1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-01 10:00:56 +00:00
Commit graph

519 commits

Author SHA1 Message Date
Martin Weinelt e24f5eab66
treewide: add CVE identifiers to patches
This allows tools like broken.sh to correctly identify the patched
status.
2020-05-06 23:18:09 +02:00
Peter Hoeg 5fda26c3d0
Merge pull request #86628 from peterhoeg/f/unar
unar: 1.10.1 -> 1.10.7
2020-05-03 20:51:29 +08:00
Peter Hoeg 991c4d48db unar: 1.10.1 -> 1.10.7 2020-05-03 12:45:08 +08:00
Keshav Kini 70b4e26403 afio: package has moved to GitHub
The old homepage and src URLs no longer exist.  The author of the package
confirms on GitHub that GitHub is now the official homepage (see
kholtman/afio#12).
2020-05-02 13:39:19 -07:00
Daniel Frank aa80b4780d
p7zip: mark as insecure 2020-05-01 14:26:21 +02:00
Daniel Frank dd16c3944c
p7zip: fix two CVEs 2020-05-01 14:26:18 +02:00
adisbladis 955e235da3
p7zip: Make unfree features (rar support) optional 2020-04-22 16:06:50 +01:00
Emily 95f82e2a45 p7zip: remove non-free RAR support
7-Zip's RAR implementation is built on the non-free UnRAR source code;
DOC/License.txt says:

      Licenses for files are:
    
        1) CPP/7zip/Compress/Rar* files:  GNU LGPL + unRAR restriction
        2) All other files:  GNU LGPL
    
      The GNU LGPL + unRAR restriction means that you must follow both 
      GNU LGPL rules and unRAR restriction rules.
    
    ...
    
      unRAR restriction
      -----------------
    
        The decompression engine for RAR archives was developed using source 
        code of unRAR program.
        All copyrights to original unRAR code are owned by Alexander Roshal.
    
        The license for original unRAR code has the following restriction:
    
        The unRAR sources cannot be used to re-create the RAR compression algorithm, 
        which is proprietary. Distribution of modified unRAR sources in separate form 
        or as a part of other software is permitted, provided that it is clearly
        stated in the documentation and source comments that the code may
        not be used to develop a RAR (WinRAR) compatible archiver.

The unrar licensing is [infamously restrictive and non-free][fedora];
it's inappropriate for us to keep the RAR support while labelling the
package as free software (and indeed there's a commented-out line
pointing out that the current `meta.license` is false). Unfortunately,
the 7-Zip upstream seems uninterested in replacing the code with a
freely-licensed alternative (see [7-Zip ticket #1229][7zip]).

[fedora]: https://fedoraproject.org/wiki/Licensing:Unrar
[7zip]: https://sourceforge.net/p/sevenzip/feature-requests/1229/

An alternative solution would be to mark the p7zip package as non-free
instead; I decided not to because its other functionality (especially
`.7z` support) is freely-licensed and useful, and there are free
software alternatives for extracting RAR files (e.g. in nixpkgs there's
`archiver`, which is written in a memory-safe language, and `unar`,
which at least doesn't have two patches for CVEs that haven't been
addressed upstream...).

I checked that `7z(1)` fails gracefully on `.rar` files now:
    
    emily@renko ~/tmp> curl -L -O https://www.philippwinterberg.com/download/example.rar
      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                     Dload  Upload   Total   Spent    Left  Speed
    100 5715k  100 5715k    0     0  6716k      0 --:--:-- --:--:-- --:--:-- 6716k
    emily@renko ~/tmp> 7z x example.rar
    
    7-Zip [64] 16.02 : Copyright (c) 1999-2016 Igor Pavlov : 2016-05-21
    p7zip Version 16.02 (locale=en_CA.UTF-8,Utf16=on,HugeFiles=on,64 bits,8 CPUs x64)
    
    Scanning the drive for archives:
    1 file, 5853119 bytes (5716 KiB)
    
    Extracting archive: example.rar
    ERROR: example.rar
    Can not open the file as archive
    
        
    Can't open as archive: 1
    Files: 0
    Size:       0
    Compressed: 0
2020-04-22 15:01:48 +00:00
Michael Reilly 84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
R. RyanTM 233165ad0f unrar: 5.9.1 -> 5.9.2 2020-04-07 21:36:22 +00:00
Vladimír Čunát 48a997cd76
Merge #66528: glibc: 2.27 -> 2.30 (into staging)
Includes update of stdenv bootstap tools (for three main platforms)
and many package fixes with new glibc.
2020-02-05 13:41:09 +01:00
R. RyanTM a91faae4a6 unrar: 5.8.5 -> 5.9.1 2020-02-04 19:51:34 +00:00
Maximilian Bosch 6b0cd9ad47
Merge branch 'staging' into glibc230
Conflicts:
	pkgs/applications/misc/vit/default.nix
2020-01-28 14:54:51 +01:00
Silvan Mosberger 80a2740991
Merge pull request #78265 from Synthetica9/https-homepages
treewide: fix redirected urls
2020-01-27 15:00:53 +01:00
Michael Weiss 983f39cdab
unrar: Install all C++ header files into the "dev" output
This is e.g. required for the rar2fs build [0], which needs at least
version.hpp, rar.hpp, dllext.hpp, dll.hpp, and headers5.hpp.

At least Gentoo does this as well [1] but most other distributions only
install dll.hpp or no header files at all.

