2c75ca9c41
Merge pull request #138276 from NeQuissimus/2105_hardened_backport
...
[21.05] Hardened kernels backports
2021-09-17 18:04:05 +02:00
9723430b08
Merge pull request #138282 from NixOS/backport-138114-to-release-21.05
...
[Backport release-21.05] wireguard-tools: 1.0.20210424 -> 1.0.20210914
2021-09-17 16:41:42 +02:00
756786068f
linux/hardened/patches/5.14: 5.14.4-hardened1 -> 5.14.5-hardened1
...
(cherry picked from commit 9f34448a98ecc21726dd5e87b7a61daf76f954de)
2021-09-17 10:16:51 -04:00
939149de74
linux/hardened/patches/5.4: 5.4.146-hardened1 -> 5.4.147-hardened1
...
(cherry picked from commit 36e21638f5f308d8985035bca9c14595c0a3b65f)
2021-09-17 10:16:50 -04:00
e6b00f2f5f
linux/hardened/patches/5.13: 5.13.17-hardened1 -> 5.13.18-hardened1
...
(cherry picked from commit 7c04d2e390a7dbb87a428f625839db42071b7b99)
2021-09-17 10:16:50 -04:00
f35f202e06
linux/hardened/patches/5.10: 5.10.65-hardened1 -> 5.10.66-hardened1
...
(cherry picked from commit 031afe4faa1e390ebdc10eb145aaeab9be978cea)
2021-09-17 10:16:50 -04:00
0e29479866
wireguard-tools: 1.0.20210424 -> 1.0.20210914
...
ChangeLog: https://lists.zx2c4.com/pipermail/wireguard/2021-September/007049.html
This doesn't seem to have any implications for NixOS users, but appears
to have a few fixes that seem relevant to Darwin users including:
wg-quick: darwin: account for "link#XX" gateways
On macOS, under specific configurations, the `netstat -nr -f inet` and
`netstat -nr -f inet6` outputs break gateway collection.
(cherry picked from commit d37ab4d0ee6aeb3187a0f0042cfca966c3ef2f78)
2021-09-17 13:55:18 +00:00
cdc1eaf2f4
Merge pull request #138162 from NixOS/backport-138149-to-release-21.05
...
[Backport release-21.05] Kernels 2021-09-16
2021-09-17 15:51:34 +02:00
30d0257247
vscodium: fix sha256 on linux
...
(cherry picked from commit 65a010bcead26c971fe5b01bb02c4a9f02d02271)
2021-09-17 19:10:27 +09:00
5f4c5d41ea
vscodium: 1.60.0 -> 1.60.1
...
(cherry picked from commit 4828eb7ae4f1105dcebf7245f453c607b9c77c1d)
2021-09-17 19:10:27 +09:00
912279a742
symfony-cli: 4.26.0 -> 4.26.3
...
(cherry picked from commit ff6fb898ac11223e281cffac992246e3b6c31a97)
2021-09-17 09:25:41 +02:00
ebf419e737
Merge pull request #137988 from prusnak/electron-21.05
...
[21.05] electron_12: 12.1.0 -> 12.1.1
2021-09-17 00:21:07 +02:00
6ffcbaf54d
Merge pull request #138171 from NixOS/backport-136194-to-release-21.05
...
[Backport release-21.05] apr: add patch for CVE-2021-35940
2021-09-16 21:06:57 +01:00
b9e98053fe
Merge pull request #138170 from NixOS/backport-138136-to-release-21.05
...
[Backport release-21.05] apacheHttpd: 2.4.48 -> 2.4.49
2021-09-16 21:05:50 +01:00
ef698f793f
apr: add patch for CVE-2021-35940
...
(cherry picked from commit c6c39b5944d1ebc7f294ea9b78350beec67b21a8)
2021-09-16 18:45:22 +00:00
6fbf63ac60
apacheHttpd: 2.4.48 -> 2.4.49
...
(cherry picked from commit 0518560cf13e1a08a93de6b562d6326c19a3294f)
2021-09-16 18:34:07 +00:00
6c5790dfb6
linux/hardened/patches/5.4: 5.4.144-hardened1 -> 5.4.146-hardened1
...
(cherry picked from commit 00c500e9fc975957b4357ce46d5f10e8bf2cd1ba)
2021-09-16 16:18:21 +00:00
fbc340ce50
linux/hardened/patches/5.14: 5.14.2-hardened1 -> 5.14.4-hardened1
...
