From cb6d25873873ae2e4b553346e0132d72779220e1 Mon Sep 17 00:00:00 2001 From: Peter Hoeg Date: Fri, 19 Aug 2016 18:32:13 +0800 Subject: [PATCH 1/7] spotify: 1.0.34.146 -> 1.0.36.120 --- pkgs/applications/audio/spotify/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/audio/spotify/default.nix b/pkgs/applications/audio/spotify/default.nix index 483527c8fa8..0cd5c199751 100644 --- a/pkgs/applications/audio/spotify/default.nix +++ b/pkgs/applications/audio/spotify/default.nix @@ -5,7 +5,7 @@ assert stdenv.system == "x86_64-linux"; let - version = "1.0.34.146.g28f9eda2-19"; + version = "1.0.36.120.g536a862f-20"; deps = [ alsaLib @@ -50,7 +50,7 @@ stdenv.mkDerivation { src = fetchurl { url = "http://repository-origin.spotify.com/pool/non-free/s/spotify-client/spotify-client_${version}_amd64.deb"; - sha256 = "1pks9b83aj6y3c3jlmll0rs05yk15r49v0v4amm950z68v182a5g"; + sha256 = "03r4hz4x4f3zmp6dsv1n72y5q01d7mfqvaaxqvd587a5561gahf0"; }; buildInputs = [ dpkg makeWrapper ]; From 51b165c7d20d53b4581622a934a9e0abd7e43800 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benno=20F=C3=BCnfst=C3=BCck?= Date: Fri, 19 Aug 2016 14:47:11 +0200 Subject: [PATCH 2/7] nixos/shadow: setuid wrappers for new{uid,gid}map These utils are not related to user management, so they should be available even if immutable users are enabled. --- nixos/modules/programs/shadow.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/nixos/modules/programs/shadow.nix b/nixos/modules/programs/shadow.nix index 6398509357a..878c9cc0cf0 100644 --- a/nixos/modules/programs/shadow.nix +++ b/nixos/modules/programs/shadow.nix @@ -103,10 +103,9 @@ in }; security.setuidPrograms = [ "su" "chfn" ] + ++ [ "newuidmap" "newgidmap" ] # new in shadow 4.2.x ++ lib.optionals config.users.mutableUsers - [ "passwd" "sg" "newgrp" - "newuidmap" "newgidmap" # new in shadow 4.2.x - ]; + [ "passwd" "sg" "newgrp" ]; }; From cd07a6b4dd15afade03cc63e118236c75ce098dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Fri, 19 Aug 2016 16:08:52 +0200 Subject: [PATCH 3/7] gnutls: security 3.4.13 -> 3.4.14 http://gnutls.org/security.html#GNUTLS-SA-2016-2 (no CVE seems assigned ATM) --- pkgs/development/libraries/gnutls/3.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/gnutls/3.4.nix b/pkgs/development/libraries/gnutls/3.4.nix index 4882e5dda04..972023d2a24 100644 --- a/pkgs/development/libraries/gnutls/3.4.nix +++ b/pkgs/development/libraries/gnutls/3.4.nix @@ -1,11 +1,11 @@ { callPackage, fetchurl, autoreconfHook, ... } @ args: callPackage ./generic.nix (args // rec { - version = "3.4.13"; + version = "3.4.14"; src = fetchurl { url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-${version}.tar.xz"; - sha256 = "0naqs9g5b577j1j7q55ma1vcn78jl2d98h3zrl5rh997wzl8cczx"; + sha256 = "35deddf2779b76ac11057de38bf380b8066c05de21b94263ad5b6dfa75dfbb23"; }; # This fixes some broken parallel dependencies From 1441366fdd342a6cb4cdc398e9d50455ae45d130 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Fri, 19 Aug 2016 16:36:10 +0200 Subject: [PATCH 4/7] gnutls33: maintenance 3.3.18 -> 3.3.24 --- pkgs/development/libraries/gnutls/3.3.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/gnutls/3.3.nix b/pkgs/development/libraries/gnutls/3.3.nix index c314da388dc..86262d4aef2 100644 --- a/pkgs/development/libraries/gnutls/3.3.nix +++ b/pkgs/development/libraries/gnutls/3.3.nix @@ -1,10 +1,10 @@ { callPackage, fetchurl, ... } @ args: callPackage ./generic.nix (args // rec { - version = "3.3.18"; + version = "3.3.24"; src = fetchurl { url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-${version}.tar.xz"; - sha256 = "15ckyblhkap3d4sqw0dc9l8wdrnd2aj1fs9m0w0a3bfihvsfg1vs"; + sha256 = "5b65fe2a91c8dfa32bedc78acffcb152e5426cd3349e2afc43cccc9bdaf18aa5"; }; }) From c69e2d57639bce0179453908d066573f4004d215 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Fri, 19 Aug 2016 16:36:52 +0200 Subject: [PATCH 5/7] gnutls35: maintenance 3.5.1 -> 3.5.3 --- pkgs/development/libraries/gnutls/3.5.