1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-29 17:10:48 +00:00
Commit graph

622 commits

Author SHA1 Message Date
ajs124 8a249aa732 exim: 4.94 -> 4.94.2
Fixes a dozen security vulnerabilities
2021-05-04 15:49:16 +02:00
Luke Granger-Brown 8ebf7c3385
Merge pull request #121254 from dotlambda/postfix-3.6.0
postfix: 3.5.10 -> 3.6.0
2021-05-01 19:46:13 +01:00
Robert Schütz 7c9c3c88e3 postfix: 3.5.10 -> 3.6.0
http://www.postfix.org/announcements/postfix-3.6.0.html
2021-04-30 11:55:21 +02:00
Florian Klink 6b14de1622 opensmtpd: set --with-path-pidfile
Set this to `/run`, like we also do with `--with-path-socket`, so
opensmtp doesn't try to use /var/run for pidfiles.
2021-04-28 13:15:23 +02:00
Luke Granger-Brown 2fa2e63932
Merge pull request #103902 from pkern/spamassassin
nixos/spamassassin: Avoid network dependency on boot
2021-04-25 11:14:57 +01:00
Symphorien Gibol b7536ac80f dovecot_fts_xapian: 1.4.7 -> 1.4.9 2021-04-24 18:26:44 +02:00
Sandro c6cd7e3227
Merge pull request #119680 from alyssais/hyperkitty 2021-04-19 06:21:12 +02:00
Alyssa Ross be74a6ae30
python3.pkgs.hyperkitty: 1.3.3 -> 1.3.4 2021-04-17 21:06:37 +00:00
Alyssa Ross cc10432418
mailman: add myself as a maintainer all around 2021-04-17 01:07:38 +00:00
Alyssa Ross 912e11a468 mailman-web: 2019-09-29 -> 2021-04-10
* Make it clearer what code comments apply to
* Fix the state directory (this was changed in the update)
* Add m1cr0man as a maintaner

Co-authored-by: Lucas Savva <lucas@m1cr0man.com>
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2021-04-14 16:23:09 +00:00
Alyssa Ross 55ac7d4580 mailman-web: fix build 2021-04-14 13:42:11 +00:00
Alyssa Ross 5e4fc1cc5f
mailman-web: mark broken 2021-04-14 12:19:03 +00:00
Alyssa Ross d0ead9021e
Revert "mailman-web-unstable: 2019-09-29 -> 2021-04-10 (#119135)"
This reverts commit 8dbd553792.

