Commit graph

102011 commits

Author SHA1 Message Date
Graham Christensen
037c489b10 Merge pull request #22890 from grahamc/mark-as-insecure
nixpkgs: allow packages to be marked insecure
2017-02-23 07:12:18 -05:00
Nikolay Amiantov
0c50a62912 octoprint: jailbreak Jinja2 2017-02-23 13:15:58 +03:00
Nikolay Amiantov
cf29810281 haskellPackages.lambdabot: jailbreak 2017-02-23 13:13:22 +03:00
Nikolay Amiantov
a4353270c4 lttng-ust: 2.5.1 -> 2.9.0 2017-02-23 13:04:23 +03:00
Nikolay Amiantov
ba43d6bdc9 lttng-tools: 2.5.2 -> 2.9.3 2017-02-23 13:04:23 +03:00
Nikolay Amiantov
fd29b10606 linuxPackages.lttng-modules: 2.8.3 -> 2.9.1 2017-02-23 13:04:23 +03:00
Pascal Wittmann
f1e5dce762 Merge pull request #23101 from bflyblue/master
unifi: 5.2.9 -> 5.4.11
2017-02-23 10:28:46 +01:00
Peter Hoeg
84fd5daafc terragrunt: 0.10.2 -> 0.10.3 2017-02-23 17:14:45 +08:00
Shaun Sharples
265a288bee unifi: 5.2.9 -> 5.4.11 2017-02-23 10:26:05 +02:00
sternenseemann
8352e0b38c ocaml-ipaddr: 2.6.1 -> 2.7.2
Keeps the legacy version under attribute `ipaddr_p4`;
it is needed for OCaml < 4.02 and some libraries (eg `conduit`).
2017-02-23 08:01:29 +00:00
Itai Zukerman
59bb3d1f3f bazel: remove dependence on buildFHSUserEnv 2017-02-22 20:42:21 -08:00
Graham Christensen
c8859b7264
libplist: mark as insecure
Patches currently available don't seem to apply.
2017-02-22 21:09:14 -05:00
Graham Christensen
6c37a92b2b
firebird: 2.5.6.27020-0 -> 2.5.7.27050-0 for '2.5.7.27050-0' bypass 2017-02-22 20:52:15 -05:00
Jörg Thalheim
f25ff18c98
cmus: let ffmpeg handle mp4/aac 2017-02-23 01:47:45 +01:00
Jörg Thalheim
ceac00d82b
mp4v2: 1.9.1p4 -> 2.0.0 2017-02-23 01:47:45 +01:00
Jörg Thalheim
e868669c4a
cmus: mp4 support 2017-02-23 01:47:45 +01:00
Jörg Thalheim
744ce7e8e2
cmus: enable aac support 2017-02-23 01:47:45 +01:00
Thomas Lotze
4689dd2a79
cmus: enable opus support (re #23051)
Opus support was enabled since it didn't work in the past; I found it to be
working when I gave it a try now.
2017-02-23 01:47:44 +01:00
Dan Peebles
15c05ad213 google-compute-image.nix: fix evaluation failure 2017-02-22 23:51:57 +00:00
Dan Peebles
49641e0de0 make-disk-image.nix: support additional filesystem contents
This makes make-disk-image.nix slightly more consistent with other image
builders we have. Unfortunately I duplicated some code in doing so, but
this is temporary duplication on the path to consolidating everything.
See https://github.com/NixOS/nixpkgs/issues/23052 for more details on that.

I'm also exposing the option in the amazon-image.nix maintainer module.
2017-02-22 23:49:49 +00:00
Jörg Thalheim
df4c0aeff8 shellcheck: reduce closure size
from 1.5GB to 20mb
2017-02-22 23:37:52 +00:00
Peter Hoeg
354243c784 Merge pull request #23091 from peterhoeg/u/lynx
lynx: 2.8.8rel.2 -> 2.8.9dev.11
2017-02-23 07:35:28 +08:00
Peter Hoeg
a3bf71b76f lynx: 2.8.8rel.2 -> 2.8.9dev.11 2017-02-23 07:32:55 +08:00
Peter Simons
7803a696cd smartmontools: update drivedb.h to latest SVN version 4391 2017-02-23 00:18:40 +01:00
Vladimír Čunát
4509487e82
nixos polkit: fixup setuid wrapper of pkexec
Broken in 628e6a8.  Fixes #23083.
2017-02-22 23:04:21 +01:00
Jascha Geerds
77670c04c7 Merge pull request #22937 from jgeerds/gnome
gnome-shell, gnome-tweak-tool: Don't propagate python
2017-02-22 22:06:21 +01:00
Joachim F
f764ccc7f1 Merge pull request #22812 from phi-gamma/afio
afio: init at 2.5.1
2017-02-22 22:05:51 +01:00
Vincent Laporte
cb6d15549a ocamlPackages.mparser: init at 1.2.1
MParser is a simple monadic parser combinator library for OCaml.

