Commit graph

100744 commits

Author SHA1 Message Date
Peter Hoeg
d58a20aa67 dropbox: 18.4.32 -> 19.4.13 (#22545) 2017-02-09 15:29:42 +01:00
Peter Simons
768c970c8d python-requests2: use system-wide CA bundle rather than our own
This allows the library to interact gracefully with additional certificates
users might have configured in /etc/ssl/certs/ca-certificates.crt via NixOS.
2017-02-09 15:19:36 +01:00
Stefan Siegl
f800a4b197 tomboy: init at 1.15.7 (#22589) 2017-02-09 14:17:35 +00:00
Michael Raskin
5f3fa24a20 cygwin-iso: fix the most obvious parts of bit rot
Still doesn't build though. Is anyone still using it?
2017-02-09 15:07:38 +01:00
Peter Hoeg
60cae1c173 syncthing: 0.14.21 -> 0.14.23 2017-02-09 14:51:47 +01:00
Franz Pletz
92d2d74c40
astroid: 0.6 -> 0.7, use wrapGAppsHook
cc @bdimcheff #22559
2017-02-09 14:44:04 +01:00
Brandon Dimcheff
c517e54328 astroid: fix crash due to missing icons
Astroid was unable to run in a pure environment because it couldn't find
the necessary icons.  This fixes that issue, and was tested with
`nix-shell --pure`
2017-02-09 14:42:17 +01:00
Pradeep Chhetri
72af039a4d wuzz: 2017-02-05 -> 2017-02-09 2017-02-09 14:36:20 +01:00
Frederik Rietdijk
10eb16038c Merge pull request #22564 from mdaiter/cudnn_hash_fix
cudnn51_cudatoolkit80: hash change
2017-02-09 13:43:07 +01:00
Graham Christensen
4b6692a510
graphicsmagick: patch for CVE-2016-9830 2017-02-09 07:21:07 -05:00
Franz Pletz
bfee52a967
epiphany: 3.22.5 -> 3.22.6 for security issue
From https://bugzilla.gnome.org/show_bug.cgi?id=752738:

  The page http://whatever.com has access to saved passwords of
  https://whatever.com. This was a very bad idea: it makes it easy to
  intercept passwords stored on secure websites, especially since we
  don't require any user interaction to fill in the password.

No CVE has been assigned as of now.

cc #22549
2017-02-09 12:18:04 +01:00
Jörg Thalheim
f3c6acde1e Merge pull request #22572 from Mic92/dwarfdump
dwarfdump: init at 20161124
2017-02-09 12:00:18 +01:00
Jörg Thalheim
e72857bae1 Merge pull request #22576 from andrewthad/elasticsearch_2_classpath
set elasticsearch classpath to nix store
2017-02-09 11:35:14 +01:00
Pradeep Chhetri
60246cedc5 terraform: 0.8.5 -> 0.8.6 (#22584) 2017-02-09 10:23:25 +00:00
Franz Pletz
6820e74ff0 Merge pull request #22583 from DerTim1/asterisk
asterisk: 14.1.2 -> 14.2.1, add speex
2017-02-09 11:21:18 +01:00
Rahul Gopinath
a4d952178c mlterm: 3.7.2 -> 3.8.0 2017-02-09 11:20:46 +01:00
Peter Simons
055ab6ba74 Merge pull request #21589 from NixOS/ghc-split-sections
GHC 8.0.2: use -split-sections
2017-02-09 11:17:31 +01:00
Franz Pletz
da5eaa3c21
bind: 9.10.4-P5 -> 9.10.4-P6 for CVE-2017-3135
See https://kb.isc.org/article/AA-01453.

cc #22549
2017-02-09 10:44:16 +01:00
Mica Semrick
c06b6d9446 gimp: 2.8.18 -> 2.8.20 2017-02-09 10:32:25 +01:00
Vladimír Čunát
333e36eca0
pythonPackages.gst-python: fix hash after afd59811a1
/cc #22549.
2017-02-09 09:40:36 +01:00
Pascal Wittmann
5de04f6d55 Revert "ocaml-lablgl: use camlp5"
This reverts commit 7a6aac9076.
2017-02-09 09:14:51 +01:00
Pascal Wittmann
b6cc6bd088 yodl: 3.08.01 -> 3.08.02 2017-02-09 09:11:28 +01:00
Vladimír Čunát
5efc5a4ede
pydb, libclc: fixup eval after pinning to python2 2017-02-09 08:52:22 +01:00
Michael Raskin
386ecdcb4d rtmpdump: 2015-01-15 -> 2015-12-30 2017-02-09 08:45:12 +01:00
Vladimír Čunát
6bea415b5e
Merge branch 'master' into staging 2017-02-09 08:42:04 +01:00
Tim Digel
d8da56984b asterisk: 14.1.2 -> 14.2.1 2017-02-09 08:29:09 +01:00
Tim Digel
3053e07caa asterisk: add speex codec 2017-02-09 08:29:09 +01:00
Vladimír Čunát
4bf9f8afc3
Merge #22578: mesa: add enableRadv ? false
There's no hash change in default settings.
2017-02-09 08:03:34 +01:00
Mica Semrick
70a7fe9d03 dateutils: init at 0.4.1 2017-02-08 19:31:31 -08:00
Graham Christensen
19f23d00fd
ntfs3g: patch for CVE-2017-0358
From the Debian advisory:

Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write
NTFS driver for FUSE, does not scrub the environment before executing
modprobe with elevated privileges. A local user can take advantage of
this flaw for local root privilege escalation.
2017-02-08 22:12:10 -05:00
John Ericson
e74ec9d84f Merge pull request #22575 from Ericson2314/localSystem
top-level: Allow nixpkgs to take localSystem directly
2017-02-08 22:10:49 -05:00
John Ericson
8cd4c31d6b top-level: Allow nixpkgs to take localSystem directly
This is instead of both system and platform, which is kind of ugly.
2017-02-08 22:06:57 -05:00
Graham Christensen
77e920d874
spice: Patch for CVE-2016-9577, CVE-2016-9578
From the Red Hat advisory:

* A vulnerability was discovered in spice in the server's protocol
  handling. An authenticated attacker could send crafted messages to
  the spice server causing a heap overflow leading to a crash or
  possible code execution. (CVE-2016-9577)

* A vulnerability was discovered in spice in the server's protocol
  handling. An attacker able to connect to the spice server could send
  crafted messages which would cause the process to crash.
  (CVE-2016-9578)
2017-02-08 22:03:11 -05:00
Graham Christensen
379144f54b
salt: 2016.3.3 -> 2016.11.2 for multiple CVEs
From the Arch Linux advisory:

- CVE-2017-5192 (arbitrary code execution): The
  `LocalClient.cmd_batch()` method client does not accept
  `external_auth` credentials and so access to it from salt-api has
  been removed for now. This vulnerability allows code execution for
  already- authenticated users and is only in effect when running
  salt-api as the `root` user.

- CVE-2017-5200 (arbitrary command execution): Salt-api allows
  arbitrary command execution on a salt-master via Salt's ssh_client.
  Users of Salt-API and salt-ssh could execute a command on the salt
  master via a hole when both systems were enabled.
2017-02-08 21:24:10 -05:00
David McFarland
4ab604b6b8 mesa: add enableRadv 2017-02-08 22:15:03 -04:00
Graham Christensen
e01278b2de Merge pull request #22573 from nlewo/master
rabbitmq: 3.5.8 -> 3.6.6
2017-02-08 20:00:59 -05:00
Tuomas Tynkkynen
05605b41d8 autofs: Some cleanup
The --with-openldap and --with-sasl flags passed here are actually wrong
as they don't point to the dev outputs of the packages. Anyway, autoconf
recognizes the packages as they are in buildInputs.

getBin is generally not needed - binaries can always be referred as
${foo}/bin/bar regardless of whether the package is multiple-output.

meta.version is unnecessary.
2017-02-09 02:50:48 +02:00
Andrew Martin
02bbf843be set elasticsearch classpath to nix store 2017-02-08 19:24:00 -05:00
Dan Peebles
3e7dffd2b3 pythonPackages.twitter-common-*: add meta
I'd like to share the common meta fields across all of them but it didn't
seem worth it.
2017-02-08 18:24:59 -05:00
Antoine Eiche
b2e7b4b0d7 rabbitmq: 3.5.8 -> 3.6.6
Fix CVE-2015-8786.
2017-02-09 00:12:49 +01:00
Franz Pletz
4494b18fe4
electricsheep: 2.7b33-598d93d90 -> 2.7b33-2017-02-04
Also some cleanups like removed unused buildInputs.
2017-02-08 23:51:02 +01:00
Franz Pletz
6d0806d061
pythonPackages.searx: 0.10.0 -> 0.11.0 2017-02-08 23:51:02 +01:00
Franz Pletz
2ae5b82cb7
pythonPackages.pysocks: 1.5.7 -> 1.6.6 2017-02-08 23:51:01 +01:00
Franz Pletz
603ca4be35
pythonPackages.lxml: 3.7.0 -> 3.7.2 2017-02-08 23:51:01 +01:00
Franz Pletz
de82ce901e
pythonPackages.flask: 0.11.1 -> 0.12 2017-02-08 23:51:00 +01:00
Franz Pletz
4bb27d8622
pythonPackages.ndg-httpsclient: 0.4.0 -> 0.4.2 2017-02-08 23:51:00 +01:00
Franz Pletz
7bb81a5a7b
pythonPackages.certifi: 2016.2.28 -> 2017.1.23 2017-02-08 23:51:00 +01:00
Franz Pletz
65a1762a9b
nginx module: make acme group overrideable easily 2017-02-08 23:50:59 +01:00
Franz Pletz
dced724c00
linux_3_18: remove due to EOL 2017-02-08 23:50:59 +01:00
Dan Peebles
554bfea26f pythonPackages.pex: add meta 2017-02-08 15:22:05 -05:00