Commit Graph

520 Commits

Author SHA1 Message Date
Franz Pletz
4cb7272537 apacheHttpd: 2.4.20 -> 2.4.23 (security)
Fixes CVE-2016-4979.
2016-08-25 03:10:02 +02:00
obadz
0e8d2725dc Merge branch 'master' into staging 2016-08-23 18:50:06 +01:00
Tuomas Tynkkynen
2e6b5c41af treewide: Make explicit that 'dev' output of apacheHttpd is used 2016-08-23 03:26:54 +03:00
Tuomas Tynkkynen
14b8153c28 mod_fastcgi: Make 'apacheHttpd.dev' more explicit 2016-08-23 03:20:21 +03:00
obadz
24a9183f90 Merge branch 'hardened-stdenv' into staging
Closes #12895

Amazing work by @globin & @fpletz getting hardened compiler flags by
enabled default on the whole package set
2016-08-22 01:19:35 +01:00
Robert Helgesson
2033f261e9
redstore: add home page and license fields 2016-08-17 22:43:06 +02:00
Robert Helgesson
74b25f4c69
redstore: 0.5.2 -> 0.5.4 2016-08-17 22:34:17 +02:00
Robert Helgesson
a4ae7b87f0
redstore: fix build under recent glibc
Previously the build would fail due to, e.g., `getaddrinfo` not being
defined.
2016-08-17 22:34:17 +02:00
Robin Gloster
b7787d932e Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-12 09:46:53 +00:00
Michael Raskin
d1435913cf nginx: 1.11.2 -> 1.11.3 2016-08-11 17:57:35 +02:00
Robin Gloster
1b979d8384 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-03 13:34:44 +00:00
Tuomas Tynkkynen
21f17d69f6 treewide: Add lots of meta.platforms
Build-tested on x86_64 Linux & Mac.
2016-08-02 21:42:43 +03:00
Tuomas Tynkkynen
2258b21e4b treewide: Add lots of platforms to packages with no meta
Build-tested on x86_64 Linux and on Darwin.
2016-08-02 21:17:44 +03:00
Tuomas Tynkkynen
b96fe03484 treewide: Fix meta.platforms related typos 2016-08-02 21:17:44 +03:00
Robin Gloster
1f04b4a566 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-21 00:56:43 +00:00
Bjørn Forsman
2173e6b49a lighttpd: 1.4.39 -> 1.4.40
Major bug-fix release; hundreds of issues resolved in issue tracker.

https://www.lighttpd.net/2016/7/16/1.4.40/
2016-07-19 15:55:22 +02:00
Robin Gloster
203846b9de Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-19 10:37:02 +00:00
Franz Pletz
b5daad4268 nginx: refactor and add mainline version
Upstream calls the unstable version mainline.
2016-07-19 01:20:49 +02:00
Robin Gloster
5185bc1773 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-15 14:41:01 +00:00
Franz Pletz
9eec064355 nginx: 1.10.0 -> 1.10.1 (security)
Fixes CVE-2016-4450.
2016-07-10 10:48:11 +02:00
Franz Pletz
916cedb063 gatling: remove unused dependency on polarssl 2016-07-10 10:26:14 +02:00
Rickard Nilsson
5193c3e1b9 jetty: 9.3.9 -> 9.3.10 2016-06-26 05:58:35 +00:00
Eelco Dolstra
c51af01325 apache-httpd: 2.4.18 -> 2.4.20
CVE-2016-1546
2016-06-20 15:17:12 +02:00
Bjørn Forsman
bd01fad0ed Captialize meta.description of all packages
In line with the Nixpkgs manual.