Homepage: https://github.com/cakeplus/mparser/
2017-02-22 19:23:06 +00:00
Frederik Rietdijk
de4643eb80 diffoscope: 63 -> 77 2017-02-22 19:45:54 +01:00
Tristan Helmich
a43fd5af38 graylog: 2.1.2 -> 2.2.1 2017-02-22 19:03:48 +01:00
Vladimír Čunát
f5eea8ba1d
libevent: apply security patches from Debian
/cc #23072.  As with curl, it's nontrivial rebuild but security...
https://lwn.net/Alerts/714571/
2017-02-22 19:00:04 +01:00
Vladimír Čunát
838e29d236
Merge branch 'staging'
There's a security fix for curl inside.
2017-02-22 18:21:58 +01:00
Vladimír Čunát
ebf782829a
Merge #23063: curl: 7.52.1 -> 7.53.0 2017-02-22 18:11:05 +01:00
Vladimír Čunát
145d3ea81c
Merge branch 'master' into staging 2017-02-22 17:47:49 +01:00
Vladimír Čunát
d6cff5783e
gnutls: drop -lunistring on Darwin as well
I didn't intend this substitution to be conditional; I looked wrong.
2017-02-22 17:44:06 +01:00
Gabriel Ebner
b66ec6026c idris: jailbreak
Fixes #23048
2017-02-22 17:36:36 +01:00
Vladimír Čunát
2f1945dcd3
python-3.6: fix random numbers with glibc-2.25
I missed this upstream patch. /cc #22874.
2017-02-22 17:34:33 +01:00
Vladimír Čunát
fe8aa284c2
xcbuild: fixup build with glibc-2.25 2017-02-22 16:58:45 +01:00
Vladimír Čunát
7ccd6f25f0
reptyr: fixup build with glibc-2.25 2017-02-22 16:54:40 +01:00
Vladimír Čunát
1d1dc2dcc3
open-vm-tools: fixup build with glibc-2.25 2017-02-22 16:54:07 +01:00
Vladimír Čunát
7ccaa9e652
solvespace: fixup build with glibc-2.25 2017-02-22 16:45:08 +01:00
Moritz Ulrich
51134cdbfe
digikam5: Fix build after kde merge. 2017-02-22 16:44:08 +01:00
Vladimír Čunát
a04849502d
fstrm: init at 0.3.1 2017-02-22 15:03:21 +01:00
Frederik Rietdijk
3bcd3d2c34 Merge pull request #23061 from nixy/pythonPackages.snakeviz
pythonPackages.snakeviz: init at 0.4.1
2017-02-22 14:31:26 +01:00
Michael Raskin
194d137bd3 wireshark: patch for CVE-2017-6041 2017-02-22 14:17:02 +01:00
Michael Raskin
a8bf87681c kde5.applications.kig: init at 16.12.2 2017-02-22 14:17:02 +01:00
Andrew R. M
99754b2527 pythonPackages.snakeviz: init at 0.4.1 2017-02-22 08:14:53 -05:00
Graham Christensen
cc4919da89
xen: patch for XSAs: 197, 199, 207, 208, 209
XSA-197 Issue Description:

> The compiler can emit optimizations in qemu which can lead to double
> fetch vulnerabilities.  Specifically data on the rings shared
> between qemu and the hypervisor (which the guest under control can
> obtain mappings of) can be fetched twice (during which time the
> guest can alter the contents) possibly leading to arbitrary code
> execution in qemu.

More: https://xenbits.xen.org/xsa/advisory-197.html

XSA-199 Issue Description:

> The code in qemu which implements ioport read/write looks up the
> specified ioport address in a dispatch table.  The argument to the
> dispatch function is a uint32_t, and is used without a range check,
> even though the table has entries for only 2^16 ioports.
>
> When qemu is used as a standalone emulator, ioport accesses are
> generated only from cpu instructions emulated by qemu, and are
> therefore necessarily 16-bit, so there is no vulnerability.
>
> When qemu is used as a device model within Xen, io requests are
> generated by the hypervisor and read by qemu from a shared ring.  The
> entries in this ring use a common structure, including a 64-bit
> address field, for various accesses, including ioport addresses.
>
> Xen will write only 16-bit address ioport accesses.  However,
> depending on the Xen and qemu version, the ring may be writeable by
> the guest.  If so, the guest can generate out-of-range ioport
> accesses, resulting in wild pointer accesses within qemu.

More: https://xenbits.xen.org/xsa/advisory-199.html

XSA-207 Issue Description:

> Certain internal state is set up, during domain construction, in
> preparation for possible pass-through device assignment.  On ARM and
> AMD V-i hardware this setup includes memory allocation.  On guest
> teardown, cleanup was erroneously only performed when the guest
> actually had a pass-through device assigned.

More: https://xenbits.xen.org/xsa/advisory-207.html

XSA-209 Issue Description:

> When doing bitblt copy backwards, qemu should negate the blit width.
> This avoids an oob access before the start of video memory.

More: https://xenbits.xen.org/xsa/advisory-208.html

XSA-208 Issue Description:

> In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine
> cirrus_bitblt_cputovideo fails to check wethehr the specified memory
> region is safe.

More: https://xenbits.xen.org/xsa/advisory-209.html
2017-02-22 08:00:45 -05:00
Frederik Rietdijk
026cfee6b0 Docs: update Python contributing guidelines 2017-02-22 13:38:29 +01:00
Peter Hoeg
409dac4155 Merge branch 'u/tg' into real_master 2017-02-22 20:14:26 +08:00