3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

640 commits

Author SHA1 Message Date
Eelco Dolstra 8fc5beb855 httpd: 2.4.25 -> 2.4.26
CVE-2017-3167, CVE-2017-3169, CVE-2017-7659, CVE-2017-7668,  CVE-2017-7679
2017-07-07 17:24:13 +02:00
Franz Pletz c71989022e
nginxMainline: 1.13.1 -> 1.13.2 2017-07-05 19:04:17 +02:00
Franz Pletz b8bfc8dae2
httpd: don't install suid executables into nix store 2017-06-27 01:51:18 +02:00
Will Dietz 5e9edcfebe hiawatha: Don't ask cmake to install w/setuid perms 2017-06-16 07:34:53 -05:00
Franz Pletz b74866b9a7
nginxMainline: 1.13.0 -> 1.13.1 2017-06-06 03:59:20 +02:00
Kranium Gikos Mendoza 3a3aab58fc mod_auth_mellon: 0.12.0 -> 0.13.1 2017-05-28 23:29:29 +10:00
Robin Gloster 4a83c099e1
nginx: 1.10.3 -> 1.12.0 2017-05-23 11:37:57 +02:00
Robin Gloster 4f51da2ff7
nginx-rtmp-module: 1.1.9 -> 1.1.11 2017-05-23 11:37:57 +02:00
Armijn Hemel 024ddb32a7
tomcat85: 8.5.11 -> 8.5.14 2017-05-07 06:52:22 -04:00
Vaibhav Sagar d575102556 nginx: remove syslog module
This module has not been required for over 2 years. See https://github.com/yaoweibin/nginx_syslog_patch/issues/15
2017-05-04 09:39:19 +08:00
jammerful da5bc79469 nginx: Add Shibboleth Module
Also add nginxShibboleth package
2017-05-01 17:09:00 -04:00
Franz Pletz 32401d17c6
nginxMainline: 1.11.13 -> 1.13.0 2017-04-27 18:20:42 +02:00
Franz Pletz 73f04ddd57
nginxMainline: 1.11.10 -> 1.11.13 2017-04-11 19:57:28 +02:00
Franz Pletz c13922f012
nginx: explicitly use stable version
Also updates the documention of the NixOS option `services.nginx.package`
that upstream recommends using the mainline version instead.

Fixes #21665.
2017-03-20 20:04:09 +01:00
Eelco Dolstra 4e5461127d
apache-httpd: Strip modules
We did this for 2.2 (cc61d31902) but
lost this for 2.4. This reduces the Apache closure size from 312 MiB
to 102 MiB (primarily by getting rid of -dev outputs).
2017-03-20 17:30:47 +01:00
Daiderd Jordan 00ed0f792e Merge pull request #22897 from timor/couchdb-2.0.0
couchdb: add support for version 2.0.0
2017-03-16 22:03:32 +01:00
Graham Christensen e4c0613470 Merge pull request #23674 from c0bw3b/sec/jboss7
JBoss AS: list known vulnerability
2017-03-15 17:33:27 -04:00
Renaud 72619a86c9 JBoss AS: list known vulnerability
CVE-2015-7501

Warning in JBoss module
2017-03-13 18:45:19 +01:00
Tuomas Tynkkynen fe20a32751 pshs: 0.3 -> 0.3.1, fix source location 2017-03-10 01:20:22 +02:00
timor f40b961378 couchdb: add support for version 2.0.0
Version 2.0.0 is installed as a separate package called "couchdb2".
When setting the config option "package" attribute to pkgs.couchdb2, a
corresponding service configuration will be generated.  If a previous
1.6 installation exists, the databases can still be found on the local
port (default: 5986) and can be replicated from there.

