Commit graph

1308 commits

Author SHA1 Message Date
Joachim Fasting
8e706b051e
tor: 0.3.0.7 -> 0.3.0.8
Of particular note are fixes for hidden service crashing bugs
(TROVE-2017-004 and TROVE-2017-005).

See https://blog.torproject.org/blog/tor-0308-released-fix-hidden-services-also-are-02429-02514-02612-0278-02814-and-02911
2017-06-09 00:40:25 +02:00
Tuomas Tynkkynen
399afc13e4 afl: 2.41b -> 2.42b 2017-06-08 23:13:06 +03:00
Kier Davis
b81124b4fb
Fix hooks not being called when overriding phases in various packages
It's necessary to do this in order to fix ckb's compilation, now that
fixupPhase rejects derivation results containing references to the temporary
build directory. It seems like good practice so I've added it to the
other packages that I maintain.
2017-06-05 19:13:19 +01:00
Peter Hoeg
fd5e201bf2 pass: add plugins to support importing and updating 2017-06-05 18:22:19 +08:00
Peter Hoeg
5b747cc7c4 paperkey: 1.3 -> 1.4 2017-06-05 15:42:16 +08:00
Pascal Wittmann
f39a047dac
yara: 3.5.0 > 3.6.0, fixes CVE-2017-5924 2017-06-04 17:48:25 +02:00
Peter Hoeg
ef77b61f75 kwalletcli: init at 3.00 2017-06-01 19:11:30 +08:00
Michael Weiss
047a5a18df pgpdump: 0.31 -> 0.32 2017-05-31 16:42:51 +02:00
Daiderd Jordan
3c0114d472
sudo: 1.8.20 -> 1.8.20p1, fixes CVE-2017-1000367 2017-05-30 23:33:04 +02:00
Marius Bergmann
6ecb92a3c3 cfssl: init at 20170527 2017-05-28 18:43:04 +02:00
Franz Pletz
8ab0501865 Merge pull request #25565 from KaiHa/nitrokey-app-1.0
nitrokey-app: 0.6.3 -> 1.1
2017-05-27 02:43:22 +02:00
Vladimír Čunát
00672dec8a
Merge older staging
This still causes some uncached rebuilds, but master(!) and staging
move too fast forward rebuild-wise, so Hydra might never catch up.
(There are also other occasional problems.)
Therefore I merge at this point where the rebuild isn't that bad.
2017-05-26 15:45:43 +02:00
Franz Pletz
5e4a797888
nitrokey-udev-rules: init 2017-05-26 00:47:46 +02:00
Franz Pletz
932091f333
nitrokey-app: 1.0 -> 1.1 2017-05-26 00:47:46 +02:00
Kai Harries
ba002a4215
nitrokey-app: 0.6.3 -> 1.0
The nitrokey-app is now fetched from git because a submodule is needed
for compilation.
2017-05-26 00:42:38 +02:00
Franz Pletz
a74c43aa8d
pcsclite: 1.8.20 -> 1.8.21 2017-05-24 23:53:49 +02:00
Franz Pletz
bfa438eded
ccid: 1.4.26 -> 1.4.27 2017-05-24 23:53:46 +02:00
Vladimír Čunát
8004e79415
Merge branch 'master' into staging 2017-05-24 03:24:06 +02:00
Robin Gloster
b0e2c66345
sslscan: 1.11.8 -> 1.11.10 2017-05-23 13:48:01 +02:00
Robin Gloster
1027d34aaa
aide: 0.16.a2 -> 0.16 2017-05-23 02:57:32 +02:00
Frederik Rietdijk
99cfab07b9 Merge remote-tracking branch 'upstream/master' into HEAD 2017-05-22 09:21:40 +02:00
Joachim F
1bfafdfe65 Merge pull request #25872 from mimadrid/update/sudo-1.8.20
sudo: 1.8.19p2 -> 1.8.20
2017-05-21 22:45:35 +01:00
Jörg Thalheim
de9f19f178 Merge pull request #25927 from gentoofreak/master
gnupg: 2.1.20 -> 2.1.21
2017-05-21 09:11:05 +01:00
Robin Gloster
8952d75b0c
duo-unix: 1.9.19 -> 1.9.20
fixes build with openssl 1.1
2017-05-20 13:22:46 +02:00
Peter Hoeg
28e05a0dfd keybase-gui: 1.0.18 -> 1.0.23 2017-05-20 12:14:04 +08:00
Martin Wohlert
b15baed9e7 gnupg: 2.1.20 -> 2.1.21 2017-05-19 19:38:33 +02:00
mimadrid
8b569420b4
sudo: 1.8.19p2 -> 1.8.20 2017-05-18 00:50:53 +02:00
Vladimír Čunát
515414ed32
Merge branch 'master' into staging 2017-05-16 18:32:43 +02:00
Vladimír Čunát
65ede052fa
treewide: fixup packages with RPATH problems 2017-05-16 18:30:58 +02:00
Joachim Fasting
3cd189c3bc
tor: 0.3.0.6 -> 0.3.0.7
Contains a fix for TROVE-2017-002, a remotely triggered crashing bug
affecting tor relays (clients & releases pre 0.3.0 unaffected).
2017-05-16 11:14:14 +02:00
Jörg Thalheim
cf726bc31a
metasploit: 3.3.1 -> 4.14.17
use bundler env now