A mechanical change, done with this command:

  find pkgs -name "*.nix" | \
      while read f; do \
          sed -e 's/description\s*=\s*"\([a-z]\)/description = "\u\1/' -i "$f"; \
      done

I manually skipped some:

* Descriptions starting with an abbreviation, a user name or package name
* Frequently generated expressions (haskell-packages.nix)
2016-06-20 13:55:52 +02:00
zimbatm
a95229a963 Merge pull request #15677 from womfoo/mod_auth_mellon
mod_auth_mellon: init at 0.12.0 and dependency lasso: init at 2.5.1
2016-06-12 23:38:57 +01:00
Robin Gloster
8031cba2ab Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-06-10 09:27:04 +00:00
Rickard Nilsson
b9922661b8 jetty: Remove obsolete versions and init new default to 9.3.9.v20160517 2016-06-10 07:59:59 +00:00
Teo Klestrup Röijezon
3f5186fd54 nginxModules.lua: 0.10.0 -> 0.10.5 2016-06-05 12:48:06 +02:00
Robin Gloster
2d382f3d98 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-30 19:39:34 +00:00
Kranium Gikos Mendoza
25fbac5b52 mod_auth_mellon: init at 0.12.0 2016-05-23 02:02:25 +08:00
Tuomas Tynkkynen
7fb29bfa73 treewide: Make explicit that 'dev' output of zlib is used 2016-05-19 10:04:38 +02:00
Tuomas Tynkkynen
d42e94472d treewide: Make explicit that 'dev' output of pcre is used 2016-05-19 10:02:28 +02:00
Tuomas Tynkkynen
2a73de6e6c treewide: Make explicit that 'dev' output of openssl is used 2016-05-19 10:02:23 +02:00
Tuomas Tynkkynen
d298b52fd3 treewide: Make explicit that 'dev' output of aprutil is used 2016-05-19 10:00:25 +02:00
Tuomas Tynkkynen
29694b43b6 treewide: Make explicit that 'dev' output of apr is used 2016-05-19 10:00:24 +02:00
Tuomas Tynkkynen
16cc4ac83b treewide: Make explicit that 'dev' output of apacheHttpd is used 2016-05-19 10:00:23 +02:00
Franz Pletz
f8d481754c
Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-05-18 17:10:02 +02:00
Peter Simons
8e462995ba Bring my stdenv.lib.maintainers user name in line with my github nick. 2016-05-16 22:49:55 +02:00
Domen Kožar
0adf2b25a1 4store: 1.1.5 -> 1.1.6 (convert from builderDefsPackage) 2016-05-08 18:29:40 +01:00
Tobias Geerinckx-Rice
ab6e0861d4
nginx: restore .upstream files
07d9de713a
2016-05-06 15:37:22 +02:00
Tobias Geerinckx-Rice
b0f8349d95
nginxUnstable: alias to nginx until next unstable release 2016-05-06 13:47:36 +02:00
Tobias Geerinckx-Rice
07d9de713a
nginx: remove .upstream files 2016-05-06 13:47:12 +02:00
Tobias Geerinckx-Rice
959472a824
nginx: 1.8.1 -> 1.10.0
Changes: http://nginx.org/en/CHANGES-1.10
2016-05-03 20:05:57 +02:00
Franz Pletz
669cd2adbf lighttpd: 1.4.37 -> 1.4.39 2016-05-03 16:15:20 +02:00
Robin Gloster
c92bca56f8 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-02 22:58:02 +00:00
Michael Raskin
e59151f3ef nix-binary-cache: take into account Nix split (mulitple-outputs) 2016-04-22 00:57:43 +02:00
Eelco Dolstra
b4bf432709 nghttp2: 1.8.0 -> 1.9.2, unify with libnghttp2, and use multiple outputs
Note: I ignored the C++ libraries, but it appears we're not currently
using them. Once we do, we'll probably want to put them in a separate
output as well (to prevent non-C++ users from depending on Boost).
2016-04-18 21:13:18 +02:00
Robin Gloster
d020caa5b2 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-18 13:49:22 +00:00
Michael Raskin
c82272fdc0 nginxUnstable: 1.9.11 -> 1.9.14 2016-04-13 14:47:04 +02:00
Vladimír Čunát
30f14243c3 Merge branch 'master' into closure-size
Comparison to master evaluations on Hydra:
  - 1255515 for nixos
  - 1255502 for nixpkgs
2016-04-10 11:17:52 +02:00
Florian Steinel
2486191f39 thttpd: 2.26 -> 2.27
from http://www.acme.com/software/thttpd/#releasenotes
 New in version 2.27:
-   Stats syslogs changed from LOG_INFO to LOG_NOTICE.
-   Use memmove() for self-overlapping string copies instead of strcpy().
-   Couple of subroutine name changes for consistency.
2016-04-09 19:28:50 +02:00
Robin Gloster
3e68106afd Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-07 21:52:26 +00:00
Allan Espinosa
16b12fbd87 apt-cacher-ng: disable on OSX
fmemopen() doesn't exist on OSX. This causes the builds to fail.
2016-04-07 11:57:12 -05:00
Robin Gloster
bbbaccfa68 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-04 15:24:52 +00:00
Peter Simons
8e0f0776aa mini-httpd: update to version 1.6 2016-04-04 15:06:32 +02:00
Tomasz Kontusz
36135033b6 mini-httpd: add -ansi to CFLAGS 2016-04-03 00:46:23 +02:00
Vladimír Čunát
ab15a62c68 Merge branch 'master' into closure-size
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
Robin Gloster
f60c9df0ba Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-03-28 15:16:29 +00:00
Joachim Fasting
c6d3a23cf6 apt-cacher-ng: 0.8.9 -> 0.9.1
Tested by doing sandboxed build & running the resulting
exectuable.