Note that single-node or cluster setup still needs to be configured
manually, as described in
http://docs.couchdb.org/en/2.0.0/install/index.html.
2017-03-06 11:42:02 +01:00
ndowens a0cfe05ebb
hiawatha: init at 10.5
Removed un-needed phase; re-enabled SSL as default

Hiawatha: fix indentation

Hiawatha: Removed 'pkgs'

fixes #23060
2017-02-26 13:09:41 +01:00
Graham Christensen 33bf23bbca
tomcatUnstable: 9.0.0.M15 -> 9.0.0.M17 2017-02-17 22:30:41 -05:00
Graham Christensen ae3820bad9
tomcat85: 8.5.9 -> 8.5.11 2017-02-17 22:29:24 -05:00
Graham Christensen f246ea0de2
tomcat8: 8.0.39 -> 8.0.41 2017-02-17 22:28:34 -05:00
Graham Christensen 7b17c5bc6e
tomcat7: 7.0.73 -> 7.0.75 2017-02-17 22:28:01 -05:00
Graham Christensen 6fc38401a2
tomcat6: drop, no longer supported. 2017-02-17 22:24:33 -05:00
Franz Pletz e18bec1e3c
nginxMainline: 1.11.9 -> 1.11.10 2017-02-15 00:42:29 +01:00
Michael Raskin 846007b8db nginx: 1.10.2 -> 1.10.3 2017-02-01 19:28:45 +01:00
Robin Gloster 8769ddc823
apacheHttpd_2_2: remove 2017-01-27 15:33:54 +01:00
Franz Pletz f1ba2c8d3b
nginxMainline: 1.11.8 -> 1.11.9 2017-01-26 01:04:49 +01:00
Bjørn Forsman b280b6c568 lighttpd: 1.4.44 -> 1.4.45 2017-01-16 20:40:47 +01:00
3noch 0d4d401b7f
nginx: add PageSpeed module (Linux only) 2017-01-10 17:26:50 -05:00
3noch 7f99fd086b
nginx: add 'cache_purge' module for purging FastCGI cache 2017-01-06 11:27:48 -05:00
Michael Raskin ca8d3de1d2 nginx: 1.11.7 -> 1.11.8 2017-01-02 20:18:50 +01:00
Graham Christensen f5ca9a4212
Merge branch 'roundup-15' 2016-12-28 21:04:51 -05:00
Graham Christensen 5ca180fa08
apacheHttpd: 2.4.23 -> 2.4.25 for
CVE-2016-8743, CVE-2016-2161, CVE-2016-0736
2016-12-28 20:36:46 -05:00
Bjørn Forsman c24206dc5f lighttpd: 1.4.41 -> 1.4.44 2016-12-28 13:52:15 +01:00
Corbin ca2fa4416e nginx: Allow GD to be optional.
This commit permits incantations like `pkgs.nginx.override { gd = null; }` to
produce a slimmed-down nginx.

When used, this functionality removes a pile of stuff from nginx's closure.
The resulting nginx's closure:

