Franz Pletz
07309d740a
webkitgtk: 2.14.3 -> 2.14.4 for multiple CVEs
...
Fixes:
* CVE-2017-2350
* CVE-2017-2354
* CVE-2017-2355
* CVE-2017-2356
* CVE-2017-2362
* CVE-2017-2363
* CVE-2017-2364
* CVE-2017-2365
* CVE-2017-2366
* CVE-2017-2369
* CVE-2017-2371
* CVE-2017-2373
See https://webkitgtk.org/security/WSA-2017-0002.html .
2017-02-15 09:35:28 +01:00
Franz Pletz
e8af5dcd8e
ffmpeg: 3.2.2 -> 3.2.4 for multiple CVEs
...
Fixes CVE-2017-5024 & CVE-2017-5025.
See https://ffmpeg.org/security.html .
2017-02-15 09:35:28 +01:00
Franz Pletz
d2426f0aa8
ffmpeg: 3.1.6 -> 3.1.7 for multiple CVEs
...
Fixes CVE-2017-5024 & CVE-2017-5025.
See https://ffmpeg.org/security.html .
2017-02-15 09:35:27 +01:00
Franz Pletz
78f59f1223
ffmpeg: 2.8.10 -> 2.8.11 for multiple CVEs
...
Fixes CVE-2017-5024 & CVE-2017-5025.
See https://ffmpeg.org/security.html .
2017-02-15 09:35:27 +01:00
Vladimír Čunát
35b2159671
Merge branch 'master' into staging
...
Over 11k rebuilds on master.
2017-02-15 08:41:35 +01:00
Franz Pletz
bf565a4635
libivykis: 0.40 -> 0.41
2017-02-15 01:58:57 +01:00
Joachim Fasting
c34a52bf5d
mozart: prefer local builds
...
The build essentially unpacks a tarball and generates
a few wrappers. No need to use hydra for that.
2017-02-15 01:54:59 +01:00
Jude Taylor
0637f83fb8
update xmonad nix patch to apply to new xmonad
2017-02-14 16:51:55 -08:00
Franz Pletz
f87eb8920c
grafana-old: outdated, probably without users
2017-02-15 00:42:29 +01:00
Bas van Dijk
057fae5ea0
ghcWithHoogle: fix for ghcjs
...
`haskell.packages.ghcjs.ghcWithHoogle` failed because the following line:
for docdir in ${ghc.doc}/${docLibGlob}/*; do
failed because `doc` is not an attribute of `ghc` when `ghc` is
substituted for ghcjs.
2017-02-14 22:50:29 +01:00
Daiderd Jordan
7929888e8d
Merge pull request #22614 from cstrahan/ycm
...
YouCompleteMe: use ycmd package
2017-02-14 21:32:09 +01:00
Thomas Tuegel
f228ea5215
Merge pull request #22698 from FRidh/kde
...
KDE: update frameworks and applications
2017-02-14 12:54:39 -06:00
John Wiegley
3a0efcc4ca
configuration-common: http-api-data is now at version 0.3.5
2017-02-14 10:42:46 -08:00
Benjamin Staffin
40dc5e6982
Merge pull request #22771 from izuk/bazel
...
bazel: 0.3.2 -> 0.4.4
2017-02-14 11:49:20 -05:00
Eelco Dolstra
314dd9215b
Merge pull request #16654 from awakenetworks/parnell/setcap-wrappers
...
Adding setcap-wrapper functionality to Nix
2017-02-14 16:25:06 +01:00
Toni Reina
4e72d2da50
aspell-dict-ca: init at 2.1.5-1
2017-02-14 15:17:28 +01:00
Rickard Nilsson
8665250844
haskellPackages.dirstream: jailbreak
2017-02-14 13:48:44 +01:00
Rickard Nilsson
232639ccbb
haskellPackages: Remove jailbreak for xxhash and Glob (fixed upstream)
2017-02-14 13:47:12 +01:00
Michael Raskin
3508b4832f
haskellPackages: fgl, fgl-arbitrary: jailbreak (w.r.t. hspec for tests)
2017-02-14 13:23:28 +01:00
Eelco Dolstra
1a9cf94ba2
Revert "opensubdiv: Remove cudatoolkit from the closure"
...
