| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | btrfs-progs: 4.14.1 -> 4.15.1•••(cherry picked from commit 11238ffbe1d1102c6519c4852ab61352d3d36f31)
Signed-off-by: Domen Kožar <domen@dev.si>
origin/release-17.03gitlab.intr/release-17.03 | Domen Kožar | 2018-04-07 | 2 | -5/+41 |
| * | e2fsprogs: 1.43.8 -> 1.44.1•••(cherry picked from commit e6114781b0fad5345a2430fac3587d618273bda2)
Signed-off-by: Domen Kožar <domen@dev.si>
| Domen Kožar | 2018-04-07 | 1 | -2/+2 |
| * | kernel: depend optionally on libelf | Domen Kožar | 2018-04-07 | 1 | -1/+1 |
| * | kernel 4.14 require libelf to compile modules.•••[...]
make modules -C /nix/store/h1vzl6bq4wif3m8dd1bw2p3fv4shjg3n-linux-4.14.9-dev/lib/modules/4.14.9/build EXTRA_CFLAGS=-Werror-implicit-function-declaration M=/tmp/nix-build-spl-kernel-2017-11-16-4.14.9.drv-0/source/build
/nix/store/h1vzl6bq4wif3m8dd1bw2p3fv4shjg3n-linux-4.14.9-dev/lib/modules/4.14.9/source/Makefile:939: *** "Cannot generate ORC metadata for CONFIG_UNWINDER_ORC=y, please install libelf-dev, libelf-devel or elfutils-libelf-devel". Stop.
This patch introduces kernel.moduleBuildDependencies to avoid the logic "stdenv.lib.optional (stdenv.lib.versionAtLeast kernel.version "4.14") libelf" in multiple places.
[dezgeg did some minor tweaks on top]
| David Guibert | 2018-04-07 | 7 | -8/+15 |
| * | linux: Add 4.14 | Tim Steinbach | 2018-04-06 | 3 | -2/+44 |
| * | kernel/common-config: backport 4.13+ support | Yegor Timoshenko | 2018-01-06 | 1 | -1/+3 |
| * | Extract files one at a time from all-cabal-hashes | Will Fancher | 2017-12-17 | 2 | -12/+13 |
| * | openssl: fix nix patch for recent update•••(cherry picked from commit e06dbe4f5b51850746ef2c363be8326a1a3e84bf)
| Graham Christensen | 2017-11-03 | 1 | -3/+3 |
| * | openssl_1_1_0: 1.1.0f -> 1.1.0g•••(cherry picked from commit 5e2d96deb331b19fc1b69146c88a8128e8b6e466)
| Graham Christensen | 2017-11-03 | 1 | -2/+2 |
| * | openssl_1_0_2: 1.0.2l -> 1.0.2m•••(cherry picked from commit 7726b4602709bbda969c021c56873a6eeebe97b2)
| Graham Christensen | 2017-11-03 | 1 | -2/+2 |
| * | libav_11: security 11.10 -> 11.11•••Fixes CVE-2017-7862.
(cherry picked from commit 25515ce9280dcb90cffc3fbd15e4ab2ac8ec0e38)
| Vladimír Čunát | 2017-10-31 | 1 | -1/+2 |
| * | network-interfaces-scripted: fix NixOS/nixops#640•••Reverse the PartOf dependency between network-setup and network-addresses-*
This was joint work of: @nh2, @domenkozar, @fpletz, @aszlig and @basvandijk
at the NixCon 2017 hackathon.
| Bas van Dijk | 2017-10-30 | 1 | -2/+1 |
| * | linux: 4.4.84 -> 4.4.95•••(cherry picked from commit 0a5ecde8085122835a9c8ffa2025e8ccb49ddb14)
| Franz Pletz | 2017-10-30 | 1 | -2/+3 |
| * | php71: 7.1.9 -> 7.1.11•••(cherry picked from commit f41f5a8f77a09f9629b86d88f6a6b514e416d155)
| Franz Pletz | 2017-10-30 | 1 | -2/+2 |
| * | php70: 7.0.24 -> 7.0.25•••(cherry picked from commit 3975f267abc305d4a197fe96c0cf5f49cbfc6d7d)
| Franz Pletz | 2017-10-30 | 1 | -2/+2 |
| * | php56: 5.6.31 -> 5.6.32•••(cherry picked from commit ecdf4f1c51c0b1093b06c17fce29f6778ee6934f)
| Franz Pletz | 2017-10-30 | 1 | -2/+2 |
| * | wget: 1.19.1 -> 1.19.2 for multiple CVEs•••Fixes CVE-2017-13089, CVE-2017-13090.
