3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

542 commits

Author SHA1 Message Date
Franz Pletz 6e1aaeacfc
nginx: 1.12.0 -> 1.12.1 for CVE-2017-7529 2017-07-14 00:03:41 +02:00
Franz Pletz af70b8fc23
nginxMainline: 1.13.2 -> 1.13.3 for CVE-2017-7529 2017-07-14 00:03:41 +02:00
Eelco Dolstra 8fc5beb855 httpd: 2.4.25 -> 2.4.26
CVE-2017-3167, CVE-2017-3169, CVE-2017-7659, CVE-2017-7668,  CVE-2017-7679
2017-07-07 17:24:13 +02:00
Franz Pletz c71989022e
nginxMainline: 1.13.1 -> 1.13.2 2017-07-05 19:04:17 +02:00
Franz Pletz b8bfc8dae2
httpd: don't install suid executables into nix store 2017-06-27 01:51:18 +02:00
Will Dietz 5e9edcfebe hiawatha: Don't ask cmake to install w/setuid perms 2017-06-16 07:34:53 -05:00
Franz Pletz b74866b9a7
nginxMainline: 1.13.0 -> 1.13.1 2017-06-06 03:59:20 +02:00
Kranium Gikos Mendoza 3a3aab58fc mod_auth_mellon: 0.12.0 -> 0.13.1 2017-05-28 23:29:29 +10:00
Robin Gloster 4a83c099e1
nginx: 1.10.3 -> 1.12.0 2017-05-23 11:37:57 +02:00
Robin Gloster 4f51da2ff7
nginx-rtmp-module: 1.1.9 -> 1.1.11 2017-05-23 11:37:57 +02:00
Armijn Hemel 024ddb32a7
tomcat85: 8.5.11 -> 8.5.14 2017-05-07 06:52:22 -04:00
Vaibhav Sagar d575102556 nginx: remove syslog module
This module has not been required for over 2 years. See https://github.com/yaoweibin/nginx_syslog_patch/issues/15
2017-05-04 09:39:19 +08:00
jammerful da5bc79469 nginx: Add Shibboleth Module
Also add nginxShibboleth package
2017-05-01 17:09:00 -04:00
Franz Pletz 32401d17c6
nginxMainline: 1.11.13 -> 1.13.0 2017-04-27 18:20:42 +02:00
Franz Pletz 73f04ddd57
nginxMainline: 1.11.10 -> 1.11.13 2017-04-11 19:57:28 +02:00
Franz Pletz c13922f012
nginx: explicitly use stable version
Also updates the documention of the NixOS option `services.nginx.package`
that upstream recommends using the mainline version instead.

Fixes #21665.
2017-03-20 20:04:09 +01:00
Eelco Dolstra 4e5461127d
apache-httpd: Strip modules
We did this for 2.2 (cc61d31902) but
lost this for 2.4. This reduces the Apache closure size from 312 MiB
to 102 MiB (primarily by getting rid of -dev outputs).
2017-03-20 17:30:47 +01:00
Daiderd Jordan 00ed0f792e Merge pull request #22897 from timor/couchdb-2.0.0
couchdb: add support for version 2.0.0
2017-03-16 22:03:32 +01:00
Graham Christensen e4c0613470 Merge pull request #23674 from c0bw3b/sec/jboss7
JBoss AS: list known vulnerability
2017-03-15 17:33:27 -04:00
Renaud 72619a86c9 JBoss AS: list known vulnerability
CVE-2015-7501

Warning in JBoss module
2017-03-13 18:45:19 +01:00
Tuomas Tynkkynen fe20a32751 pshs: 0.3 -> 0.3.1, fix source location 2017-03-10 01:20:22 +02:00
timor f40b961378 couchdb: add support for version 2.0.0
Version 2.0.0 is installed as a separate package called "couchdb2".
When setting the config option "package" attribute to pkgs.couchdb2, a
corresponding service configuration will be generated.  If a previous
1.6 installation exists, the databases can still be found on the local
port (default: 5986) and can be replicated from there.

