Commit graph

50 commits

Author SHA1 Message Date
Chuck
2327204ad0 gnupatch: Don't fetch from cgit URLs with unstable hashes
cgit cannot serve patches with stable hashes, so store these patches
in-tree.  cgit community discussion about this problem:
https://lists.zx2c4.com/pipermail/cgit/2017-February/003470.html

We pull the patches in-tree rather than strip cgit footers with fetchpatch
because per https://github.com/NixOS/nixpkgs/pull/61471#issuecomment-493218587
dependencies of fetchpatch cannot use fetchpatch.

Verification that the only difference between the live page, the
patch committed here, and the version cached under the old hash at
tarballs.nixos.org is the cgit version footer:

$ curl -s -L http://tarballs.nixos.org/sha256/"$(nix-hash --type sha256 --to-base16 0iw0lk0yhnhvfjzal48ij6zdr92mgb84jq7fwryy1hdhi47hhq64)" > Allow_input_files_to_be_missing_for_ed-style_patches.patch
$ diff -U0 --label cgit-live <( curl -s -L https://git.savannah.gnu.org/cgit/patch.git/patch/?id=b5a91a01e5d0897facdd0f49d64b76b0f02b43e1 ) Allow_input_files_to_be_missing_for_ed-style_patches.patch
--- cgit-live
+++ Allow_input_files_to_be_missing_for_ed-style_patches.patch  2020-01-29 17:22:00.077312937 -0800
@@ -32 +32 @@
-cgit v1.2.1
+cgit v1.0-41-gc330

$ curl -s -L http://tarballs.nixos.org/sha256/"$(nix-hash --type sha256 --to-base16 1bpy16n3hm5nv9xkrn6c4wglzsdzj3ss1biq16w9kfv48p4hx2vg)" > CVE-2018-1000156.patch
$ diff -U0 --label cgit-live <( curl -s -L https://git.savannah.gnu.org/cgit/patch.git/patch/?id=123eaff0d5d1aebe128295959435b9ca5909c26d ) CVE-2018-1000156.patch
--- cgit-live
+++ CVE-2018-1000156.patch      2020-01-29 17:23:41.021116969 -0800
@@ -210 +210 @@
-cgit v1.2.1
+cgit v1.0-41-gc330
2020-01-30 14:23:33 -08:00
Pierre Bourdon
63905a7b6f gnupatch: rename patch files to match their CVE ids.
This should be a behavior no-op, but it helps vulnix figure out that we
are up to date regarding security patches.
2019-10-22 09:48:12 +02:00
Vladimír Čunát
92f3ea646e
Merge branch 'master' into staging-next
... to avoid the accidental gnupatch rebuild
2019-08-02 09:40:36 +02:00
Ivan Kozik
002b853782
gnupatch: avoid rebuild from c4ce832e PR #65687
vcunat is really sorry for not noticing this.
2019-08-02 09:31:07 +02:00
Frederik Rietdijk
6f723b9bad Merge master into staging-next 2019-08-02 09:18:37 +02:00
vitaliizinchenko
6ec98ddc23 gnupatch: update links to patches 2019-08-01 16:21:06 -04:00
Andreas Rammhold
49c4c4a5b9 gnupatch: apply patches for CVE-2019-1363 and CVE-2019-13638 2019-07-28 19:05:43 +02:00
c0bw3b
6a2a4e82c9 gnupatch: add patch for CVE-2018-6952
Refs:
https://nvd.nist.gov/vuln/detail/CVE-2018-6952
https://savannah.gnu.org/bugs/index.php?53133
2019-04-27 07:00:29 +02:00
c0bw3b
93e511c319 Treewide: use HTTPS on GNU Savannah domains
HTTP -> HTTPS for:
- http://savannah.gnu.org/
- http://git.savannah.gnu.org/
- http://download.savannah.gnu.org/
- http://svn.savannah.gnu.org/
2018-12-02 15:33:09 +01:00
Matthew Bauer
b068e220ff patch: use checkInputs instead of conditional
This is more clear, to separate test dependencies.
2018-10-02 15:27:11 -05:00
John Ericson
0828e2d8c3 treewide: Remove usage of remaining redundant platform compatability stuff
Want to get this out of here for 18.09, so it can be deprecated
thereafter.
2018-08-30 17:20:32 -04:00
Tim Steinbach
f0814ec049
patch: Fix CVE-2018-1000156 2018-08-05 16:02:57 -04:00
Antoine Eiche
11fd378f73 gnupatch: fix CVE-2018-6951
fixes #39045
2018-04-17 12:50:05 +01:00
Tuomas Tynkkynen
b882387c9a gnupatch: 2.7.5 -> 2.7.6 2018-02-14 01:47:28 +02:00
Will Dietz
f969923bac gnupatch: disable tests on musl :( 2018-02-13 09:44:41 -06:00
John Ericson
133b4658df treewide: Simplify some doCheck calls
In anticipation of what I outline in #33599, I only simplify exactly those
`doCheck`s which are equal to `hostPlatform != buildPlatform`. I also stick a
comment next to them so I can grep for them later.
2018-01-09 12:37:38 -05:00
John Ericson
95c8277701 misc pkgs: Remove unneeded *Platform == *Platform comparisons
PR #26007 used these to avoid causing a mass rebuild. Now that we know
things work, we do that to clean up.
2017-06-30 10:09:31 -04:00
John Ericson
ef0b07e94a gnu patch: Fix for cross 2017-06-22 17:53:53 -04:00
William A. Kennington III
ae336a419e patch: 2.7.3 -> 2.7.5 2015-03-26 00:24:17 -07:00
Edward O'Callaghan
529e2b281a gnupatch: update from 2.7.1 to 2.7.3 (close #6048)
Potentially fixes CVE-2015-1196.