(cherry picked from commit 3e29dd00fc43f585995dc470e7bb9717f6d9f46e)
| Franz Pletz | 2017-10-27 | 1 | -10/+5 |
| * | Merge #30729: freeimage: apply security patches•••(cherry picked from commit dc240d20696aeb26198aa744bc99cde5bc5cf69b)
They're relatively simple patches, used by Debian.
| Vladimír Čunát | 2017-10-24 | 1 | -0/+13 |
| * | curl: 7.56.0 -> 7.56.1•••(cherry picked from commit 9bd930560292209b569158a0a591b59108dd4dd9)
| Tim Steinbach | 2017-10-24 | 1 | -2/+2 |
| * | foomatic-filters: fix CVE-2015-8327 & CVE-2015-8560•••(cherry picked from commit 4b756e48738dc0775dacb6b97280a17799d66147)
| Piotr Bogdan | 2017-10-24 | 1 | -1/+9 |
| * | imagemagick7: 7.0.7-4 -> 7.0.7-8•••(cherry picked from commit bb493911516b812d5e03567836fb049c2ee02608)
| Franz Pletz | 2017-10-23 | 1 | -2/+2 |
| * | imagemagick: 6.9.9-15 -> 6.9.9-20•••(cherry picked from commit 6af0de6478a7028b6fd73fbd44cacf0c13c7be99)
| Franz Pletz | 2017-10-23 | 1 | -2/+2 |
| * | irssi: 1.0.4 -> 1.0.5•••Security update, see https://irssi.org/security/irssi_sa_2017_10.txt.
(cherry picked from commit c81563771985a19f9c44bca267b66374fba1b11f)
| Piotr Bogdan | 2017-10-23 | 1 | -2/+2 |
| * | flashplayer: 27.0.0.159 -> 27.0.0.170•••(cherry picked from commit a060b850f68906e8a5928aa24398a5d4ec76361f)
| taku0 | 2017-10-17 | 3 | -10/+10 |
| * | flashplayer: 27.0.0.130 -> 27.0.0.159•••(cherry picked from commit 628c039326bd1f8e8a8009c0ea74cb99c3d82e3a)
| taku0 | 2017-10-17 | 3 | -10/+10 |
| * | wpa_supplicant: patch for KRACKAttack••• CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
(cherry picked from commit ea50efcc67cfa6c8331b54ff33ab791dacd52fe4)
| Graham Christensen | 2017-10-16 | 1 | -0/+33 |
| * | hostapd: patch for KRACKAttack••• CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
(cherry picked from commit 629965a53251afa23a60c08c16000b732374b9f9)
| Graham Christensen | 2017-10-16 | 1 | -0/+34 |
| * | nixos/atd: remove "batch" from setuid wrappers•••"batch" is a shell script so invoking it via setuid wrapper never worked
anyway. (The kernel drops perms on executables with shebang.) A previous
nixpkgs commit made "batch" invoke the NixOS setuid "at" wrapper to gain
needed privileges.
Thanks to @yesbox for noticing.
(cherry picked from commit 497108b4568d01cefee6acdf92b738ee80e22023)
| Bjørn Forsman | 2017-10-16 | 1 | -1/+3 |
| * | nixos/tests: add basic test for services.atd•••(cherry picked from commit 943730ff9b6b05c61ef75d7e2f3fae17d4cbdf4f)
(Fix trivial conflict in nixos/release.nix.)
| Bjørn Forsman | 2017-10-16 | 2 | -0/+37 |
| * | at: fix permission errors with "batch" on NixOS•••Fixes https://github.com/NixOS/nixpkgs/issues/12392
(cherry picked from commit 38e6ae8e440d3c1eb53c7f2bae9dedd2fdf9a5bb)
| Bjørn Forsman | 2017-10-16 | 1 | -1/+11 |
| * | curl: fix clang build•••(cherry picked from commit 514593ea31d7e67e8efa2f2ff26c9569d508a5ef)
| Daiderd Jordan | 2017-10-16 | 1 | -2/+2 |
| * | xorg-server: security 1.19.4 -> 1.19.5•••CVE-2017-{12176,12177,12178,12183}
(cherry picked from commit 2baf618c3ee503b20fd55f0ba92b325a976de730)
| Vladimír Čunát | 2017-10-14 | 2 | -4/+4 |
| * | xorg libXfont2, libXres: security updates•••CVE-2013-1988, CVE-2017-{13720,13722}
(cherry picked from commit 6328c76e7785791c0397f43eaace1f85cbf33164)
| Vladimír Čunát | 2017-10-14 | 2 | -8/+8 |
| * | unrar: 5.5.7 -> 5.5.8•••(cherry picked from commit 94fa59228a68b4bb4cb4074f46b91921eabdc5ed)
| mimadrid | 2017-10-12 | 1 | -3/+3 |
| * | nss: fix includedir for pkgconfig•••(cherry picked from commit 034c168aa29fa95c323125d970d4018d25ac7eee)
It fixes some reverse dependencies and it's very unlikely to worsen
something.
| Robin Gloster | 2017-10-11 | 1 | -1/+1 |
| * | nixos/lighttpd: add missing modules to allKnownModules•••The output of ./configure shows all modules/plugins, both enabled and
disabled. With this info we can finally build the _complete_ list of
modules. We were missing these:
mod_authn_gssapi
mod_authn_ldap
mod_geoip
(I hit this as I was building lighttpd with ldap support and the NixOS
module said ldap was unsupported, due to these missing entries in
allKnownModules.)
