Joachim Fasting
e99228db30
grsecurity module: force a known good kernel package set
...
Previously, we would only set a default value, on the theory that
`boot.kernelPackages` could be used to sanely configure a custom grsec
kernel. Regrettably, this is not the case and users who expect e.g.,
`boot.kernelPackages = pkgs.linuxPackages_latest` to work will end up
with a non-grsec kernel (this problem has come up twice on the bug
tracker recently).
With this patch, `security.grsecurity.enable = true` implies
`boot.kernelPackages = linuxPackages_grsec_nixos` and any customization
must be done via package override or by eschewing the module.
2016-11-28 12:11:04 +01:00
Joachim Fasting
5da1394a58
Revert "gradm: fix using gradm while the RBAC system is active"
...
This reverts commit fdbf7dc8b3
.
Unfortunately, while gradm now works when the RBAC system is enabled,
gradm still fails when full system learning is enabled, so I probably
need to try again later.
2016-11-28 11:41:12 +01:00
Joachim Fasting
b90ed0cc80
grsecurity: 4.8.10-201611232213 -> 4.8.11-201611271225
2016-11-28 11:41:10 +01:00
Joachim Fasting
1915f6908a
linux_grsec_nixos: use the "modinst arg list too long" patch
...
An alternative to e38b74ba89d3d03e01ee751131d2a6dc316ac33a; see
f19c961b4e
for details
2016-11-28 11:41:07 +01:00
Joachim Fasting
4c7323545b
Revert "grsecurity: work around for #20490 "
...
This reverts commit e38b74ba89
.
I failed to notice f19c961b4e461da045f2e72e73701059e5117be0; better
use that fix instead.
2016-11-28 11:40:55 +01:00
Moritz Ulrich
bfc187f23a
rustc: Loosen bootstrapping restrictions.
...
Newer nightlies check a new environment variable that if set will loosen
restrictions on which compiler version can be used for bootstrapping.
Upstream issue is at https://github.com/rust-lang/rust/pull/37265
2016-11-28 11:21:12 +01:00
Moritz Ulrich
e36d243258
rustc: Don't fail if deleting of breaking tests fails.
2016-11-28 11:16:13 +01:00
Lancelot SIX
c77011c6de
nagiosPluginsOfficial: 2.0.3 -> 2.1.4
...
See https://github.com/nagios-plugins/nagios-plugins/blob/master/NEWS
for release history
2016-11-28 09:58:29 +01:00
Lancelot SIX
5b6d52b4fb
nagios: 4.0.8 -> 4.2.3
...
This update includes many security related fixes.
Version 4.2.0 fixes:
- CVE-2008-4796
- CVE-2013-4214
Version 4.2.2 fixes:
- CVE-2016-9565
Version 4.2.3 fixes:
- CVE-2016-8641
See https://www.nagios.org/projects/nagios-core/history/4x/ for full
detail changes.
2016-11-28 09:55:17 +01:00
Vincent Laporte
33d49bbfb7
ocamlPackages.ocp-index: 1.1.4 -> 1.1.5
2016-11-28 09:33:28 +01:00
aszlig
83410d9954
beets: 1.3.19 -> 1.4.1
...
Full upstream release announcement:
https://github.com/beetbox/beets/releases/tag/v1.4.1
I had to rebase the keyfinder-default-bin.patch in order to apply with
the new release.
Other than that I didn't test whether beets works on my machine, as I
have a more or less temporary setup at the moment.
However, since the bump of mutagen to version 1.34 in commit
555928c228
, the mediafile tests fail and
thus this commit unbreaks beets.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-11-28 08:58:08 +01:00
Okasu
de925e952e
terminus-font-ttf: init at 4.40.1
2016-11-28 10:54:33 +03:00
Matthew Bauer
bd57e32312
file_cmds: init at 264.1.1
2016-11-27 21:58:07 -06:00
Graham Christensen
d1055c0ed7
all-packages.nix: whitespace cleanup
2016-11-27 22:12:06 -05:00
Michael Fellinger
bff2b98290
ruby: 3.2.1 -> 2.3.3
2016-11-27 22:11:49 -05:00
Graham Christensen
540670259c
Merge pull request #20549 from proger/ceres-solver-darwin
...
ceres-solver: glog builds on darwin just fine now
2016-11-27 22:09:17 -05:00
Sophie Taylor
016fa06c71
cjdns: Improving systemd unit description
2016-11-27 22:07:51 -05:00
Rok Garbas
880d616ec0
neovim: 0.1.6 -> 0.1.7
2016-11-28 04:06:19 +01:00
Graham Christensen
cc28a51bc0
Merge pull request #19818 from KoviRobi/xterm-fix-app-defaults
...
XTerm: fix app-defaults, fixes menu options
2016-11-27 22:02:51 -05:00
Graham Christensen
5cc4f50442
Merge pull request #20113 from johbo/ruby-scrypt-darwin
...
