Otherwise, using imread() in octave threw:
/nix/store/4fvwfzwg58d7167an550xm1k6m7px443-octave-4.0.0/lib/octave/4.0.0/oct/x86_64-unknown-linux-gnu/__magick_read__.oct: failed to load: /nix/store/w7xr6frwffrl135v7vpxdwmnx8l95j5m-gfortran-4.9.3/lib/libstdc++.so.6: version `GLIBCXX_3.4.21' not found (required by /nix/store/qlxkin1arzwbcpiny6amn8747wp8ndg7-graphicsmagick-1.3.21/lib/libGraphicsMagick++.so.11)
(this is from 16.03, although I push this to staging)
Commit 2040a9ac57 changed the order of
$PATH elements, causing initialpath to appear after buildInputs. Thus
gnugrep ended up depending on bin/sh from bootstrapTools, rather than
from pkgs.bash. The fix is to provide pkgs.bash via buildInputs rather
than initialPath.
http://hydra.nixos.org/build/33276697
gcc5 enables additional warnings, causing the build to fail with
-Werror. The build could be fixed by specifically disabling errors
for `discarded-array-qualifiers` and `logical-not-parentheses` warnings,
but simply passing -Wno-error is more future proof.
See https://hydra.nixos.org/build/33274006/nixlog/1/raw
Overview of the updated versions:
stable: 48.0.2564.116 -> 49.0.2623.75
beta: 49.0.2623.63 -> 49.0.2623.75
dev: 50.0.2657.0 -> 50.0.2661.11
Stable and beta are now in par because of the release of a major stable
update.
The release addresses 26 security vulnerabilities, the following with an
assigned CVE:
* CVE-2016-1630: Same-origin bypass in Blink. Credit to Mariusz
Mlynski.
* CVE-2016-1631: Same-origin bypass in Pepper Plugin. Credit to Mariusz
Mlynski.
* CVE-2016-1632: Bad cast in Extensions. Credit to anonymous.
* CVE-2016-1633: Use-after-free in Blink. Credit to cloudfuzzer.
* CVE-2016-1634: Use-after-free in Blink. Credit to cloudfuzzer.
* CVE-2016-1635: Use-after-free in Blink. Credit to Rob Wu.
* CVE-2016-1636: SRI Validation Bypass. Credit to Ryan Lester and
Bryant Zadegan.
* CVE-2015-8126: Out-of-bounds access in libpng. Credit to
joerg.bornemann.
* CVE-2016-1637: Information Leak in Skia. Credit to Keve Nagy.
* CVE-2016-1638: WebAPI Bypass. Credit to Rob Wu.
* CVE-2016-1639: Use-after-free in WebRTC. Credit to Khalil Zhani.
* CVE-2016-1640: Origin confusion in Extensions UI. Credit to Luan
Herrera.
* CVE-2016-1641: Use-after-free in Favicon. Credit to Atte Kettunen of
OUSPG.
The full announcement which also includes the link to the bug tracker
can be found here:
http://googlechromereleases.blogspot.de/2016/03/stable-channel-update.html
Also, the 32bit Chrome package needed for the Flash and Widevine plugins
doesn't exist anymore, because Google has dropped support for 32bit
distros, see here for the announcement:
https://groups.google.com/a/chromium.org/forum/#!topic/chromium-dev/FoE6sL-p6oU
On our end, we need to fix the patch for the plugin paths to work for
the latest dev channel. The change is very minor, because the
nix_plugin_paths_46.patch only doesn't apply because of an iOS-related
ifdef.
Built and tested on my Hydra at:
https://headcounter.org/hydra/eval/311511
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes: #13665