[0]: https://github.com/NixOS/nixpkgs/pull/78189
[1]: https://gitweb.gentoo.org/repo/gentoo.git/tree/app-arch/unrar/unrar-5.8.5.ebuild
2020-01-23 21:16:38 +01:00
Patrick Hilhorst 593e11fd94
treewide: fix redirected urls
According to https://repology.org/repository/nix_unstable/problems, we have a
lot of packages that have http links that redirect to https as their homepage.
This commit updates all these packages to use the https links as their
homepage.

The following script was used to make these updates:

```

curl https://repology.org/api/v1/repository/nix_unstable/problems \
    | jq '.[] | .problem' -r \
    | rg 'Homepage link "(.+)" is a permanent redirect to "(.+)" and should be updated' --replace 's@$1@$2@' \
    | sort | uniq > script.sed

find -name '*.nix' | xargs -P4 -- sed -f script.sed -i
```
2020-01-22 11:26:22 +01:00
Luka Blaskovic 89590eb7bf sharutils: fix build with glibc>=2.28 2020-01-14 08:26:59 +00:00
Robin Gloster 2157dcd141
treewide: installFlags is a list 2019-12-30 13:22:43 +01:00
Merijn Broeren 133103d709
treewide: replace make/build/configure/patchFlags with nix lists 2019-12-30 12:58:11 +01:00
Robin Gloster 76b774e89a
zip: *Flags are lists 2019-12-30 11:13:42 +01:00
Robin Gloster e49f0d4985
unzip: *Flags are lists 2019-12-30 11:13:42 +01:00
Nathan b0caf68bff
maintainer-list.nix: remove ndowens 2019-12-26 16:47:41 -05:00
R. RyanTM cb90c9da24 unrar: 5.8.4 -> 5.8.5 2019-12-24 13:51:50 -08:00
R. RyanTM a1937011b2 unrar: 5.8.3 -> 5.8.4 2019-11-29 22:32:18 +01:00
Frederik Rietdijk be7125dde7 Merge master into staging-next 2019-11-16 11:45:07 +01:00
c0bw3b 9367367dfd Treewide: fix URL permanent redirects
Permanent redirects on homepages and/or source URLs
as reported by Repology
2019-11-16 01:41:23 +01:00
Lancelot SIX fe758f5fa3 cpio: 2.12 -> 2.13
See https://lists.gnu.org/archive/html/info-gnu/2019-11/msg00002.html
for release information.

Fixes CVE-2019-14866
2019-11-12 14:46:08 +01:00
Vladimír Čunát 802c81efa4
Merge #71401: unzip: CVE-2019-13232 (into staging) 2019-11-09 15:29:58 +01:00
R. RyanTM a6294b53b7 unrar: 5.8.2 -> 5.8.3 2019-11-03 10:02:50 +01:00
R. RyanTM b78db667d2 unrar: 5.8.1 -> 5.8.2
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/unrar/versions
2019-10-24 08:56:18 -07:00
Doron Behar a7077637f9
snzip: init at 1.0.4 2019-10-21 16:10:47 +02:00
Thorsten Weber 4d33b41d3d unzip: CVE-2019-13232 2019-10-20 21:03:49 +02:00
Jan Tojnar b3fcd9375d
Merge branch 'master' into staging-next 2019-10-03 01:47:08 +02:00
R. RyanTM d33e497b1b unrar: 5.7.5 -> 5.8.1
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/unrar/versions
2019-10-02 23:52:53 +02:00
Frederik Rietdijk 503081fa5b Merge staging into staging-next 2019-09-29 11:05:22 +02:00
R. RyanTM 5c5dfc3727 innoextract: 1.7 -> 1.8
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/innoextract/versions
2019-09-26 15:27:40 -07:00
worldofpeace b0c2aea20b
treewide: drop adding hicolor-icon-theme where possible
This was either for the setup-hook to remove caches or added
even though the respective icon theme propagated it.
2019-09-18 22:47:26 +02:00
volth 7b8fb5c06c treewide: remove redundant quotes 2019-09-08 23:38:31 +00:00
Jan Tojnar cdf426488b
Merge branch 'master' into staging-next
Fixed trivial conflicts caused by removing rec.
2019-09-06 03:20:09 +02:00
Jan Tojnar 72e7d569a7
tree-wide: s/GTK+/GTK/g
GTK was renamed.
2019-09-06 02:54:53 +02:00
volth 08f68313a4 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
volth c814d72b51 treewide: name -> pname 2019-08-17 10:54:38 +00:00
volth 46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
marius851000 4b594c3d8f ctrtool: 0.15 -> 0.16 2019-08-08 17:23:14 +02:00
adisbladis eaafd840bf
Revert "unzip: CVE-2019-13232"
This reverts commit 0238946872.

This patch broke a number of legitimate zips in the wild, including but
not limited to most luarocks and a number of gradle-produced JARs.
2019-07-25 22:07:06 +01:00
Marek Mahut 0238946872 unzip: CVE-2019-13232 2019-07-17 10:15:08 +02:00
Jonathan Ringer 841893119d zpaq: fix version and pull from github 2019-07-11 09:48:39 +02:00
worldofpeace cab7c6cbd9 treewide: use dontConfigure 2019-07-01 04:23:51 -04:00
Profpatsch 7251830bf1 unp: remove unfree unrar from the default backend list
`unrar` is unfree, meaning `unp` cannot be built by default if `unrar`
is in its dependencies.

A simple

  env NIXPKGS_ALLOW_UNFREE=1 nix-shell -p unrar

will make `unp` work with .rar files.
2019-06-24 16:18:23 +02:00
Profpatsch 7bc2aaff0e unp: improve file copying & fix manpage 2019-06-24 16:18:23 +02:00