(cherry picked from commit d26f8b5e00b4a436ec8f9b7fb1b55a0dbda440c5)
| Bjørn Forsman | 2017-10-10 | 1 | -1/+5 |
| * | nixos/lighttpd: update list of allowed module names•••* mod_dirlisting is auto-loaded by lighttpd and should not be explicitly
loaded in the configuration file.
* The rest comes from looking at "ls -1 $lighttpd/lib/*.so" when
lighttpd is built with "enableMagnet" and "enableMysql".
(cherry picked from commit b339e6e13fb0869f5ac5ba13e8c38ab535549231)
| Bjørn Forsman | 2017-10-10 | 1 | -1/+4 |
| * | shutter: 0.93.1 -> 0.94•••(cherry picked from commit da93e6e6789dc52e24571179726813ca9d4eed61)
| jaltek | 2017-10-10 | 1 | -11/+3 |
| * | fcron module: fix use with hardlink-optimized store•••(cherry picked from commit 1afd97aa8f5893b92be5861d11b31c3ba9581f34)
| Léo Gaspard | 2017-10-09 | 1 | -1/+1 |
| * | nixos/fcron: service needs fcron in PATH•••otherwise fcronsighup is not found.
Set PATH to /run/current-system/sw/bin does not seems to be used by service file anyway.
(cherry picked from commit e34e28e573568a0cad99d3e6aec3f78408d9cdbc)
| Joerg Thalheim | 2017-10-09 | 1 | -4/+1 |
| * | xorg-server: security 1.19.2 -> 1.19.4•••CVE-2017-{13721,13723}
https://lists.x.org/archives/xorg-announce/2017-October/002808.html
(cherry picked from commits 07efaaa722a8bf288 and 35b4c8be511d6f)
| Vladimír Čunát | 2017-10-08 | 3 | -9/+4 |
| * | ruby_2_2: 2.2.7 -> 2.2.8•••For multiple CVE's:
- CVE-2017-0898
- CVE-2017-10784
- CVE-2017-14033
- CVE-2017-14064
See https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-2-8-released/
(cherry picked from commit 547fba51407afed4c3885cd935cf23702e386be8)
| Piotr Bogdan | 2017-10-07 | 3 | -7/+7 |
| * | ruby: 2.2.5 -> 2.2.7•••(cherry picked from commit ec2c46923078ceda67f944ae09bcb4d435d45ce5)
| Tim Steinbach | 2017-10-07 | 3 | -12/+12 |
| * | firefox: revert the upgrade for now•••It needs rustc-1.17, and I don't see how to port it ATM. /cc #30143
| Vladimír Čunát | 2017-10-07 | 1 | -2/+2 |
| * | icu: keep default version on 58•••... to avoid mass rebuilds for now. (Bumped in parent merge.)
(cherry picked from commit a7159d3cdae0fc8a38b2a3a24b0fc240ebf85d9b)
| Vladimír Čunát | 2017-10-07 | 1 | -1/+1 |
| * | Merge #30143: firefox-*: critical security updates•••(cherry picked from commit 84952fc2920e0b490ddbea483b7ab7e3e25db929)
| Vladimír Čunát | 2017-10-07 | 8 | -64/+76 |
| * | locate: does not use localuser for mlocate•••(cherry picked from commit 6ef6484dd645a7d1d6b1d3d993988ba5833a5701)
| romildo | 2017-10-07 | 1 | -1/+1 |
| * | locate: fix creation of the parent directory of of locate database•••(cherry picked from commit c06a10e05fedcd49c4b2f88a435e9aad64395d0a)
| romildo | 2017-10-07 | 1 | -1/+1 |
| * | curl: 7.55.1 -> 7.56.0 for CVE-2017-1000254•••https://curl.haxx.se/docs/adv_20171004.html
(cherry picked from commit a98b96824db90446895c7cbf2c4931ef9ad9cb68)
| Franz Pletz | 2017-10-04 | 1 | -2/+2 |
| * | curl: 7.55.0 -> 7.55.1•••(cherry picked from commit 135a841d9124f0c27750ee909d02a84bff23b44e)
| Tim Steinbach | 2017-10-04 | 1 | -6/+2 |
