3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

349644 commits

Author SHA1 Message Date
Thomas Gerbet 725d843cc8 flatpak: 1.12.2 -> 1.12.4
Fixes CVE-2021-43860 and CVE-2022-21682

Changes:
https://github.com/flatpak/flatpak/releases/tag/1.12.4
https://github.com/flatpak/flatpak/releases/tag/1.12.3

Security advisories:
https://github.com/flatpak/flatpak/security/advisories/GHSA-qpjc-vq3c-572j
https://github.com/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx
2022-01-27 13:57:07 -08:00
ajs124 2b14787033
Merge pull request #156396 from helsinki-systems/upd/mysocket
mysocketw: switch to fork with version 3.10.27
2022-01-27 22:21:22 +01:00
Robert Hensing da702fe9d9
Merge pull request #156857 from hercules-ci/fix-version-suffix-convention
doc/coding-conventions: Fix version attribute suffix to match reality
2022-01-27 22:16:15 +01:00
Linus Heckemann 81cd4faec2
Merge pull request #156845 from mayflower/nextcloud-group
nextcloud: make home group-readable
2022-01-27 22:09:17 +01:00
Daniel Olsen 68e9cd0f7e nixos/lib: Use SingleLineStr in systemd description 2022-01-27 12:56:36 -08:00
Jan Tojnar 08b1e3e03d
Merge pull request #157043 from tomfitzhenry/spot-0.3.1
spot: 0.3.0 -> 0.3.1
2022-01-27 21:55:21 +01:00
Thomas Gerbet 1387fd0fd1 keepalived: 2.2.4 -> 2.2.7
Fixes CVE-2021-44225.
https://www.keepalived.org/release-notes/Release-2.2.7.html
2022-01-27 12:39:54 -08:00
Thomas Gerbet f8c8a8918a flatpak-builder: 1.2.0 -> 1.2.2
Changes:
https://github.com/flatpak/flatpak-builder/releases/tag/1.2.2
https://github.com/flatpak/flatpak-builder/releases/tag/1.2.1

Security advisory:
https://github.com/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx
2022-01-27 12:38:04 -08:00
R. Ryantm 8909cf13be python310Packages.azure-mgmt-applicationinsights: 2.0.0 -> 2.1.0 2022-01-27 12:26:51 -08:00
R. Ryantm f329ced6f2 python310Packages.sqlite-utils: 3.22 -> 3.22.1 2022-01-27 12:25:20 -08:00
R. Ryantm 1b12139305 python39Packages.mautrix: 0.14.5 -> 0.14.6 2022-01-27 12:25:10 -08:00
R. Ryantm eff0fc087c python310Packages.sagemaker: 2.73.0 -> 2.74.0 2022-01-27 12:24:50 -08:00
Tom Fitzhenry 4e8deff9c8 spot: 0.3.0 -> 0.3.1
https://github.com/xou816/spot/releases/tag/0.3.1
2022-01-28 07:15:32 +11:00
Thomas Gerbet 846fafa68e lighttpd: 1.4.63 -> 1.4.64
https://www.lighttpd.net/2022/1/19/1.4.64/
2022-01-27 21:12:21 +01:00
Sandro 896ab6a275
Merge pull request #156899 from drupol/php/add-ds-extension 2022-01-27 20:58:44 +01:00
Alexander Tsvyashchenko fa7b83fa48
python3Packages.objax: fix tensorboard dependency (#156909)
Also moved `jaxlib` to `buildInputs` to avoid injecting it into dependent packages.
2022-01-27 11:45:32 -08:00
Michael Weiss e5808c2f62
Merge pull request #154003 from primeos/signal-desktop
signal-desktop: 5.27.1 -> 5.29.1
2022-01-27 20:44:01 +01:00
Robert Scott 7b13bb9479
Merge pull request #156698 from bachp/poco-1.11.0
poco: 1.10.1 -> 1.11.1
2022-01-27 19:42:47 +00:00
Michael Weiss eeb0e220cd
signal-desktop: 5.29.0 -> 5.29.1 2022-01-27 20:01:19 +01:00
Bernardo Meurer 319850d2a3
Merge pull request #156663 from lovesegfault/nix-refactor
nix: factor out common.nix
2022-01-27 10:58:17 -08:00
Renaud 4dc70faa6f
twa: 1.9.1 -> 1.10.0
(#156769)
2022-01-27 19:46:26 +01:00
Jörg Thalheim 956dab36a3 nextcloud: use tmpfiles to create group-readable home
users.users.*.createHome makes home only owner-readable.
This breaks nginx reading static assets from nextcloud's home,
after a nixos-rebuild that did not restart nextcloud-setup.

