ad54866896
prometheus-collectd-exporter: extra deps not necessary
2016-12-01 02:02:04 +01:00
96137a6abd
prometheus-node-exporter: 0.12.0 -> 0.13.0
2016-12-01 02:02:04 +01:00
741bdeea38
prometheus-alertmanager: 0.5.0 -> 0.5.1
2016-12-01 02:02:04 +01:00
ca46d05f18
prometheus: 1.3.1 -> 1.4.1
2016-12-01 02:02:03 +01:00
fe63e45c08
grafana: 3.1.1 -> 4.0.0
2016-12-01 01:54:54 +01:00
a0f05feddf
gtk3: 3.22.1 -> 3.22.4
...
Fixes #19945 .
2016-12-01 01:54:30 +01:00
390f6a985b
Revert "Revert "bzip2: patch for CVE-2016-3189""
...
This reverts commit 6393ca650e
2016-11-30 19:30:52 -05:00
ea07ad6bd9
Revert "Revert "icu: patch for multiple CVEs""
...
icu: patch for multiple CVEs
- CVE-2014-6585
- CVE-2015-4760
- CVE-2016-0494
- CVE-2016-6293
- CVE-2016-7415
2016-11-30 19:29:51 -05:00
96393560d0
Merge pull request #20816 from grahamc/vulnerability-rollup-10
...
Vulnerability rollup 11 (WIP)
2016-11-30 19:29:19 -05:00
855b799ec9
Merge pull request #20828 from taku0/thunderbird-bin-45.5.1
...
thunderbird-bin: 45.5.0 -> 45.5.1 [Critical security fix]
2016-11-30 19:27:51 -05:00
897bffb0ff
Merge pull request #20827 from taku0/firefox-bin-50.0.2
...
firefox-bin: 50.0.1 -> 50.0.2 [Critical security fix]
2016-11-30 19:25:52 -05:00
16995fc57b
boehmgc: 7.2f -> 7.2g
2016-11-30 19:19:25 -05:00
7e40e89273
rpcbind: patch for CVE-2015-7236
2016-11-30 19:18:08 -05:00
5f4b3cd34b
thunderbird-bin: 45.5.0 -> 45.5.1
...
Critical security fix.
https://www.mozilla.org/en-US/thunderbird/45.5.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/
2016-12-01 09:11:50 +09:00
39753f5360
top-level: Close over fewer arguments for stdenv stages
...
This makes the flow of data easier to understand. There's little downside
because the args in question are already inspected by the stdenvs.
cross-compiling in particular is simpler because we don't need to worry
about overriding the config closed over by `allPackages`.
2016-11-30 19:11:03 -05:00
d240a0da1a
top-level: Remove cycles: stdenv calls in top-level but not vice versa
...
This commit changes the dependencies of stdenv, and clean-up the stdenv
story by removing the `defaultStdenv` attribute as well as the `bootStdenv`
parameter.
Before, the final bootstrapping stage's stdenv was provided by
all-packages, which was iterating multiple times over the
top-level/default.nix expression, and non-final bootstrapping stages'
stdenvs were explicitly specified with the `bootStdenv` parameter.
Now, all stages' stdenvs are specified with the `stdenv` parameter.
For non-final bootstrapping stages, this is a small change---basically just
rename the parameter.
For the final stage, top-level/default.nix takes the chosen stdenv and
makes the final stage with it.
`allPackages` is used to make all bootstrapping stages, final and
non-final alike. It's basically the expression of `stage.nix` (along with a
few partially-applied default arguments)
Note, the make-bootstrap-tools scripts are temporarily broken
2016-11-30 19:10:59 -05:00
c97fda0bcf
Revert "icu: patch for multiple CVEs"
...
This reverts commit 892a9b1f0f
2016-11-30 19:10:06 -05:00
097a8ee174
firefox-bin: 50.0.1 -> 50.0.2
...
Critical security fix
https://www.mozilla.org/en-US/firefox/50.0.2/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/
2016-12-01 09:08:16 +09:00
6393ca650e
Revert "bzip2: patch for CVE-2016-3189"
...
This reverts commit 9c71508c95
2016-11-30 19:08:15 -05:00
892a9b1f0f
icu: patch for multiple CVEs
...
- CVE-2014-6585
- CVE-2015-4760
- CVE-2016-0494
- CVE-2016-6293
- CVE-2016-7415
2016-11-30 19:08:15 -05:00
07a2b17cbf
top-level: Split some of `pkgs/top-level/default.nix` to `pkgs/top-level/stage.nix`
...
This is preparation for the latter just building a single stage, and the
former building a package set with the bootstrapped stdenv.
2016-11-30 19:04:22 -05:00
2df990967b
Move up `inherit` binding for consistency
2016-11-30 19:03:22 -05:00
ddeb0d2d6b
top-level: Stop exposing all stdenvs
2016-11-30 19:03:01 -05:00
9c71508c95
bzip2: patch for CVE-2016-3189
2016-11-30 18:43:56 -05:00
5f78980973
tomcatUnstable: 9.0.0.M10 -> 9.0.0.M13
...