Signed-off-by: Edward O'Callaghan <eocallaghan@alterapraxis.com>
2015-02-07 06:48:21 +01:00
Mateusz Kowalczyk
7a45996233 Turn some license strings into lib.licenses values 2014-07-28 11:31:14 +02:00
Peter Simons
0d7118814b Merge branch 'origin/master' into stdenv. 2013-08-17 10:00:16 +02:00
Ludovic Courtès
2e937c437a unmaintain several packages 2013-08-16 23:45:01 +02:00
Danny Wilson
58e6277d77 Allow GNU Patch tests to run with non-bash shell.
Fix gnused url.
2013-02-28 20:04:11 +01:00
Eelco Dolstra
c0ae221bb0 patch: Update to 2.7.1
Also disable the tests on FreeBSD.

http://hydra.nixos.org/build/3070072
2012-10-16 15:05:39 -04:00
Eelco Dolstra
8f26b38d4e Drop Darwin patch in GNU patch
Seems to build fine without it.

http://hydra.nixos.org/build/3053575
2012-09-24 16:53:42 -04:00
Eelco Dolstra
37b44ed690 patch: Update to 2.7 2012-09-18 14:48:31 -04:00
Ludovic Courtès
0a9d954bc6 GNU Patch: On Darwin, use an existing tarball, and patch from there.
svn path=/nixpkgs/trunk/; revision=33892
2012-04-23 15:47:21 +00:00
Lluís Batlle i Rossell
c93a74426b Fixing the gnupatch url; it was taking the alpha snapshot for all the platforms
at the time of building the stdenv (because there !(stdenv ? glibc)).
I changed that to stdenv.isDarwin, in a guess that it may work for those who
experienced problems with the last patch release.

svn path=/nixpkgs/branches/stdenv-updates/; revision=24171
2010-10-08 06:53:35 +00:00
Lluís Batlle i Rossell
fb4a1baa45 Updating 'patch' for bootstrap (reference broken)
svn path=/nixpkgs/branches/stdenv-updates/; revision=22851
2010-08-01 21:25:19 +00:00
David Guibert
bf11f132e0 gnupatch: fix broken url
svn path=/nixpkgs/branches/stdenv-updates/; revision=22042
2010-05-28 11:06:52 +00:00
Lluís Batlle i Rossell
19b9811012 Making a bunch of basic programs cross-buildable.
After this, the 'bootstrap-tools' can be cross-built.


