summaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
* pythonPackages.pyopenssl: fix build, fixes #76879•••(cherry picked from commit e279676f480c0bce3ea9baea90cf926f07071de1) origin/staging-19.03gitlab.intr/staging-19.03Frederik Rietdijk2020-01-131-0/+22
* openssl_1_0_2: 1.0.2t -> 1.0.2u (low-severity security)•••Fixes #77266: CVE-2019-1551 https://www.openssl.org/news/secadv/20191206.txt (cherry picked from commit 961d0cf9f5f5e762eacb1ceda10d45cd35a81662) Vladimír Čunát2020-01-111-2/+2
* fribidi: add patch for CVE-2019-18397 (#73718)•••(adjusted cherry-pick from 55b583d334005cc0e51226f7b73f33ee2aed3938)Robert Scott2019-11-241-0/+5
* aspell: add patch for CVE-2019-17544 (#74039)•••(cherry picked from commit b8920d3dba0e594ab6a8e37fb227af9462fa0590)Robert Scott2019-11-241-0/+5
* libtiff: Patch CVE-2019-7663 (PR #72092)•••(cherry picked from commit 5270c3a03ee5657551f16b31da057dda81c8b0f9) /cc #57158. Daniel Schaefer2019-11-091-0/+5
* Merge pull request #72798 from risicle/ris-file-CVE-2019-18218-r19.03•••[r19.03] file: add patch for CVE-2019-18218Florian Klink2019-11-041-1/+9
|\
| * file: add patch for CVE-2019-18218•••upstream patch https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84.patch doesn't apply directly, debian have a version which has been adapted for 5.37. (cherry picked from commit 99273fc55533db11748750f5337f0791e8233cee) Robert Scott2019-11-041-1/+9
|/
* python2: 2.7.16 -> 2.7.17•••Co-authored-by: Dmitry Kalinkin <dmitry.kalinkin@gmail.com> (cherry picked from commit 5b55013aa274c14df01982e4ed3e8c3c3581c744) Frederik Rietdijk2019-10-202-6/+5
* Merge branch 'release-19.03' into staging-19.03Vladimír Čunát2019-10-134-6/+22
|\
| * linux: 5.2.20 -> 5.2.21Tim Steinbach2019-10-121-2/+2
| * linux: 4.19.78 -> 4.19.79Tim Steinbach2019-10-121-2/+2
| * linux: 4.14.148 -> 4.14.149Tim Steinbach2019-10-121-2/+2
| * Merge #70559: zziplib: apply patches for CVE-2018-16548•••...into release-19.03 Vladimír Čunát2019-10-121-0/+16
| |\
| | * zziplib: apply patches for CVE-2018-16548•••(cherry picked from commit aa74d076c973edcfeb4e0953894475cc6f164829) Pierre Bourdon2019-10-071-0/+16
* | | poppler: add patch for CVE-2019-9959 (PR #71046)•••(cherry picked from commit 3fa2864aac8f48c9f4f7bfc5ae353594fad36b24) Robert Scott2019-10-131-1/+9
* | | Merge #70285: *gst-plugins-base: patch CVE-2019-9928•••...into staging-19.03 Vladimír Čunát2019-10-132-3/+15
|\ \ \
| * | | gst-plugins-base,gst_all_1.gst-plugins-base: apply patch for CVE-2019-9928•••Refactor the patchPhase management for the package along the way to something more standard. (Cherry pick from 97e4a11b003a5a88397d9a1fc4ee8ce8f006a396 with an extra version of the package to patch in 19.03.) Pierre Bourdon2019-10-022-3/+15
| | |/ | |/|
* | | Merge #70273: gnupatch: rename patch files to match their CVE ids•••...into staging-19.03 Vladimír Čunát2019-10-132-3/+3
|\ \ \
| * | | gnupatch: rename patch files to match their CVE ids.•••This should be a behavior no-op, but it helps vulnix figure out that we are up to date regarding security patches. (cherry picked from commit 2242bb86d1edbdd8083c840d1160349286372fac) Pierre Bourdon2019-10-022-3/+3
| |/ /
* | | Merge #70278: libtiff: patch for CVE-2019-6128, CVE-2019-14973•••...into staging-19.03 Vladimír Čunát2019-10-132-0/+394
|\ \ \
| * | | libtiff: patch for CVE-2019-6128, CVE-2019-14973•••CVE-2019-14973.patch is a manually backported of the upstream patch to work around some minor merge conflicts. (cherry picked from commit a2e1da7367bf2397cb0cd82a1ab6503a9c1fa5aa) Pierre Bourdon2019-10-022-0/+394
| |/ /
* | | poppler_0_61: add patch for CVE-2019-9959•••custom adapted patch to accommodate the openjpeg1/openjpeg2 split that 0.61 still has (cherry picked from commit e6889d46e0ef40a5c2159347406f0a2e9e304e85) Robert Scott2019-10-132-0/+21