The update has changed where mailman-web looks for its database and
broken the Mailman module in NixOS.
2021-04-14 12:18:44 +00:00
Martin Weinelt 02ca8bc9be
Merge pull request #119397 from dotlambda/postfix-3.5.10
postfix: 3.5.9 -> 3.5.10
2021-04-14 12:35:25 +02:00
Robert Schütz e495cfac73 postfix: 3.5.9 -> 3.5.10
http://www.postfix.org/announcements/postfix-3.5.10.html
2021-04-14 09:52:51 +02:00
Lucas Savva 8dbd553792
mailman-web-unstable: 2019-09-29 -> 2021-04-10 (#119135)
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2021-04-13 01:31:53 +02:00
Lucas Savva 3faeac7062 mailman: Add comments wrt updating mailman components
The Mailman Core must be on its latest available version
before updating hyperkitty or postorious.
2021-04-05 03:12:44 +01:00
Lucas Savva 4002146ff5 mailman: 3.3.1 -> 3.3.4
Postorious 1.3.4 (AKA mailman-web, already in unstable/master)
    requires this version to work
2021-04-05 02:14:22 +01:00
Daniel Nagy 25bc1def1c
exim: add changelog 2021-04-01 17:59:49 +02:00
Daniel Nagy f5377b61d5
exim: use https in homepage 2021-04-01 17:59:49 +02:00
Martin Weinelt 50850a2e3a
spamassassin: 3.4.4 -> 3.4.5
Fixes: CVE-2020-1946
2021-03-27 18:51:31 +01:00
Fabian Affolter b50a4339fb
Merge pull request #115541 from r-ryantm/auto-update/rspamd
rspamd: 2.6 -> 2.7
2021-03-18 18:16:30 +01:00
Samuel Gräfenstein c8ef61d419
sympa: remove redundant perlPackages
They are not needed anymore since they are built into Perl now.
Fix building with `config.allowAliases = false;`.
2021-03-17 00:00:20 +01:00
Samuel Gräfenstein 817f0fd741
perlPackages: NetLDAP -> perlldap
Fix building with `config.allowAliases = false;`.
2021-03-17 00:00:19 +01:00
Ben Siraphob 1030d6406f postsrsd: expand platforms to all 2021-03-14 11:40:46 +07:00
R. RyanTM 858d02495a rspamd: 2.6 -> 2.7 2021-03-09 14:07:48 +00:00
ajs124 c543f4d884 dovecot_pigeonhole: 0.5.13 -> 0.5.14 2021-03-06 17:21:52 +01:00
ajs124 0b6c9a4c38 dovecot: 2.3.13 -> 2.3.14 2021-03-06 17:21:48 +01:00
ajs124 003b067baf dovecot: add myself as maintainer 2021-03-06 17:21:48 +01:00
Konstantin Alekseev 10bebca088 mailhog: fix --version output 2021-03-04 15:13:58 +03:00
Fabian Affolter a6328de769
Merge pull request #114218 from fabaff/bump-readme_renderer
python3Packages.readme_renderer: 28.0 -> 29.0
2021-03-03 07:41:10 +01:00
Fabian Affolter 8a20e93b50 python3Packages.postorius: 1.3.3 -> 1.3.4 2021-02-24 12:39:32 +01:00
Ben Siraphob e03c068af5 treewide: makeWrapper buildInputs to nativeBuildInputs 2021-02-19 20:09:16 +07:00
Philipp Kern 4d4a0b7cca spamassassin: include dependencies for sa-compile
sa-compile requires re2c, gcc and gnumake to compile the expressions to
performant C code. This compilation is done post-installation after
every ruleset update and stored as local state.
2021-02-11 10:12:14 +01:00
Guillaume Girol 44ad80ab10
Merge pull request #111041 from yoctocell/dovecot_fts_xapian-1.4.6
dovecot_fts_xapian: 1.3.1 -> 1.4.7
2021-01-31 20:32:37 +00:00
Xinglu Chen 7faeb77f30
dovecot_fts_xapian: 1.3.1 -> 1.4.7
Update to latest release.

https://github.com/grosjo/fts-xapian/releases
2021-01-31 20:24:46 +01:00
Sandro 71e471636a
Merge pull request #109989 from dotlambda/postfix-3.5.9
postfix: 3.5.8 -> 3.5.9
2021-01-27 18:04:01 +01:00
Pavol Rusnak a6ce00c50c
treewide: remove stdenv where not needed 2021-01-25 18:31:47 +01:00
R. RyanTM d8f3ef1c14
postsrsd: 1.9 -> 1.10 (#110211) 2021-01-25 13:17:22 +01:00
Robert Schütz 9846ccd0a9 postfix: 3.5.8 -> 3.5.9
http://www.postfix.org/announcements/postfix-3.5.9.html
2021-01-19 18:47:50 +01:00
Jonathan Ringer 9bb3fccb5b treewide: pkgs.pkgconfig -> pkgs.pkg-config, move pkgconfig to alias.nix
continuation of #109595

pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.

python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
2021-01-19 01:16:25 -08:00
Thomas Gerbet becfbfde75 opensmtpd: 6.7.1p1 -> 6.8.0p2
The 6.8.0p2 release includes the fixes for CVE-2020-35679 and
CVE-2020-35680 [0].

