Frederik Rietdijk
10eb16038c
Merge pull request #22564 from mdaiter/cudnn_hash_fix
...
cudnn51_cudatoolkit80: hash change
2017-02-09 13:43:07 +01:00
Graham Christensen
4b6692a510
graphicsmagick: patch for CVE-2016-9830
2017-02-09 07:21:07 -05:00
Franz Pletz
bfee52a967
epiphany: 3.22.5 -> 3.22.6 for security issue
...
From https://bugzilla.gnome.org/show_bug.cgi?id=752738 :
The page http://whatever.com has access to saved passwords of
https://whatever.com . This was a very bad idea: it makes it easy to
intercept passwords stored on secure websites, especially since we
don't require any user interaction to fill in the password.
No CVE has been assigned as of now.
cc #22549
2017-02-09 12:18:04 +01:00
Jörg Thalheim
f3c6acde1e
Merge pull request #22572 from Mic92/dwarfdump
...
dwarfdump: init at 20161124
2017-02-09 12:00:18 +01:00
Jörg Thalheim
e72857bae1
Merge pull request #22576 from andrewthad/elasticsearch_2_classpath
...
set elasticsearch classpath to nix store
2017-02-09 11:35:14 +01:00
Pradeep Chhetri
60246cedc5
terraform: 0.8.5 -> 0.8.6 ( #22584 )
2017-02-09 10:23:25 +00:00
Franz Pletz
6820e74ff0
Merge pull request #22583 from DerTim1/asterisk
...
asterisk: 14.1.2 -> 14.2.1, add speex
2017-02-09 11:21:18 +01:00
Rahul Gopinath
a4d952178c
mlterm: 3.7.2 -> 3.8.0
2017-02-09 11:20:46 +01:00
Peter Simons
055ab6ba74
Merge pull request #21589 from NixOS/ghc-split-sections
...
GHC 8.0.2: use -split-sections
2017-02-09 11:17:31 +01:00
Franz Pletz
da5eaa3c21
bind: 9.10.4-P5 -> 9.10.4-P6 for CVE-2017-3135
...
See https://kb.isc.org/article/AA-01453 .
cc #22549
2017-02-09 10:44:16 +01:00
Mica Semrick
c06b6d9446
gimp: 2.8.18 -> 2.8.20
2017-02-09 10:32:25 +01:00
Vladimír Čunát
333e36eca0
pythonPackages.gst-python: fix hash after afd59811a1
...
/cc #22549 .
2017-02-09 09:40:36 +01:00
Pascal Wittmann
5de04f6d55
Revert "ocaml-lablgl: use camlp5"
...
This reverts commit 7a6aac9076
.
2017-02-09 09:14:51 +01:00
Pascal Wittmann
b6cc6bd088
yodl: 3.08.01 -> 3.08.02
2017-02-09 09:11:28 +01:00
Michael Raskin
386ecdcb4d
rtmpdump: 2015-01-15 -> 2015-12-30
2017-02-09 08:45:12 +01:00
Tim Digel
d8da56984b
asterisk: 14.1.2 -> 14.2.1
2017-02-09 08:29:09 +01:00
Tim Digel
3053e07caa
asterisk: add speex codec
2017-02-09 08:29:09 +01:00
Vladimír Čunát
4bf9f8afc3
Merge #22578 : mesa: add enableRadv ? false
...
There's no hash change in default settings.
2017-02-09 08:03:34 +01:00
Graham Christensen
19f23d00fd
ntfs3g: patch for CVE-2017-0358
...
From the Debian advisory:
Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write
NTFS driver for FUSE, does not scrub the environment before executing
modprobe with elevated privileges. A local user can take advantage of
this flaw for local root privilege escalation.
2017-02-08 22:12:10 -05:00
John Ericson
e74ec9d84f
Merge pull request #22575 from Ericson2314/localSystem
...
top-level: Allow nixpkgs to take localSystem directly
2017-02-08 22:10:49 -05:00
John Ericson
8cd4c31d6b
top-level: Allow nixpkgs to take localSystem directly
...
This is instead of both system and platform, which is kind of ugly.
2017-02-08 22:06:57 -05:00
Graham Christensen
77e920d874
spice: Patch for CVE-2016-9577, CVE-2016-9578
...
From the Red Hat advisory:
* A vulnerability was discovered in spice in the server's protocol
handling. An authenticated attacker could send crafted messages to
the spice server causing a heap overflow leading to a crash or
possible code execution. (CVE-2016-9577)
* A vulnerability was discovered in spice in the server's protocol
handling. An attacker able to connect to the spice server could send
crafted messages which would cause the process to crash.
(CVE-2016-9578)
2017-02-08 22:03:11 -05:00
Graham Christensen
379144f54b
salt: 2016.3.3 -> 2016.11.2 for multiple CVEs
...
