:41 +01:00
Orivej Desh
2ac6f1e352 ifm: init at 2015-11-08 
Listed on http://www.ifarchive.org/indexes/if-archiveXmapping-tools.html
 2019-12-10 17:09:14 +00:00
Mario Rodas
6a88e7cfef
Merge pull request #75399 from r-ryantm/auto-update/thermald 
thermald: 1.9 -> 1.9.1
 2019-12-10 06:47:41 -05:00
Mario Rodas
13b87494eb
Merge pull request #75415 from r-ryantm/auto-update/vips 
vips: 8.8.3 -> 8.8.4
 2019-12-10 00:32:36 -05:00
R. RyanTM
83c6d2a7e1 vips: 8.8.3 -> 8.8.4 2019-12-09 18:14:42 -08:00
Oleksii Filonenko
af4f2e366f
fusuma: add filalex77 to maintainers 2019-12-10 01:49:16 +02:00
Oleksii Filonenko
9299ee088c
fusuma: 0.10.2 -> 1.3.0 2019-12-10 01:49:16 +02:00
markuskowa
a17878168e
Merge pull request #75313 from r-ryantm/auto-update/phoronix-test-suite 
phoronix-test-suite: 9.0.1 -> 9.2.0
 2019-12-10 00:22:49 +01:00
R. RyanTM
14bcd8d229 thermald: 1.9 -> 1.9.1 2019-12-09 14:33:23 -08:00
R. RyanTM
d02f94365e tpm2-tools: 4.0.1 -> 4.1 2019-12-09 14:15:23 -08:00
R. RyanTM
eadb57d494 xmlbird: 1.2.10 -> 1.2.11 (#75265) 2019-12-09 19:58:29 +01:00
Sarah Brofeldt
b6a61da54e
Merge pull request #75290 from marsam/update-awsweeper 
awsweeper: init at 0.4.1
 2019-12-09 17:02:02 +01:00
Sarah Brofeldt
3a6bedb60e
Merge pull request #75303 from tobim/pkgs/kbfs-fusermount 
kbfs: don't use store path for fusermount
 2019-12-09 16:58:51 +01:00
Mario Rodas
7ddeecd50f
Merge pull request #75359 from marsam/update-procs 
procs: 0.8.13 -> 0.8.16
 2019-12-09 09:32:59 -05:00
Ryan Mulligan
c7452958da
Merge pull request #75316 from r-ryantm/auto-update/pirate-get 
pirate-get: 0.3.3 -> 0.3.4
 2019-12-09 05:57:18 -08:00
Mario Rodas
145178b048
Merge pull request #75318 from marsam/update-du-dust 
du-dust: 0.4.1.2 -> 0.4.2
 2019-12-09 07:04:05 -05:00
Mario Rodas
5419097ccd
procs: 0.8.13 -> 0.8.16 2019-12-09 04:20:00 -05:00
R. RyanTM
8dcd65d549 bruteforce-luks: 1.3.2 -> 1.4.0 2019-12-09 07:48:00 +01:00
Dmitry Kalinkin
2f637f4cff
texlive.bin.dvisvgm: don't provide dependencies that it ignores 
dvisvgm currently uses its own vendored versions for multiple libraries
 2019-12-08 23:04:57 -05:00
Dmitry Kalinkin
d26ca8bc66
texlive.bin.dvisvgm: fix for our ghostscript 2019-12-08 22:59:45 -05:00
worldofpeace
daf614c429
Merge pull request #75281 from r-ryantm/auto-update/network-manager 
networkmanager: 1.20.6 -> 1.20.8
 2019-12-08 19:50:19 -05:00
R. RyanTM
4622f4d850 pirate-get: 0.3.3 -> 0.3.4 2019-12-08 16:27:21 -08:00
R. RyanTM
b40c1b931b phoronix-test-suite: 9.0.1 -> 9.2.0 2019-12-08 15:54:23 -08:00
Mario Rodas
4d3f464ea9
du-dust: 0.4.1.2 -> 0.4.2 2019-12-08 18:47:00 -05:00
Mario Rodas
a1eee8245f noti: 3.3.0 -> 3.4.0 
Changelog: https://github.com/variadico/noti/releases/tag/3.4.0
 2019-12-09 00:41:22 +01:00
Tobias Mayer
2cb70571d7 kbfs: don't use store path for fusermount 2019-12-08 22:52:08 +01:00
R. RyanTM
9ea255f23b openfortivpn: 1.10.0 -> 1.11.0 2019-12-08 13:39:49 -08:00
R. RyanTM
eeda68a88e byobu: 5.129 -> 5.130 (#75205) 2019-12-08 20:53:53 +01:00
R. RyanTM
c9a8cb3378 networkmanager: 1.20.6 -> 1.20.8 2019-12-08 10:48:57 -08:00
c0bw3b
69b393ace5 Treewide: update some problematic homepages 
These URLs are reported as problematic by Repology.
It could be a permanent redirection
or the page does not exist anymore
 2019-12-08 10:21:29 -08:00