935a0a4298
kubernetes: 1.21.1 -> 1.21.6
...
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
2021-11-03 09:27:30 +01:00
f0869b1a2c
Merge pull request #144021 from NixOS/backport-144016-to-release-21.05
...
[Backport release-21.05] honcho: 1.0.1 -> 1.1.0, fix the package
2021-10-31 15:33:08 -07:00
b43e55f22b
Merge pull request #143437 from NixOS/backport-143404-to-release-21.05
...
[Backport release-21.05] mautrix-whatsapp: 0.1.8 -> 0.1.9
2021-10-31 22:57:05 +01:00
8a7935d97e
honcho: 1.0.1 -> 1.1.0, fix the package
...
(cherry picked from commit 059feb3ccf8f87b3b93bfdd164ab1e43e0298645)
2021-10-31 18:13:02 +00:00
3c0f229486
Merge pull request #143303 from r-burns/qemu-security-2105
...
[21.05] qemu: fix CVE-2021-3527, CVE-2021-3682, CVE-2021-3713
2021-10-31 16:09:30 +00:00
7bb26f4abc
Merge pull request #143426 from prusnak/tor-21.05
...
[21.05] tor: 0.4.5.10 -> 0.4.5.11
2021-10-31 13:54:57 +01:00
e3699f9a4b
Merge pull request #143819 from primeos/ungoogled-chromium-backport
...
[21.05] ungoogled-chromium: 95.0.4638.54 -> 95.0.4638.69
2021-10-30 18:22:03 +02:00
db2b776077
ungoogled-chromium: 95.0.4638.54 -> 95.0.4638.69
...
(cherry picked from commit d71409c0de694ecbefa05d78a53adefcbb46a72b)
2021-10-30 11:54:22 +02:00
3854b45b21
Merge pull request #143816 from primeos/chromium-backport
...
[21.05] chromium: 95.0.4638.54 -> 95.0.4638.69
2021-10-30 11:53:25 +02:00
666bedc36c
Merge pull request #143761 from Ma27/backport-epson-escpr2
...
[21.05] epson-escpr2: 1.1.38 -> 1.1.42
2021-10-30 11:22:30 +02:00
4bfe628c58
Merge pull request #142514 from NixOS/backport-142450-to-release-21.05
...
[Backport release-21.05] ungoogled-chromium: 94.0.4606.81 -> 95.0.4638.54
2021-10-30 11:17:43 +02:00
a7e7c9a328
chromium: 95.0.4638.54 -> 95.0.4638.69
...
https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html
This update includes 8 security fixes. Google is aware that exploits for
CVE-2021-38000 and CVE-2021-38003 exist in the wild.
CVEs:
CVE-2021-37997 CVE-2021-37998 CVE-2021-37999 CVE-2021-38000
CVE-2021-38001 CVE-2021-38002 CVE-2021-38003
(cherry picked from commit 8dae7bc0f54b8f2ef7fde4727f190d137c94ad0b)
2021-10-30 11:12:06 +02:00
fc3c987767
epson-escpr2: 1.1.38 -> 1.1.42
...
(cherry picked from commit b9170bf9e0e4d4791ab7fcfb610cc88a90869590)
2021-10-30 00:00:11 +02:00
6c0c301463
Merge pull request #143744 from primeos/signal-desktop-backport
...
[21.05] signal-desktop: 5.21.0 -> 5.22.0
2021-10-29 23:43:10 +02:00
e47f00a7c7
signal-desktop: 5.21.0 -> 5.22.0
2021-10-29 23:07:19 +02:00
8416cc284e
Merge pull request #143397 from talyz/21-05-gitlab-14.4.1
...
[21.05] gitlab: 14.3.3 -> 14.4.1
2021-10-29 15:10:03 +02:00
b72647dc3a
gitlab: 14.3.3 -> 14.4.1
2021-10-29 13:41:48 +02:00
e5faf9d034
Merge pull request #143466 from Ma27/backport-linux-changes
...
[21.05] linux: changes for #140281
2021-10-29 13:27:40 +02:00
66d6ec6ed2
maintainers: remove eduardosm
2021-10-28 14:23:25 -07:00
f47c57802e
linux: build hardened kernel with matching releases
...