    $ nix-store -q -R /nix/store/wk3h0a4dmdmjmxkbd0q09iw0wfq0yzpz-nginx-1.10.2 | wc -l
    12
    $ nix-store -q -R /nix/store/gpcx77anqrj05qz0mrwm7hf4wgxry5py-nginx-1.10.2 | wc -l
    24
2016-12-26 10:24:58 -08:00
Rok Garbas e6fa6b21e1 apacheHttpdPackages.mod_perl: init at 2.0.10 2016-12-22 13:36:44 +01:00
Graham Christensen 72faac9d35
tomcatUnstable: 9.0.0.M13 -> 9.0.0.M15 for CVE-2016-9774, CVE-2016-9775 2016-12-21 14:37:46 -05:00
Graham Christensen a528c04612
tomcat85: 8.5.8 -> 8.5.9 for CVE-2016-9774, CVE-2016-9775 2016-12-21 14:37:46 -05:00
Franz Pletz d3be9a50e0
nginxMainline: 1.11.6 -> 1.11.7 2016-12-13 21:39:31 +01:00
Graham Christensen 5f78980973
tomcatUnstable: 9.0.0.M10 -> 9.0.0.M13
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:27:06 -05:00
Graham Christensen 42f1ae1911
tomcat85: 8.5.5 -> 8.5.8
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:27:00 -05:00
Graham Christensen 80a475042c
tomcat8: 8.0.37 -> 8.0.39
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:55 -05:00
Graham Christensen 3d0310daf3
tomcat7: 7.0.72 -> 7.0.73
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:39 -05:00
Graham Christensen eba91fa2bd
tomcat6: 6.0.45 -> 6.0.48
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:13 -05:00
Vladimír Čunát 925b335607
Merge branch 'master' into staging 2016-11-26 11:27:09 +01:00
Frederik Rietdijk 051dfa55f7 mod_python: use python2 2016-11-24 22:28:02 +01:00
Franz Pletz a04a4b2a6a
nginxMainline: 1.11.5 -> 1.11.6 2016-11-23 13:23:33 +01:00
Frederik Rietdijk 61158e2833 mod_wsgi: use python2 2016-11-08 22:48:55 +01:00
Franz Pletz 323acff8e6
nginxMainline: 1.11.4 -> 1.11.5 2016-10-24 18:10:14 +02:00
Franz Pletz 4ae2189d8c
nginx: 1.10.1 -> 1.10.2 2016-10-24 18:10:14 +02:00
Graham Christensen 33be079486 lighttpd: 1.4.40 -> 1.4.41 2016-09-24 11:18:39 +02:00
Graham Christensen 93da6c9578 Merge pull request #18859 from grahamc/tomcat
Tomcat: 7.0.70 -> 7.0.72 for CVE (HTTPoxy)
2016-09-23 20:00:51 -04:00
Tim Steinbach f091686a18
nginxMainline: 1.11.3 -> 1.11.4 2016-09-23 08:20:03 -04:00
Graham Christensen 387cb2db9a
tomcat7: 7.0.70 -> 7.0.72 for CVE-2016-5388 (HTTPoxy) 2016-09-22 20:18:01 -04:00
danbst a01d4ee3f4 tomcat: add danbst as maintainer 2016-09-09 18:29:12 +02:00
danbst 8511ddc89a tomcat: 7.0.68 -> 7.0.70, 8.0.32 -> 8.0.37, init 8.5.5, init 9.0.0.M10 2016-09-09 18:29:12 +02:00
danbst 0c2d943529 tomcat: split default webapps to separate output (~6M) 2016-09-09 18:29:12 +02:00
danbst 39ad7a9e60 tomcat: cleanup package with callPackages 2016-09-09 18:29:12 +02:00
Matt Billenstein cba2dd0044 nginx modules: update rtmp to 1.1.9 fixing build failures against 1.11.x 2016-09-08 16:21:13 -07:00
Matt Billenstein 6ce8575a2e nginx modules: update ngx_devel_kit to 0.3.0 2016-09-08 16:20:27 -07:00
Matt Billenstein ca60da8031 nginx module: update statsd to support 1.10.1 -- the zebrafishlabs github repo
seems dead
2016-09-08 15:59:11 -07:00
Matt Billenstein a49133b07f nginx module: add upstream check module 2016-09-08 12:02:15 -07:00
Alexander Ried 36e8df19e1 tomcat5: remove since it's end of life (#18341)
Source is not available anymore.
2016-09-06 03:59:25 +02:00
Tuomas Tynkkynen 3364230d56 Disable bunch of non-compiling packages on Darwin
These ones have a "Last successful build" timestamp in the 2014s or
2015s. Presumably no one will notice if we now stop building them.

