public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
295,340 Commits 1 Branch 0 Tags 1.5 GiB
Commit Graph

295340 Commits

Author SHA1 Message Date
Thomas Gerbet acf683f0b8 perlPackages.ConvertASN1: 0.27 -> 0.33 
Fixes CVE-2013-7488.
https://metacpan.org/dist/Convert-ASN1/changes

(cherry picked from commit ccb5c2285b2f8110ae469ac23e2cad63f761ed95)
 2021-09-25 13:49:01 +00:00
github-actions[bot] 3406379bcf
Merge staging-next-21.05 into staging-21.05 2021-09-25 12:03:22 +00:00
github-actions[bot] 957812c288
Merge release-21.05 into staging-next-21.05 2021-09-25 12:02:26 +00:00
Malte Brandy 17ee0b23fe nix-output-monitor: 1.0.3.2 -> 1.0.3.3 
(cherry picked from commit f779a0ff03497e83dab5b04182c13cd2ef347274)
 2021-09-25 11:50:22 +00:00
maralorn 23e9876f22
Merge pull request #139340 from NixOS/backport-138250-to-release-21.05 
[Backport release-21.05] nix-output-monitor: 1.0.3.1 -> 1.0.3.2
 2021-09-25 13:32:02 +02:00
R. RyanTM f203c41098 playerctl: 2.3.1 -> 2.4.1 
(cherry picked from commit b01290e0ecef1b2a57760fdd0facf0f0f48610ae)

Reason: fixes a crash with TrackList and Playlists interfaces [1]

[1]: https://github.com/altdesktop/playerctl/pull/215
 2021-09-25 11:33:12 +01:00
Michael Weiss 2502b34166
Merge pull request #139329 from NixOS/backport-139318-to-release-21.05 
[Backport release-21.05] chromium: 94.0.4606.54 -> 94.0.4606.61
 2021-09-25 11:55:23 +02:00
Eduard Bachmakov 418a762043 psi-notify: init at 1.2.1 
(cherry picked from commit 37ec684a5c010aa7cf51abaf29691ef2333d6625)
 2021-09-25 11:32:27 +02:00
github-actions[bot] 4bca328a88
Merge staging-next-21.05 into staging-21.05 2021-09-25 00:03:24 +00:00
github-actions[bot] 0332c24d29
Merge release-21.05 into staging-next-21.05 2021-09-25 00:02:43 +00:00
Michael Weiss 02b76b0515
Merge pull request #139358 from primeos/ungoogled-chromium-backport 
[21.05] ungoogled-chromium: 93.0.4577.82 -> 94.0.4606.54
 2021-09-25 00:50:41 +02:00
Michael Weiss 0f19ca835b
ungoogled-chromium: name -> pname 
A partial backport of e4e631ebb81 to keep the diff minimal.
 2021-09-25 00:14:35 +02:00
Michael Weiss c20993fbc9
ungoogled-chromium: 93.0.4577.82 -> 94.0.4606.54 
(cherry picked from commit afaf8d094b98f8099cf29d789d33b122af6ad1ca)
 2021-09-25 00:12:59 +02:00
Michael Weiss 143a7453f0
chromiumBeta: 94.0.4606.54 -> 95.0.4638.17 
(cherry picked from commit b9468515932d827651838700969fc6b415590af0)
 2021-09-25 00:10:01 +02:00
Daniel Fullmer 398d614203 zerotierone: 1.6.5 -> 1.6.6 
(cherry picked from commit 62207eec010d76e69b1ba75eb7f72af0c223a9c8)
 2021-09-24 21:27:26 +02:00
github-actions[bot] 72e691ca4b
Merge staging-next-21.05 into staging-21.05 2021-09-24 18:02:54 +00:00
github-actions[bot] 77473f9d35
Merge release-21.05 into staging-next-21.05 2021-09-24 18:02:19 +00:00
Malte Brandy a94c6e2dc4 nix-output-monitor: 1.0.3.1 -> 1.0.3.2 
(cherry picked from commit a96fe065eee37d61972386b96d1573102b12b4a2)
 2021-09-24 17:49:27 +00:00
Michael Weiss df409303ab chromium: 94.0.4606.54 -> 94.0.4606.61 
(cherry picked from commit 15bb3ac5a92552e1264bb457084eea72b263e179)
 2021-09-24 14:01:33 +00:00
Ryan Mulligan d3bee2a63a discourse: enable restoring backups bigger than RAM 
When restoring a backup, discourse decompresses the backup archive in
the /share/discourse/tmp dir. Before this change, it is linked to /run
which is typically backed by memory, so the backup will fail to
restore if you do not have enough memory on your system to contain the
backup. This has already happened to me on two small forums.