(cherry picked from commit 60b711316445f580345d815cfd04be592b136b8a)
2021-09-16 16:18:20 +00:00
cc619f3c02
linux/hardened/patches/5.13: 5.13.15-hardened1 -> 5.13.17-hardened1
...
(cherry picked from commit a8de1dcd2b5896d141bc89e0fc2cc665cd9581d7)
2021-09-16 16:18:19 +00:00
a1b9329753
linux/hardened/patches/5.10: 5.10.63-hardened1 -> 5.10.65-hardened1
...
(cherry picked from commit 48e902a2efa3bb149d4526125e57c1429af95014)
2021-09-16 16:18:19 +00:00
49d3b04cd9
linux: 5.4.145 -> 5.4.147
...
(cherry picked from commit 100f0569b54abaf1ed49ed8f525678a7eb02ab9a)
2021-09-16 16:18:18 +00:00
9b42fb070f
linux: 5.14.3 -> 5.14.5
...
(cherry picked from commit 4a05e7297cc766a2e295725bb991a50605cebbea)
2021-09-16 16:18:17 +00:00
2521537c8f
linux: 5.13.16 -> 5.13.18
...
(cherry picked from commit 4954336e2b81ebcc108ffae0bf3a0a39d301030b)
2021-09-16 16:18:16 +00:00
a3a2df2aaa
linux: 5.10.64 -> 5.10.66
...
(cherry picked from commit 6c829ce0830528f8e0ea78acfedec8a345b1f81b)
2021-09-16 16:18:15 +00:00
4d71703763
Merge pull request #137439 from NixOS/backport-137328-to-release-21.05
2021-09-16 13:34:36 +02:00
66528906a5
pipewire: enable manpages
...
(cherry picked from commit 044da009d172482fc8b748bcc92cced3c915bb0e)
2021-09-16 09:48:45 +00:00
eae9551832
pipewire: 0.3.34 -> 0.3.35
...
(cherry picked from commit f4fbb211765c265203004014e63a4e149520f6b9)
2021-09-16 09:48:45 +00:00
8dd8bd8be7
Merge pull request #137984 from NixOS/backport-137673-to-release-21.05
...
[Backport release-21.05] github-runner: 2.281.1 -> 2.282.0, prevent self-update
2021-09-15 12:44:29 +01:00
e6b75fcb70
electron_12: 12.1.0 -> 12.1.1
...
https://github.com/electron/electron/releases/tag/v12.1.1
(cherry picked from commit 40d83a9a2159809d2d47fc6598665c184578f1cf)
2021-09-15 11:58:00 +02:00
d58baa249b
github-runner: 2.281.1 -> 2.282.0
...
(cherry picked from commit cd641476cfcf8d5494e661debac9a3fe40f4cf32)
2021-09-15 09:50:00 +00:00
ca41e07801
github-runner: prevent self-updates
...
As of yet, a patch caused the runner to discard update messages.
Unfortunately, GitHub keeps sending update messages to outdated runners
causing them to no longer pick up jobs.
This commit causes the runner to send a high version to GitHub which
should be more recent for quite a time. That way, GitHub does not send
update message and keeps scheduling jobs even for outdated runners.
Naturally, an oudated runner can still break at any time as GitHub's
current approach assumes that all runners are always up-to-date. We
should still strive for quick nixpkgs updates but this patch should give
us some time.
(cherry picked from commit e8bbcc79fd07014b146835dfd7f5eba2079d9a55)
2021-09-15 09:49:59 +00:00
04e8a8cd56
github-runner: use dummy SHA-1 as `GitInfoCommitHash`
...
The runner only references `GitInfoCommitHash`/`CommitHash` to print
informational log entries. To allow for just referencing the tag of a
version instead of the commit hash, this commit sets the value of the
`GitInfoCommitHash` to a static dummy value.
(cherry picked from commit cc5c902fdf94b798c3b68e55ebb7e1a1185113a1)
2021-09-15 09:49:58 +00:00
cffe74fead
Merge pull request #137162 from NixOS/backport-136988-to-release-21.05
...
[Backport release-21.05] github-runner: 2.279.0 -> 2.281.1
2021-09-15 10:45:26 +01:00
4c2e7becf1
Merge pull request #137889 from NixOS/backport-137759-to-release-21.05
...
