1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-21 05:00:16 +00:00
Commit graph

96711 commits

Author SHA1 Message Date
Graham Christensen 96393560d0 Merge pull request #20816 from grahamc/vulnerability-rollup-10
Vulnerability rollup 11 (WIP)
2016-11-30 19:29:19 -05:00
Graham Christensen 855b799ec9 Merge pull request #20828 from taku0/thunderbird-bin-45.5.1
thunderbird-bin: 45.5.0 -> 45.5.1 [Critical security fix]
2016-11-30 19:27:51 -05:00
Graham Christensen 897bffb0ff Merge pull request #20827 from taku0/firefox-bin-50.0.2
firefox-bin: 50.0.1 -> 50.0.2 [Critical security fix]
2016-11-30 19:25:52 -05:00
Graham Christensen 16995fc57b
boehmgc: 7.2f -> 7.2g 2016-11-30 19:19:25 -05:00
Graham Christensen 7e40e89273
rpcbind: patch for CVE-2015-7236 2016-11-30 19:18:08 -05:00
taku0 5f4b3cd34b thunderbird-bin: 45.5.0 -> 45.5.1
Critical security fix.

https://www.mozilla.org/en-US/thunderbird/45.5.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/
2016-12-01 09:11:50 +09:00
Graham Christensen c97fda0bcf
Revert "icu: patch for multiple CVEs"
This reverts commit 892a9b1f0f.
2016-11-30 19:10:06 -05:00
taku0 097a8ee174 firefox-bin: 50.0.1 -> 50.0.2
Critical security fix
https://www.mozilla.org/en-US/firefox/50.0.2/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/
2016-12-01 09:08:16 +09:00
Graham Christensen 6393ca650e
Revert "bzip2: patch for CVE-2016-3189"
This reverts commit 9c71508c95.
2016-11-30 19:08:15 -05:00
Graham Christensen 892a9b1f0f
icu: patch for multiple CVEs
- CVE-2014-6585
 - CVE-2015-4760
 - CVE-2016-0494
 - CVE-2016-6293
 - CVE-2016-7415
2016-11-30 19:08:15 -05:00
Graham Christensen 9c71508c95
bzip2: patch for CVE-2016-3189 2016-11-30 18:43:56 -05:00
Graham Christensen 5f78980973
tomcatUnstable: 9.0.0.M10 -> 9.0.0.M13
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:27:06 -05:00
Graham Christensen 42f1ae1911
tomcat85: 8.5.5 -> 8.5.8
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:27:00 -05:00
Graham Christensen 80a475042c
tomcat8: 8.0.37 -> 8.0.39
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:55 -05:00
Graham Christensen 3d0310daf3
tomcat7: 7.0.72 -> 7.0.73
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:39 -05:00
Graham Christensen eba91fa2bd
tomcat6: 6.0.45 -> 6.0.48
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:13 -05:00
lbonn 288e75c5f9 wireguard: remove dependency on ip-up.target
It was deprecated and removed from all modules in the tree by #18319.

The wireguard module PR (#17933) was still in the review at the time and
the deprecated usage managed to slip inside.
2016-12-01 00:11:16 +01:00
Jaka Hudoklin 3675631f63 convoy: init at 0.5.0 2016-11-30 23:28:18 +01:00
Jörg Thalheim fa4212e763
cheat: 2.1.26 -> 2.1.27 2016-11-30 21:10:54 +01:00
AndersonTorres 18757f3a11
XFCE plugins: update, taken from #20410
xfce4-embed-plugin   : 1.4.1 -> 1.6.0
xfce4-eyes-plugin    : 4.4.3 -> 4.4.4
xfce4-fsguard-plugin : 1.0.1 -> 1.0.2
xfce4-verve-plugin   : 1.0.1 -> 1.1.0
xfce4-xkb-plugin     : 0.5.6 -> 0.7.1
2016-11-30 18:26:14 +01:00
Frederik Rietdijk d6ffb976fe Merge pull request #20812 from jokogr/u/syncthing-0.14.13
syncthing: 0.14.12 -> 0.14.13
2016-11-30 17:55:17 +01:00
Graham Christensen b28d21fd50 Merge pull request #20808 from grahamc/fancy-test-tty
login test: Create and use direct reads of the TTY contents.
2016-11-30 11:27:49 -05:00
Pascal Wittmann 014a1b430a Merge pull request #20615 from vbgl/lwt-2.6.0
ocamlPackages.lwt: 2.5.2 → 2.6.0
2016-11-30 16:36:52 +01:00
Pascal Wittmann ab2185a4b5 Merge pull request #20756 from vbgl/ocp-index-1.1.5
ocamlPackages.ocp-index: 1.1.4 -> 1.1.5
2016-11-30 16:34:56 +01:00
Eelco Dolstra c0da5f78d6
make-tarball.nix: Don't check broken packages
They're broken after all. In particular, this prevents us from
evaluating packages that are unsupported on a particular platform.

Reverts a147ddc42c.

Fixes #20817.
2016-11-30 15:21:30 +01:00
Eelco Dolstra e3a873479e
Remove fetchMD5warn
Deprecation warnings should not be used in Nixpkgs because they spam
innocent "nix-env -qa" users with (in this case) dozens of messages
that they can't do anything about.