fixes #8870
2017-05-15 21:44:00 +01:00
Tuomas Tynkkynen
e1805301af afl: 2.35b -> 2.41b 2017-05-14 04:15:24 +03:00
Ronny Pfannschmidt
9587d3591e remove myself from maintainers/enpass (#25625)
as i am no longer using nixos
2017-05-08 22:03:23 +01:00
Frederik Rietdijk
ef4442e827 Python: replace requests2 with requests tree-wide
See f63eb58573

The `requests2` attribute now throws an error informing that `requests`
should be used instead.
2017-05-07 12:56:09 +02:00
Victor Calvert
9bc0b12c68 pass: 1.7 -> 1.7.1 2017-05-05 16:09:03 -04:00
Aneesh Agrawal
ded7953478 treewide: meta.platform -> meta.platforms 2017-05-02 19:32:02 -04:00
Michael Raskin
4d2f7b63e0 Merge pull request #24803 from pajowu/master
browserpass: init at 1.0.2
2017-05-01 11:27:17 +02:00
Michael Raskin
1a380c094f Remove empty longDescription 2017-05-01 11:27:03 +02:00
Michael Raskin
d5ec7bc748 Merge pull request #23697 from sargon/master
sshguard + service: init at 2.0.0
2017-04-30 21:43:12 +02:00
Michael Raskin
b3d1050cf2 Merge pull request #22438 from rnhmjoj/masscan
masscan: init at 2016-11-03
2017-04-30 18:40:58 +02:00
Joachim Fasting
7301bf8581
tor: 0.2.9.10 -> 0.3.0.6
First stable release in the 0.3 series.

https://blog.torproject.org/blog/tor-0306-released-new-series-stable
2017-04-27 19:26:59 +02:00
pajowu
b4caf7a11e browserpass: add support for firefox 2017-04-22 15:13:02 +02:00
obadz
c4fecfb1ec ecryptfs-helper: fix makeWrapper use after 7ff6eec5 2017-04-21 21:25:30 +01:00
Kai
91d2dc00bb nitrokey-app: 0.5.1 -> 0.6.3 (#24219)
* nitrokey-app: 0.5.1 -> 0.6.3