Note that sources for 0.8.9 are no longer available on
the Debian mirrors.
2016-03-17 15:59:39 +01:00
Robin Gloster
3f45f0948d Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-03-15 01:44:24 +00:00
zimbatm
eac89788da apacheHttpd: add support for HTTP/2
In NixOS you can enable HTTP/2 like this:

    services.httpd.extraModules = [ "http2" ];
    services.httpd.extraConfig = ''
      Protocols h2 http/1.1
    '';
2016-03-12 15:31:23 +00:00
Luca Bruno
dcfca100ec Merge pull request #12525 from knupfer/ngx_brotli
add nginxModules.brotli
2016-03-11 11:05:21 +01:00
Allan Espinosa
59e12df957 apt-cacher-ng: 0.8.6 -> 0.8.9 2016-03-11 02:49:38 -06:00
Vladimír Čunát
09af15654f Merge master into closure-size
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
Franz Pletz
fedf31660d nginx: Rmove custom hardening, now enabled by default 2016-03-08 00:39:07 +01:00
Franz Pletz
e9fc4e7db6 Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-03-07 22:08:27 +01:00
Franz Pletz
c686f03305 tomcat: 6.0.44 -> 6.0.45, 7.0.62 -> 7.0.68, 8.0.23 -> 8.0.32
Fixes at least CVE-2015-5174, CVE-2015-5345, CVE-2015-5351, CVE-2016-0706,
CVE-2016-0714, CVE-2016-0763.
2016-03-07 03:34:44 +01:00
Franz Pletz
cb3d27df93 Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-03-05 18:55:30 +01:00
Franz Pletz
aff1f4ab94 Use general hardening flag toggle lists
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
2016-03-05 18:55:26 +01:00
Michael Raskin
708c6094c5 nginx, nginxUnstable: hardening: only use when the compiler is gcc 2016-03-04 16:57:47 +01:00
Michael Raskin
7b9684a5b5 nginx, nginxUnstable: enable hardening. Flags as recommended by @arno01 (Andrey Arapov) in #7190 2016-03-04 16:54:37 +01:00
Robin Gloster
3b4765c9e5 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-02-28 16:32:57 +00:00
Michael Raskin
a08c8b12f0 Add Apache Jena Fuseki instead of obsolete and unavailable Jena Joseki 2016-02-28 10:39:33 +01:00
Robin Gloster
310fa56788 nginx: enable pie hardening 2016-02-26 16:38:26 +00:00
Michael Raskin
9e7c28cb56 nginxUnstable: 1.9.10 -> 1.9.11 2016-02-14 21:17:07 +01:00
Vladimír Čunát
54299b60c4 Merge #12779: Mass replace pkg}/bin-style strings
... to refer to correct outputs
2016-02-03 17:25:22 +01:00
Vladimír Čunát
ae74c356d9 Merge recent 'staging' into closure-size
Let's get rid of those merge conflicts.
2016-02-03 16:57:19 +01:00
Tuomas Tynkkynen
e97e690244 treewide: Mass replace 'xz}/bin' to refer the 'bin' output 2016-02-01 20:46:28 +02:00
Tuomas Tynkkynen