This also reverts commit 2ca8833383.
2016-11-30 15:14:30 +01:00
Graham Christensen 0cff959e79
maatkit: update URL 2016-11-30 09:07:17 -05:00
Graham Christensen 7d09138cae
perlPackages.DBDmysql: 4.033 -> 4.039 2016-11-30 08:37:48 -05:00
Graham Christensen 0707962235
mujs: 2016-09-21 -> 2016-11-30 for multiple CVEs
- CVE-2016-7504
 - CVE-2016-7505
 - CVE-2016-7506
 - CVE-2016-9017
 - CVE-2016-9108
 - CVE-2016-9109
 - CVE-2016-9294

See more information: https://lwn.net/Vulnerabilities/707361/
2016-11-30 08:29:44 -05:00
Frederik Rietdijk f26ff0b1bd Merge pull request #20813 from lsix/update_pytest_30
pythonPackages.pytest_30: 3.0.3 -> 3.0.4
2016-11-30 14:26:02 +01:00
Graham Christensen a9611a52f3
mcabber: 1.0.3 -> 1.0.4 for 'roster push attack' 2016-11-30 08:23:42 -05:00
Peter Simons c0ec503dce Merge pull request #20803 from NeQuissimus/2_11_0
git: 2.10.2 -> 2.11.0
2016-11-30 14:17:57 +01:00
Peter Simons cc3e61006f Merge pull request #20811 from Profpatsch/hdbc-odbc-haddock
haskellPackages.HDBC-odbc: remove haddock fix again
2016-11-30 14:00:30 +01:00
Ioannis Koutras 58faa138d4 syncthing: 0.14.12 -> 0.14.13 2016-11-30 14:17:36 +02:00
Lancelot SIX de4dba37a1
pythonPackages.pytest_30: 3.0.3 -> 3.0.4 2016-11-30 13:11:36 +01:00
Profpatsch 10cf3b150e haskellPackages.HDBC-odbc: remove haddock fix again 2016-11-30 13:04:48 +01:00
Matthew Daiter 705bdce17e
hexRegistrySnapshot: d58a937 -> e5e494a 2016-11-30 12:16:21 +01:00
Frederik Rietdijk c517718ffc Merge pull request #20152 from igsha/fix-mezzanine
pythonPackages.mezzanine: fixes #19989
2016-11-30 10:43:34 +01:00
Frederik Rietdijk 1b68772f2b Merge pull request #20799 from vbgl/camlp5-6.17
camlp5: 6.16 -> 6.17
2016-11-30 10:32:00 +01:00
Frederik Rietdijk 1c0e51e3f8 Merge pull request #20616 from matthewbauer/pugixml-darwin
pugixml: fix darwin build
2016-11-30 10:30:41 +01:00
Frederik Rietdijk 07dcc4f43a pythonPackages.Theano: move and rename variants
We have two derivations, one that supports Cuda, and one that does not.
The names, TheanoWithCuda and TheanoWithoutCuda, now reflect that.
Furthermore, a boolean passthru.cudaSupport was added.

In the future the two derivations should be merged in one, with a
parameter `cudaSupport`.
2016-11-30 10:04:54 +01:00
Peter Simons 2605149d15 ghc-8.0.2: cosmetic 2016-11-30 09:47:37 +01:00
Peter Simons fb9f9926cd ghc-8.0.2: drop use of the obsolete response file patch
Our gcc wrapper has been fixed to deal with those files properly.
2016-11-30 09:46:44 +01:00
Graham Christensen cb74fd75d7
login test: Create and use direct reads of the TTY contents. 2016-11-30 00:17:18 -05:00
Joachim Fasting 0028abeb4e
libffcall: 2009-05-27 -> 1.10
Use the release tarball provided by the clisp maintainer.

Tested build by nix-build -A clisp -A clisp_2_44_1 -A gtk-server;
only clisp run-tested.

Of particular note is that the .so files no longer have executable
stacks.  This also avoids executable stack in clisp lisp.run

Before:

   $ readelf -lW $(nix-build -A clisp)/lib/clisp-2.49/base/lisp.run|grep GNU_STACK
   GNU_STACK      [...] RWE 0x10

After:

   $ readelf -lW $(nix-build -A clisp)/lib/clisp-2.49/base/lisp.run|grep GNU_STACK
   GNU_STACK      [...] RW 0x10
2016-11-30 06:01:10 +01:00
danbst 5c0367ee5b urxvt: add vtwheel extension
This allows to scroll content in less, screen, nano, tmux and others
(the ones, who create so called "secondary screens"), similar to VTE-based
terminals.

Note, however, that mouse wheel won't work in `less -X`, which is used
by basic `journalctl`. Fix it with `export SYSTEMD_LESS=FRSMK`
2016-11-30 03:43:28 +02:00
danbst ac51528df8 shadow: fix collision with coreutils (man groups.1.gz)
The `groups.1.gz` collides with one from coreutils. The code to fix this
was already present in expression, but wrongly assumes that share/man/man1
directory will be copied to `man` output after `installPhase`.

It turned out, that man directory is set at configure step, so we should
remove file from `man` output.
2016-11-30 01:44:28 +02:00
Tim Steinbach f1a0cadaec
git: 2.10.2 -> 2.11.0 2016-11-29 18:37:24 -05:00
Tim Steinbach 18a3225dac
linux: 3.12.67 -> 3.12.68 2016-11-29 17:40:17 -05:00
Tuomas Tynkkynen 8a4d6516ee Merge remote-tracking branch 'upstream/staging' into master 2016-11-30 00:34:23 +02:00