Closes #112639
2022-01-27 19:13:50 +01:00
Will Cohen 7ec99ea7cf
qt5.qtwebkit: add disambiguate handle for darwin (#156809) 2022-01-27 13:00:11 -05:00
Fabian Affolter f90310a12f
Merge pull request #157016 from applePrincess/exploitdb-2022-01-26
exploitdb: 2022-01-25 -> 2022-01-26
2022-01-27 18:54:34 +01:00
Bernardo Meurer fe55576eea
Merge pull request #156997 from TredwellGit/linux
Kernels 2022-01-27
2022-01-27 09:52:03 -08:00
ajs124 47a2176ec8
Merge pull request #156998 from mweinelt/smartctl-exporter-fixups
prometheus.exporters.smartctl: fixes
2022-01-27 18:49:49 +01:00
Martin Weinelt 3a4bed480a
Merge pull request #156937 from mweinelt/firefox 2022-01-27 18:41:56 +01:00
Bernardo Meurer 5f9b470ff0
Merge pull request #154809 from helsinki-systems/feat/stc-proper-unit-file-parser
nixos/switch-to-configuration: Proper unit file parser and clean/fix lower part of the script
2022-01-27 09:35:34 -08:00
Aaron Andersen 3cafa47a66
Merge pull request #157019 from dali99/fix-mx-puppet-discord-module
nixos/mx-puppet-discord: Change systemd unit description to avoid new…
2022-01-27 12:02:59 -05:00
maralorn 037eb0a617
Merge pull request #156491 from NixOS/haskell-updates
haskellPackages: update stackage and hackage
2022-01-27 18:01:42 +01:00
Malte Brandy caef341934 Merge branch 'master' into haskell-updates 2022-01-27 17:48:01 +01:00
Malte Brandy c1e2f12203 haskellPackages: mark builds failing on hydra as broken
This commit has been generated by maintainers/scripts/haskell/mark-broken.sh
2022-01-27 17:47:21 +01:00
Stig 196873f601
Merge pull request #155116 from wentasah/amc-add-oodoc
auto-multiple-choice: add OpenOfficeOODoc perl module as dependency
2022-01-27 17:37:02 +01:00
Martin Weinelt 12c26aca1f
prometheus.exporters.smartctl: Fix autodiscovery
When no devices are given the exporter tries to autodiscover available
disks. The previous DevicePolicy was however preventing the exporter
from accessing any device at all, since only explicitly mentioned ones
were allowed.

This commit adds an allow rule for several device classes that I could
find on my machines, that gets set when no devices are explicitly
configured.

There is an existing problem with nvme devices, that expose a character
device at `/dev/nvme0`, and a (namespaced) block device at
`/dev/nvme0n1`. The character device does not come with permissions that
we could give to the exporter without further impacting the hardening.

  crw------- 1 root root 247, 0 27. Jan 03:10 /dev/nvme0
  brw-rw---- 1 root disk 259, 0 27. Jan 03:10 /dev/nvme0n1

The autodiscovery only finds the character device, which the exporter
unfortunately does not have access to.

However a simple udev rule can be used to resolve this:

  services.udev.extraRules = ''
    SUBSYSTEM=="nvme", KERNEL=="nvme[0-9]*", GROUP="disk"
  '';

Unfortunately I'm not fully aware of the security implications this
change carries and we should question upstream (systemd) why they did
not include such a rule.
The disk group has no members on any of my machines.

  ❯ getent group disk
  disk6:
2022-01-27 17:33:27 +01:00
R. RyanTM 899778e8cf
tev: 1.19 -> 1.22
* tev: 1.19 -> 1.22 (#156914)

* tev: don't build on aarch64-linux

Co-authored-by: Renaud <c0bw3b@users.noreply.github.com>
2022-01-27 17:06:22 +01:00
Daniel Olsen 5288bcab0a nixos/mx-puppet-discord: Change systemd unit description to avoid newline 2022-01-27 16:49:40 +01:00
Lein Matsumaru 93fb37332b
exploitdb: 2022-01-25 -> 2022-01-26 2022-01-27 15:22:33 +00:00
Robert Hensing d0947df006
Merge pull request #156992 from hercules-ci/revert-153594-doc-optimization
Revert 153594 doc optimization
2022-01-27 15:46:36 +01:00
Ryan Mulligan 8328d4a50c
Merge pull request #156929 from r-ryantm/auto-update/sympa
sympa: 6.2.66 -> 6.2.68
2022-01-27 06:46:05 -08:00
dasj19 83ab260bbe
tomboy: remove (#156979)
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2022-01-27 15:21:33 +01:00
Sandro 55eab1b1b7
Merge pull request #156999 from SuperSandro2000/procs 2022-01-27 15:20:45 +01:00
Fabian Affolter a4e916ad03
Merge pull request #156995 from fabaff/bump-sqlfluff
sqlfluff: 0.9.2 -> 0.9.3
2022-01-27 14:59:10 +01:00
Fabian Affolter fc98f95561
Merge pull request #156990 from r-ryantm/auto-update/python3.10-flux-led
python310Packages.flux-led: 0.28.11 -> 0.28.17
2022-01-27 14:58:54 +01:00
Stig 3445b70e5b
Merge pull request #156964 from raboof/perl-libnet-3.12-to-3.13
perlPackages.libnet: 3.12 -> 3.13
2022-01-27 14:26:04 +01:00
Sandro 4794b2f047
Merge pull request #154324 from zaninime/sshportal 2022-01-27 14:18:38 +01:00
Sandro 90087b3562
Merge pull request #156828 from willcohen/grass-darwin 2022-01-27 14:16:28 +01:00
Sandro 5a673e356a
Merge pull request #156898 from r-ryantm/auto-update/vgrep 2022-01-27 14:07:13 +01:00
Sandro 27cccd4e49
Merge pull request #151363 from Stunkymonkey/doc-updateWalker 2022-01-27 14:06:36 +01:00
Bobby Rong c2f5452f26
Merge pull request #156936 from bobby285271/pantheon
Pantheon updates 2022-01-26
2022-01-27 21:03:07 +08:00
Sandro Jäckel b81c67d478
procs: 0.12.0 -> 0.12.1 2022-01-27 13:55:22 +01:00