softether_4_18              2015-09-20  http://hydra.nixos.org/build/39418483
lensfun                     2014-09-30  http://hydra.nixos.org/build/39394104
net_snmp                    2015-09-20  http://hydra.nixos.org/build/39410553
djview                      2015-08-11  http://hydra.nixos.org/build/39413233
libmusicbrainz2             2015-09-20  http://hydra.nixos.org/build/39410106
fox_1_6                     2014-05-07  http://hydra.nixos.org/build/39410858
libofx                      2015-09-24  http://hydra.nixos.org/build/39423507
yacas                       2014-09-30  http://hydra.nixos.org/build/39393150
iomelt                      2014-09-30  http://hydra.nixos.org/build/39408486
softether                   2015-09-20  http://hydra.nixos.org/build/39425800
mp4v2                       2014-09-30  http://hydra.nixos.org/build/39421899
virtuoso7                   2014-09-21  http://hydra.nixos.org/build/39415206
man_db                      2015-04-23  http://hydra.nixos.org/build/39404236
libdiscid                   2014-09-30  http://hydra.nixos.org/build/39412202
zabbix22.agent              2014-09-21  http://hydra.nixos.org/build/39412149
vidalia                     2015-08-06  http://hydra.nixos.org/build/39411500
libmtp                      2015-09-20  http://hydra.nixos.org/build/39419199
wxGTK29                     2015-09-20  http://hydra.nixos.org/build/39415296
ncmpcpp                     2015-11-06  http://hydra.nixos.org/build/39404455
libtorrent                  2014-09-21  http://hydra.nixos.org/build/39394646
shishi                      2014-03-21  http://hydra.nixos.org/build/39418874
ocaml_3_12_1                2014-09-30  http://hydra.nixos.org/build/39392996
djview4                     2015-08-11  http://hydra.nixos.org/build/39427799
vimNox                      2014-05-23  http://hydra.nixos.org/build/39397012
ttfautohint                 2015-08-06  http://hydra.nixos.org/build/39398330
libraw                      2015-09-24  http://hydra.nixos.org/build/39402271
wxGTK30                     2015-09-20  http://hydra.nixos.org/build/39401871
sbcl_1_2_5                  2015-09-20  http://hydra.nixos.org/build/39426091
prover9                     2014-09-30  http://hydra.nixos.org/build/39406476
rcs                         2015-08-25  http://hydra.nixos.org/build/39392037
gpac                        2015-09-24  http://hydra.nixos.org/build/39399470
virtuoso6                   2014-09-30  http://hydra.nixos.org/build/39398651
xlslib                      2015-09-24  http://hydra.nixos.org/build/39410387
ucommon                     2015-03-27  http://hydra.nixos.org/build/39414040
commoncpp2                  2014-09-30  http://hydra.nixos.org/build/39420117
virtuoso                    2014-09-21  http://hydra.nixos.org/build/39399978
miniHttpd                   2014-09-30  http://hydra.nixos.org/build/39392925
mpack                       2014-09-26  http://hydra.nixos.org/build/39399535
nbd                         2014-09-26  http://hydra.nixos.org/build/39401367
newsbeuter-dev              2014-07-29  http://hydra.nixos.org/build/39406259
gimp_2_8                    2015-09-20  http://hydra.nixos.org/build/39436271
gimp                        2015-09-20  http://hydra.nixos.org/build/39435976
zabbix20.agent              2014-09-30  http://hydra.nixos.org/build/39393242
gst_all_1.gst-plugins-good  2015-09-20  http://hydra.nixos.org/build/39408506
ocaml_4_00_1                2014-09-30  http://hydra.nixos.org/build/39399526
inadyn                      2014-09-30  http://hydra.nixos.org/build/39426389
gst_all_1.gst-plugins-bad   2015-09-20  http://hydra.nixos.org/build/39392970
zabbix.agent                2014-09-30  http://hydra.nixos.org/build/39421412
cmake-2_8                   2015-09-24  http://hydra.nixos.org/build/39399443
liblastfm                   2015-08-06  http://hydra.nixos.org/build/39421812
newsbeuter                  2014-07-29  http://hydra.nixos.org/build/39396605
sdcv                        2014-09-26  http://hydra.nixos.org/build/39412928
2016-09-01 20:39:33 +03:00
Tuomas Tynkkynen a17216af4c treewide: Shuffle outputs
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
obadz 3de6e5be50 Merge branch 'master' into staging
Conflicts:
      pkgs/applications/misc/navit/default.nix
      pkgs/applications/networking/mailreaders/alpine/default.nix
      pkgs/applications/networking/mailreaders/realpine/default.nix
      pkgs/development/compilers/ghc/head.nix
      pkgs/development/libraries/openssl/default.nix
      pkgs/games/liquidwar/default.nix
      pkgs/games/spring/springlobby.nix
      pkgs/os-specific/linux/kernel/perf.nix
      pkgs/servers/sip/freeswitch/default.nix
      pkgs/tools/archivers/cromfs/default.nix
      pkgs/tools/graphics/plotutils/default.nix
2016-08-27 23:54:54 +01:00
Franz Pletz afb821fa15 apacheHttpd: use sha256 hash instead of sha1 2016-08-25 03:14:40 +02:00
Franz Pletz 4cb7272537 apacheHttpd: 2.4.20 -> 2.4.23 (security)
Fixes CVE-2016-4979.
2016-08-25 03:10:02 +02:00
obadz 0e8d2725dc Merge branch 'master' into staging 2016-08-23 18:50:06 +01:00
Tuomas Tynkkynen 2e6b5c41af treewide: Make explicit that 'dev' output of apacheHttpd is used 2016-08-23 03:26:54 +03:00
Tuomas Tynkkynen 14b8153c28 mod_fastcgi: Make 'apacheHttpd.dev' more explicit 2016-08-23 03:20:21 +03:00
obadz 24a9183f90 Merge branch 'hardened-stdenv' into staging
Closes #12895

