cb3d27df93
Merge remote-tracking branch 'origin/master' into hardened-stdenv
2016-03-05 18:55:30 +01:00
aff1f4ab94
Use general hardening flag toggle lists
...
The following parameters are now available:
* hardeningDisable
To disable specific hardening flags
* hardeningEnable
To enable specific hardening flags
Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.
cc-wrapper supports the following flags:
* fortify
* stackprotector
* pie (disabled by default)
* pic
* strictoverflow
* format
* relro
* bindnow
2016-03-05 18:55:26 +01:00
fdf22fb5bb
exim: 4.86 -> 4.86.2
2016-03-05 11:26:33 +01:00
708c6094c5
nginx, nginxUnstable: hardening: only use when the compiler is gcc
2016-03-04 16:57:47 +01:00
7b9684a5b5
nginx, nginxUnstable: enable hardening. Flags as recommended by @arno01 (Andrey Arapov) in #7190
2016-03-04 16:54:37 +01:00
364423f38c
ejabberd: 16.01 -> 16.02
2016-03-04 14:46:45 +03:00
01a3b6c059
uwsgi: 2.0.11.2 -> 2.0.12
2016-03-04 14:46:45 +03:00
d7a98cb693
postsrsd: 1.3 -> 1.4
2016-03-04 14:46:45 +03:00
d47857c3d9
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
2016-03-01 21:09:17 +00:00
e5069c1be5
rethinkdb: patch for glibc 2.23
2016-03-01 14:13:16 +01:00
f91f3a4c5a
plex: 0.9.15.3.1674 -> 0.9.15.6.1714
2016-02-28 14:30:05 -08:00
e1338ad121
plexpass: 0.9.15.5.1712 -> 0.9.15.6.1714
2016-02-28 14:30:03 -08:00
a693d5cc99
Merge pull request #13514 from abbradar/samba-closure
...
samba: reduce closure size
2016-02-28 22:30:13 +03:00
3b4765c9e5
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
2016-02-28 16:32:57 +00:00
a9d24cedeb
Merge pull request #12487 from hrdinka/refactor/nsd
...
Refactor NSD service and update to 4.1.7
2016-02-28 17:13:21 +01:00
69ce5cb656
use the sourceforge mirrors everywhere
...
find pkgs -name "*.nix" -exec sed -r \
"s|https?://downloads.sourceforge.net/|mirror://sourceforge/|g" -i {} \;
2016-02-28 12:07:42 +00:00
0ac7cbe334
Merge pull request #13536 from phunehehe/postfix-symlinks
...
postfix: use relative symlinks for mailq and newaliases
2016-02-28 11:28:46 +01:00
82560aefd7
samba: reduce closure size
2016-02-28 12:49:34 +03:00
a08c8b12f0
Add Apache Jena Fuseki instead of obsolete and unavailable Jena Joseki
2016-02-28 10:39:33 +01:00
6bb016101f
postfix: use relative symlinks for mailq and newaliases
2016-02-28 16:19:18 +08:00
a0753c7cb2
nsd: 4.1.6 -> 4.1.7
2016-02-28 09:17:46 +01:00
0a2c3ec971
mysql: 5.5.45 -> 5.5.48 for multiple CVEs: CVE-2015-4792 CVE-2015-4802 CVE-2015-4815 CVE-2015-4816 CVE-2015-4819 CVE-2015-4826 CVE-2015-4830 CVE-2015-4836 CVE-2015-4858 CVE-2015-4861 CVE-2015-4870 CVE-2015-4879 CVE-2015-4913
2016-02-27 15:31:52 -06:00
17348dc094
Remove all dots at end of descriptions
...
