Commit Graph

564 Commits

Author SHA1 Message Date
Red Davies
ee1b13dd13 cassandra_2_2: 2.2.14 -> 2.2.19
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability

Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.

Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.

2.2.x users should upgrade to 2.2.18
2020-11-24 20:58:37 -05:00
Red Davies
b0f1fea52f cassandra_2_1: 2.1.20 -> 2.1.22
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability

Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.

Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.

2.1.x users should upgrade to 2.1.22
2020-11-24 20:42:29 -05:00
Red Davies
90d2986368 cassandra: 3.11.4 -> 3.11.9
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability

Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.

Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.

3.11.x users should upgrade to 3.11.8
2020-11-24 20:24:32 -05:00
Dave Anderson
4de5d2b081
influxdb2: init at v2.0.2 (#104717)
Signed-off-by: David Anderson <dave@natulte.net>
2020-11-24 16:06:39 +01:00
Graham Christensen
fbc4af5725 Revert "influxdb2: init at v2.0.2 (#104484)"
This reverts commit ecbe92e576.
2020-11-23 14:55:26 -05:00
Dave Anderson
ecbe92e576
influxdb2: init at v2.0.2 (#104484)
Signed-off-by: David Anderson <dave@natulte.net>
2020-11-23 20:40:42 +01:00
Thomas Depierre
63caecee7d riak-cs: delete 2020-10-28 19:31:33 +01:00
R. RyanTM
26f82d4246 influxdb: 1.8.2 -> 1.8.3 2020-10-18 14:18:35 +00:00
Mario Rodas
cbf2b8880b
Merge pull request #99250 from yorickvP/victoriametrics-auto-test
victoriametrics: add passthru.tests
2020-10-01 20:18:22 -05:00
Yorick van Pelt
1ef22a5d1f
victoriametrics: add passthru.tests 2020-10-01 11:58:32 +02:00
Souvik Sen
ae4a51c15c
victoriametrics: 1.40.0 -> 1.42.0 (#99241) 2020-10-01 04:49:59 -05:00
R. RyanTM
b0094fc46b influxdb: 1.8.0 -> 1.8.2 2020-09-05 02:11:12 +00:00
John Ericson
1965a241fc
Merge pull request #61019 from volth/gcc.arch-amd
platform.gcc.arch: support for AMD CPUs
2020-09-01 22:31:16 -04:00
R. RyanTM
6f2d868624 victoriametrics: 1.37.4 -> 1.40.0 2020-08-31 10:00:23 +00:00
Matthias Totschnig
9b2769b061 rethinkdb: use clangStdenv
And remove patch working around a GCC bug.
2020-08-21 15:44:52 -07:00
Matthias Totschnig
8025e4ffe4 rethinkdb: 2.3.6 -> 2.4.1, fix
Update patch that prevents making V8 snapshots, as those segfault.

Fix build by building only the database server. Other make targets fetch
dependencies at build time and this behaviour cannot be overriden.
Therefore, the clients and web interface are no longer built. See
rethinkdb/rethinkdb#6867.
2020-08-21 15:44:52 -07:00
zowoq
cea7cd902e buildGoModule packages: set doCheck = false 2020-08-10 16:02:30 +10:00
volth
cf7b63df5b gcc.arch: refactor, move tables under lib/ 2020-08-05 11:18:26 +00:00
zowoq
3c5750d1cd buildGoModule packages: editorconfig fixes 2020-07-31 13:58:04 +10:00
Vladimír Čunát
2b7c0dcdaa
Merge branch 'staging-next'
Rebuild on Hydra seems OK-ish.
mongodb.nix needed some conflict resolution (scons versions);
all four versions seem to build fine.
2020-07-25 16:18:40 +02:00
Jaka Hudoklin
fea9351d81
Merge pull request #92719 from pjjw/update/mongodb-42
mongodb: 4.0.12 -> 4.2.8
2020-07-24 20:15:29 +02:00
Peter Woodman
dbd0f3e957
mongodb: 4.0.12 -> 4.2.8
Not strictly an upgrade, but adds a new mongodb-4_2 target with the
current mongodb from that branch.