* Fix (native)buildInputs and refactor
2017-04-14 15:34:36 -05:00
Daiderd Jordan
4a913ecfd3 Merge pull request #24797 from nixy/pass/coreutils-sb-patch
pass: fix clipboard functionality for darwin
2017-04-13 19:26:50 +02:00
Daniel Peebles
f21a6940da Merge pull request #24838 from matthewbauer/ibtool
pinentry_mac: use xcbuild
2017-04-12 22:20:57 -04:00
Matthew Bauer
4672fe6998
pinentry_mac: use precompiled .nib's
sadly, xib2nib hasn't been working like i though. I've just
precompiled into our modified pinentry_mac. Eventually we can get this
fixed but it's not as easy as first thought.
2017-04-12 20:03:29 -05:00
Matthew Bauer
457570f61a
pinentry_mac: switch to pure version
Fixes #24734
2017-04-12 02:59:54 -05:00
pajowu
11913f2ce1 browserpass: change naming scheme 2017-04-11 17:32:33 +02:00
pajowu
b70077f551 browserpass: switch build source to git HEAD
Precompiled version only supports linux64, git version should also support darwin
2017-04-10 23:45:41 +02:00
pajowu
857a3b872c browserpass: init at 1.0.2 2017-04-10 20:06:53 +02:00
Andrew R. M
785f6ce5d6 pass: Fix clipboard functionality
Add the patch that was removed that allows pass's clip() function to
work with single binary coreutils. This version of the patch is also
applied to darwin.sh, so this should fix the clipboard functionality in
darwin as well.
2017-04-10 10:31:00 -04:00
Matthew Bauer
38fa991064
pinentry_mac: use xcbuild 2017-04-09 04:24:16 -05:00
Lancelot SIX
637770f699 gnupg21: 2.1.19 -> 2.1.20
See http://lists.gnu.org/archive/html/info-gnu/2017-04/msg00002.html
for release information
2017-04-05 15:24:05 +02:00
Eelco Dolstra
e410c78cd5
gnupg: Give the 1compat package a higher priority
This resolves collision warnings with the regular gnupg packages.
2017-04-04 16:40:06 +02:00
rnhmjoj
2e1ccaa319
masscan: init at 2017-02-04 2017-04-01 19:05:10 +02:00
Michael Weiss
c9ecc70880 gnupg*: Improve the meta set
And use version from gnupg21 for gnupg1compat.
2017-03-28 22:19:12 +02:00
Michael Weiss
02e469fa04 signing-party: Add 4 missing man pages + dep fix
The manual pages for the following 4 tools where still missing:
- gpgsigs
- keyanalyze
- pgpring
- process_keys

The gpgdir script needs the gpg binary.

The 19 tools are licensed under various licenses.
2017-03-28 22:09:55 +02:00
Vladimír Čunát
96d41e393d
treewide: purge maintainers.urkud
It's sad, but he's been inactive for the last five years.
Keeping such people in meta.maintainers is counter-productive.
2017-03-27 19:52:29 +02:00
Michael Weiss
ef8c0d1388 signing-party: Fix deps and include all tools
Additional tools:
- gpg-key2latex
- gpgdir
- gpgwrap

This module is really hacky and the dependencies are very messy... :o

However I tried my best at testing all 19 individual tools and they
should (hopefully) all work now (apart from sendmail which can be
provided by multiple packages) :)

The code is very redundant (sorry) but imho it's easier to read and
maintain it that way.

TODO: There are some additional manual pages that could be included (I'm
too exhausted for that atm...). And there might be a lot of stuff that
could be improved in the future.
2017-03-26 21:12:45 +02:00
Daniel Ehlers
20a5b5bead sshguard: new package 2017-03-26 14:46:22 +02:00
Joachim Fasting
ecd0e1a2c7
torbrowser: reduce risk of stale Nix store references
This patch restructures the expression and wrapper to minimize Nix store
references captured by the user's state directory.

The previous version would write lots of references to the Nix store into
the user's state directory, resulting in synchronization issues between
the Store and the local state directory.  At best, this would cause TBB to
stop working when the version used to instantiate the local state was
garbage collected; at worst, a user would continue to use the old version
even after an upgrade.

To solve the issue, hard-code as much as possible at the Store side and
minimize the amount of stuff being copied into the local state dir.
Currently, only a few files generated at firefox startup and fontconfig
cache files end up capturing store paths; these files are simply removed
upon every startup.  Otherwise, no capture should occur and the user
should always be using the TBB associated with the tor-browser wrapper
script.

To check for stale Store paths, do
   `grep -Ero '/nix/store/[^/]+' ~/.local/share/tor-browser`
This command should *never* return any other store path than the one
associated with the current tor-browser wrapper script, even after an
update (assuming you've run tor-browser at least once after updating).
Deviations from this general rule are considered bugs from now on.

