Commit graph

101779 commits

Author SHA1 Message Date
Vladimír Čunát
4509487e82
nixos polkit: fixup setuid wrapper of pkexec
Broken in 628e6a8.  Fixes #23083.
2017-02-22 23:04:21 +01:00
Jascha Geerds
77670c04c7 Merge pull request #22937 from jgeerds/gnome
gnome-shell, gnome-tweak-tool: Don't propagate python
2017-02-22 22:06:21 +01:00
Joachim F
f764ccc7f1 Merge pull request #22812 from phi-gamma/afio
afio: init at 2.5.1
2017-02-22 22:05:51 +01:00
Vincent Laporte
cb6d15549a ocamlPackages.mparser: init at 1.2.1
MParser is a simple monadic parser combinator library for OCaml.

Homepage: https://github.com/cakeplus/mparser/
2017-02-22 19:23:06 +00:00
Frederik Rietdijk
de4643eb80 diffoscope: 63 -> 77 2017-02-22 19:45:54 +01:00
Vladimír Čunát
f5eea8ba1d
libevent: apply security patches from Debian
/cc #23072.  As with curl, it's nontrivial rebuild but security...
https://lwn.net/Alerts/714571/
2017-02-22 19:00:04 +01:00
Vladimír Čunát
838e29d236
Merge branch 'staging'
There's a security fix for curl inside.
2017-02-22 18:21:58 +01:00
Vladimír Čunát
ebf782829a
Merge #23063: curl: 7.52.1 -> 7.53.0 2017-02-22 18:11:05 +01:00
Vladimír Čunát
145d3ea81c
Merge branch 'master' into staging 2017-02-22 17:47:49 +01:00
Vladimír Čunát
d6cff5783e
gnutls: drop -lunistring on Darwin as well
I didn't intend this substitution to be conditional; I looked wrong.
2017-02-22 17:44:06 +01:00
Gabriel Ebner
b66ec6026c idris: jailbreak
Fixes #23048
2017-02-22 17:36:36 +01:00
Vladimír Čunát
2f1945dcd3
python-3.6: fix random numbers with glibc-2.25
I missed this upstream patch. /cc #22874.
2017-02-22 17:34:33 +01:00
Vladimír Čunát
fe8aa284c2
xcbuild: fixup build with glibc-2.25 2017-02-22 16:58:45 +01:00
Vladimír Čunát
7ccd6f25f0
reptyr: fixup build with glibc-2.25 2017-02-22 16:54:40 +01:00
Vladimír Čunát
1d1dc2dcc3
open-vm-tools: fixup build with glibc-2.25 2017-02-22 16:54:07 +01:00
Vladimír Čunát
7ccaa9e652
solvespace: fixup build with glibc-2.25 2017-02-22 16:45:08 +01:00
Moritz Ulrich
51134cdbfe
digikam5: Fix build after kde merge. 2017-02-22 16:44:08 +01:00
Vladimír Čunát
a04849502d
fstrm: init at 0.3.1 2017-02-22 15:03:21 +01:00
Frederik Rietdijk
3bcd3d2c34 Merge pull request #23061 from nixy/pythonPackages.snakeviz
pythonPackages.snakeviz: init at 0.4.1
2017-02-22 14:31:26 +01:00
Michael Raskin
194d137bd3 wireshark: patch for CVE-2017-6041 2017-02-22 14:17:02 +01:00
Michael Raskin
a8bf87681c kde5.applications.kig: init at 16.12.2 2017-02-22 14:17:02 +01:00
Andrew R. M
99754b2527 pythonPackages.snakeviz: init at 0.4.1 2017-02-22 08:14:53 -05:00
Graham Christensen
cc4919da89
xen: patch for XSAs: 197, 199, 207, 208, 209
XSA-197 Issue Description:

> The compiler can emit optimizations in qemu which can lead to double
> fetch vulnerabilities.  Specifically data on the rings shared
> between qemu and the hypervisor (which the guest under control can
> obtain mappings of) can be fetched twice (during which time the
> guest can alter the contents) possibly leading to arbitrary code
> execution in qemu.

More: https://xenbits.xen.org/xsa/advisory-197.html

XSA-199 Issue Description:

> The code in qemu which implements ioport read/write looks up the
> specified ioport address in a dispatch table.  The argument to the
> dispatch function is a uint32_t, and is used without a range check,
> even though the table has entries for only 2^16 ioports.
>
> When qemu is used as a standalone emulator, ioport accesses are
> generated only from cpu instructions emulated by qemu, and are
> therefore necessarily 16-bit, so there is no vulnerability.
>
> When qemu is used as a device model within Xen, io requests are
> generated by the hypervisor and read by qemu from a shared ring.  The
> entries in this ring use a common structure, including a 64-bit
> address field, for various accesses, including ioport addresses.
>
> Xen will write only 16-bit address ioport accesses.  However,
> depending on the Xen and qemu version, the ring may be writeable by
> the guest.  If so, the guest can generate out-of-range ioport
> accesses, resulting in wild pointer accesses within qemu.