Specially crafted for @JagaJaga
find pkgs -name "*.nix" -exec \
sed -e 's|\(description.*\)\.";|\1";|g' -i {} \;
2016-02-27 17:30:29 +00:00
cfffac2a90
postfix: use hardening flags from stdenv
2016-02-27 11:50:34 +00:00
5176e7ac77
mongodb: enable pie hardening
2016-02-27 00:48:49 +00:00
3477e662e6
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
2016-02-27 00:08:08 +00:00
b4dadff542
memcached: enable pie hardening
2016-02-26 23:13:13 +00:00
1a31447c4c
icecast: enable pie hardening
2016-02-26 23:06:53 +00:00
310fa56788
nginx: enable pie hardening
2016-02-26 16:38:26 +00:00
0f4ecfad68
certificate-transparency: clean up and use newer clang
2016-02-25 01:27:43 +00:00
2fbbd71861
riak2: disable format hardening
2016-02-24 21:36:26 +00:00
09c14170d8
Merge pull request #13125 from abbradar/uwsgi
...
Refactor uWSGI
2016-02-23 22:32:54 +00:00
40ca841c5c
Merge pull request #13124 from FRidh/buildPythonApplication
...
buildPythonApplication: use new function for Python applications
2016-02-23 16:02:10 +01:00
f0061cb039
plexpass: 0.9.15.4.1679 -> 0.9.15.5.1712
2016-02-22 20:22:07 -08:00
5d6d841d58
Merge pull request #13373 from tomberek/revert_kippo_twisted
...
kippo: revert twisted dependency
2016-02-22 23:50:17 +01:00
e31c8922e0
kippo: revert twisted dependency
2016-02-22 13:57:24 -05:00
bb2639aafc
Merge branch 'curl-7.15-fixup' of https://github.com/zimbatm/nixpkgs into hardened-stdenv
2016-02-22 01:14:22 +00:00
5e26e698b9
Merge #13081 : update plex and plexpass
2016-02-21 11:47:07 +01:00
4036e9ba8c
Merge branch 'up' into hardened-stdenv
2016-02-20 22:27:33 +00:00
0e96c96b84
mosquitto: Use built-in Makefile for installation.
...
This will also install man pages, client-binaries (mosquitto_sub,
mosquitto_pub), libs, headers, etc.
2016-02-20 14:46:20 +01:00
bc21db3692
Merge remote-tracking branch 'upstream/master' into hardened-stdenv
2016-02-19 21:16:14 +00:00
bce982e082
Merge pull request #13076 from romildo/update-opensmtpd
...
opensmtpd: 5.7.3p1 -> 5.7.3p2
2016-02-19 22:53:59 +03:00
d39d87bb81
uwsgi: disable built-in yaml support
2016-02-19 17:02:40 +03:00
c6f143307c
uwsgi: refactor, throw sensible error if plugin is not found
2016-02-19 17:02:40 +03:00
4d06bf70f4
buildPythonApplication: use new function for Python applications
2016-02-19 13:16:41 +01:00
c4910af815
Merge branch 'redis-3.0.7' of https://github.com/kragniz/nixpkgs
2016-02-18 13:30:57 -05:00
6326172fed
redis: 3.0.6 -> 3.0.7
2016-02-18 17:36:36 +00:00
30213ffa3b
rspamd: git-2016-01-16 -> 1.1.3
2016-02-18 13:03:01 +01:00
799a3f8147
rmilter: 1.6.7 -> 1.7.3
...
Fixes #13080 .
2016-02-18 13:02:35 +01:00
454be2f4d7
plex: 0.9.15.3.1663 -> 0.9.15.3.1674
2016-02-17 14:47:55 -08:00
Franz Pletz
tv
Michael Raskin
Nikolay Amiantov
Robin Gloster
Domen Kožar
Cole Mickens
zimbatm
Peter Simons
Hoang Xuan Phu
Christoph Hrdinka
Graham Christensen
Frederik Rietdijk
Pascal Wittmann
Thomas Bereknyei
Vladimír Čunát
Moritz Ulrich
Arseniy Seroka
Frederik Rietdijk
Shea Levy
Louis Taylor