Note that no attempt has been made to support pluggable transports; they
are still broken with this patch (to be fixed in a follow-up patch).

User visible changes:
- Wrapper retains only environment variables required for TBB to work
- pulseaudioSupport can be toggled independently of mediaSupport (the
  latter weakly implies the former).
- Store local state under $TBB_HOME.  Defaults to $XDG_DATA_HOME/tor-browser
- Stop obnoxious first-run stuff (NoScript redirect, in particular)
- Set desktop item GenericName to Web Browser

Some minor enhancements:
- Disable Hydra builds
- Specify system -> source mapping to make it easier to
  extend supported platforms.
2017-03-25 15:59:18 +01:00
Frederik Rietdijk
f4a1eab239 Merge pull request #23863 from plumps/add-vulnix
vulnix: init at 1.2.2
2017-03-24 11:12:50 +01:00
Jörg Thalheim
70322d8b87 pythonPackages.BTrees: 4.1.4 -> 4.3.1 2017-03-24 10:44:34 +01:00
Michael Weiss
4e29638323 Revert "gpgme: Drop multiple outputs (dev and info)"
This reverts commit 872770286d.

This will fix fwknop as well (should have done it like this in the first
place, where was my mind...).

Conclusion: Did something stupid... :o - I am *so incredibly sorry*,
will be way more careful (was already careful, but apparently not
enought...) next time and use nox.

Sorry @everyone and thanks @calvertvl for noticing this.
2017-03-21 23:57:57 +01:00
Michael Weiss
b27652148a fwknop: init at 2.6.9
fwknop stands for the "FireWall KNock OPerator", and implements an
authorization scheme called Single Packet Authorization (SPA).
2017-03-21 22:43:00 +01:00
Michael Raskin
89f62be345 Merge pull request #23715 from risicle/moz-sops
Add Mozilla sops package
2017-03-18 19:18:06 +01:00
Vladimír Čunát
742b120ddc
Merge branch 'master' into staging
Nontrivial rebuilds from master, again :-/
2017-03-18 11:00:31 +01:00
Peter Hoeg
bf5dc90f30 keybase: 20170209 -> 1.0.20 2017-03-16 10:01:57 +08:00
Maksim Bronsky
97f26ee39a initial release: vulnix 2017-03-15 15:09:19 +01:00
Tuomas Tynkkynen
aba0b45b86 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
      pkgs/development/libraries/qt-5/5.7/qtbase/default.nix
2017-03-14 00:49:22 +02:00
Daiderd Jordan
798623fd2b Merge pull request #23653 from LnL7/darwin-crunch
crunch: enable darwin build
2017-03-10 22:01:41 +01:00
Robert Scott
b3fadc9085 sops: init at version 2.0.8 2017-03-10 15:41:57 +00:00
Tuomas Tynkkynen
e7ce27f9ce john: Disable parallel build
http://hydra.nixos.org/build/49940032/nixlog/1/raw
2017-03-10 01:48:53 +02:00
Vladimír Čunát
ed4a79c65e
Merge branch 'master' into staging
... to fix an evaluation problem in dogecoin.
2017-03-09 23:14:19 +01:00
Jörg Thalheim
a1d6e74ef4 Merge pull request #23351 from ndowens/tpm-quote-tools
tpm-quote-tools: 1.0.2 -> 1.0.3
2017-03-09 10:34:01 +01:00
Daiderd Jordan
d5ef0daf7c
crunch: enable darwin build 2017-03-09 00:46:13 +01:00
Joachim Fasting
74f8e0fd7a
torbrowser: 6.5 -> 6.5.1 2017-03-08 20:08:46 +01:00
Vladimír Čunát
b86b7c04a3
Merge branch 'master' into staging 2017-03-07 21:59:32 +01:00
Michiel Leenaars
1522496288 softhsm: 2.1.0 -> 2.2.0 2017-03-07 11:43:46 +01:00
Graham Christensen
33b738be44 Merge pull request #23386 from lsix/update_gnupg21
gnupg21: 2.1.18 -> 2.1.19
2017-03-06 09:03:18 -05:00
Benno Fünfstück
c0bfcdf3a6 opensc: remove obsolete DESTDIR patch
This patch was actively causing harm, because it lead to a "double prefix"
issue where the etc files were installed into $out/$out/etc instead of just
$out/etc.
2017-03-05 23:36:35 +01:00
Michiel Leenaars
b5bb83b273
sha1collisiondetection: init at 1.0.1
Closes https://github.com/NixOS/nixpkgs/pull/23114
2017-03-05 18:59:28 +01:00
ndowens
40fb61392c tpm-quote-tools: 1.0.2 -> 1.0.3
tpm-quote-tools: Fixed library issue
2017-03-02 17:53:26 -06:00
Joachim Fasting
c44a41c73f
tor: split out geoip data
Saves about 5.2 MiB.