Until now we merged kernel updates even if no hardened versions were
available yet. On one hand we don't want to delay patch-level updates,
on the other hand users of hardened kernels have frequent breakage now[1].
This change aims to provide a solution this issue:
* The hardened patchset now references the kernel version it's released
for (including a sha256 hash for the fixed-output path of the source
tarball).
* The `hardenedKernelFor`-function doesn't just append hardened patches
now, but also overrides version & src to match the kernel version the
patch was built & tested for.
Refs #140281
[1] https://hydra.nixos.org/job/nixos/trunk-combined/nixpkgs.linuxPackages_hardened.kernel.x86_64-linux/all
(cherry picked from commit bb5aa0109b6db98a2e0a7ba88f5e0287e2374384)
2021-10-28 22:26:22 +02:00
f48b51e12e
linux: create maintainer team
...
Now there are a few more folks who should get pinged on kernel changes:
$ nix-instantiate -E 'with import ./. {}; (map (x: x.github) linux.meta.maintainers)' --eval --strict
[ "TredwellGit" "mweinelt" "ma27" "nequissimus" "alyssais" "thoughtpolice" ]
Refs #140281
(cherry picked from commit 65930caffe78ccd3c0e4f00bfd79123fcba9e444)
2021-10-28 21:58:39 +02:00
dcc34fe9e1
Merge pull request #143448 from NixOS/backport-122585-to-release-21.05
...
[Backport release-21.05] tor-browser-bundle-bin: Add eff.org mirror
2021-10-28 22:18:24 +03:00
0116578123
tor-browser-bundle-bin: Add eff.org mirror
...
(cherry picked from commit 7325f6a4f14d19eeaf0129e7b52710d141a28b76)
2021-10-28 19:04:08 +00:00
ce6cefbd96
mautrix-whatsapp: 0.1.8 -> 0.1.9
...
(cherry picked from commit 5e447cfae55b7083baeb78fd6c941bf0b2d7746f)
2021-10-28 18:07:07 +00:00
a6e34d50fc
Merge pull request #143355 from Ma27/php73-cve-2021-21703
...
[21.05] php73: 7.3.29 -> 7.3.32
2021-10-28 19:43:41 +02:00
01738ca44d
tor: 0.4.5.10 -> 0.4.5.11
2021-10-28 19:08:16 +02:00
ecaaffb02e
Merge pull request #143291 from NixOS/backport-143275-to-release-21.05
...
[Backport release-21.05] [CVSS 10.0] discourse: 2.7.8 -> 2.7.9
2021-10-28 07:06:00 -07:00
25ff65fe34
php73: 7.3.29 -> 7.3.32
...
ChangeLog: https://www.php.net/ChangeLog-7.php#7.3.32 and below.
2021-10-28 12:53:40 +02:00
e2110b6a0a
qemu: fix CVE-2021-3527, CVE-2021-3682, CVE-2021-3713
...
Backport patches for 6.0.0
2021-10-27 22:15:38 -07:00
969ba0f1c9
discourse: 2.7.8 -> 2.7.9
...
https://nvd.nist.gov/vuln/detail/CVE-2021-41163
(cherry picked from commit 44ffcb836239ef0e608728223166740b632ce994)
2021-10-28 03:41:51 +00:00
06b49ba179
Merge pull request #143135 from NixOS/backport-143131-to-release-21.05
...
[Backport release-21.05] electron: mark versions <= 11 as EOL
2021-10-27 22:50:21 -04:00
d14d83a369
Merge pull request #143183 from NixOS/backport-143113-to-release-21.05
...
[Backport release-21.05] Kernels 2021-10-27
2021-10-28 00:20:56 +02:00
0a6b8f9b69
Merge pull request #143201 from NixOS/backport-143044-to-release-21.05
...
[Backport release-21.05] signal-desktop: 5.20.0 -> 5.21.0
2021-10-27 21:42:05 +02:00
dcdd69dcdc
Merge pull request #143212 from NixOS/backport-132008-to-release-21.05
...