This reverts commit 6a472cf4c1
. On
second thought, this is not a good idea, because it means that a
CUDA-enabled Blender doesn't work on non-CUDA systems anymore (since
they don't have libOpenCL.so in /run/opengl-driver). I guess a better
solution will be to split cudatoolkit into multiple outputs.
2017-02-14 12:59:02 +01:00
Gabriel Ebner
8493a2d060
heaptrack: init at 2017-02-14
2017-02-14 12:19:40 +01:00
Vladimír Čunát
62ca214d4a
guile: fix include path in guile-2.0.pc
...
I forgot to /cc maintainer @civodul about the output-splitting.
2017-02-14 11:22:29 +01:00
Vladimír Čunát
61236eb7ee
lmdb on Darwin: fix bogus library name
2017-02-14 10:51:22 +01:00
Eelco Dolstra
6a472cf4c1
opensubdiv: Remove cudatoolkit from the closure
...
This reduces Blender's closure size by around ~2 GiB when CUDA support
is enabled.
2017-02-14 09:43:04 +01:00
Frederik Rietdijk
12285d162c
pypy: inherit pythonVersion
2017-02-14 09:23:59 +01:00
Frederik Rietdijk
8a4730642f
pythonPackages.numba: 0.29.0 -> 0.30.1
2017-02-14 09:23:59 +01:00
Frederik Rietdijk
9ac753323d
pythonPackages.llvmlite: 0.14.0 -> 0.15.0
2017-02-14 09:23:59 +01:00
Peter Hoeg
8cef304ede
libtoxcore: init at 0.1.6 and move old versions away
2017-02-14 14:57:48 +08:00
Itai Zukerman
25121d4350
bazel: 0.3.2 -> 0.4.4
2017-02-13 16:12:26 -08:00
Daiderd Jordan
07c21bfaf7
ycmd: fix darwin build
2017-02-14 00:31:29 +01:00
Parnell Springmeyer
9e36a58649
Merging against upstream master
2017-02-13 17:16:28 -06:00
Vladimír Čunát
218713aa3d
guile*: split outputs to fix #22757
...
The main aim is to decouple propagatedBuildInputs from $out.
2017-02-14 00:14:41 +01:00
Vladimír Čunát
0c524c63c6
guile: refactor expression
...
No rebuild on non-Solaris.
2017-02-13 23:01:46 +01:00
Vladimír Čunát
1daf2e26d2
Merge: glibc: 2.24 -> 2.25
2017-02-13 22:14:15 +01:00
Rongcui Dong
9775a26da3
stlink: 1.1.0 -> 1.3.0
...
[Bjørn: Upstream moved from autotools to cmake.]
2017-02-13 22:05:40 +01:00
Vladimír Čunát
9fe4c1eb6e
Merge #22751 : lmdb: split outputs, share lib, ...
2017-02-13 21:29:35 +01:00
Vladimír Čunát
1a55974cef
lmdb: split outputs and add lmdb.pc
...
lmdb.a is removed, until someone needs it.
2017-02-13 16:50:39 +01:00
Mikhail Volkhov
035e2028d8
Disable orgmode-parse tests in config-common.nix
2017-02-13 17:13:02 +03:00
Franz Pletz
04f72ca64c
Merge pull request #22740 from Mic92/libasyncns
...
gajim: use libasyncns as resolver
2017-02-13 15:08:16 +01:00
georgewhewell
99fdc8b651
pythonPackages.matplotlib: re-add Cocoa as buildInput on darwin ( #22741 )
2017-02-13 15:03:59 +01:00
Robin Gloster
c0d1226750
Merge pull request #22718 from Ma27/new-package/node-packages/mocha
...