This moves tmp to the StateDirectory /var/lib/discourse/tmp which is
typically backed by disk.

(cherry picked from commit f933c68374b9c6195dc74d26c95fc9bf240fead8)
 2021-09-24 12:35:53 +00:00
Kim Lindberger b897a166cb
Merge pull request #139203 from NixOS/backport-138852-to-release-21.05 
[Backport release-21.05] nixos/discourse: add discourse.admin.skipCreate option
 2021-09-24 14:30:17 +02:00
github-actions[bot] feab58fc4f
Merge staging-next-21.05 into staging-21.05 2021-09-24 12:02:51 +00:00
github-actions[bot] 8090103df5
Merge release-21.05 into staging-next-21.05 2021-09-24 12:02:14 +00:00
Michael Weiss 43003625e9
Merge pull request #139220 from primeos/chromium-backport 
[21.05] chromium: 93.0.4577.82 -> 94.0.4606.54
 2021-09-24 12:20:21 +02:00
Flakebi e6e7e3df1b salt: 3003.2 -> 3003.3 
(cherry picked from commit 4ad4ae68c427ef8458be34051b4e545eb752811c)
 2021-09-24 09:59:34 +02:00
Flakebi 348d0b0626 salt: 3003.1 -> 3003.2 
(cherry picked from commit da3e6504941a8162f08a9b1e99914d807deada71)
 2021-09-24 09:59:27 +02:00
Flakebi 962a2f26a0 salt: 3003 -> 3003.1 
Need to patch out the contextvars dependency (which is included in
python 3.7+).
The same patch is discussed in arch:
https://bugs.archlinux.org/task/71344

(cherry picked from commit c0b46c6b596dd25f32733ff01156d3d769640ab5)
 2021-09-24 09:59:20 +02:00
Ryan Burns de3cec2c60
Merge pull request #139161 from NixOS/backport-138952-to-staging-21.05 
[Backport staging-21.05] ffmpeg: patch CVE-2021-38171 and CVE-2021-38291
 2021-09-23 21:05:44 -07:00
Maximilian Bosch 4eb0a2b3cb
hedgedoc: 1.8.2 -> 1.9.0, fixes CVE-2021-39175 
ChangeLog: https://github.com/hedgedoc/hedgedoc/releases/tag/1.9.0

As documented in the Nix expression, I unfortunately had to patch
`yarn.lock` manually (the `yarn.nix` result isn't affected by this). By
adding a `git+https`-prefix to
`midi "https://github.com/paulrosen/MIDI.js.git#abcjs"` in the lock-file
I ensured that `yarn` actually uses the `MIDI.js` from the offline-cache
from `yarn2nix` rather than trying to download a tarball from GitHub.

Also, this release contains a fix for CVE-2021-39175 which doesn't seem
to be backported to 1.8. To quote NVD[1]:

> In versions prior to 1.9.0, an unauthenticated attacker can inject
> arbitrary JavaScript into the speaker-notes of the slide-mode feature
> by embedding an iframe hosting the malicious code into the slides or by
> embedding the HedgeDoc instance into another page.

Even though it "only" has a medium rating by NVD (6.1), this seems
rather problematic to me (also, GitHub rates this as "High"), so it's
actually a candidate for a backport.

[1] https://nvd.nist.gov/vuln/detail/CVE-2021-39175

(cherry picked from commit 0a10c17c8d01e5f9fefa3d6dbb7802a3cbce7e23)
 2021-09-23 23:33:29 +02:00
Michael Weiss 2347b9a7db
chromium: 93.0.4577.82 -> 94.0.4606.54 
https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html

This update includes 19 security fixes.

