Commit graph

9 commits

Author SHA1 Message Date
Franz Pletz
5f6557d437
charybdis: 3.5.1 -> 3.5.3 (security)
Fixes CVE-2016-7143 (certificate fingerprint spoofing through crafted
SASL messages).
2016-09-07 08:12:02 +02:00
Robin Gloster
2d382f3d98 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-05-30 19:39:34 +00:00
Tuomas Tynkkynen
2a73de6e6c treewide: Make explicit that 'dev' output of openssl is used 2016-05-19 10:02:23 +02:00
Robin Gloster
d020caa5b2 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-18 13:49:22 +00:00
Franz Pletz
ecb94c61d4 chaybdis: 3.5.0-rc1 -> 3.5.1 2016-04-12 04:26:13 +02:00
Franz Pletz
aff1f4ab94 Use general hardening flag toggle lists
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
2016-03-05 18:55:26 +01:00
Robin Gloster
16c81c9f74 charybdis: turn off format hardening 2016-02-10 23:27:38 +00:00
lassulus
73e164f575 pkgs charybdis: change platforms to linux only 2015-05-18 13:12:45 +02:00
lassulus
caf62e8bfb add charybdis to nixpkgs 2015-05-11 11:38:43 +02:00