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/gnutls/3.5.nix b/pkgs/development/libraries/gnutls/3.5.nix index 82bd437d721..1285be0e79f 100644 --- a/pkgs/development/libraries/gnutls/3.5.nix +++ b/pkgs/development/libraries/gnutls/3.5.nix @@ -1,11 +1,11 @@ { callPackage, fetchurl, autoreconfHook, ... } @ args: callPackage ./generic.nix (args // rec { - version = "3.5.1"; + version = "3.5.3"; src = fetchurl { url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5/gnutls-${version}.tar.xz"; - sha256 = "1gdxr1p1sigigwvangqf3v31i8fda07d6ngawykarhr7ls00yjmw"; + sha256 = "92c4bc999a10a1b95299ebefaeea8333f19d8a98d957a35b5eae74881bdb1fef"; }; # This fixes some broken parallel dependencies From 6d75fd1476b490d4a572f8c26d61c99a66b5ab04 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Fri, 19 Aug 2016 16:37:11 +0200 Subject: [PATCH 6/7] gnutls*: drop the parallel-build hack ... as it didn't work, apparently: 024cb9ee --- pkgs/development/libraries/gnutls/3.4.nix | 7 ------- pkgs/development/libraries/gnutls/3.5.nix | 7 ------- 2 files changed, 14 deletions(-) diff --git a/pkgs/development/libraries/gnutls/3.4.nix b/pkgs/development/libraries/gnutls/3.4.nix index 972023d2a24..2a48d045c51 100644 --- a/pkgs/development/libraries/gnutls/3.4.nix +++ b/pkgs/development/libraries/gnutls/3.4.nix @@ -7,11 +7,4 @@ callPackage ./generic.nix (args // rec { url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-${version}.tar.xz"; sha256 = "35deddf2779b76ac11057de38bf380b8066c05de21b94263ad5b6dfa75dfbb23"; }; - - # This fixes some broken parallel dependencies - postPatch = '' - sed -i 's,^BUILT_SOURCES =,\0 systemkey-args.h,g' src/Makefile.am - ''; - - nativeBuildInputs = [ autoreconfHook ]; }) diff --git a/pkgs/development/libraries/gnutls/3.5.nix b/pkgs/development/libraries/gnutls/3.5.nix index 1285be0e79f..db35a13cc41 100644 --- a/pkgs/development/libraries/gnutls/3.5.nix +++ b/pkgs/development/libraries/gnutls/3.5.nix @@ -7,11 +7,4 @@ callPackage ./generic.nix (args // rec { url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5/gnutls-${version}.tar.xz"; sha256 = "92c4bc999a10a1b95299ebefaeea8333f19d8a98d957a35b5eae74881bdb1fef"; }; - - # This fixes some broken parallel dependencies - postPatch = '' - sed -i 's,^BUILT_SOURCES =,\0 systemkey-args.h,g' src/Makefile.am - ''; - - nativeBuildInputs = [ autoreconfHook ]; }) From c60f1e9af5264c0f20d8378b486e8b0e8b7b0415 Mon Sep 17 00:00:00 2001 From: Ram Kromberg Date: Fri, 19 Aug 2016 21:08:16 +0300 Subject: [PATCH 7/7] gtk3: 3.20.8 -> 3.20.9 --- pkgs/development/libraries/gtk+/3.x.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/gtk+/3.x.nix b/pkgs/development/libraries/gtk+/3.x.nix index 1a5931d9828..b0409ee2808 100644 --- a/pkgs/development/libraries/gtk+/3.x.nix +++ b/pkgs/development/libraries/gtk+/3.x.nix @@ -13,7 +13,7 @@ with stdenv.lib; let ver_maj = "3.20"; - ver_min = "8"; + ver_min = "9"; version = "${ver_maj}.${ver_min}"; in stdenv.mkDerivation rec { @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "mirror://gnome/sources/gtk+/${ver_maj}/gtk+-${version}.tar.xz"; - sha256 = "9841bd9b4d23c045c474b10fdde9da958af904b63783701e796391d55d4396f3"; + sha256 = "05xcwvy68p7f4hdhi4bgdm3aycvqqr4pr5kkkr8ba91l5yx0k9l3"; }; outputs = [ "dev" "out" ];