13b3f3f246 treewide: Mass replace 'openssl}/bin' to refer the 'bin' output 2016-02-01 20:46:16 +02:00
Tuomas Tynkkynen
5f4a8de754 treewide: Mass replace 'bzip2}/bin' to refer the 'bin' output 2016-02-01 20:45:57 +02:00
Rok Garbas
cf40e86fb0 nginx: 1.8.0->1.8.1, 1.9.9->1.9.10 2016-01-26 18:12:01 +01:00
obadz
3a9983b45d couchdb: add platform, remove maintainer that was added accidentally, fixes #12502 2016-01-24 14:39:47 +01:00
Benjamin Staffin
9bad9c8bf3 nginx: add statsd to the available modules 2016-01-23 17:25:49 -05:00
knupfer
8e604f7937 nginxModules.brotli: init at 788615e 2016-01-21 22:14:39 +01:00
Vladimír Čunát
716aac2519 Merge branch 'staging' into closure-size 2016-01-19 09:55:31 +01:00
Tobias Geerinckx-Rice
3f10b2874f Merge pull request #12450 from eduarrrd/pshs
pshs: 0.2.6 -> 0.3
2016-01-18 04:55:25 +01:00
Eduard Bachmakov
f3ae60295f pshs: 0.2.6 -> 0.3 2016-01-17 22:44:48 -05:00
Christoph Hrdinka
a3e3b76363 nginxModules.lua: 0.9.19 -> 0.10.0 2016-01-16 16:35:07 +01:00
Jakob Gillich
ff02a4e3c2 axis2: 1.6.3 -> 1.6.4
fixes CVE-2013-0248
2016-01-07 05:59:15 +01:00
Michael Raskin
ab3277e68a nginxUnstable: 1.9.7 -> 1.9.9 2016-01-01 12:30:17 +03:00
Vladimír Čunát
f9f6f41bff Merge branch 'master' into closure-size
TODO: there was more significant refactoring of qtbase and plasma 5.5
on master, and I'm deferring pointing to correct outputs to later.
2015-12-31 09:53:02 +01:00
Robin Gloster
566c06c5a7 apacheHttpd: 2.4.17 -> 2.4.18 2015-12-27 21:31:30 +00:00
Luca Bruno
5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
Teo Klestrup Röijezon
53441bcc93 nginx: 1.9.4 -> 1.9.7, fixes #11515 2015-12-07 14:56:27 +01:00
Vladimír Čunát
6cc57be289 apache modules: fix build problems
pkgs.mod_evasive was removed, because that combination isn't supported
(according to an assertion).
2015-12-05 13:16:55 +01:00
Vladimír Čunát
2709a815e5 apache-httpd-2.2: fix build
It was broken by interaction with b81515c2.
I should've tested both versions before pushing 34b5d193c0.
2015-12-05 11:59:10 +01:00
Vladimír Čunát
34b5d193c0 apache*: don't change layout in $out WRT master 2015-12-04 15:27:32 +01:00
Christoph Hrdinka
1391ca3af1 nginxModules.lua: 0.9.16 -> 0.9.19 2015-12-02 23:06:34 +01:00
Luca Bruno
920b1d3591 Merge branch 'master' into closure-size 2015-11-29 16:50:26 +01:00
zimbatm
138a42dd11 webfs: fix mime types
Unfortunately the shared_mime_info format is not compatible with webfs.

Instead of pulling the whole httpd package I opted for just fetching the
mime.types file from the apache httpd project.
2015-11-28 14:24:21 +00:00