[Backport release-21.05] signal-desktop: 5.17.0 -> 5.17.1
2021-09-15 10:54:25 +02:00
a59d9b39f1
Merge branch 'staging-next-21.05' into release-21.05
2021-09-14 23:10:11 +02:00
762bb52325
chromium: 93.0.4577.63 -> 93.0.4577.82
...
https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop.html
This update includes 11 security fixes. Google is aware that exploits
for CVE-2021-30632 and CVE-2021-30633 exist in the wild.
CVEs:
CVE-2021-30625 CVE-2021-30626 CVE-2021-30627 CVE-2021-30628
CVE-2021-30629 CVE-2021-30630 CVE-2021-30631 CVE-2021-30632
CVE-2021-30633
(cherry picked from commit 61e54424baa413ca1a8efa805813d07e3f1ff00f)
2021-09-14 21:06:36 +00:00
224196a661
signal-desktop: 5.17.0 -> 5.17.1
...
(cherry picked from commit e3c0374da4ff8c9a0ad65a429c6ab030e4ae8cc3)
2021-09-14 20:46:52 +00:00
7f31a4f82d
Merge release-21.05 into staging-next-21.05
2021-09-14 18:02:14 +00:00
f7c79f29ac
Merge pull request #137311 from symphorien/evolution-stable-update
...
[21.05] evolution, evolution-ews, evolution-data-server: backport patch release bumps
2021-09-14 17:21:42 +00:00
f5db08830f
Merge pull request #137683 from NixOS/backport-137671-to-release-21.05
...
[Backport release-21.05] firefox-unwrapped: workaround issues on non-Gnome wayland WM's on FF 92
2021-09-14 16:24:33 +00:00
1d1b9bf49a
Merge release-21.05 into staging-next-21.05
2021-09-14 12:02:14 +00:00
626ae0eeba
element-desktop: apply patch to run on Wayland ( #137666 )
...
See upstream PR#261[1] for further reference. Previously, the
`enable-features`-setting was entirely discarded due to an earlier
regression resulting in an attempt to start `element-desktop` in
Wayland-mode without all necessary components.
Closes #137377
[1] https://github.com/vector-im/element-desktop/pull/261
(cherry picked from commit 5a0d0ec1cf90aae4354a97a2afaff079605ffc82)
2021-09-14 10:30:05 +02:00
beeed5079f
Merge release-21.05 into staging-next-21.05
2021-09-14 06:02:32 +00:00
667c06be31
Merge pull request #137428 from risicle/ris-flask-appbuilder-3.3.2-r21.05
...
[21.05] python3Packages.flask-appbuilder: 3.3.0 -> 3.3.2
2021-09-14 01:20:28 +01:00
7206c7cf0b
Merge release-21.05 into staging-next-21.05
2021-09-14 00:02:30 +00:00
25532a7fbb
firefox-unwrapped: workaround issues on non-Gnome wayland WM's on FF 92
...
Closes : #137649
(cherry picked from commit dfccb3045e76872eda32cdfa338dbe6aae8ccfcb)
2021-09-13 12:53:50 -07:00
f789739acc
Merge pull request #137665 from NixOS/backport-106574-to-release-21.05
...
[Backport release-21.05] nixos/amazonImageZfs: init
2021-09-13 13:48:12 -06:00
bee37e3ee0
Merge pull request #137676 from NixOS/backport-135568-to-release-21.05
...
[Backport release-21.05] ZFS: expand on boot
2021-09-13 13:48:00 -06:00
fa10ff02d6
Merge release-21.05 into staging-next-21.05
2021-09-13 18:03:02 +00:00
76e99647cd
services.zfs.expandOnBoot: support expanding pools on boot
...
Either enumerating a list of pools to expand or expanding
all pools on boot.
(cherry picked from commit 4bb4bcc30c7f481581ef462ed7b1dcca71693717)
2021-09-13 17:42:07 +00:00
ajs124
Maximilian Bosch
ajs124
happysalada
nixpkgs-upkeep-bot
R. RyanTM
Pavol Rusnak
Luke Granger-Brown
Robert Scott
Aaron Andersen
TredwellGit
Patrick Hilhorst
Jan Solanti
Jörg Thalheim
Vincent Haupert
Michael Weiss
Vladimír Čunát
github-actions[bot]
Guillaume Girol
Bernardo Meurer
Timothy DeHerrera
Your Name