Note that single-node or cluster setup still needs to be configured
manually, as described in
http://docs.couchdb.org/en/2.0.0/install/index.html.
2017-03-06 11:42:02 +01:00
ndowens a0cfe05ebb
hiawatha: init at 10.5
Removed un-needed phase; re-enabled SSL as default

Hiawatha: fix indentation

Hiawatha: Removed 'pkgs'

fixes #23060
2017-02-26 13:09:41 +01:00
Graham Christensen 33bf23bbca
tomcatUnstable: 9.0.0.M15 -> 9.0.0.M17 2017-02-17 22:30:41 -05:00
Graham Christensen ae3820bad9
tomcat85: 8.5.9 -> 8.5.11 2017-02-17 22:29:24 -05:00
Graham Christensen f246ea0de2
tomcat8: 8.0.39 -> 8.0.41 2017-02-17 22:28:34 -05:00
Graham Christensen 7b17c5bc6e
tomcat7: 7.0.73 -> 7.0.75 2017-02-17 22:28:01 -05:00
Graham Christensen 6fc38401a2
tomcat6: drop, no longer supported. 2017-02-17 22:24:33 -05:00
Franz Pletz e18bec1e3c
nginxMainline: 1.11.9 -> 1.11.10 2017-02-15 00:42:29 +01:00
Michael Raskin 846007b8db nginx: 1.10.2 -> 1.10.3 2017-02-01 19:28:45 +01:00
Robin Gloster 8769ddc823
apacheHttpd_2_2: remove 2017-01-27 15:33:54 +01:00
Franz Pletz f1ba2c8d3b
nginxMainline: 1.11.8 -> 1.11.9 2017-01-26 01:04:49 +01:00
Bjørn Forsman b280b6c568 lighttpd: 1.4.44 -> 1.4.45 2017-01-16 20:40:47 +01:00
3noch 0d4d401b7f
nginx: add PageSpeed module (Linux only) 2017-01-10 17:26:50 -05:00
3noch 7f99fd086b
nginx: add 'cache_purge' module for purging FastCGI cache 2017-01-06 11:27:48 -05:00
Michael Raskin ca8d3de1d2 nginx: 1.11.7 -> 1.11.8 2017-01-02 20:18:50 +01:00
Graham Christensen f5ca9a4212
Merge branch 'roundup-15' 2016-12-28 21:04:51 -05:00
Graham Christensen 5ca180fa08
apacheHttpd: 2.4.23 -> 2.4.25 for
CVE-2016-8743, CVE-2016-2161, CVE-2016-0736
2016-12-28 20:36:46 -05:00
Bjørn Forsman c24206dc5f lighttpd: 1.4.41 -> 1.4.44 2016-12-28 13:52:15 +01:00
Corbin ca2fa4416e nginx: Allow GD to be optional.
This commit permits incantations like `pkgs.nginx.override { gd = null; }` to
produce a slimmed-down nginx.

When used, this functionality removes a pile of stuff from nginx's closure.
The resulting nginx's closure:

    $ nix-store -q -R /nix/store/wk3h0a4dmdmjmxkbd0q09iw0wfq0yzpz-nginx-1.10.2 | wc -l
    12
    $ nix-store -q -R /nix/store/gpcx77anqrj05qz0mrwm7hf4wgxry5py-nginx-1.10.2 | wc -l
    24
2016-12-26 10:24:58 -08:00
Rok Garbas e6fa6b21e1 apacheHttpdPackages.mod_perl: init at 2.0.10 2016-12-22 13:36:44 +01:00
Graham Christensen 72faac9d35
tomcatUnstable: 9.0.0.M13 -> 9.0.0.M15 for CVE-2016-9774, CVE-2016-9775 2016-12-21 14:37:46 -05:00
Graham Christensen a528c04612
tomcat85: 8.5.8 -> 8.5.9 for CVE-2016-9774, CVE-2016-9775 2016-12-21 14:37:46 -05:00
Franz Pletz d3be9a50e0
nginxMainline: 1.11.6 -> 1.11.7 2016-12-13 21:39:31 +01:00
Graham Christensen 5f78980973
tomcatUnstable: 9.0.0.M10 -> 9.0.0.M13
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:27:06 -05:00
Graham Christensen 42f1ae1911
tomcat85: 8.5.5 -> 8.5.8
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:27:00 -05:00
Graham Christensen 80a475042c
tomcat8: 8.0.37 -> 8.0.39
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:55 -05:00
Graham Christensen 3d0310daf3
tomcat7: 7.0.72 -> 7.0.73
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:39 -05:00
Graham Christensen eba91fa2bd
tomcat6: 6.0.45 -> 6.0.48
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:13 -05:00
Vladimír Čunát 925b335607
Merge branch 'master' into staging 2016-11-26 11:27:09 +01:00