To use geoip, add something like
```
GeoIPFile ${tor.geoip}/share/tor/geoip
GeoIPv6File ${tor.geoip}/share/tor/geoip6
```
to torrc
2017-03-02 12:40:33 +01:00
Lancelot SIX
ade2357c65
gnupg21: 2.1.18 -> 2.1.19
See http://lists.gnu.org/archive/html/info-gnu/2017-03/msg00000.html
for release information
2017-03-02 10:10:02 +01:00
Joachim Fasting
05054e34c0
tor: 0.2.9.9 -> 0.2.9.10
The 0.2.9 series is now a long-term support release, which will
receive backported security fixes until at least 2020.

tor should now build against libressl, as in
```nix
tor.override { openssl = libressl; }
```

Also re-enable the test-suite; works fine on my end.
2017-03-01 23:56:34 +01:00
Joachim Fasting
56ae1e25af
rhash: sha1 -> sha256 2017-03-01 00:28:25 +01:00
Jörg Thalheim
be23e983ae
haka: replace sha1 with sha256 2017-02-28 18:03:23 +01:00
Thomas Tuegel
b31a63d2e5
pinentry_qt5: build with C++11 for Qt 5.7 2017-02-28 05:59:45 -06:00
Bjørn Forsman
3d104ab2b3 gst-plugins-base: align attrname with pkgname 2017-02-27 12:16:26 +01:00
Bjørn Forsman
0591cd607b gst-plugins-good: align attrname with pkgname 2017-02-27 12:16:26 +01:00
Bjørn Forsman
4b2c7fe3d1 gst-ffmpeg: align attrname with pkgname 2017-02-27 12:16:26 +01:00
Franz Pletz
9dbeca2240
pass: refactor, fix completions install
cc #23223
2017-02-26 20:54:58 +01:00
Franz Pletz
edcbb6da11
pass: 1.6.5 -> 1.7 2017-02-26 19:36:51 +01:00
Thomas Tuegel
dab94220fa
Remove kde4.polkit_kde_agent
- Already updated to KDE 5 in Nixpkgs
- Not useful without the KDE 4 desktop
2017-02-24 16:49:01 -06:00
Thomas Tuegel
2d7f558661
Remove kde4.ksshaskpass
- Already updated to KDE 5 in Nixpkgs
- Not useful without the KDE 4 desktop
2017-02-24 16:49:00 -06:00
Daniel Fullmer
a8c738713b gnupg21: Fix scdaemon for usb smartcards (#22891)
The use of smartcard functionality for yubikeys (and presumably other
usb smartcards) was broken in gnupg 2.1.18.  This has apparently already
been fixed in gnupg master, and debian backports the included patches
for 2.1.18.

See also:
https://bugs.gnupg.org/gnupg/issue2933
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852702
https://github.com/NixOS/nixpkgs/pull/21991
2017-02-20 04:30:01 +01:00
Peter Hoeg
68f01b3b8c Merge pull request #23010 from peterhoeg/f/gpg
gnupg: include systemd user units in output
2017-02-20 08:16:15 +08:00
Peter Hoeg
9ca3caeb09 gnupg: include systemd user units in output 2017-02-20 08:09:44 +08:00