From the Arch Linux advisory:
- CVE-2017-5192 (arbitrary code execution): The
`LocalClient.cmd_batch()` method client does not accept
`external_auth` credentials and so access to it from salt-api has
been removed for now. This vulnerability allows code execution for
already- authenticated users and is only in effect when running
salt-api as the `root` user.
- CVE-2017-5200 (arbitrary command execution): Salt-api allows
arbitrary command execution on a salt-master via Salt's ssh_client.
Users of Salt-API and salt-ssh could execute a command on the salt
master via a hole when both systems were enabled.
2017-02-08 21:24:10 -05:00
David McFarland
4ab604b6b8
mesa: add enableRadv
2017-02-08 22:15:03 -04:00
Graham Christensen
e01278b2de
Merge pull request #22573 from nlewo/master
...
rabbitmq: 3.5.8 -> 3.6.6
2017-02-08 20:00:59 -05:00
Tuomas Tynkkynen
05605b41d8
autofs: Some cleanup
...
The --with-openldap and --with-sasl flags passed here are actually wrong
as they don't point to the dev outputs of the packages. Anyway, autoconf
recognizes the packages as they are in buildInputs.
getBin is generally not needed - binaries can always be referred as
${foo}/bin/bar regardless of whether the package is multiple-output.
meta.version is unnecessary.
2017-02-09 02:50:48 +02:00
Andrew Martin
02bbf843be
set elasticsearch classpath to nix store
2017-02-08 19:24:00 -05:00
Dan Peebles
3e7dffd2b3
pythonPackages.twitter-common-*: add meta
...
I'd like to share the common meta fields across all of them but it didn't
seem worth it.
2017-02-08 18:24:59 -05:00
Antoine Eiche
b2e7b4b0d7
rabbitmq: 3.5.8 -> 3.6.6
...
Fix CVE-2015-8786.
2017-02-09 00:12:49 +01:00
Franz Pletz
4494b18fe4
electricsheep: 2.7b33-598d93d90 -> 2.7b33-2017-02-04
...
Also some cleanups like removed unused buildInputs.
2017-02-08 23:51:02 +01:00
Franz Pletz
6d0806d061
pythonPackages.searx: 0.10.0 -> 0.11.0
2017-02-08 23:51:02 +01:00
Franz Pletz
2ae5b82cb7
pythonPackages.pysocks: 1.5.7 -> 1.6.6
2017-02-08 23:51:01 +01:00
Franz Pletz
603ca4be35
pythonPackages.lxml: 3.7.0 -> 3.7.2
2017-02-08 23:51:01 +01:00
Franz Pletz
de82ce901e
pythonPackages.flask: 0.11.1 -> 0.12
2017-02-08 23:51:00 +01:00
Franz Pletz
4bb27d8622
pythonPackages.ndg-httpsclient: 0.4.0 -> 0.4.2
2017-02-08 23:51:00 +01:00
Franz Pletz
7bb81a5a7b
pythonPackages.certifi: 2016.2.28 -> 2017.1.23
2017-02-08 23:51:00 +01:00
Franz Pletz
65a1762a9b
nginx module: make acme group overrideable easily
2017-02-08 23:50:59 +01:00
Franz Pletz
dced724c00
linux_3_18: remove due to EOL
2017-02-08 23:50:59 +01:00
Dan Peebles
554bfea26f
pythonPackages.pex: add meta
2017-02-08 15:22:05 -05:00
Dan Peebles
e012e12402
pythonPackages.pathspec: add meta
2017-02-08 15:10:49 -05:00
Dan Peebles
825ef235ba
pythonPackages.pants: fix typo in license
2017-02-08 14:46:05 -05:00
Jörg Thalheim
b1b0e9f6ab
dwarfdump: init at 20161124
2017-02-08 20:45:31 +01:00
Dan Peebles
84542bb6f4
pythonPackages.pants: add meta
2017-02-08 14:43:12 -05:00
Dan Peebles
4fef9bf857
pythonPackages.ansicolors: add meta
2017-02-08 14:05:13 -05:00
Nikolay Amiantov
5ff9a2a2cb
kbd service: don't restart systemd-vconsole-setup
...
Fixes #22470 . Also remove non-relevant comment (we don't deviate from upstream
systemd unit anymore).
2017-02-08 21:50:33 +03:00
Nikolay Amiantov
6f7811143d
systemd service: don't install systemd-hwdb-update
2017-02-08 21:42:07 +03:00
Nikolay Amiantov
504774e223
release notes: mention JRE changes and jre_headless
2017-02-08 21:36:22 +03:00
Nikolay Amiantov
1900f22760
jre_headless: add alias
2017-02-08 21:35:58 +03:00
Matthew Daiter
82835f7eb3
cudnn51_cudatoolkit80: hash change
2017-02-08 18:40:32 +01:00
Rok Garbas
17f14c893b
Merge pull request #22528 from garbas/fix-networkmanager-openvpn
...
updating networkmanager and friends
2017-02-08 17:44:23 +01:00