[0] https://www.mail-archive.com/misc@opensmtpd.org/msg05188.html
2021-01-17 13:37:31 +01:00
Martin Milata 43f94415f9 sympa: 6.2.56 -> 6.2.60
Fixes: https://nvd.nist.gov/vuln/detail/CVE-2020-29668
       https://sympa-community.github.io/security/2020-003.html

ChangeLog: https://github.com/sympa-community/sympa/blob/6.2.60/NEWS.md
2021-01-16 14:31:23 +01:00
Ben Siraphob 872973d7d1 pkgs/servers: stdenv.lib -> lib 2021-01-15 14:24:03 +07:00
Profpatsch 4a7f99d55d treewide: with stdenv.lib; in meta -> with lib;
Part of: https://github.com/NixOS/nixpkgs/issues/108938

meta = with stdenv.lib;

is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.

This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.

The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
2021-01-11 10:38:22 +01:00
Alyssa Ross cda9119b30
spamassassin: add myself as a maintainer
Gotta get those sweet Repology notifications.
2021-01-06 15:36:02 +00:00
Alyssa Ross e917903079
spamassassin: 3.4.3 -> 3.4.4
Fixes: CVE-2020-1930
Fixes: CVE-2020-1931
2021-01-06 15:35:59 +00:00
Andreas Rammhold bedb3528b6
dovecot_pigeonhole: 0.5.11 -> 0.5.13
This updates to the latest version. According to the changelog 0.5.12
was skipped. The changes in this release are required to be compatible
with the latest dovecot release.

Changes:
  - duplicate: The test was handled badly in a multiscript (sieve_before,
    sieve_after) scenario in which an earlier script in the sequence with
    a duplicate test succeeded, while a later script caused a runtime
    failure. In that case, the message is recorded for duplicate tracking,
    while the message may not actually have been delivered in the end.
  - editheader: Sieve interpreter entered infinite loop at startup when
    the "editheader" configuration listed an invalid header name. This
    problem can only be triggered by the administrator.
  - relational: The Sieve relational extension can cause a segfault at
    compile time. This is triggered by invalid script syntax. The segfault
    happens when this match type is the last argument of the test command.
    This situation is not possible in a valid script; positional arguments
    are normally present after that, which would prevent the segfault.
  - sieve: For some Sieve commands the provided mailbox name is not
    properly checked for UTF-8 validity, which can cause assert crashes at
    runtime when an invalid mailbox name is encountered. This can be
    caused by the user by writing a bad Sieve script involving the
    affected commands ("mailboxexists", "specialuse_exists").
    This can be triggered by the remote sender only when the user has
    written a Sieve script that passes message content to one of the
    affected commands.
  - sieve: Large sequences of 8-bit octets passed to certain Sieve
    commands that create or modify message headers that allow UTF-8 text
    (vacation, notify and addheader) can cause the delivery or IMAP
    process (when IMAPSieve is used) to enter a memory-consuming
    semi-infinite loop that ends when the process exceeds its memory
    limits. Logged in users can cause these hangs only for their own
    processes.
2021-01-04 17:59:57 +01:00
Andreas Rammhold 4fee20e267
dovecot: add the dovecot NixOS test to passthru.tests
While we already had some test we might as well add the test for that
exact package to the tests attribute set. After all that should be what
(primarily) tests dovecot.
2021-01-04 17:45:28 +01:00
Andreas Rammhold 58c7d3ff17
dovecot: 2.3.11.3 -> 2.3.13
This fixes CVE_2020-24386, CVE-2020-25725 and a bunch of regular bugs
[1].

* CVE-2020-24386: Specially crafted command can cause IMAP hibernate to
	  allow logged in user to access other people's emails and filesystem
	  information.

* CVE-2020-25275: Mail delivery / parsing crashed when the 10 000th MIME part was
  message/rfc822 (or if parent was multipart/digest). This happened
  due to earlier MIME parsing changes for CVE-2020-12100.

[1] https://raw.githubusercontent.com/dovecot/core/2.3.13/NEWS
2021-01-04 17:37:32 +01:00