The following vulnerabilities have been fixed.
- wnpa-sec-2015-01
The WCCP dissector could crash. (Bug 10720, Bug 10806) CVE-2015-0559,
CVE-2015-0560
- wnpa-sec-2015-02
The LPP dissector could crash. (Bug 10773) CVE-2015-0561
- wnpa-sec-2015-03
The DEC DNA Routing Protocol dissector could crash. (Bug 10724) CVE-2015-0562
- wnpa-sec-2015-04
The SMTP dissector could crash. (Bug 10823) CVE-2015-0563
- wnpa-sec-2015-05
Wireshark could crash while decypting TLS/SSL sessions. Discovered by Noam
Rathaus. CVE-2015-0564
See more at https://www.wireshark.org/docs/relnotes/wireshark-1.12.3.html
This add profanity and dependencies and a few cleanups from me for the
profanity package expression.
Thanks to @devhell and apologies for pestering him with my nitpicking.
* Commit summary:
profanity: Add option for autoAwaySupport.
profanity: Clean up package expression file.
profanity: Add libnotifySupport config option
all-packages: Add libnotify option to profanity
profanity: Add "platforms" meta information
profanity: Add libXScrnSaver and libX11 buildInputs
libstrophe: Add "platforms" meta information
libstrophe: Fix typo
profanity: Add profanity, a ncurses XMPP client
libstrophe: Add new package
Actually, two dependencies used for notifySupport are for
autoAwaySupport and have nothing to do with notifications, so let's
split them apart.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
No real changes in functionality, other than renaming libnotifySupport
to just notifySupport.
I've wrapped the lines to a maximum of 80 characters in width, so the
file looks less cluttered up. Which includes setting apart the attribute
for notifySupport and its respective dependencies from the main
dependencies.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Originally I had in mind to introduce an attribute like "enableGPG", but
it seems that other distro include it per default, so I guess most users
coming from other distros would expect it that way. And so it is now.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This is more of an attempt rather than a real fix (or maybe it is? let's
see) for the corrupted .pyc files during build. I believe the reason we
get these are likely due to several instances of the Python interpreter
that run in parallel and one of these processes might still be writing
the .pyc file.
So, rather than deleting all .pyc files, we now precompile then in order
to avoid any build process trying to generate any .pyc file.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This commit includes a patch to telepathy's derivation, written by
Lethalman. This patch makes public the Telepathy's dependency to
dbus_glib. This patch will become problematic with the next pkgconfig
upgrade but this upgrade should make the patch irrelevant. See these 2
links for more information:
- https://bugs.freedesktop.org/show_bug.cgi?id=15199
- https://bugzilla.redhat.com/show_bug.cgi?id=436773
Modified by Luca Bruno:
- Moved telepathy_idle to propagatedUserEnvPkgs
- Added myself to maintainers
- Enable parallel building
This update is necessary due to API changes in libtoxcore. Sad to say that
the recent stable version doesn't work with our libtoxcore. We need to
update to the recent dev version.
As from now qtox depends on openalSoft instead of openal. This is due to
incompatibilities between those to two implementations. Anyway, this
should be okay because their official debian package depends on
openalSoft as well.
Also, in case of collectd, the -lgcc_s shouldn't be needed anymore,
as the library is in ${glibc}/lib/ now, which is practically always on RPATH.
In case of seyren it was some stdenv change uncovering the mistake of
putting src into buildInputs.
Thanks to @iElectric for the notification, although I'm not really sure
whether this will fix the following failed Hydra build:
http://hydra.nixos.org/build/17609086/nixlog/1/raw
The reason is that this failure doesn't happen on every build, but let's
see whether it will happen again now.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Says: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"
CC: #4803. There will likely appear more of these errors on Hydra in time.
This is a response to 1fdefd5562.
We are already using bundled protobuf for the beta and dev channels and
it also breaks regularly with about every new Chromium release, so let's
use bundled protobuf for all channels now.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
We now create Nix expressions within the plugin output path(s) which
then will be imported and incorporated into the wrapper. This makes it
easier for other plugins to provide configuration settings to the main
Chromium wrapper.
Of course, in order to allow for external plugins we need to allow
passing a list of plugins to the Chromium derivation, but right now we
keep it internal and only use it for things such as NaCl (as soon as we
support it, of course).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This introduces Chromium 39 as the new stable version along with a bunch
of fixes.
Fixes#2799, particularily the PDF plugin, which now is open source and
thus no longer an issue.
Also fixes#3219 and merges #2906, so we no longer get a crash while
trying to bring up the print preview dialog.
Thanks to @edwtjo for the CUPS version bump.
* chromium: Switch to use open-source PDF plugin.
* cups: bump 1.5.4 -> 1.7.5
* chromium: Allow env vars for passing plugin paths.
* chromium: Update all channels to latest versions.
* protobuf: Clean up and update to version 2.6.1.
The Chromium PDF plugin is now available as open source software and is
already included in the Chromium source tree in current stable, so there
is no need to extract it from the Chrome binary package anymore.
See release announcement at http://blog.foxitsoftware.com/?p=641
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Introduces environment variables to set plugin base paths. The schema
for these is like NIX_CHROMIUM_PLUGIN_PATH_<N>. Where <N> is the path
type we want to change, the supported (full) variable names are:
* NIX_CHROMIUM_PLUGIN_PATH_ALL
* NIX_CHROMIUM_PLUGIN_PATH_PEPPERFLASH
* NIX_CHROMIUM_PLUGIN_PATH_FILEFLASH
* NIX_CHROMIUM_PLUGIN_PATH_PDF
* NIX_CHROMIUM_PLUGIN_PATH_FILE_EFFECTS
* NIX_CHROMIUM_PLUGIN_PATH_NACL
* NIX_CHROMIUM_PLUGIN_PATH_PNACL
* NIX_CHROMIUM_PLUGIN_PATH_WIDEVINE
Whereas NIX_CHROMIUM_PLUGIN_PATH_ALL is the plugin base path for every
path which is not set explicitly, so by setting ..._ALL and not setting
..._WIDEVINE, the widevine plugin will be searched in the directory
specified using ..._ALL.
Right now, the only plugin where this is used is widevine, and it still
doesn't properly work yet.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
With this commit, the following new upstream versions are introduced:
stable: 38.0.2125.101 -> 39.0.2171.65
beta: 39.0.2171.19 -> 40.0.2214.10
dev: 40.0.2182.3 -> 41.0.2224.3
We can now remove missing_alg_import.patch, because version 39 is nom
stable and thus fixes the missing include directive upstream.
However, starting with version 40, we hit a few bugs with system
protobuf, so we're disabling it for every version >=40 to avoid
runtime/startup errors.
Here is the stable channel announcement for version 39 on the official
blog:
http://googlechromereleases.blogspot.de/2014/11/stable-channel-update_18.html
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This installs from the official frostwire tarball. Similar to the
jdiskreport package. Everything works fine on the systems I've tried.
I've made myself the maintainer.
Also upgraded it to 6.0.0 as it was released stable.
This fixes builds after #4419. Thanks to @vbgl for the original commit;
I changed that as I'm not sure whether passing null values to buildInputs is clean.
CC maintainers: @coroa, @peti, @phreedom, @robberer, @jcumming.
