From f9fdcb4cf7274dc975d74f51b61968ac42dfa3d5 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Tue, 22 Oct 2019 11:26:12 +0200 Subject: [PATCH 1/7] gtk3: add devdoc --- pkgs/development/libraries/gtk/3.x.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/gtk/3.x.nix b/pkgs/development/libraries/gtk/3.x.nix index 3f599a7846f..ab8602af274 100644 --- a/pkgs/development/libraries/gtk/3.x.nix +++ b/pkgs/development/libraries/gtk/3.x.nix @@ -3,6 +3,9 @@ , fetchpatch , pkgconfig , gettext +, docbook_xsl +, docbook_xml_dtd_43 +, gtk-doc , meson , ninja , python3 @@ -47,7 +50,7 @@ stdenv.mkDerivation rec { pname = "gtk+3"; version = "3.24.11"; - outputs = [ "out" "dev" ]; + outputs = [ "out" "dev" "devdoc" ]; outputBin = "dev"; setupHook = ./gtk3-setup-hook.sh; @@ -74,6 +77,7 @@ stdenv.mkDerivation rec { ]; mesonFlags = [ + "-Dgtk_doc=true" "-Dtests=false" ]; @@ -101,7 +105,10 @@ stdenv.mkDerivation rec { ''; nativeBuildInputs = [ + docbook_xml_dtd_43 + docbook_xsl gettext + gtk-doc gobject-introspection hicolor-icon-theme # setup-hook makeWrapper From fa7b3611badc7a8d05e310bfaee7c80625fbb182 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Tue, 22 Oct 2019 05:37:24 -0700 Subject: [PATCH 2/7] libgdiplus: 6.0.2 -> 6.0.4 Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/libgdiplus/versions --- pkgs/development/libraries/libgdiplus/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libgdiplus/default.nix b/pkgs/development/libraries/libgdiplus/default.nix index cdaf972911d..24bb9c8f2b4 100644 --- a/pkgs/development/libraries/libgdiplus/default.nix +++ b/pkgs/development/libraries/libgdiplus/default.nix @@ -4,13 +4,13 @@ stdenv.mkDerivation rec { pname = "libgdiplus"; - version = "6.0.2"; + version = "6.0.4"; src = fetchFromGitHub { owner = "mono"; repo = "libgdiplus"; rev = version; - sha256 = "07a3n7i35mn5j2djah64by785b1hzy8ckk1pz0xwvk716yzb7sxg"; + sha256 = "1pf3yhwq9qk0w3yv9bb8qlwwqkffg7xb4sgc8yqdnn6pa56i3vmn"; }; NIX_LDFLAGS = "-lgif"; From 99273fc55533db11748750f5337f0791e8233cee Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Sat, 26 Oct 2019 14:28:02 +0100 Subject: [PATCH 3/7] file: add patch for CVE-2019-18218 upstream patch https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84.patch doesn't apply directly, debian have a version which has been adapted for 5.37. --- pkgs/tools/misc/file/default.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/pkgs/tools/misc/file/default.nix b/pkgs/tools/misc/file/default.nix index b3ed85ca228..a06b38c0ec7 100644 --- a/pkgs/tools/misc/file/default.nix +++ b/pkgs/tools/misc/file/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, file, zlib, libgnurx }: +{ stdenv, fetchurl, fetchpatch, file, zlib, libgnurx }: stdenv.mkDerivation rec { pname = "file"; @@ -12,6 +12,14 @@ stdenv.mkDerivation rec { sha256 = "0zz0p9bqnswfx0c16j8k62ivjq1m16x10xqv4hy9lcyxyxkkkhg9"; }; + patches = [ + (fetchpatch { + name = "CVE-2019-18218.patch"; + url = "https://sources.debian.org/data/main/f/file/1:5.37-6/debian/patches/cherry-pick.FILE5_37-67-g46a8443f.limit-the-number-of-elements-in-a-vector-found-by-oss-fuzz.patch"; + sha256 = "1i22y91yndc3n2p2ngczp1lwil8l05sp8ciicil74xrc5f91y6mj"; + }) + ]; + nativeBuildInputs = stdenv.lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) file; buildInputs = [ zlib ] ++ stdenv.lib.optional stdenv.hostPlatform.isWindows libgnurx; From 2ded9c2d8a10882a34d7e72fa16b958774775842 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Sun, 27 Oct 2019 15:32:39 +0100 Subject: [PATCH 4/7] glib: enable separate debug info --- pkgs/development/libraries/glib/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/development/libraries/glib/default.nix