Use matching client and server versions in mongodb tests- tests were
using the mongo 3.4 client to connect, and this finally doesn't work
with server 4.2.

Per reviewer suggestion, adding myself as cheetah3 maintainer.

Additionally, reestore comments describing the purpose of the
build-dependencies patch
2020-07-24 11:44:16 -04:00
Daniël de Kok
28ce0b968b redis: 6.0.5 -> 6.0.6
Release notes:

https://groups.google.com/g/redis-db/c/7tuERP0dN9c/m/HddqH3X5BwAJ?pli=1
2020-07-23 10:47:44 +02:00
Vladimír Čunát
7a5c6fee0f
Merge branch 'master' into staging-next
Some rebuilds, e.g. all of haskell.
Hydra nixpkgs: ?compare=1601713
2020-07-22 08:37:19 +02:00
Justin Humm
6f7af76904
mongodb: use pname instead of name 2020-07-20 16:48:50 +02:00
Michael Weiss
5b14758d31
Merge pull request #92920 from primeos/scons
scons: 3.1.2 -> 4.0.0
2020-07-18 13:36:29 +02:00
Michael Weiss
595a36d846
scons.py2: Replace with sconsPackages.scons_3_1_2
Required since SCons 4.0.0 doesn't support Python 2.7 anymore.
2020-07-18 10:48:20 +02:00
Vladimír Čunát
c62e88ab81
Merge #91818: gperftools: fix on ARM 2020-07-11 11:08:58 +02:00
Vladimír Čunát
44391a72b2
mongodb: add basic check
For example, it detected the issue fixed in the parent commit
(tested on aarch64).
2020-07-11 11:07:18 +02:00
Mario Rodas
7f45aa87b2
Merge pull request #92658 from r-ryantm/auto-update/VictoriaMetrics
victoriametrics: 1.37.0 -> 1.37.4
2020-07-08 08:17:01 -05:00
Mario Rodas
cf5467dfa4
victoriametrics: add ldflags 2020-07-08 04:20:00 -05:00
R. RyanTM
bca87facad victoriametrics: 1.37.0 -> 1.37.4 2020-07-07 22:46:33 +00:00
R. RyanTM
520e4fdae0 redis: 6.0.3 -> 6.0.5 2020-07-07 07:27:17 +00:00
Souvik Sen
73df78b810 victoriametrics: 1.34.7 -> 1.37.0 2020-06-08 08:51:18 -04:00
Jamie McClymont
68a09ca2d4 redis: 6.0.1 -> 6.0.3
================================================================================
Redis 6.0.3     Released Sat May 16 18:10:21 CEST 2020
================================================================================

Upgrade urgency CRITICAL: a crash introduced in 6.0.2 is now fixed.

1eab62f7e Remove the client from CLOSE_ASAP list before caching the master.

================================================================================
Redis 6.0.2     Released Fri May 15 22:24:36 CEST 2020
================================================================================

Upgrade urgency MODERATE: many not critical bugfixes in different areas.
                          Critical fix to client side caching when
                          keys are evicted from the tracking table but
                          no notifications are sent.

The following are the most serious fix:

* XPENDING should not update consumer's seen-time
* optimize memory usage of deferred replies - fixed
* Fix CRC64 initialization outside the Redis server itself.
* stringmatchlen() should not expect null terminated strings.
* Cluster nodes availability checks improved when there is
  high Pub/Sub load on the cluster bus.
* Redis Benchmark: Fix coredump because of double free
* Tracking: send eviction messages when evicting entries.
* rax.c updated from upstream antirez/rax.
* fix redis 6.0 not freeing closed connections during loading.