* | | curl: apply upstream security patch•••Partially fixes #70084. Cherry-picked from 19.09's 22b5bbf0e. Vladimír Čunát2019-10-122-0/+28
* | | Merge branch 'release-19.03' into staging-19.03Vladimír Čunát2019-10-1254-759/+953
|\ \ \ | | |/ | |/|
| * | Merge #70464: runc: v1.0.0-rc8 -> v1.0.0-rc9 (security)•••(cherry picked from commit 0fa45b865a68defa009da53cbe98c426fa02ea5c) CVE-2019-16884 Vladimír Čunát2019-10-121-2/+2
| * | chromium: 77.0.3865.90 -> 77.0.3865.120•••CVE-2019-13693 CVE-2019-13694 CVE-2019-13695 CVE-2019-13696 CVE-2019-13697 Disable jumbo mode because upstream dropped support for it. (See chromium-dev "We're removing support for the jumbo build") This makes builds take about 3x as long, but we have no alternative. (cherry picked from commit 371005c2610af880781f4d70e19747a63768c88e) Ivan Kozik2019-10-113-24/+9
| * | [19.03] dovecot: 2.3.7.2 -> 2.3.8 (#70972)•••[19.03] dovecot: 2.3.7.2 -> 2.3.8Florian Klink2019-10-112-6/+6
| |\ \
| | * | dovecot_pigeonhole: 0.5.7.2 -> 0.5.8•••https://dovecot.org/pipermail/dovecot-news/2019-October/000420.html (cherry picked from commit 395cdd7d4c9bd768d65c41fee4bda531e8cbf0d5) Robert Schütz2019-10-111-4/+4
| | * | dovecot: 2.3.7.2 -> 2.3.8•••https://dovecot.org/pipermail/dovecot-news/2019-October/000419.html (cherry picked from commit 5f03f32fa6b0e20b41d8b4f22fdfc7e0ef0d8ea3) Robert Schütz2019-10-111-2/+2
| |/ /
| * | Merge pull request #70864 from kolaente/update-19.03/gitea-1.9.4•••[19.03] gitea: 1.9.3 -> 1.9.4Robin Gloster2019-10-091-2/+2
| |\ \
| | * | gitea: 1.9.3 -> 1.9.4•••(cherry picked from commit 7c087faeb87ff1129197347b1f98a6e8a5c0558b) kolaente2019-10-091-2/+2
| |/ /
| * | linux: 5.2.19 -> 5.2.20Tim Steinbach2019-10-071-2/+2
| * | linux: 4.9.195 -> 4.9.196Tim Steinbach2019-10-071-2/+2
| * | linux: 4.4.195 -> 4.4.196Tim Steinbach2019-10-071-2/+2
| * | linux: 4.19.77 -> 4.19.78Tim Steinbach2019-10-071-2/+2
| * | linux: 4.14.147 -> 4.14.148Tim Steinbach2019-10-071-2/+2
| * | linuxPackages.virtualBoxGuestAdditions: fix build•••From #70618; fixes #70470. (cherry picked from commit 22011b02180d4092867eb41ad0e332ef882a4400) Linus Heckemann2019-10-071-0/+2
| * | nixos/doc: fix manpage format•••Spaces inside <refname> cause stray double underscore in generated manual pages. Fixes #70468 (cherry picked from commit 0eaf29433e9f96205cbe8e9db76b94799a79ddec) (cherry picked from commit 26dfb4f86b49ca03ac3c7f894a136d61d96e346a) Albert Safin2019-10-058-16/+16
| * | linux: 5.2.18 -> 5.2.19Tim Steinbach2019-10-051-2/+2
| * | linux: 4.9.194 -> 4.9.195Tim Steinbach2019-10-051-2/+2
| * | linux: 4.4.194 -> 4.4.195Tim Steinbach2019-10-051-2/+2
| * | linux: 4.19.76 -> 4.19.77Tim Steinbach2019-10-051-2/+2
| * | linux: 4.14.146 -> 4.14.147Tim Steinbach2019-10-051-2/+2
| * | libpng12: 1.2.57 -> 1.2.59•••CVE-2017-12652 (cherry picked from commit 12f31b73667fc55905b453afd4cb09665edb2fd3) Martin Milata2019-10-051-2/+2
| * | unbound: patch CVE-2019-16866 (DoS, minor one IMHO)•••https://www.nlnetlabs.nl/projects/unbound/security-advisories/#vulnerability-in-parsing-notify-queries The patch should be available here but web is down ATM: https://nlnetlabs.nl/downloads/unbound/patch_cve_2019-16866.diff Vladimír Čunát2019-10-041-1/+10
| * | Merge pull request #70288 from ttuegel/security--release-19.03--CVE-2019-14744•••NixOS 19.03: Fix kdelibs and kconfig patch names for vulnixThomas Tuegel2019-10-033-2/+4
| |\ \
| | * | pykde4: Disable build on HydraThomas Tuegel2019-10-022-0/+2
| | * | kdelibs: vulnix: patch name is CVE numberThomas Tuegel2019-10-021-1/+1
| | * | kconfig: vulnix: patch name is CVE numberThomas Tuegel2019-10-021-1/+1
| |/ /
| * | Merge pull request #70263 from ttuegel/security--release-19.03--CVE-2019-14744•••NixOS 19.03: Patches for CVE-2019-14744Thomas Tuegel2019-10-022-2/+18
| |\ \
generated by cgit v1.2.3 (git 2.52.0) at 2026-01-17 04:56:24 +0000