summaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
...
| | * | | | | | sqlite: add patch for CVE-2022-46908•••(cherry picked from commit a7a2489afd1a5d30a33d5673bcc46d700b224f32) Robert Scott2022-12-172-1/+29
| * | | | | | | Merge pull request #207165 from mweinelt/22.05/curl-7.87.0-fixesMartin Weinelt2022-12-243-0/+112
| |\ \ \ \ \ \ \
| | * | | | | | | curl: backport 7.87.0 security fixes•••https://curl.se/docs/CVE-2022-43551.html https://curl.se/docs/CVE-2022-43552.html Fixes: CVE-2022-43551, CVE-2022-43552 Martin Weinelt2022-12-213-0/+112
| * | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-247-35/+35
| |\ \ \ \ \ \ \ \
| | * \ \ \ \ \ \ \ Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-247-35/+35
| | |\ \ \ \ \ \ \ \
| * | \ \ \ \ \ \ \ \ Merge pull request #207173 from NixOS/backport-207151-to-staging-22.05Martin Weinelt2022-12-231-2/+2
| |\ \ \ \ \ \ \ \ \ \
| | * | | | | | | | | | libksba: 1.6.2 -> 1.6.3•••https://gnupg.org/blog/20221017-pepe-left-the-ksba.html Fixes: CVE-2022-3515 (cherry picked from commit bae75df20ec7f187b9995f4f27016de54f3ca02b) Martin Weinelt2022-12-211-2/+2
| | | |_|/ / / / / / / | | |/| | | | | | | |
| * | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-231-0/+5
| |\ \ \ \ \ \ \ \ \ \ | | | |/ / / / / / / / | | |/| | | | | | | |
| | * | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-231-0/+5
| | |\ \ \ \ \ \ \ \ \ | | | | |_|_|_|_|/ / / | | | |/| | | | | | |
| * | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-222-2/+5
| |\| | | | | | | | | | | |_|/ / / / / / / | |/| | | | | | | |
| | * | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-222-2/+5
| | |\ \ \ \ \ \ \ \
| * | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-216-132/+134
| |\| | | | | | | | |
| | * | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-216-132/+134
| | |\ \ \ \ \ \ \ \ \
| * | | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-203-269/+269
| |\| | | | | | | | | |
| | * | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-203-269/+269
| | |\ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-191-2/+2
| |\| | | | | | | | | | |
| | * | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-191-2/+2
| | |\ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-1812-54/+67
| |\| | | | | | | | | | | | | | |_|_|_|_|_|_|/ / / / / | |/| | | | | | | | | | |
| | * | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-1812-54/+67
| | |\ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-165-1/+111
| |\| | | | | | | | | | | |
| | * | | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-168-13/+123
| | |\ \ \ \ \ \ \ \ \ \ \ \ | | | | |_|_|_|_|_|_|_|_|_|/ | | | |/| | | | | | | | | |
| * | | | | | | | | | | | | Merge pull request #205391 from helsinki-systems/bkp/22.05/nss_latest_cacertMartin Weinelt2022-12-154-14/+14
| |\ \ \ \ \ \ \ \ \ \ \ \ \
| | * | | | | | | | | | | | | cacert: 3.83 -> 3.86•••https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/NqCkaX216zY/m/QAUPTaBWCgAJ (cherry picked from commit e5212aaa67b7ac0bf70714efbe7309800f565b9b) ajs1242022-12-101-2/+2
| | * | | | | | | | | | | | | nss_latest: 3.85 -> 3.86•••https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/NqCkaX216zY/m/QAUPTaBWCgAJ (cherry picked from commit c13ed541dbd016b9132de3ba55f88b5b1b626d3b) ajs1242022-12-101-2/+2
| | * | | | | | | | | | | | | nss_latest: 3.84 -> 3.85•••https://github.com/nss-dev/nss/blob/master/doc/rst/releases/nss_3_85.rst (cherry picked from commit 9930d3512987cd2c76b9937dc50acaec5335a7d9) ajs1242022-12-103-12/+12
| * | | | | | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-157-1189/+1189
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | |/ / / / / / / / / / / / | | |/| | | | | | | | | | | |
| | * | | | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-157-1189/+1189
| | |\ \ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-144-9/+12
| |\| | | | | | | | | | | | | |
| | * | | | | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-144-9/+12
| | |\ \ \ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-1130-343/+275
| |\| | | | | | | | | | | | | | | | | |_|_|/ / / / / / / / / / / / | |/| | | | | | | | | | | | | |
| | * | | | | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-1130-343/+275
| | |\ \ \ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-1010-14/+78
| |\| | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-1010-14/+78
| | |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-095-38/+51
| |\| | | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-095-38/+51
| | |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-089-287/+293
| |\| | | | | | | | | | | | | | | | | | | |_|_|_|_|_|_|_|_|_|_|_|_|_|/ / / | |/| | | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-086-282/+282
| | |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | |_|_|_|_|_|_|_|_|_|_|_|_|_|/ | | | |/| | | | | | | | | | | | | |
| | * | | | | | | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-073-5/+11
| | |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| * | \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ Merge pull request #204972 from NixOS/backport-204795-to-staging-22.05•••[Backport staging-22.05] cacert: Distrust TrustCor root certificatesLinus Heckemann2022-12-071-1/+11
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | * | | | | | | | | | | | | | | | | | cacert: Distrust TrustCor root certificates•••Mozilla set "Distrust After" for the three TrustCor Root CAs¹, so new certificates issued would not be trusted after 2022/11/30, while older enduser certificates would continue working until they expire. This is a fine-grained policy option available to consumers of the NSS library, such as Firefox or Thunderbird. For Linux systems we generally export the Mozilla trust store into our own CA bundle that ultimately lacks that metadata, because there is no standardized way to parse it in the first place. That means that as long as Mozilla keeps the certificate in their CA program, even with time-based "Distrust" configured, we would keep trusting it fully². That is completely unreasonable and that is why we reject these CAs here for all users of nixpkgs. The TrustCor CAs were primarily used to sign certificates for dynamic hosts for domains provided through no-ip.com, so we expect the fallout from this to be minimal. [1] https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ [2] https://utcc.utoronto.ca/~cks/space/blog/linux/CARootStoreTrustProblem (cherry picked from commit 2e7853293da7eb49c8aaa10aa4ba2d8ffa64acac) Martin Weinelt2022-12-071-1/+11
| |/ / / / / / / / / / / / / / / / / /
| * | | | | | | | | | | | | | | | | | Merge remote-tracking branch 'origin/staging-next-22.05' into staging-22.05Martin Weinelt2022-12-061-2/+2
| |\| | | | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-061-2/+2
| | |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | | | | | | | Merge remote-tracking branch 'origin/staging-next-22.05' into staging-22.05Martin Weinelt2022-12-055-22/+73
| |\| | | | | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-055-22/+73
| | |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | | | | | | | | Merge remote-tracking branch 'origin/staging-next-22.05' into staging-22.05Martin Weinelt2022-12-0417-66/+64
| |\| | | | | | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-0417-66/+64
| | |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-031-1/+14
| |\| | | | | | | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-031-1/+14
| | |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | | | | | | | | | | | | Merge staging-next-22.05 into staging-22.05github-actions[bot]2022-12-0215-72/+78
| |\| | | | | | | | | | | | | | | | | | | | |
| | * | | | | | | | | | | | | | | | | | | | | Merge release-22.05 into staging-next-22.05github-actions[bot]2022-12-0215-72/+78
| | |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
generated by cgit v1.2.3 (git 2.52.0) at 2026-01-17 05:42:08 +0000