Amazing work by @globin & @fpletz getting hardened compiler flags by
enabled default on the whole package set
2016-08-22 01:19:35 +01:00
Robert Helgesson 2033f261e9
redstore: add home page and license fields 2016-08-17 22:43:06 +02:00
Robert Helgesson 74b25f4c69
redstore: 0.5.2 -> 0.5.4 2016-08-17 22:34:17 +02:00
Robert Helgesson a4ae7b87f0
redstore: fix build under recent glibc
Previously the build would fail due to, e.g., `getaddrinfo` not being
defined.
2016-08-17 22:34:17 +02:00
Robin Gloster b7787d932e Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-12 09:46:53 +00:00
Michael Raskin d1435913cf nginx: 1.11.2 -> 1.11.3 2016-08-11 17:57:35 +02:00
Robin Gloster 1b979d8384 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-03 13:34:44 +00:00
Tuomas Tynkkynen 21f17d69f6 treewide: Add lots of meta.platforms
Build-tested on x86_64 Linux & Mac.
2016-08-02 21:42:43 +03:00
Tuomas Tynkkynen 2258b21e4b treewide: Add lots of platforms to packages with no meta
Build-tested on x86_64 Linux and on Darwin.
2016-08-02 21:17:44 +03:00
Tuomas Tynkkynen b96fe03484 treewide: Fix meta.platforms related typos 2016-08-02 21:17:44 +03:00
Robin Gloster 1f04b4a566 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-21 00:56:43 +00:00
Bjørn Forsman 2173e6b49a lighttpd: 1.4.39 -> 1.4.40
Major bug-fix release; hundreds of issues resolved in issue tracker.

https://www.lighttpd.net/2016/7/16/1.4.40/
2016-07-19 15:55:22 +02:00
Robin Gloster 203846b9de Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-19 10:37:02 +00:00
Franz Pletz b5daad4268 nginx: refactor and add mainline version
Upstream calls the unstable version mainline.
2016-07-19 01:20:49 +02:00
Robin Gloster 5185bc1773 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-15 14:41:01 +00:00
Franz Pletz 9eec064355 nginx: 1.10.0 -> 1.10.1 (security)
Fixes CVE-2016-4450.
2016-07-10 10:48:11 +02:00
Franz Pletz 916cedb063 gatling: remove unused dependency on polarssl 2016-07-10 10:26:14 +02:00
Rickard Nilsson 5193c3e1b9 jetty: 9.3.9 -> 9.3.10 2016-06-26 05:58:35 +00:00
Eelco Dolstra c51af01325 apache-httpd: 2.4.18 -> 2.4.20
CVE-2016-1546
2016-06-20 15:17:12 +02:00
Bjørn Forsman bd01fad0ed Captialize meta.description of all packages
In line with the Nixpkgs manual.

A mechanical change, done with this command:

  find pkgs -name "*.nix" | \
      while read f; do \
          sed -e 's/description\s*=\s*"\([a-z]\)/description = "\u\1/' -i "$f"; \
      done

I manually skipped some:

* Descriptions starting with an abbreviation, a user name or package name
* Frequently generated expressions (haskell-packages.nix)
2016-06-20 13:55:52 +02:00
zimbatm a95229a963 Merge pull request #15677 from womfoo/mod_auth_mellon
mod_auth_mellon: init at 0.12.0 and dependency lasso: init at 2.5.1
2016-06-12 23:38:57 +01:00
Robin Gloster 8031cba2ab Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-06-10 09:27:04 +00:00
Rickard Nilsson b9922661b8 jetty: Remove obsolete versions and init new default to 9.3.9.v20160517 2016-06-10 07:59:59 +00:00
Teo Klestrup Röijezon 3f5186fd54 nginxModules.lua: 0.10.0 -> 0.10.5 2016-06-05 12:48:06 +02:00
Robin Gloster 2d382f3d98 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-30 19:39:34 +00:00
Kranium Gikos Mendoza 25fbac5b52 mod_auth_mellon: init at 0.12.0 2016-05-23 02:02:25 +08:00
Tuomas Tynkkynen 7fb29bfa73 treewide: Make explicit that 'dev' output of zlib is used 2016-05-19 10:04:38 +02:00
Tuomas Tynkkynen d42e94472d treewide: Make explicit that 'dev' output of pcre is used 2016-05-19 10:02:28 +02:00
Tuomas Tynkkynen 2a73de6e6c treewide: Make explicit that 'dev' output of openssl is used 2016-05-19 10:02:23 +02:00
Tuomas Tynkkynen d298b52fd3 treewide: Make explicit that 'dev' output of aprutil is used 2016-05-19 10:00:25 +02:00
Tuomas Tynkkynen 29694b43b6 treewide: Make explicit that 'dev' output of apr is used 2016-05-19 10:00:24 +02:00
Tuomas Tynkkynen 16cc4ac83b treewide: Make explicit that 'dev' output of apacheHttpd is used 2016-05-19 10:00:23 +02:00
Franz Pletz f8d481754c
Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-05-18 17:10:02 +02:00
Peter Simons 8e462995ba Bring my stdenv.lib.maintainers user name in line with my github nick. 2016-05-16 22:49:55 +02:00
Domen Kožar 0adf2b25a1 4store: 1.1.5 -> 1.1.6 (convert from builderDefsPackage) 2016-05-08 18:29:40 +01:00
Tobias Geerinckx-Rice ab6e0861d4
nginx: restore .upstream files
07d9de713a
2016-05-06 15:37:22 +02:00
Tobias Geerinckx-Rice b0f8349d95
nginxUnstable: alias to nginx until next unstable release 2016-05-06 13:47:36 +02:00
Tobias Geerinckx-Rice 07d9de713a
nginx: remove .upstream files 2016-05-06 13:47:12 +02:00
Tobias Geerinckx-Rice 959472a824
nginx: 1.8.1 -> 1.10.0
Changes: http://nginx.org/en/CHANGES-1.10
2016-05-03 20:05:57 +02:00
Franz Pletz 669cd2adbf lighttpd: 1.4.37 -> 1.4.39 2016-05-03 16:15:20 +02:00
Robin Gloster c92bca56f8 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-02 22:58:02 +00:00
Michael Raskin e59151f3ef nix-binary-cache: take into account Nix split (mulitple-outputs) 2016-04-22 00:57:43 +02:00
Eelco Dolstra b4bf432709 nghttp2: 1.8.0 -> 1.9.2, unify with libnghttp2, and use multiple outputs
Note: I ignored the C++ libraries, but it appears we're not currently
using them. Once we do, we'll probably want to put them in a separate
output as well (to prevent non-C++ users from depending on Boost).
2016-04-18 21:13:18 +02:00
Robin Gloster d020caa5b2 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-18 13:49:22 +00:00
Michael Raskin c82272fdc0 nginxUnstable: 1.9.11 -> 1.9.14 2016-04-13 14:47:04 +02:00
Vladimír Čunát 30f14243c3 Merge branch 'master' into closure-size
Comparison to master evaluations on Hydra:
  - 1255515 for nixos
  - 1255502 for nixpkgs
2016-04-10 11:17:52 +02:00
Florian Steinel 2486191f39 thttpd: 2.26 -> 2.27
from http://www.acme.com/software/thttpd/#releasenotes
 New in version 2.27:
-   Stats syslogs changed from LOG_INFO to LOG_NOTICE.
-   Use memmove() for self-overlapping string copies instead of strcpy().
-   Couple of subroutine name changes for consistency.
2016-04-09 19:28:50 +02:00
Robin Gloster 3e68106afd Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-07 21:52:26 +00:00
Allan Espinosa 16b12fbd87 apt-cacher-ng: disable on OSX
fmemopen() doesn't exist on OSX. This causes the builds to fail.
2016-04-07 11:57:12 -05:00
Robin Gloster bbbaccfa68 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-04 15:24:52 +00:00
Peter Simons 8e0f0776aa mini-httpd: update to version 1.6 2016-04-04 15:06:32 +02:00
Tomasz Kontusz 36135033b6 mini-httpd: add -ansi to CFLAGS 2016-04-03 00:46:23 +02:00
Vladimír Čunát ab15a62c68 Merge branch 'master' into closure-size
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
Robin Gloster f60c9df0ba Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-03-28 15:16:29 +00:00
Joachim Fasting c6d3a23cf6 apt-cacher-ng: 0.8.9 -> 0.9.1
Tested by doing sandboxed build & running the resulting
exectuable.