CVEs:
CVE-2021-37956 CVE-2021-37957 CVE-2021-37958 CVE-2021-37959
CVE-2021-37960 CVE-2021-37961 CVE-2021-37962 CVE-2021-37963
CVE-2021-37964 CVE-2021-37965 CVE-2021-37966 CVE-2021-37967
CVE-2021-37968 CVE-2021-37969 CVE-2021-37970 CVE-2021-37971
CVE-2021-37972

(cherry picked from commit 8d8b451f725b63edec06b033ff2bdaa2f0885b4e)
 2021-09-23 21:48:17 +02:00
Michael Weiss a45d7e5e19
chromiumDev: 95.0.4638.10 -> 95.0.4638.17 
(cherry picked from commit 56d99a735113e48d2ea51084804c5a59c5603a5f)
 2021-09-23 21:48:15 +02:00
Michael Weiss 86f857ec11
chromiumBeta: 94.0.4606.50 -> 94.0.4606.54 
(cherry picked from commit 7af2448b6cc227ea85f6076e5b8ee0f517c66d42)
 2021-09-23 21:48:14 +02:00
github-actions[bot] 94d0274f26
Merge staging-next-21.05 into staging-21.05 2021-09-23 18:02:56 +00:00
github-actions[bot] 0542387d10
Merge release-21.05 into staging-next-21.05 2021-09-23 18:02:20 +00:00
Kerstin Humm 056a3c1fae imagemagick: 7.1.0-6 -> 7.1.0-8 
(cherry picked from commit 279bff87fe97e998e959b7121b48bb0642ff053f)
 2021-09-23 19:37:29 +02:00
Ryan Mulligan 3061914340 nixos/discourse: add discourse.admin.skipCreate option 
(cherry picked from commit 6a9003f31682e57a2a630f5cfdefa2969a64b1b1)
 2021-09-23 17:14:07 +00:00
adisbladis 1afcc8f843
Merge pull request #139190 from adisbladis/2105-poetry2nix-1_20_0 
poetry2nix: 1.16.1 -> 1.20.0 (21.05)
 2021-09-23 11:43:53 -05:00
adisbladis f285202340
poetry2nix: 1.16.1 -> 1.20.0 2021-09-23 11:18:17 -05:00
Bernardo Meurer d28990704d
Merge pull request #139098 from taku0/thunderbird-bin-91.1.1_release-21.05 
[21.05]  thunderbird, thunderbird-bin: 91.1.0 -> 91.1.1
 2021-09-23 16:13:25 +00:00
TredwellGit 67d593a330 ffmpeg: patch CVE-2021-38171 and CVE-2021-38291 
https://nvd.nist.gov/vuln/detail/CVE-2021-38171
https://nvd.nist.gov/vuln/detail/CVE-2021-38291
(cherry picked from commit b1f41c918452b0b6a8d7afb14a04063ff56556df)
 2021-09-23 13:31:50 +00:00
github-actions[bot] 4df0e9f666
Merge staging-next-21.05 into staging-21.05 2021-09-23 12:03:36 +00:00
github-actions[bot] b500417d25
Merge release-21.05 into staging-next-21.05 2021-09-23 12:03:00 +00:00
Moritz Hedtke d22c3a6bc1 discord: 0.0.15 → 0.0.16 
(cherry picked from commit a22f2688941dd02a69cc422ba349e80030cd474f)
 2021-09-22 23:22:11 -07:00
github-actions[bot] 461b839beb
Merge staging-next-21.05 into staging-21.05 2021-09-23 06:02:58 +00:00
github-actions[bot] 2aa54c26ef
Merge release-21.05 into staging-next-21.05 2021-09-23 06:02:28 +00:00
taku0 5a690eb641 thunderbird: 91.1.0 -> 91.1.1 
no-buildconfig-90.patch is applied by firefox/common.nix.

D124361.diff is incorporated into the upstream:
https://bugzilla.mozilla.org/show_bug.cgi?id=1727113
 2021-09-23 12:38:10 +09:00
taku0 22fb3ec5a0 thunderbird-bin: 91.1.0 -> 91.1.1 2021-09-23 12:34:53 +09:00
John Ericson 2091b11642
Merge pull request #139055 from obsidiansystems/dn-backport-21.05-add-ghcjs 
[backport release-21.05] ghcjs 8.10.7: init
 2021-09-22 22:24:56 -04:00
Divam af724c4240 Remove old ghcjs files 
(cherry picked from commit 0918598005195303347d675a75f6ea8540ca806a)
 2021-09-23 10:14:39 +09:00
Divam 9ec3ff57c7 ghcjs: init at 8.10.7 
The src points to the obsidiansystems repo as it has the ghcjs ported from
8.10.5 to 8.10.7, and a bunch of other fixes (#812, #811, #809)

(cherry picked from commit ba25b274f4bb0240a8ffa71e41b55712930af3d8)
Modified the stm_2_5_0_1 -> stm_2_5_0_0
 2021-09-23 10:14:39 +09:00