svn path=/nixpkgs/branches/stdenv-updates/; revision=20945
2010-04-04 18:10:42 +00:00
Ludovic Courtès
907be69b26 GNU Patch: Fix for BSDs.
svn path=/nixpkgs/branches/stdenv-updates/; revision=19522
2010-01-18 14:54:46 +00:00
Ludovic Courtès
c161cd1773 GNU Patch: Fix typo.
svn path=/nixpkgs/branches/stdenv-updates/; revision=19432
2010-01-14 12:46:10 +00:00
Ludovic Courtès
7c8062b8a2 GNU Patch: Try fix for Darwin.
svn path=/nixpkgs/branches/stdenv-updates/; revision=19430
2010-01-14 10:09:45 +00:00
Ludovic Courtès
a9ced90be9 GNU Patch: Use GNU ed and re-enable the tests.
svn path=/nixpkgs/branches/stdenv-updates/; revision=19315
2010-01-08 21:28:30 +00:00
Lluís Batlle i Rossell
ab76500645 Disabling patch doCheck, because they fail.
To be fixed some day, with a bug report to gnupatch if required.


svn path=/nixpkgs/branches/stdenv-updates/; revision=19286
2010-01-07 14:08:39 +00:00
Ludovic Courtès
9fefb472c5 GNU Patch 2.6.1.
svn path=/nixpkgs/branches/stdenv-updates/; revision=19260
2010-01-06 13:50:51 +00:00
Rob Vermaas
c100551503 * darwin patch to make sure gnupatch doesn't get dSYM extension
svn path=/nixpkgs/trunk/; revision=16447
2009-07-23 22:07:45 +00:00
Eelco Dolstra
544cb9cb83 * Rewrite all URLs to GNU mirrors to mirror://gnu/.
svn path=/nixpkgs/trunk/; revision=9201
2007-08-27 13:42:00 +00:00
Eelco Dolstra
a0159dee8e * Reverted r6713, r6711, r4623, r3660, r2237. There rewrote fetchurl
URLs to http://nix.cs.uu.nl/dist/tarballs.  With content-addressable
  mirror support (r9190, NIXPKGS-70) this is no longer necessary:
  fetchurl will try to download from that location automatically.  So
  we can keep the original URLs.

svn path=/nixpkgs/trunk/; revision=9192
2007-08-24 12:32:36 +00:00
Eelco Dolstra
4d3059721d * bash 2.0, findutils 4.2.28.
* Some Nix expression simplifications.  Sense and simplicity!

svn path=/nixpkgs/trunk/; revision=6836
2006-10-24 23:05:12 +00:00
Eelco Dolstra
1acd2157cc * Add patch, sed.
svn path=/nixpkgs/trunk/; revision=6782
2006-10-19 22:31:08 +00:00
Eelco Dolstra
2881391565 * Fix GNU patch on Darwin (and probably FreeBSD as well).
svn path=/nixpkgs/trunk/; revision=5705
2006-07-14 11:20:30 +00:00
Eelco Dolstra
94fe7734fa * Glibc 2.3.6.
* GCC 3.4.5.
* Updated several other stdenv packages.
* Modified the builders of several packages to use the generic
  builder.

svn path=/nixpkgs/trunk/; revision=4336
2005-12-06 00:12:45 +00:00
Eelco Dolstra
82e678362f * "." -> "source".
svn path=/nixpkgs/trunk/; revision=4335
2005-12-05 14:11:09 +00:00
Eelco Dolstra
454707da23 * catamaran.labs.cs.uu.nl -> nix.cs.uu.nl.
svn path=/nixpkgs/trunk/; revision=3660
2005-08-22 08:39:27 +00:00
Eelco Dolstra
e42507d182 * Move tarballs to catamaran so that we are no longer dependent on a
gazillion different servers.  Resurrected some 25 missing files.

svn path=/nixpkgs/trunk/; revision=2237
2005-02-15 14:44:19 +00:00
Eelco Dolstra
12ae5363ea * Remove trivial builders.
* Make builders unexecutable by removing the hash-bang line and
  execute permission.
* Convert calls to `derivation' to `mkDerivation'.
* Remove `system' and `stdenv' attributes from calls to
  `mkDerivation'.  These transformations were all done automatically,
  so it is quite possible I broke stuff.
* Put the `mkDerivation' function in stdenv/generic.

svn path=/nixpkgs/trunk/; revision=874
2004-03-29 17:23:01 +00:00
Eelco Dolstra
d6a58594d2 * User-Mode Linux and GNU Patch.
svn path=/nixpkgs/trunk/; revision=779
2004-02-13 14:42:28 +00:00