[Backport release-21.05] multimc: don't re-distribute package
2021-10-27 15:20:58 -04:00
28188b0b42
multimc: don't re-distribute package
...
Fixes NixOS#131983
(cherry picked from commit 8dfddb341ebaf718904722692dbbcd1d5d9d5e12)
2021-10-27 19:06:27 +00:00
27db642c65
multimc: change license to asl20
...
(cherry picked from commit 9a8f5b712fa5beb86659dd1f2d0a830c16f4cfc9)
2021-10-27 19:06:26 +00:00
7f1ea2dc2d
signal-desktop: 5.20.0 -> 5.21.0
...
(cherry picked from commit 374ab216aa4a37febf54eefe605d0cbe18cd4fe2)
2021-10-27 18:19:31 +00:00
7868d08c53
linux_latest-libre: 18380 -> 18413
...
(cherry picked from commit 748cc6042768547201a9f6c4365cda6ed3d7dbd4)
2021-10-27 16:07:47 +00:00
4d8b9a6846
linux-rt_5_4: 5.4.143-rt64 -> 5.4.154-rt65
...
(cherry picked from commit 55af4f5da2bf6d1c28aca5c98ecbc31504de01ea)
2021-10-27 16:07:46 +00:00
35fe117f23
linux: 5.4.155 -> 5.4.156
...
(cherry picked from commit 67e5b8b626c12d575e10a82e88644bbf257eac86)
2021-10-27 16:07:45 +00:00
c34af3c32f
linux: 5.14.14 -> 5.14.15
...
(cherry picked from commit 0719e92d1b84200d990ace44c039b3f001997c7d)
2021-10-27 16:07:44 +00:00
01915f55ea
linux: 5.10.75 -> 5.10.76
...
(cherry picked from commit 4bd2c087e06419ffb266cd8f39d4a755437bf845)
2021-10-27 16:07:43 +00:00
fbdac79b1a
linux: 4.9.287 -> 4.9.288
...
(cherry picked from commit 19735ff28026c7d3bb6f7ec2b30f30d392c95eab)
2021-10-27 16:07:42 +00:00
f9c1a37c60
linux: 4.4.289 -> 4.4.290
...
(cherry picked from commit 3a69f006d9418de7ee58d16e1b32ec55dd0eca85)
2021-10-27 16:07:41 +00:00
75c0de2495
linux: 4.19.213 -> 4.19.214
...
(cherry picked from commit b7efb90537964cee5fb6c350d14d89b477e58912)
2021-10-27 16:07:40 +00:00
7670a0e6c6
linux: 4.14.252 -> 4.14.253
...
(cherry picked from commit 20e62a2b01f41a2ead0408c8c65b02edfcce95d9)
2021-10-27 16:07:38 +00:00
ce5e240b2b
ghcjs: Enable on darwin ( #139067 )
...
(cherry picked from commit d032f60c37ebdae3afd9a24212497ec8725ee4fb)
2021-10-27 15:52:48 +00:00
4ecfdc7f46
haskell.compiler.ghcjs: mark hydraPlatforms as none because output is too large
...
(cherry picked from commit 3389aab889719081e240ce169ec5bc0d5ccd60d0)
2021-10-27 15:52:48 +00:00
220eee37cb
electron: mark versions <= 11 as EOL
...
(cherry picked from commit ec8ccb1f428a192d2bcfed1eb048a40cd1060a70)
2021-10-27 11:47:57 +00:00
de6f737cbd
Merge pull request #143054 from Ma27/php-backport
...
[21.05] php: 7.4.24 -> 7.4.25, 8.0.11 -> 8.0.12, fix CVE-2021-21703
2021-10-27 12:51:11 +02:00
Sascha Grunert
Domen Kožar
Maximilian Bosch
Robert Scott
Pavol Rusnak
Michael Weiss
Kim Lindberger
Eduardo Sánchez Muñoz
Artturi
jakobrs
Charlotte Van Petegem
Ryan Mulligan
Ryan Burns
TredwellGit
figsoda
Tristan Gosselin-Hane
Divam Narula
(cdep)illabout