More: https://xenbits.xen.org/xsa/advisory-199.html

XSA-207 Issue Description:

> Certain internal state is set up, during domain construction, in
> preparation for possible pass-through device assignment.  On ARM and
> AMD V-i hardware this setup includes memory allocation.  On guest
> teardown, cleanup was erroneously only performed when the guest
> actually had a pass-through device assigned.

More: https://xenbits.xen.org/xsa/advisory-207.html

XSA-209 Issue Description:

> When doing bitblt copy backwards, qemu should negate the blit width.
> This avoids an oob access before the start of video memory.

More: https://xenbits.xen.org/xsa/advisory-208.html

XSA-208 Issue Description:

> In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine
> cirrus_bitblt_cputovideo fails to check wethehr the specified memory
> region is safe.

More: https://xenbits.xen.org/xsa/advisory-209.html
2017-02-22 08:00:45 -05:00
Frederik Rietdijk
026cfee6b0 Docs: update Python contributing guidelines 2017-02-22 13:38:29 +01:00
Peter Hoeg
409dac4155 Merge branch 'u/tg' into real_master 2017-02-22 20:14:26 +08:00
Peter Hoeg
494462e857 terragrunt: 0.10.1 -> 0.10.2 2017-02-22 20:12:25 +08:00
Peter Simons
deec3c1dae Merge pull request #23071 from takikawa/add-ndpi-1.8
ndpi: init at 1.8
2017-02-22 10:46:19 +01:00
Asumu Takikawa
85fb29bb49 ndpi: init at 1.8 2017-02-22 00:20:10 -08:00
Franz Pletz
67018e7759
pymol: fix evaluation
cc #23007 @Mounium @Mic92
2017-02-22 08:48:42 +01:00
Franz Pletz
9b81dcfda2
nixos/release-notes: fix typos 2017-02-22 08:45:30 +01:00
Franz Pletz
2a228bdc9b Merge pull request #23064 from NeQuissimus/rkt_1_25_0
rkt: 1.24.0 -> 1.25.0
2017-02-22 07:49:09 +01:00
Tom Hunger
bae3d0e49f vowpalwabbit: init at 8.3.2 2017-02-22 07:28:52 +01:00
Franz Pletz
63200708af Merge pull request #23065 from NeQuissimus/gradle_3_4
gradle: 3.3 -> 3.4
2017-02-22 07:27:05 +01:00
Franz Pletz
136ee09ef8 Merge pull request #23066 from NeQuissimus/oh_my_zsh_2017_02_20
oh-my-zsh: 2017-01-15 -> 2017-02-20
2017-02-22 07:20:31 +01:00
Jörg Thalheim
27d4f8c717 Merge pull request #23046 from Zimmi48/patch-2
nixos/manual/networkmanager: add info on nm-applet
2017-02-22 01:40:50 +01:00
Jörg Thalheim
6a044f1841 Merge pull request #23045 from Zimmi48/patch-1
nixos/manual/xserver: propose more alternatives
2017-02-22 01:38:25 +01:00
Mounium
eb688ac0a7 pymol: init at 1.8.4 (#23007) 2017-02-22 01:35:09 +01:00
Tim Steinbach
61666724a6
oh-my-zsh: 2017-01-15 -> 2017-02-20 2017-02-21 19:07:59 -05:00
Nick Novitski
7bb0611e2e vim_configurable: Add packPath option to vimrcConfig (#22776)
* vim_configurable: Add packages option to vimrcConfig

Version 8 of vim adds the concept of "vim packages": directories which
contain one or more vim plugins, in either "start" or "opt"
subdirectories. Those in "start" are to be loaded automatically, while
those in "opt" can be loaded manually. Vim detects any packages located
in one of its "packpaths".

The packages option takes a set of sets describing one or more vim
packages, and adds the derivation containing these packages to the
packpath.

* fix documentation.
2017-02-22 01:06:34 +01:00
Tim Steinbach
83f29e9b99
gradle: 3.3 -> 3.4 2017-02-21 19:02:42 -05:00
Tim Steinbach
8b60413e95
rkt: 1.24.0 -> 1.25.0 2017-02-21 18:51:34 -05:00
Peter Hoeg
4ecaed783b utox: remove unnecessary line 2017-02-22 07:49:02 +08:00
Tim Steinbach
b1c6a9bfcc
curl: 7.52.1 -> 7.53.0 2017-02-21 18:47:33 -05:00
Jörg Thalheim
5b14e91717 Merge pull request #22822 from Mic92/iputils
iputils: 20151218 -> 20161105
2017-02-22 00:37:13 +01:00
Peter Hoeg
2cd286b3cf Merge branch 'u/utox' into real_master 2017-02-22 07:33:56 +08:00
Peter Hoeg
2805ac54d8 utox: 0.12.2 -> 0.13.0 2017-02-22 07:33:31 +08:00
Jörg Thalheim
45719174c3
nixos/release-notes: mention iputils changes 2017-02-22 00:32:52 +01:00
Shea Levy
fd732dec88 zoom-us: bump 2017-02-21 14:15:44 -05:00
Tristan Helmich
1d64f5f41b
libvirt: expose libvirt qemu configuration file
fixes #22823
2017-02-21 19:20:22 +01:00
Vladimír Čunát
5f420c1ff5
gvolicon: fixup build with glibc-2.25 2017-02-21 19:03:36 +01:00