nodePackages.mocha: init at 3.2.0
2017-02-13 15:00:39 +01:00
Domen Kožar
1b02439b61
servant-server: disable testsuite
2017-02-13 14:54:55 +01:00
Frederik Rietdijk
ccf4d5e3d5
cudatoolkit5: remove this ancient version
2017-02-13 14:42:24 +01:00
Frederik Rietdijk
c2e2a4d2c5
Python: remove 2.6
2017-02-13 14:42:24 +01:00
Jörg Thalheim
b059f63c6e
pythonPackages.libasyncns: init at 0.7.1
2017-02-13 14:11:56 +01:00
Michael Raskin
b2fcf9fec5
love_0_10: 0.10.1 -> 0.10.2
2017-02-13 12:49:31 +01:00
Peter Simons
8821b3899e
haskell-lens: disable doctest suite to work around https://github.com/ekmett/lens/issues/713
2017-02-13 12:22:18 +01:00
Peter Simons
216d277095
haskell-servant: update hash for the documentation download
2017-02-13 12:22:17 +01:00
Peter Simons
e60992354b
haskell-hspec-contrib: disable test suite due to https://github.com/hspec/hspec/issues/307
2017-02-13 12:22:17 +01:00
Peter Simons
c37e51fa68
haskell-stack: jailbreak to work around https://github.com/commercialhaskell/stack/issues/3001
2017-02-13 12:22:17 +01:00
Peter Simons
7a6648f20e
haskell-uuid{,-types}: jailbreak to work around https://github.com/hvr/uuid/issues/28
2017-02-13 12:22:17 +01:00
Peter Simons
30b762a977
haskell-vector: disable the test suite to work around https://github.com/haskell/vector/issues/138
2017-02-13 12:22:17 +01:00
Peter Simons
8968bff461
haskell-case-insensitive: jailbreak to work around https://github.com/basvandijk/case-insensitive/issues/24
2017-02-13 12:22:16 +01:00
Peter Simons
0583ffb7c2
haskell-system-filepath: disable test suite to remove dependency on chell-quickcheck
...
chell-quickcheck does not support recent versions of QuickCheck and
therefore does not compile in LTS 8.x.
2017-02-13 12:22:16 +01:00
Peter Simons
7b96859cab
haskell-parsec: jailbreak to work around https://github.com/aslatter/parsec/issues/68
2017-02-13 12:22:16 +01:00
Peter Simons
29a1db9a97
haskell-lifted-base: jailbreak to work around https://github.com/basvandijk/lifted-base/issues/34
2017-02-13 12:22:16 +01:00
Peter Simons
958b100827
haskell-common: drop overrides that have become obsolete with LTS 8.x
2017-02-13 12:22:09 +01:00
Peter Simons
5d3bb96f62
LTS Haskell 8.0
...
This includes an update to hackage-packages.nix, which was generated by hackage2nix v2.0.4-11-gd82133a
from Hackage revision 53fcf98366
.
2017-02-13 12:21:04 +01:00
Frederik Rietdijk
a35ffe3c01
kde frameworks: 5.30 -> 5.31
2017-02-13 09:55:40 +01:00
Graham Christensen
4450327c06
flow: pin ocaml to ocaml_4_02
2017-02-12 20:52:37 -05:00
Graham Christensen
8378afaf76
Merge pull request #22700 from holidaycheck/update-flow
...
flow: 0.37.4 -> 0.39.0
2017-02-12 20:39:17 -05:00
Graham Christensen
63d7ff883e
Merge pull request #22457 from peterhoeg/u/suil
...
suil: 0.8.2 -> 0.8.4
2017-02-12 19:00:21 -05:00
Graham Christensen
b793d69f12
Merge pull request #22537 from vrthra/jimtcl-0.77
...
jimtcl: 0.76 -> 0.77
2017-02-12 18:58:14 -05:00
Maximilian Bosch
cbedb932f9
nodePackages.mocha: init at 3.2.0
2017-02-12 23:12:13 +01:00
Will Dietz
a82b3dd8e2
creduce: init at 2.6.0
...
Also includes perl dependency 'GetOpt::Tabular'.
2017-02-12 14:31:16 -06:00
Markus Hauck
06bacb10e5
scalafmt: 0.4.10 -> 0.5.6
2017-02-12 21:21:10 +01:00
Vladimír Čunát
2dba30af72
Merge recent staging
...
It's almost finished by Hydra now.
2017-02-12 19:51:01 +01:00
Franz Pletz
cf4775571f
poezio: 0.10 -> 0.11
2017-02-12 15:57:39 +01:00
Tobias Pflug
9960f7e9f8
flow: 0.37.4 -> 0.39.0
2017-02-12 11:41:47 +01:00
Vladimír Čunát
ab5fe171af
fontconfig: patch to build with glibc-2.25
2017-02-12 11:14:45 +01:00
Vincent Laporte
af9857ef47
proj: disable tests on 32 bit
2017-02-12 10:00:24 +00:00
Franz Pletz
5e599035f4
libidn2: fix darwin build
...
cc #22595
2017-02-12 02:31:41 +01:00
Vincent Laporte
0045f932bb
proj: 4.9.2 -> 4.9.3
2017-02-11 23:37:59 +00:00
Will Dietz
947c26972b
LLVM: Fix licensing metadata, closes #22679 . ( #22681 )
...