Note that sources for 0.8.9 are no longer available on
the Debian mirrors.
2016-03-17 15:59:39 +01:00
Robin Gloster 3f45f0948d Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-03-15 01:44:24 +00:00
zimbatm eac89788da apacheHttpd: add support for HTTP/2
In NixOS you can enable HTTP/2 like this:

    services.httpd.extraModules = [ "http2" ];
    services.httpd.extraConfig = ''
      Protocols h2 http/1.1
    '';
2016-03-12 15:31:23 +00:00
Luca Bruno dcfca100ec Merge pull request #12525 from knupfer/ngx_brotli
add nginxModules.brotli
2016-03-11 11:05:21 +01:00
Allan Espinosa 59e12df957 apt-cacher-ng: 0.8.6 -> 0.8.9 2016-03-11 02:49:38 -06:00
Vladimír Čunát 09af15654f Merge master into closure-size
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
Franz Pletz fedf31660d nginx: Rmove custom hardening, now enabled by default 2016-03-08 00:39:07 +01:00
Franz Pletz e9fc4e7db6 Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-03-07 22:08:27 +01:00
Franz Pletz c686f03305 tomcat: 6.0.44 -> 6.0.45, 7.0.62 -> 7.0.68, 8.0.23 -> 8.0.32
Fixes at least CVE-2015-5174, CVE-2015-5345, CVE-2015-5351, CVE-2016-0706,
CVE-2016-0714, CVE-2016-0763.
2016-03-07 03:34:44 +01:00
Franz Pletz cb3d27df93 Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-03-05 18:55:30 +01:00
Franz Pletz aff1f4ab94 Use general hardening flag toggle lists
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
2016-03-05 18:55:26 +01:00
Michael Raskin 708c6094c5 nginx, nginxUnstable: hardening: only use when the compiler is gcc 2016-03-04 16:57:47 +01:00
Michael Raskin 7b9684a5b5 nginx, nginxUnstable: enable hardening. Flags as recommended by @arno01 (Andrey Arapov) in #7190 2016-03-04 16:54:37 +01:00
Robin Gloster 3b4765c9e5 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-02-28 16:32:57 +00:00
Michael Raskin a08c8b12f0 Add Apache Jena Fuseki instead of obsolete and unavailable Jena Joseki 2016-02-28 10:39:33 +01:00
Robin Gloster 310fa56788 nginx: enable pie hardening 2016-02-26 16:38:26 +00:00
Michael Raskin 9e7c28cb56 nginxUnstable: 1.9.10 -> 1.9.11 2016-02-14 21:17:07 +01:00
Vladimír Čunát 54299b60c4 Merge #12779: Mass replace pkg}/bin-style strings
... to refer to correct outputs
2016-02-03 17:25:22 +01:00
Vladimír Čunát ae74c356d9 Merge recent 'staging' into closure-size
Let's get rid of those merge conflicts.
2016-02-03 16:57:19 +01:00
Tuomas Tynkkynen e97e690244 treewide: Mass replace 'xz}/bin' to refer the 'bin' output 2016-02-01 20:46:28 +02:00
Tuomas Tynkkynen 13b3f3f246 treewide: Mass replace 'openssl}/bin' to refer the 'bin' output 2016-02-01 20:46:16 +02:00
Tuomas Tynkkynen 5f4a8de754 treewide: Mass replace 'bzip2}/bin' to refer the 'bin' output 2016-02-01 20:45:57 +02:00