Adjust ruby gem defaults for scrypt on darwin
2016-11-27 21:58:17 -05:00
Franz Pletz
f38955dd4c
Merge pull request #20665 from vdemeester/delve-0.11-alpha
...
delve: init at 0.11.0-alpha
2016-11-28 03:50:34 +01:00
Graham Christensen
2891256daa
skopeo: fix evaluation, change license from asl2 to asl20
2016-11-27 21:39:02 -05:00
Ruben Maher
9c9a21d525
matrix-synapse service: Make url_preview_enabled optional ( #20609 )
2016-11-28 03:33:48 +01:00
Michael Weiss
9538176042
sks: init at 1.1.6 ( #20717 )
2016-11-28 03:28:40 +01:00
William Casarin
dfb354ea7d
multi-ghc-travis: git-2015-11-04 -> git-2016-10-23 ( #20754 )
...
adds support for ghc8
2016-11-28 03:24:51 +01:00
Graham Christensen
8bee129f48
Merge pull request #20627 from lsix/update_dico
...
dico: 2.3 -> 2.4
2016-11-27 21:23:30 -05:00
Graham Christensen
8d6490bda1
Merge pull request #20732 from montag451/epiphany-html5-video
...
epiphany: enable the playing of HTML5 videos
2016-11-27 21:17:13 -05:00
Vincent Demeester
6d47cb4131
skopeo: init at 0.1.16
...
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2016-11-27 21:06:21 -05:00
Franz Pletz
e394c305a8
Merge pull request #20620 from rnhmjoj/fakeroute
...
fakeroute: init at 0.3
2016-11-28 03:01:15 +01:00
Graham Christensen
7b5619506b
Merge pull request #20250 from guillaumekoenig/add-encryptr-2.0.0
...
encryptr: init at 2.0.0
2016-11-27 20:59:56 -05:00
Graham Christensen
ff1c76e9eb
Merge pull request #20740 from sh01/rogue_mirror
...
rogue: Add alternative source archive URLs.
2016-11-27 20:47:05 -05:00
Tim Steinbach
eecf76eaa2
linux: 4.9-rc6 -> 4.9-rc7
2016-11-27 19:48:24 -05:00
Tuomas Tynkkynen
86ea3126bc
linux_rpi: 1.20160620 -> 1.20161020
2016-11-28 00:24:00 +02:00
Tuomas Tynkkynen
25d6bfa258
raspberrypifw: 1.20160620 -> 1.20161020
2016-11-28 00:23:40 +02:00
Tuomas Tynkkynen
02e1846d62
U-Boot: 2016.05 -> 2016.11
2016-11-28 00:23:12 +02:00
Frederik Rietdijk
5dcf6ecbeb
Merge pull request #18532 from peterhoeg/hero
...
heroku: 3.43.2 -> 3.43.12 and wrap the downloaded binary
2016-11-27 17:45:03 +01:00
pngwjpgh
bcc9a6ac75
infinoted service: init
...
Service module for the dedicated gobby server included in libinfinity
2016-11-27 17:23:21 +01:00
Pascal Wittmann
bbd39a8057
fbida: 2.11 -> 2.12
2016-11-27 17:07:47 +01:00
Michael Alan Dorman
d24a886419
hoogle: build with newest haskell-src-exts
2016-11-27 17:00:14 +01:00
Michael Alan Dorman
725e44cc04
hindent: fix 5.2.1 build
2016-11-27 17:00:14 +01:00
Peter Simons
1e62dc2929
configuration-hackage2nix.yaml: use latest hindent
2016-11-27 17:00:14 +01:00
Peter Simons
b74d732f67
hackage-packages.nix: automatic Haskell package set update
...
This update was generated by hackage2nix v2.0.3-8-gcc531ff.
2016-11-27 17:00:04 +01:00
Joachim F
625ec7604d
Merge pull request #20751 from elitak/f3
...
f3: corrected version number
2016-11-27 16:32:28 +01:00
Joachim F
4f701660b3
Merge pull request #20750 from goetzst/youtube-dl
...
youtube-dl: 2016-11-22 -> 2016-11-27
2016-11-27 16:32:00 +01:00
Pascal Wittmann
e8f7c31dfb
opkg: 0.3.1 -> 0.3.3
2016-11-27 15:58:29 +01:00
Peter Simons
b7deb143b2
Merge pull request #20731 from expipiplus1/fix-ghc-env
...
ghcWithPackages: fix env NIX_GHC_LIBDIR value
2016-11-27 15:52:45 +01:00
Eric Litak
0a77fc86b2
f3: corrected version number
2016-11-27 06:52:38 -08:00
Pascal Wittmann
f4d163aab7
zsh-navigation-tools: 2.1.16 -> 2.2.7
2016-11-27 15:49:34 +01:00
Jörg Thalheim
5cde30d8d9
Merge pull request #20733 from 2chilled/master
...
pyload: add send2trash as dep
2016-11-27 15:26:18 +01:00
Stefan Götz
22e9476e59
youtube-dl: 2016-11-22 -> 2016-11-27
2016-11-27 15:06:34 +01:00