* All projects are available under NCSA license,
other than dragonegg.
* "Runtime" projects are dual-licensed under
both NCSA and MIT:
libc++, libc++abi, compiler-rt
* I don't mention MIT for compiler-rt as
we only build it as part of LLVM.
2017-02-11 23:13:29 +01:00
Vladimír Čunát
a01f8a4c38
glibc: security 2.24 -> 2.25
...
https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html
Stripping was failing on libm.a; I don't know why.
2017-02-11 22:14:49 +01:00
Rahul Gopinath
36d6a3041a
jimtcl: 0.76 -> 0.77
2017-02-11 11:33:33 -08:00
Joachim F
5627dd27b9
Merge pull request #22540 from vrthra/rakudo-star-2017.01
...
rakudo-star: 2016.07 -> 2017.01
2017-02-11 19:48:37 +01:00
David Terry
a3523022e7
range-v3: init at 2017-01-30 ( #22661 )
2017-02-11 19:10:46 +01:00
Peter Hoeg
9550686be8
subsurface: 4.5.97 -> 4.6.0 ( #22615 )
...
We do a few more things:
- libmarble and libdivecomputer with the subsurface patches have both been
inlined for 2 reasons:
a) nobody else is using these forks
b) they need to be updated in lockstep with subsurface
- instead of building libmarble against qtquick1, we now build using
qtquickcontrols (qtquick2)
- getting rid of qtquick1 also allows us to use the default qt (currently 5.6)
- we get rid of some hacks to deal with library dependencies
- instead of manually overriding various phases, we simply use cmakeFlags to
pass proper parameters
2017-02-11 15:48:18 +01:00
Frederik Rietdijk
1ba17987f7
ansible_2_2: windows support off by default
...
this was accidentally enabled when moving the expression.
2017-02-11 14:14:07 +01:00
Frederik Rietdijk
8ea925b240
ansible_2_1: windowsSupport off by default
2017-02-11 14:14:07 +01:00
Vincent Laporte
8bfce24045
coqPackages.interval: 2.2.1 -> 3.1.1
2017-02-11 14:02:19 +01:00
Vincent Laporte
dedba2a32d
coqPackages.coquelicot: 2.1.1 -> 2.1.2
...
keeping old 2.1.1 version for Coq-8.4,
as newer versions of the library do not support older Coq versions
2017-02-11 14:02:19 +01:00
Vincent Laporte
5712ac6a72
coqPackages.{ssreflect,mathcomp}: 1.6 -> 1.6.1
2017-02-11 14:02:19 +01:00
Vladimír Čunát
2ce45fbf0d
Merge branch 'master' into staging
2017-02-11 12:11:22 +01:00
Vladimír Čunát
686d3fb63f
Merge #22577 : glew: 1.13.0 -> 2.0.0
2017-02-11 12:08:50 +01:00
Vladimír Čunát
db8ac6144e
Merge #22649 : libxml2: add icuSupport ? false
...
This causes no rebuilds by default.
2017-02-11 11:55:54 +01:00
Vladimír Čunát
4927aa0d84
Merge #22654 : SDL: fix very long filename of patch
2017-02-11 11:25:46 +01:00
Vladimír Čunát
8f5b3ae07a
Merge branch 'master' into staging
2017-02-11 11:22:29 +01:00
Peter Hoeg
52d6927413
libxml2: add optional icu support
2017-02-11 18:16:38 +08:00
Vladimír Čunát
205376e226
Merge #22534 : nghttp2: 1.17.0 -> 1.19.0
2017-02-11 11:12:09 +01:00
Vladimír Čunát
f4d1bcb9a7
llvm: fix #22567 oversaturated red icons
2017-02-11 11:03:59 +01:00
Peter Hoeg
c5fcd96970
sdl: fix very long filename
2017-02-11 12:26:17 +08:00
Nikolay Amiantov
442b4d65c3
Merge pull request #22304 from abbradar/nvidia
...
Refactor NVidia drivers
2017-02-10 23:53:34 +03:00
Tuomas Tynkkynen
8c6f81145e
libvpx: 1.5.0 -> 1.6.1
...
The 'use-x86inc' option has simply disappeared from the upstream build
file.
