public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
295,456 Commits 1 Branch 0 Tags 1.5 GiB
Commit Graph

295456 Commits

Author SHA1 Message Date
Michael Weiss 3854b45b21
Merge pull request #143816 from primeos/chromium-backport 
[21.05] chromium: 95.0.4638.54 -> 95.0.4638.69
 2021-10-30 11:53:25 +02:00
Maximilian Bosch 666bedc36c
Merge pull request #143761 from Ma27/backport-epson-escpr2 
[21.05] epson-escpr2: 1.1.38 -> 1.1.42
 2021-10-30 11:22:30 +02:00
Michael Weiss 4bfe628c58
Merge pull request #142514 from NixOS/backport-142450-to-release-21.05 
[Backport release-21.05] ungoogled-chromium: 94.0.4606.81 -> 95.0.4638.54
 2021-10-30 11:17:43 +02:00
Michael Weiss a7e7c9a328
chromium: 95.0.4638.54 -> 95.0.4638.69 
https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html

This update includes 8 security fixes. Google is aware that exploits for
CVE-2021-38000 and CVE-2021-38003 exist in the wild.

CVEs:
CVE-2021-37997 CVE-2021-37998 CVE-2021-37999 CVE-2021-38000
CVE-2021-38001 CVE-2021-38002 CVE-2021-38003

(cherry picked from commit 8dae7bc0f54b8f2ef7fde4727f190d137c94ad0b)
 2021-10-30 11:12:06 +02:00
Maximilian Bosch fc3c987767
epson-escpr2: 1.1.38 -> 1.1.42 
(cherry picked from commit b9170bf9e0e4d4791ab7fcfb610cc88a90869590)
 2021-10-30 00:00:11 +02:00
Michael Weiss 6c0c301463
Merge pull request #143744 from primeos/signal-desktop-backport 
[21.05] signal-desktop: 5.21.0 -> 5.22.0
 2021-10-29 23:43:10 +02:00
Michael Weiss e47f00a7c7
signal-desktop: 5.21.0 -> 5.22.0 2021-10-29 23:07:19 +02:00
Kim Lindberger 8416cc284e
Merge pull request #143397 from talyz/21-05-gitlab-14.4.1 
[21.05] gitlab: 14.3.3 -> 14.4.1
 2021-10-29 15:10:03 +02:00
talyz b72647dc3a
gitlab: 14.3.3 -> 14.4.1 2021-10-29 13:41:48 +02:00
Maximilian Bosch e5faf9d034
Merge pull request #143466 from Ma27/backport-linux-changes 
[21.05] linux: changes for #140281
 2021-10-29 13:27:40 +02:00
Eduardo Sánchez Muñoz 66d6ec6ed2 maintainers: remove eduardosm 2021-10-28 14:23:25 -07:00
Maximilian Bosch f47c57802e
linux: build hardened kernel with matching releases 
Until now we merged kernel updates even if no hardened versions were
available yet. On one hand we don't want to delay patch-level updates,
on the other hand users of hardened kernels have frequent breakage now[1].

This change aims to provide a solution this issue:

* The hardened patchset now references the kernel version it's released
  for (including a sha256 hash for the fixed-output path of the source
  tarball).
* The `hardenedKernelFor`-function doesn't just append hardened patches
  now, but also overrides version & src to match the kernel version the
  patch was built & tested for.

Refs #140281

[1] https://hydra.nixos.org/job/nixos/trunk-combined/nixpkgs.linuxPackages_hardened.kernel.x86_64-linux/all

(cherry picked from commit bb5aa0109b6db98a2e0a7ba88f5e0287e2374384)
 2021-10-28 22:26:22 +02:00
Maximilian Bosch f48b51e12e
linux: create maintainer team 
Now there are a few more folks who should get pinged on kernel changes:

    $ nix-instantiate -E 'with import ./. {}; (map (x: x.github) linux.meta.maintainers)' --eval  --strict
    [ "TredwellGit" "mweinelt" "ma27" "nequissimus" "alyssais" "thoughtpolice" ]