New features:

* Support setcpuaffinity on linux/bsd
* Client Side Caching: Add Tracking Prefix Number Stats in Server Info
* Add --user argument to redis-benchmark.c (ACL)
2020-05-17 21:14:52 +12:00
Jamie McClymont
8cdc8687bf redis: handle changes to systemd support
The 6.0 changelog notes that systemd support was rewritten. The effects
of that seem to be twofold:

* Redis will silently fail to sd_notify if not built with libsystemd,
  breaking our unit configuration.
* It also appears to misbehave if told to daemonize when running under
  systemd -- note that upstream's sample unit configuration does not
  daemonize:
  https://github.com/antirez/redis/blob/unstable/utils/systemd-redis_server.service
2020-05-17 20:23:48 +12:00
Mario Rodas
8d3b239340
Merge pull request #87472 from r-ryantm/auto-update/redis
redis: 5.0.8 -> 6.0.1
2020-05-16 06:55:40 -05:00
Colin L Rice
d6162dab50
go-modules: Update files to use vendorSha256 2020-05-14 07:22:21 +01:00
R. RyanTM
4a07eb225b redis: 5.0.8 -> 6.0.1 2020-05-10 06:25:56 +00:00
R. RyanTM
40886adad8 eventstore: 5.0.7 -> 5.0.8 2020-05-01 09:06:14 +02:00
Maximilian Bosch
25b9bca759
mongodb_3_4: fix license
As noted in #83433, the 3.4 branch of `mongodb` is still licensed under
AGPL[1].

[1] https://github.com/mongodb/mongo/blob/r3.4.24/README
2020-04-21 18:05:15 +02:00
Mario Rodas
a4d12f7d81
Merge pull request #85109 from marsam/update-victoriametrics
victoriametrics: 1.34.5 -> 1.34.7
2020-04-15 06:51:53 -05:00
Mario Rodas
8686922e68
influxdb: 1.7.6 -> 1.8.0 (#85113) 2020-04-13 11:48:11 +00:00
Mario Rodas
a94fedc20d
victoriametrics: 1.34.5 -> 1.34.7 2020-04-12 04:20:00 -05:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
R. RyanTM
bc26f7d6e6 victoriametrics: 1.33.1 -> 1.34.5 2020-04-07 23:20:48 +00:00
Frederik Rietdijk
a36be028f5 Merge staging-next into staging 2020-03-28 21:15:15 +01:00
Michael Weiss
0950324466 scons: Add passthru.py2 for backward compatibility
Not all packages build with Python 3, see #75877. The goal is to get rid
of Python 2 but this approach ensures a smoother transition.
2020-03-27 10:49:52 -07:00
Jörg Thalheim
066db11215
Revert "Merge pull request #83099 from marsam/fix-buildGoModule-packages-darwin"
This reverts commit 4e6bf03504, reversing
changes made to afd997aab6.

Instead we propagate those frameworks from the compiler again
2020-03-27 07:33:21 +00:00
Maximilian Bosch
80e6da7bd3
mongodb: builds on aarch64 as well 2020-03-26 14:02:49 +01:00
Thibault Gagnaux
c2eee6ecdb
mongodb: 3.4.22 -> 3.4.24 & fix ssl
Reverts previous ssl fix commit and updates the mongodb version which fixes the ssl compile problem on darwin.
2020-03-26 14:02:49 +01:00
Nathan Smyth
de69821b54
mongodb-4_0: 4.0.11 -> 4.0.12 2020-03-26 14:02:49 +01:00
Nathan Smyth
44641ed00b
nixos/tests/mongodb: test against mongodb versions 3.4, 3.6, 4.0
Now has tests for 3.4, 3.6, 4.0. Has some duplication, but it appears to
work on my machine.
2020-03-26 14:02:49 +01:00
Nathan Smyth
165d8bda82
mongodb: 3.4.20 -> 3.4.22, 3.6.12 -> 3.6.13, 4.0.9 -> 4.0.11 2020-03-26 14:02:49 +01:00
Nathan Smyth
97c4dff158
mongodb: split packages to expose 3.4, 3.6 and 4.0 2020-03-26 14:02:48 +01:00
Nathan Smyth
e9bec1adf6
mongodb: 3.4.10 -> 4.0.4
fix: Adding libtool to allow darwin compiles