2017-02-10 20:11:08 +02:00
Vladimír Čunát
66fe4af226
Merge recent staging
...
It's the version last built on Hydra, almost fully.
2017-02-10 18:07:14 +01:00
Frederik Rietdijk
9ef6850221
Merge pull request #22344 from lsix/update_netcdf
...
Update netcdf (including python binding)
2017-02-10 17:22:23 +01:00
Frederik Rietdijk
616f358f7e
hamlib: use python2
2017-02-10 09:35:10 +01:00
Charles Strahan
4ca258e97a
Merge pull request #22490 from cstrahan/ycmd
...
ycmd: 2016-01-12 -> 2017-02-03
2017-02-10 01:09:56 -05:00
Charles Strahan
53a5117cde
ycmd: use vendored python libs
...
YouCompleteMe needs the packages to be available in ycmd's third_party
directory, and things start getting pretty complicated when we try to
use our package libs instead of the vendored ones. We can revisit this
at a later time, but we'll need to ensure that we don't break the vim
plugin.
Tested in vim.
2017-02-10 01:01:22 -05:00
Adam Beckmeyer
4000489266
olm: init at 2.2.1
2017-02-10 02:22:15 +01:00
Edward Tjörnhammar
b1e254ac55
Merge pull request #22597 from knedlsepp/bump-armadillo
...
armadillo: 7.200.2 -> 7.700.0
2017-02-09 21:33:37 +01:00
Josef Kemetmueller
ce1a3e3242
armadillo: 7.200.2 -> 7.700.0
...
This release fixes compatibility with cmake 3.7.1.
Additionally I found out that armadillo only needs the hdf5-C library
and not the C++ layer.
2017-02-09 20:43:56 +01:00
Vladimír Čunát
4d18d3bd87
Revert "python-requests2: use system-wide CA bundle"
...
This reverts commit 768c970c8d
.
Moved to staging, as it causes ~16k rebuilds.
2017-02-09 17:24:36 +01:00
Daniel Peebles
7439fe083f
Merge pull request #22297 from nand0p/buildbot-0.9.3
...
buildbot: 0.9.0.post1 -> 0.9.3
2017-02-09 11:15:03 -05:00
Joachim Fasting
a9c347b9e3
tinycc: 20160525 -> 20170108
...
Per
https://www.mail-archive.com/tinycc-devel@nongnu.org/msg07274.html
http://repo.or.cz/tinycc.git/commit/77d7ea04acb56f839031993c102366e30cad5c25
onward ought to be fairly stable.
2017-02-09 16:22:57 +01:00
Fernando J Pando
6fc34fd48a
treq: init 16.12.1
...
Tested on NixOS unstable
2017-02-09 10:10:51 -05:00
Fernando J Pando
487229654e
incremental: init 16.10.1
...
Tested on NixOS unstable
2017-02-09 10:08:32 -05:00
Peter Simons
768c970c8d
python-requests2: use system-wide CA bundle rather than our own
...
This allows the library to interact gracefully with additional certificates
users might have configured in /etc/ssl/certs/ca-certificates.crt via NixOS.
2017-02-09 15:19:36 +01:00
Frederik Rietdijk
10eb16038c
Merge pull request #22564 from mdaiter/cudnn_hash_fix
...
cudnn51_cudatoolkit80: hash change
2017-02-09 13:43:07 +01:00
Jörg Thalheim
f3c6acde1e
Merge pull request #22572 from Mic92/dwarfdump
...
dwarfdump: init at 20161124
2017-02-09 12:00:18 +01:00
Peter Simons
055ab6ba74
Merge pull request #21589 from NixOS/ghc-split-sections
...
GHC 8.0.2: use -split-sections
2017-02-09 11:17:31 +01:00
Vladimír Čunát
333e36eca0
pythonPackages.gst-python: fix hash after afd59811a1
...
/cc #22549 .
2017-02-09 09:40:36 +01:00
Pascal Wittmann
5de04f6d55
Revert "ocaml-lablgl: use camlp5"
...
This reverts commit 7a6aac9076
.