Refs #140281

(cherry picked from commit 65930caffe78ccd3c0e4f00bfd79123fcba9e444)
 2021-10-28 21:58:39 +02:00
Artturi dcc34fe9e1
Merge pull request #143448 from NixOS/backport-122585-to-release-21.05 
[Backport release-21.05] tor-browser-bundle-bin: Add eff.org mirror
 2021-10-28 22:18:24 +03:00
jakobrs 0116578123 tor-browser-bundle-bin: Add eff.org mirror 
(cherry picked from commit 7325f6a4f14d19eeaf0129e7b52710d141a28b76)
 2021-10-28 19:04:08 +00:00
Maximilian Bosch a6e34d50fc
Merge pull request #143355 from Ma27/php73-cve-2021-21703 
[21.05] php73: 7.3.29 -> 7.3.32
 2021-10-28 19:43:41 +02:00
Ryan Mulligan ecaaffb02e
Merge pull request #143291 from NixOS/backport-143275-to-release-21.05 
[Backport release-21.05] [CVSS 10.0] discourse: 2.7.8 -> 2.7.9
 2021-10-28 07:06:00 -07:00
Maximilian Bosch 25ff65fe34
php73: 7.3.29 -> 7.3.32 
ChangeLog: https://www.php.net/ChangeLog-7.php#7.3.32 and below.
 2021-10-28 12:53:40 +02:00
TredwellGit 969ba0f1c9 discourse: 2.7.8 -> 2.7.9 
https://nvd.nist.gov/vuln/detail/CVE-2021-41163
(cherry picked from commit 44ffcb836239ef0e608728223166740b632ce994)
 2021-10-28 03:41:51 +00:00
figsoda 06b49ba179
Merge pull request #143135 from NixOS/backport-143131-to-release-21.05 
[Backport release-21.05] electron: mark versions <= 11 as EOL
 2021-10-27 22:50:21 -04:00
Maximilian Bosch d14d83a369
Merge pull request #143183 from NixOS/backport-143113-to-release-21.05 
[Backport release-21.05] Kernels 2021-10-27
 2021-10-28 00:20:56 +02:00
Michael Weiss 0a6b8f9b69
Merge pull request #143201 from NixOS/backport-143044-to-release-21.05 
[Backport release-21.05] signal-desktop: 5.20.0 -> 5.21.0
 2021-10-27 21:42:05 +02:00
figsoda dcdd69dcdc
Merge pull request #143212 from NixOS/backport-132008-to-release-21.05 
[Backport release-21.05] multimc: don't re-distribute package
 2021-10-27 15:20:58 -04:00
Tristan Gosselin-Hane 28188b0b42 multimc: don't re-distribute package 
Fixes NixOS#131983