b/pkgs/development/libraries/glib/default.nix index 4f8b289b084..ff01a9cafe8 100644 --- a/pkgs/development/libraries/glib/default.nix +++ b/pkgs/development/libraries/glib/default.nix @@ -188,6 +188,8 @@ stdenv.mkDerivation rec { inherit doCheck; + separateDebugInfo = stdenv.isLinux; + passthru = rec { gioModuleDir = "lib/gio/modules"; makeSchemaPath = dir: name: "${dir}/share/gsettings-schemas/${name}/glib-2.0/schemas"; From c502cfe5c1dccb412141154e7d4698561c38eb31 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Sun, 27 Oct 2019 16:20:00 -0500 Subject: [PATCH 5/7] libgdiplus: fix darwin build --- pkgs/development/libraries/libgdiplus/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/development/libraries/libgdiplus/default.nix b/pkgs/development/libraries/libgdiplus/default.nix index 24bb9c8f2b4..1a690ca7aa1 100644 --- a/pkgs/development/libraries/libgdiplus/default.nix +++ b/pkgs/development/libraries/libgdiplus/default.nix @@ -21,6 +21,8 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoreconfHook pkgconfig ]; + configureFlags = stdenv.lib.optionalString stdenv.cc.isClang "--host=${stdenv.hostPlatform.system}"; + buildInputs = [ glib cairo fontconfig libtiff giflib libjpeg libpng libXrender libexif From 3281d30b7cfb858cbf7c1ea4ff1e18b530c10d75 Mon Sep 17 00:00:00 2001 From: Izorkin Date: Mon, 28 Oct 2019 20:12:18 +0300 Subject: [PATCH 6/7] mariadb-connector-c: fix crypt_libs --- pkgs/servers/sql/mariadb/connector-c/default.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/pkgs/servers/sql/mariadb/connector-c/default.nix b/pkgs/servers/sql/mariadb/connector-c/default.nix index af344d63721..1e1e2db0f60 100644 --- a/pkgs/servers/sql/mariadb/connector-c/default.nix +++ b/pkgs/servers/sql/mariadb/connector-c/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, cmake +{ stdenv, fetchurl, cmake, fetchpatch , curl, openssl, zlib , libiconv , version, sha256, ... @@ -18,6 +18,13 @@ stdenv.mkDerivation { inherit sha256; }; + patches = [ + (fetchpatch { + url = "https://github.com/MariaDB/mariadb-connector-c/commit/ee91b2c98a63acb787114dee4f2694e154630928.patch"; + sha256 = "05mlyv20kzn9bax4byv2ph1cf42541fcl1zcqzbfwqmynnisvdah"; + }) + ]; + cmakeFlags = [ "-DMARIADB_UNIX_ADDR=/run/mysqld/mysqld.sock" "-DWITH_CURL=ON" From b607f1cd16102d62e780a500837b38822588f03b Mon Sep 17 00:00:00 2001 From: worldofpeace Date: Tue, 29 Oct 2019 16:15:28 -0400 Subject: [PATCH 7/7] gtk3: only build docs on linux --- pkgs/development/libraries/gtk/3.x.nix | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/pkgs/development/libraries/gtk/3.x.nix b/pkgs/development/libraries/gtk/3.x.nix index c88e193740d..7f09b52d51f 100644 --- a/pkgs/development/libraries/gtk/3.x.nix +++ b/pkgs/development/libraries/gtk/3.x.nix @@ -36,6 +36,7 @@ , wayland-protocols , xineramaSupport ? stdenv.isLinux , cupsSupport ? stdenv.isLinux +, withGtkDoc ? stdenv.isLinux , cups ? null , AppKit , Cocoa @@ -49,7 +50,7 @@ stdenv.mkDerivation rec { pname = "gtk+3"; version = "3.24.12"; - outputs = [ "out" "dev" "devdoc" ]; + outputs = [ "out" "dev" ] ++ optional withGtkDoc "devdoc"; outputBin = "dev"; setupHooks = [ @@ -81,7 +82,7 @@ stdenv.mkDerivation rec { separateDebugInfo = stdenv.isLinux; mesonFlags = [ - "-Dgtk_doc=true" + "-Dgtk_doc=${boolToString withGtkDoc}" "-Dtests=false" ]; @@ -109,10 +110,7 @@ stdenv.mkDerivation rec { ''; nativeBuildInputs = [ - docbook_xml_dtd_43 - docbook_xsl gettext - gtk-doc gobject-introspection makeWrapper meson @@ -121,6 +119,10 @@ stdenv.mkDerivation rec { python3 sassc setupHooks + ] ++ optionals withGtkDoc [ + docbook_xml_dtd_43 + docbook_xsl + gtk-doc ]; buildInputs = [