2017-02-09 09:14:51 +01:00
Pascal Wittmann
b6cc6bd088
yodl: 3.08.01 -> 3.08.02
2017-02-09 09:11:28 +01:00
Vladimír Čunát
5efc5a4ede
pydb, libclc: fixup eval after pinning to python2
2017-02-09 08:52:22 +01:00
Vladimír Čunát
6bea415b5e
Merge branch 'master' into staging
2017-02-09 08:42:04 +01:00
Vladimír Čunát
4bf9f8afc3
Merge #22578 : mesa: add enableRadv ? false
...
There's no hash change in default settings.
2017-02-09 08:03:34 +01:00
Graham Christensen
77e920d874
spice: Patch for CVE-2016-9577, CVE-2016-9578
...
From the Red Hat advisory:
* A vulnerability was discovered in spice in the server's protocol
handling. An authenticated attacker could send crafted messages to
the spice server causing a heap overflow leading to a crash or
possible code execution. (CVE-2016-9577)
* A vulnerability was discovered in spice in the server's protocol
handling. An attacker able to connect to the spice server could send
crafted messages which would cause the process to crash.
(CVE-2016-9578)
2017-02-08 22:03:11 -05:00
David McFarland
4ab604b6b8
mesa: add enableRadv
2017-02-08 22:15:03 -04:00
Franz Pletz
6d0806d061
pythonPackages.searx: 0.10.0 -> 0.11.0
2017-02-08 23:51:02 +01:00
Nikolay Amiantov
003fa8fed5
gn: remove
...
Chromium depends on bundled versioon of gn. It's also chromium-specific build
tool, so it's not feasible to package.
2017-02-08 22:52:40 +03:00
Frederik Rietdijk
b846a53d2a
python34: 3.4.5 -> 3.4.6
2017-02-08 20:48:14 +01:00
Frederik Rietdijk
939f426906
python35: 3.5.2 -> 3.5.3
2017-02-08 20:48:14 +01:00
Jörg Thalheim
b1b0e9f6ab
dwarfdump: init at 20161124
2017-02-08 20:45:31 +01:00
Frederik Rietdijk
4d51b6cda5
pydb: use python2
2017-02-08 19:53:23 +01:00
Frederik Rietdijk
a805b1206d
mapnik: use python2
...
because python3 is not yet supported.
2017-02-08 19:51:11 +01:00
Frederik Rietdijk
0673e7b38a
libpsl: use python2
2017-02-08 19:44:52 +01:00
Frederik Rietdijk
b620ad24be
libctemplate: use python2
2017-02-08 19:38:53 +01:00
Frederik Rietdijk
e7395434db
pythonPackages.libclc: use python2
2017-02-08 19:38:03 +01:00
Frederik Rietdijk
d452487db7
libimobiledevice: use python2
...
because python 3 isn't supported yet.
2017-02-08 19:27:50 +01:00
Matthew Daiter
82835f7eb3
cudnn51_cudatoolkit80: hash change
2017-02-08 18:40:32 +01:00
Graham Christensen
ae02508c2a
Merge pull request #22555 from peterhoeg/u/wavpack
...
wavpack: 4.80.0 -> 5.1.0
2017-02-08 10:02:03 -05:00
Peter Hoeg
5eaec77732
wavpack: 4.80.0 -> 5.1.0
2017-02-08 22:41:24 +08:00
Nikolay Amiantov
45368ed49d
haskellPackages.typed-process: disable tests
...
Networking is required for them.
2017-02-08 17:39:55 +03:00
Nikolay Amiantov
750e7ba0d9
libglvnd: init at 2016-12-22
2017-02-08 16:56:50 +03:00
Graham Christensen
afd59811a1
gstreamer-*: 1.10.2 -> 1.10.3 for multiple CVEs
...
gst-plugins-bad:
From the Arch Linux advisory:
- CVE-2017-5843 (arbitrary code execution): A double-free issue has
been found in gstreamer before 1.10.3, in
gst_mxf_demux_update_essence_tracks.
- CVE-2017-5848 (denial of service): An out-of-bounds read has been
found in gstreamer before 1.10.3, in gst_ps_demux_parse_psm.
More: https://lwn.net/Vulnerabilities/713772/
gst-plugins-base:
From the Arch Linux advisory:
- CVE-2017-5837 (denial of service): A floating point exception issue
has been found in gstreamer before 1.10.3, in
gst_riff_create_audio_caps.
- CVE-2017-5839 (denial of service): An endless recursion issue
leading to stack overflow has been found in gstreamer before 1.10.3,
in gst_riff_create_audio_caps.