(cherry picked from commit 8dfddb341ebaf718904722692dbbcd1d5d9d5e12)
 2021-10-27 19:06:27 +00:00
Tristan Gosselin-Hane 27db642c65 multimc: change license to asl20 
(cherry picked from commit 9a8f5b712fa5beb86659dd1f2d0a830c16f4cfc9)
 2021-10-27 19:06:26 +00:00
Michael Weiss 7f1ea2dc2d signal-desktop: 5.20.0 -> 5.21.0 
(cherry picked from commit 374ab216aa4a37febf54eefe605d0cbe18cd4fe2)
 2021-10-27 18:19:31 +00:00
TredwellGit 7868d08c53 linux_latest-libre: 18380 -> 18413 
(cherry picked from commit 748cc6042768547201a9f6c4365cda6ed3d7dbd4)
 2021-10-27 16:07:47 +00:00
TredwellGit 4d8b9a6846 linux-rt_5_4: 5.4.143-rt64 -> 5.4.154-rt65 
(cherry picked from commit 55af4f5da2bf6d1c28aca5c98ecbc31504de01ea)
 2021-10-27 16:07:46 +00:00
TredwellGit 35fe117f23 linux: 5.4.155 -> 5.4.156 
(cherry picked from commit 67e5b8b626c12d575e10a82e88644bbf257eac86)
 2021-10-27 16:07:45 +00:00
TredwellGit c34af3c32f linux: 5.14.14 -> 5.14.15 
(cherry picked from commit 0719e92d1b84200d990ace44c039b3f001997c7d)
 2021-10-27 16:07:44 +00:00
TredwellGit 01915f55ea linux: 5.10.75 -> 5.10.76 
(cherry picked from commit 4bd2c087e06419ffb266cd8f39d4a755437bf845)
 2021-10-27 16:07:43 +00:00
TredwellGit fbdac79b1a linux: 4.9.287 -> 4.9.288 
(cherry picked from commit 19735ff28026c7d3bb6f7ec2b30f30d392c95eab)
 2021-10-27 16:07:42 +00:00
TredwellGit f9c1a37c60 linux: 4.4.289 -> 4.4.290 
(cherry picked from commit 3a69f006d9418de7ee58d16e1b32ec55dd0eca85)
 2021-10-27 16:07:41 +00:00
TredwellGit 75c0de2495 linux: 4.19.213 -> 4.19.214 
(cherry picked from commit b7efb90537964cee5fb6c350d14d89b477e58912)
 2021-10-27 16:07:40 +00:00
TredwellGit 7670a0e6c6 linux: 4.14.252 -> 4.14.253 
(cherry picked from commit 20e62a2b01f41a2ead0408c8c65b02edfcce95d9)
 2021-10-27 16:07:38 +00:00
Divam Narula ce5e240b2b ghcjs: Enable on darwin (#139067) 
(cherry picked from commit d032f60c37ebdae3afd9a24212497ec8725ee4fb)
 2021-10-27 15:52:48 +00:00
(cdep)illabout 4ecfdc7f46 haskell.compiler.ghcjs: mark hydraPlatforms as none because output is too large 
(cherry picked from commit 3389aab889719081e240ce169ec5bc0d5ccd60d0)
 2021-10-27 15:52:48 +00:00
Pavol Rusnak 220eee37cb electron: mark versions <= 11 as EOL 
(cherry picked from commit ec8ccb1f428a192d2bcfed1eb048a40cd1060a70)
 2021-10-27 11:47:57 +00:00
Maximilian Bosch de6f737cbd
Merge pull request #143054 from Ma27/php-backport 
[21.05] php: 7.4.24 -> 7.4.25, 8.0.11 -> 8.0.12, fix CVE-2021-21703
 2021-10-27 12:51:11 +02:00
Artturi ddee258d88
Merge pull request #142927 from NixOS/backport-124486-to-release-21.05 
[Backport release-21.05] nixos/boot: properly override the kernel in boot.kernelPatches
 2021-10-27 04:53:51 +03:00
Maximilian Bosch 1b8d9c1854
php80: 8.0.11 -> 8.0.12, fix CVE-2021-21703 
Details: https://nvd.nist.gov/vuln/detail/CVE-2021-21703
ChangeLog: https://www.php.net/ChangeLog-8.php#8.0.12
(cherry picked from commit ab5c10c42a95de2192f270ea13ba05e149e8cead)
 2021-10-26 23:42:53 +02:00
Maximilian Bosch a17528c284
php74: 7.4.24 -> 7.4.25, fix CVE-2021-21703 
Details: https://nvd.nist.gov/vuln/detail/CVE-2021-21703
ChangeLog: https://www.php.net/ChangeLog-7.php#7.4.25
(cherry picked from commit af404d852f39b18257024d8010192d74829c0917)
 2021-10-26 23:42:27 +02:00
oxalica 5ebb1dca9b flameshot: fix desktop Exec path and autostart directory location 
(cherry picked from commit ccb84b735be81e6e7f4360c9d3eb4b9fe512c8d5)
 2021-10-26 22:37:34 +02:00
Kerstin Humm c99f062210 imagemagick6: 6.9.12-19 -> 6.9.12-26 
(cherry picked from commit 8705d0826fdc6675941a4d56b2a7935f13167348)
 2021-10-26 20:00:51 +02:00
Ben Siraphob dc07d8b6cc
Merge pull request #141021 from risicle/ris-vyper-0.3.0-r21.05 
[21.05] python3Packages.vyper: 0.2.11 -> 0.3.0
 2021-10-26 11:52:35 -05:00
Timothy DeHerrera e5eb3a7a63
Merge pull request #142985 from NixOS/backport-122445-to-release-21.05 
[Backport release-21.05] freeswitch: 1.10.5 > 1.10.6
 2021-10-26 09:31:26 -06:00
misuzu ad861506ba freeeswitch: enable strictDeps 
(cherry picked from commit ef32c9e3b83c544e554c242a067770d456b3bac5)
 2021-10-26 12:11:33 +00:00
misuzu 0833ed32f3 freeeswitch: move perl, which and yasm to nativeBuildInputs 
(cherry picked from commit 85fb843759ce02989474643789fb3535e07821d4)
 2021-10-26 12:11:33 +00:00
misuzu 9a7d06d4ab freeswitch: 1.10.5 > 1.10.6 
(cherry picked from commit a7b56e41d4c69604e13272ace374025ca0d31b64)
 2021-10-26 12:11:32 +00:00
Dominik Xaver Hörl f2281f6186 nixos/boot: properly override the kernel in boot.kernelPatches 
Previously the code took the kernelPatches of the final derivation, which
might or might not be what was passed to the derivation in the original call.
The previous behaviour caused various hacks to become neccessary to avoid duplicates in kernelPatches.

(cherry picked from commit 436f61c878e3992b3d980168a5532416dd5be504)
 2021-10-26 07:46:54 +00:00