diff --git a/nixos/modules/services/security/privacyidea.nix b/nixos/modules/services/security/privacyidea.nix index 2696dca4c76..02c182b4a1a 100644 --- a/nixos/modules/services/security/privacyidea.nix +++ b/nixos/modules/services/security/privacyidea.nix @@ -228,7 +228,7 @@ in path = with pkgs; [ openssl ]; environment.PRIVACYIDEA_CONFIGFILE = "${cfg.stateDir}/privacyidea.cfg"; preStart = let - pi-manage = "${pkgs.sudo}/bin/sudo -u privacyidea -HE ${penv}/bin/pi-manage"; + pi-manage = "${config.security.sudo.package}/bin/sudo -u privacyidea -HE ${penv}/bin/pi-manage"; pgsu = config.services.postgresql.superUser; psql = config.services.postgresql.package; in '' @@ -239,8 +239,8 @@ in -i "${piCfgFile}" chown ${cfg.user}:${cfg.group} ${cfg.stateDir}/privacyidea.cfg if ! test -e "${cfg.stateDir}/db-created"; then - ${pkgs.sudo}/bin/sudo -u ${pgsu} ${psql}/bin/createuser --no-superuser --no-createdb --no-createrole ${cfg.user} - ${pkgs.sudo}/bin/sudo -u ${pgsu} ${psql}/bin/createdb --owner ${cfg.user} privacyidea + ${config.security.sudo.package}/bin/sudo -u ${pgsu} ${psql}/bin/createuser --no-superuser --no-createdb --no-createrole ${cfg.user} + ${config.security.sudo.package}/bin/sudo -u ${pgsu} ${psql}/bin/createdb --owner ${cfg.user} privacyidea ${pi-manage} create_enckey ${pi-manage} create_audit_keys ${pi-manage} createdb diff --git a/nixos/tests/kernel-generic.nix b/nixos/tests/kernel-generic.nix index 62d80db2915..2bd0c50e61c 100644 --- a/nixos/tests/kernel-generic.nix +++ b/nixos/tests/kernel-generic.nix @@ -32,6 +32,7 @@ with pkgs; { linux_5_4 = makeKernelTest "5.4" linuxPackages_5_4; linux_5_10 = makeKernelTest "5.10" linuxPackages_5_10; linux_5_13 = makeKernelTest "5.13" linuxPackages_5_13; + linux_5_14 = makeKernelTest "5.14" linuxPackages_5_14; linux_testing = makeKernelTest "testing" linuxPackages_testing; } diff --git a/pkgs/development/python-modules/flask-restx/default.nix b/pkgs/development/python-modules/flask-restx/default.nix index e1de7bf0d3b..b33a5704c34 100644 --- a/pkgs/development/python-modules/flask-restx/default.nix +++ b/pkgs/development/python-modules/flask-restx/default.nix @@ -1,6 +1,7 @@ { lib , buildPythonPackage , fetchFromGitHub +, fetchpatch , aniso8601 , jsonschema , flask @@ -30,6 +31,14 @@ buildPythonPackage rec { sha256 = "0aj13nd3z71gb8c2kqiaz3f9k7jr0srlvrsx8hpz4nkpki8jiz2s"; }; + patches = [ + (fetchpatch { + name = "CVE-2021-32838.patch"; + url = "https://github.com/python-restx/flask-restx/commit/bab31e085f355dd73858fd3715f7ed71849656da.patch"; + sha256 = "1n786f0zq3gyrp9s28qw3j8bkqhys38vbaafaizplaf4f76bh7m8"; + }) + ]; + propagatedBuildInputs = [ aniso8601 jsonschema flask werkzeug pytz six ] ++ lib.optionals isPy27 [ enum34 ]; diff --git a/pkgs/games/steam/fhsenv.nix b/pkgs/games/steam/fhsenv.nix index f09330ccdde..ff3c574f068 100644 --- a/pkgs/games/steam/fhsenv.nix +++ b/pkgs/games/steam/fhsenv.nix @@ -100,6 +100,11 @@ in buildFHSUserEnv rec { libva pipewire.lib + # steamwebhelper + harfbuzz + libthai + pango + # Not formally in runtime but needed by some games at-spi2-atk at-spi2-core # CrossCode @@ -114,7 +119,7 @@ in buildFHSUserEnv rec { xorg.libpciaccess udev # shadow of the tomb raider - ## screeps dependencies + # screeps dependencies gtk3 dbus zlib @@ -123,7 +128,6 @@ in buildFHSUserEnv rec { cairo freetype gdk-pixbuf - pango fontconfig # friends options won't display "Launch Game" without it @@ -188,7 +192,6 @@ in buildFHSUserEnv rec { nss fontconfig cairo - pango expat dbus cups