- CVE-2017-5842 (arbitrary code execution): An off-by-one write has
been found in gstreamer before 1.10.3, in
html_context_handle_element.
- CVE-2017-5844 (denial of service): A floating point exception issue
has been found in gstreamer before 1.10.3, in
gst_riff_create_audio_caps.
More: https://lwn.net/Vulnerabilities/713773/
gst-plugins-good:
From the Arch Linux advisory:
- CVE-2016-10198 (denial of service): An invalid memory read flaw has
been found in gstreamer before 1.10.3, in
gst_aac_parse_sink_setcaps.
- CVE-2016-10199 (denial of service): An out of bounds read has been
found in gstreamer before 1.10.3, in qtdemux_tag_add_str_full.
- CVE-2017-5840 (denial of service): An out-of-bounds read has been
found in gstreamer before 1.10.3, in qtdemux_parse_samples.
- CVE-2017-5841 (denial of service): An out-of-bounds read has been
found in gstreamer before 1.10.3, in gst_avi_demux_parse_ncdt.
- CVE-2017-5845 (denial of service): An out-of-bounds read has been
found in gstreamer before 1.10.3, in gst_avi_demux_parse_ncdt.
More: https://lwn.net/Vulnerabilities/713774/
gst-plugins-ugly:
From the Arch Linux advisory:
- CVE-2017-5846 (denial of service): An out-of-bounds read has been
found in gstreamer before 1.10.3, in
gst_asf_demux_process_ext_stream_props.
- CVE-2017-5847 (denial of service): An out-of-bounds read has been
found in gstreamer before 1.10.3, in
gst_asf_demux_process_ext_content_desc.
More: https://lwn.net/Vulnerabilities/713775/
gstreamer:
From the Arch Linux advisory:
An out of bounds read has been found in gstreamer before 1.10.3, in
gst_date_time_new_from_iso8601_string.
More: https://lwn.net/Vulnerabilities/713776/
2017-02-08 08:30:23 -05:00
Pascal Wittmann
3bd6c44b5f
Merge pull request #22541 from vrthra/libsixel-1.7.3
...
libsixel: 1.6.1 -> 1.7.3
2017-02-08 10:21:46 +01:00
Pascal Wittmann
39f2bf0976
Merge pull request #22468 from taktoa/souper
...
souper: init at 2017-01-05
2017-02-08 09:20:43 +01:00
Domen Kožar
01ca916411
haskell: distribute servant-{elm,docs,auth,auth-server} and logging-effect
2017-02-08 06:11:04 +01:00
David McFarland
7b169579c4
glew: 1.13.0 -> 2.0.0
2017-02-07 23:49:54 -04:00
Rahul Gopinath
bac5a018a0
libsixel: 1.6.1 -> 1.7.3
2017-02-07 17:11:13 -08:00
Rahul Gopinath
b09215bed5
rakudo-star: 2016.07 -> 2017.01
2017-02-07 16:58:14 -08:00
Renaud
f586e4befe
nghttp2: 1.17.0 -> 1.19.0
...
Package update.
New features as documented in changelogs : https://github.com/nghttp2/nghttp2/releases
2017-02-07 21:09:54 +01:00
Vincent Laporte
3a526deaee
libgdiplus: fix install on darwin
2017-02-07 19:58:44 +00:00
Fernando J Pando
34b5c9a4de
buildbot: 0.9.0.post1 -> 0.9.3
...
- Fixes unneeded patching
- Adds worker to build inputs now needed for tests
- Replaces enableworker option with worker configuration module
- Openssh required for tests
- Fixes worker hardcoded paths
- Tested on Nixos Unstable
2017-02-07 11:14:42 -05:00
Benno Fünfstück
b33124a143
haskell-download: don't test (requires networking)
2017-02-07 15:13:30 +01:00
Benno Fünfstück
57507f08e8
haskell-modules: split off nix-specific overrides and common ones
...
This allows the nix-specific overrides to be reused for other purposes,
with different haskell package sets, etc.
2017-02-07 15:13:23 +01:00
Peter Simons
5a0368b87c
hackage-packages.nix: automatic Haskell package set update
...
This update was generated by hackage2nix v2.0.4-10-g05c4803 from Hackage revision
5720a6c584
.
2017-02-07 15:13:15 +01:00
Peter Simons
d0492177e3
hackage2nix: update list of broken packages
2017-02-07 15:12:13 +01:00