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:27:06 -05:00
42f1ae1911
tomcat85: 8.5.5 -> 8.5.8
...
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:27:00 -05:00
80a475042c
tomcat8: 8.0.37 -> 8.0.39
...
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:55 -05:00
3d0310daf3
tomcat7: 7.0.72 -> 7.0.73
...
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:39 -05:00
eba91fa2bd
tomcat6: 6.0.45 -> 6.0.48
...
For CVE-2016-8735, a remote code execution vulnerability.
2016-11-30 18:26:13 -05:00
288e75c5f9
wireguard: remove dependency on ip-up.target
...
It was deprecated and removed from all modules in the tree by #18319 .
The wireguard module PR (#17933 ) was still in the review at the time and
the deprecated usage managed to slip inside.
2016-12-01 00:11:16 +01:00
3675631f63
convoy: init at 0.5.0
2016-11-30 23:28:18 +01:00
fa4212e763
cheat: 2.1.26 -> 2.1.27
2016-11-30 21:10:54 +01:00
54e2973533
docker-machine-kvm: init at 0.7.0
2016-11-30 19:10:25 +01:00
18757f3a11
XFCE plugins: update, taken from #20410
...
xfce4-embed-plugin : 1.4.1 -> 1.6.0
xfce4-eyes-plugin : 4.4.3 -> 4.4.4
xfce4-fsguard-plugin : 1.0.1 -> 1.0.2
xfce4-verve-plugin : 1.0.1 -> 1.1.0
xfce4-xkb-plugin : 0.5.6 -> 0.7.1
2016-11-30 18:26:14 +01:00
d6ffb976fe
Merge pull request #20812 from jokogr/u/syncthing-0.14.13
...
syncthing: 0.14.12 -> 0.14.13
2016-11-30 17:55:17 +01:00
b28d21fd50
Merge pull request #20808 from grahamc/fancy-test-tty
...
login test: Create and use direct reads of the TTY contents.
2016-11-30 11:27:49 -05:00
014a1b430a
Merge pull request #20615 from vbgl/lwt-2.6.0
...
ocamlPackages.lwt: 2.5.2 → 2.6.0
2016-11-30 16:36:52 +01:00
ab2185a4b5
Merge pull request #20756 from vbgl/ocp-index-1.1.5
...
ocamlPackages.ocp-index: 1.1.4 -> 1.1.5
2016-11-30 16:34:56 +01:00
c0da5f78d6
make-tarball.nix: Don't check broken packages
...
They're broken after all. In particular, this prevents us from
evaluating packages that are unsupported on a particular platform.
Reverts a147ddc42cFixes #20817 .
2016-11-30 15:21:30 +01:00
e3a873479e
Remove fetchMD5warn
...
Deprecation warnings should not be used in Nixpkgs because they spam
innocent "nix-env -qa" users with (in this case) dozens of messages
that they can't do anything about.
This also reverts commit 2ca8833383
2016-11-30 15:14:30 +01:00
0cff959e79
maatkit: update URL
2016-11-30 09:07:17 -05:00
7d09138cae
perlPackages.DBDmysql: 4.033 -> 4.039
2016-11-30 08:37:48 -05:00
0707962235
mujs: 2016-09-21 -> 2016-11-30 for multiple CVEs
...
- CVE-2016-7504
- CVE-2016-7505
- CVE-2016-7506
- CVE-2016-9017
- CVE-2016-9108
- CVE-2016-9109
- CVE-2016-9294
See more information: https://lwn.net/Vulnerabilities/707361/
2016-11-30 08:29:44 -05:00
f26ff0b1bd
Merge pull request #20813 from lsix/update_pytest_30
...
pythonPackages.pytest_30: 3.0.3 -> 3.0.4
2016-11-30 14:26:02 +01:00
a9611a52f3
mcabber: 1.0.3 -> 1.0.4 for 'roster push attack'
2016-11-30 08:23:42 -05:00
c0ec503dce
Merge pull request #20803 from NeQuissimus/2_11_0
...
git: 2.10.2 -> 2.11.0
2016-11-30 14:17:57 +01:00
cc3e61006f
Merge pull request #20811 from Profpatsch/hdbc-odbc-haddock
...
haskellPackages.HDBC-odbc: remove haddock fix again
2016-11-30 14:00:30 +01:00
58faa138d4
syncthing: 0.14.12 -> 0.14.13
2016-11-30 14:17:36 +02:00
de4dba37a1
pythonPackages.pytest_30: 3.0.3 -> 3.0.4
2016-11-30 13:11:36 +01:00
10cf3b150e
haskellPackages.HDBC-odbc: remove haddock fix again
2016-11-30 13:04:48 +01:00
Franz Pletz
Graham Christensen
taku0
John Ericson
John Ericson
lbonn
Jaka Hudoklin
Jörg Thalheim
AndersonTorres
Frederik Rietdijk
Pascal Wittmann
Eelco Dolstra
Peter Simons
Ioannis Koutras
Lancelot SIX
Profpatsch