Libtool seems to be required for mongodb to compile on darwin.

fix: Marking MongoDB as broken on aarch64

fix: Adding libtools to the pkg imports

Update mongodb to 4.0.4
2020-03-26 14:02:48 +01:00
Mario Rodas
dba7b8e394 victoriametrics: fix build on darwin 2020-03-21 06:21:00 -05:00
Mario Rodas
ecce3a7bc9
Merge pull request #82864 from r-ryantm/auto-update/EventStore
eventstore: 5.0.6 -> 5.0.7
2020-03-20 06:26:53 -05:00
Ryan Mulligan
6bdfa0340c
Merge pull request #82730 from r-ryantm/auto-update/VictoriaMetrics
victoriametrics: 1.32.5 -> 1.33.1
2020-03-19 07:13:14 -07:00
R. RyanTM
2fe09ed2bf eventstore: 5.0.6 -> 5.0.7 2020-03-18 17:14:30 +00:00
R. RyanTM
b3b610831e redis: 5.0.7 -> 5.0.8 2020-03-17 05:00:56 +00:00
R. RyanTM
3ceec5df3c victoriametrics: 1.32.5 -> 1.33.1 2020-03-16 14:52:15 +00:00
R. RyanTM
2b337d2778 eventstore: 5.0.5 -> 5.0.6 2020-02-23 13:43:35 -08:00
Yorick van Pelt
a66a77d5fe
victoriametrics: init at v1.32.5 2020-01-29 19:52:10 +01:00
Mario Rodas
cacfb83000
Merge pull request #76336 from r-ryantm/auto-update/neo4j
neo4j: 3.5.13 -> 3.5.14
2020-01-06 08:08:01 -05:00
Robin Gloster
313da176d3
treewide: NIX_*_FLAGS -> string 2019-12-31 00:16:46 +01:00
Robin Gloster
ab0cfd9e03
treewide: NIX_*_COMPILE -> string 2019-12-31 00:10:18 +01:00
Frederik Rietdijk
6d059becd3 Merge gcc-9 into staging (#68029) 2019-12-30 16:38:38 +01:00
Merijn Broeren
133103d709
treewide: replace make/build/configure/patchFlags with nix lists 2019-12-30 12:58:11 +01:00
Franz Pletz
77b6c3cd06
Merge remote-tracking branch 'origin/master' into gcc-9 2019-12-26 14:17:36 +01:00
R. RyanTM
1a5f0c260b neo4j: 3.5.13 -> 3.5.14 2019-12-23 16:50:52 -08:00
R. RyanTM
3cbc71eeed neo4j: 3.5.12 -> 3.5.13 (#75282) 2019-12-09 00:21:27 +01:00
Jörg Thalheim
56e98fefee
redis: 5.0.6 -> 5.0.7 (#74621)
redis: 5.0.6 -> 5.0.7
2019-11-29 22:57:12 +00:00
Jörg Thalheim
b1f1c73b76
redis: reference tests 2019-11-29 12:28:02 +00:00
R. RyanTM
78661761cb redis: 5.0.6 -> 5.0.7 2019-11-29 03:41:41 -08:00
R. RyanTM
f25d1368bc eventstore: 5.0.2 -> 5.0.5 2019-11-27 17:07:00 -08:00
R. RyanTM
3e7fcc4d18 neo4j: 3.5.11 -> 3.5.12 (#71692)
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/neo4j/versions
2019-11-13 19:01:08 +01:00
Franz Pletz
6b10b78872
Merge remote-tracking branch 'origin/master' into gcc-9 2019-11-03 14:44:12 +01:00
Franz Pletz
6928b5c12b
arangodb: 3.3.23.1 -> 3.3.24, 3.4.7 -> 3.4.8, 3.5.0-rc.7 -> 3.5.1 2019-11-03 14:33:50 +01:00
Franz Pletz
c72bd90940
aerospike: fix build with gcc9 2019-11-03 14:26:32 +01:00
R. RyanTM
322bff8f69 apache-jena-fuseki: 3.12.0 -> 3.13.1
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/apache-jena-fuseki/versions
2019-10-21 23:10:22 -07:00
R. RyanTM
137e5975a0 redis: 5.0.5 -> 5.0.6
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/redis/versions
2019-10-08 10:02:31 -07:00
Jon
90c7ea4cd7
Merge pull request #69694 from r-ryantm/auto-update/neo4j
neo4j: 3.5.8 -> 3.5.11
2019-09-30 17:58:17 -07:00
R. RyanTM
4ac8b052a7 neo4j: 3.5.8 -> 3.5.11
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/neo4j/versions
2019-09-27 13:25:41 -07:00
R. RyanTM
b0a6f4d2c8 apache-jena-fuseki: 3.11.0 -> 3.12.0
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/apache-jena-fuseki/versions
2019-09-26 15:38:32 -07:00
Frederik Rietdijk
5f4734b1dd Merge remote-tracking branch 'upstream/gcc-8' into staging-next
Earlier the gcc8 branch was merged instead of the gcc-8 branch (note the dash)...
2019-09-08 20:44:26 +02:00
Robin Gloster
087ba0eedc
arangodb_3_2: remove
doesn't support gcc 8
2019-09-03 22:30:55 +02:00
Franz Pletz
de85797565
Merge remote-tracking branch 'origin/master' into gcc-8 2019-09-03 22:15:07 +02:00
Frederik Rietdijk
ad1d58c622 Merge staging-next into staging 2019-08-31 10:04:20 +02:00
Frederik Rietdijk
fc74ba8291 Merge master into staging-next 2019-08-31 09:50:38 +02:00
Vika
4b5fc2cfae
redis: Try to fix cross-compilation
**Note**: This makes redis use libc malloc when cross-compiling to
ARM. This may or may not degrade performance.

