Putting information in external JSON files is IMHO not an improvement
over the idiomatic style of Nix expressions. The use of JSON doesn't
add anything over Nix expressions (in fact it removes expressive
power). And scattering package info over lots of little files makes
packages less readable over having the info in one file.
From LWN:
From the NVD entries:
CVE-2016-5501: Unspecified vulnerability in the Oracle VM VirtualBox
component before 5.0.28 and 5.1.x before 5.1.8 in Oracle
Virtualization allows local users to affect confidentiality,
integrity, and availability via vectors related to Core, a different
vulnerability than CVE-2016-5538.
CVE-2016-5538: Unspecified vulnerability in the Oracle VM VirtualBox
component before 5.0.28 and 5.1.x before 5.1.8 in Oracle
Virtualization allows local users to affect confidentiality,
integrity, and availability via vectors related to Core, a different
vulnerability than CVE-2016-5501.
CVE-2016-5605: Unspecified vulnerability in the Oracle VM VirtualBox
component before 5.1.4 in Oracle Virtualization allows remote
attackers to affect confidentiality and integrity via vectors related
to VRDE.
CVE-2016-5608: Unspecified vulnerability in the Oracle VM VirtualBox
component before 5.0.28 and 5.1.x before 5.1.8 in Oracle
Virtualization allows local users to affect availability via vectors
related to Core, a different vulnerability than CVE-2016-5613.
CVE-2016-5610: Unspecified vulnerability in the Oracle VM VirtualBox
component before 5.0.28 and 5.1.x before 5.1.8 in Oracle
Virtualization allows local users to affect confidentiality,
integrity, and availability via vectors related to Core.
CVE-2016-5611: Unspecified vulnerability in the Oracle VM VirtualBox
component before 5.0.28 and 5.1.x before 5.1.8 in Oracle
Virtualization allows local users to affect confidentiality via
vectors related to Core.
CVE-2016-5613: Unspecified vulnerability in the Oracle VM VirtualBox
component before 5.0.28 and 5.1.x before 5.1.8 in Oracle
Virtualization allows local users to affect availability via vectors
related to Core, a different vulnerability than CVE-2016-5608.
In 2942815968, the dependencies for Qt 5
were passed using buildEnv with all the development binaries, headers
and libs. Unfortunately, the build output references that environment
which also increases the size of the runtime closure.
The upstream makefile assumes a common Qt 5 library path, but that's not
the case within Nix, because we have separate paths for the Qt 5
modules.
We now patch the makefile to recognize PATH_QT5_X11_EXTRAS_{LIB,INC} so
that we can pass in the relevant paths from Qt5X11Extras.
In summary, the closure size goes down to 525559600 bytes (501 MB)
instead of 863035544 bytes (823 MB) with vbox-qt5-env.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Putting the kernel modules into the same output path as the main
VirtualBox derivation causes all of VirtualBox to be rebuilt on every
single kernel update.
The build process of VirtualBox already outputs the kernel module source
along with the generated files for the configuration of the main
VirtualBox package. We put this into a different output called "modsrc"
which we re-use from linuxPackages.virtualbox, which is now only
containing the resulting kernel modules without the main user space
implementation.
This not only has the advantage of decluttering the Nix expression for
the user space portions but also gets rid of the need to nuke references
and the need to patch out "depmod -a".
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
We now no longer need to update VirtualBox manually, which has a few
advantages. Along with making it just easier to update this also makes
the update procedure way less error-prone, for example if people forget
to bump the extension pack revision or to update the guest additions.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
VirtualBox had support for DBUS even in version 4.x, but it appears that
nothing in our VM test triggered it to load, thus I didn't notice the
runtime error:
rtldrNativeLoad: dlopen('libdbus-1.so.3', RTLD_NOW | RTLD_LOCAL) failed:
libdbus-1.so.3: cannot open shared object file: No such
file or directory
The upstream commits I think are responsible for this to come to surface
are _probably_ (did I ever mention that I love SVN? *cough*) one of
these:
https://www.virtualbox.org/changeset/55664/vboxhttps://www.virtualbox.org/changeset/55602/vbox
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Regression introduced in 7ffb1f3bde.
Also added a small notice so that this hopefully won't happen with
future updates.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Within fractions* of a second, the beautifully crafted history and
branching mechanisms of SVN found out the exact revision which caused
this to be visible in version 5.x but not in version 4.x:
https://www.virtualbox.org/changeset?old_path=%2Fvbox%2Ftrunk&old=30933&new_path=%2Fvbox%2Ftrunk&new=30934
Also note the very short URL and the informative changeset message which
shows you exactly what was the issue, I think.
Be warned however, it may contain traces of history amnesia, revision
epilepsy and other related diseases.
As for the issue itself: This was very much broken in 4.x as well, but
it didn't show an error message in the UI. The PulseAudio library is
loaded at runtime and it's not able to do that unless it's in
LD_LIBRARY_PATH.
Now, we're doing the same as with the ALSA libraries: We're hardcoding
the path to the shared object file in patchPhase.
Thanks to @devhell for reporting and testing.
*: Might be off several minutes or hours due to rounding errors in
floating point arithmetic.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Reported-by: devhell <"^"@regexmail.net>
Tested-by: devhell <"^"@regexmail.net>
Contains quite a lot of fixes, so for information and details about
them, please have a look at https://www.virtualbox.org/wiki/Changelog.
We also needed to drop the hunk about NATNetworkServiceRunner.cpp in the
hardened.patch, because the file was unused and thus has been removed
from upstream in r54821:
https://www.virtualbox.org/changeset?reponame=vbox&new=54821
Tested successfully against nixos/tests/virtualbox.nix.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>