The reason for this is vendored jemalloc with Redis' patches. The
makefile for deps has hardcoded configure flags for jemalloc, and as a
result, it is unable to cross-compile it.
2019-08-29 17:12:06 +03:00
volth
08f68313a4 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
Frederik Rietdijk
5061fe0c2c Merge staging-next into staging 2019-08-28 08:26:42 +02:00
volth
35d68ef143 treewide: remove redundant quotes 2019-08-26 21:40:19 +00:00
Robin Gloster
616b8343c4
Merge remote-tracking branch 'upstream/master' into gcc-8 2019-08-25 18:55:46 +02:00
Vladimír Čunát
2e6bf42a22
Merge branch 'master' into staging-next
There ver very many conflicts, basically all due to
name -> pname+version.  Fortunately, almost everything was auto-resolved
by kdiff3, and for now I just fixed up a couple evaluation problems,
as verified by the tarball job.  There might be some fallback to these
conflicts, but I believe it should be minimal.

Hydra nixpkgs: ?compare=1538299
2019-08-24 08:55:37 +02:00
Robin Gloster
2d648e219b
rethinkdb: mark as broken
broken with openssl 1.1
2019-08-21 21:19:44 +02:00
Robin Gloster
4e60b0efae
treewide: update globin's maintained drvs 2019-08-20 19:36:05 +02:00
WilliButz
0c2b9e6eac
Merge pull request #65903 from r-ryantm/auto-update/EventStore
eventstore: 5.0.0 -> 5.0.2
2019-08-18 18:39:45 +02:00
volth
c814d72b51 treewide: name -> pname 2019-08-17 10:54:38 +00:00