Commit Graph

108805 Commits

Author SHA1 Message Date
Joachim F
1a0b1d94ed Merge pull request #26454 from DeltaEvo/teamspeak
Teamspeak (client: 3.0.19.4 -> 3.1.4, server: 3.0.13.5 -> 3.0.13.6)
2017-06-09 22:59:01 +01:00
Joachim F
a109f52c4e Merge pull request #26445 from lheckemann/osg340
openscenegraph: 3.2.3 -> 3.4.0
2017-06-09 22:58:32 +01:00
Jörg Thalheim
a54eea6827 Merge pull request #26495 from makefu/pkgs/metasploit/update
metasploit: 4.14.17 -> 4.14.25
2017-06-09 22:39:07 +01:00
Jörg Thalheim
95f733e0aa
bundix: 2.1.0 -> 2.2.0 2017-06-09 22:37:36 +01:00
Jörg Thalheim
0cab4cac12
metasploit: add missing update deps to shell.nix 2017-06-09 22:20:28 +01:00
Joachim F
506f990372 Merge pull request #26461 from romildo/upd.flat-plat
flat-plat: 20170515 -> 20170605
2017-06-09 22:19:38 +01:00
makefu
c1135333d1
metasploit: 4.14.17 -> 4.14.25 2017-06-09 23:09:22 +02:00
Joachim F
cabdbcbcb8 Merge pull request #26483 from ciil/lbreakout2-pkg
lbreakout2: init at 2.6.5
2017-06-09 21:54:24 +01:00
Jörg Thalheim
c0e14c084d
metasploit: add missing update deps to shell.nix 2017-06-09 21:45:24 +01:00
Vladimír Čunát
d12497a23b
pycairo: fix #26475 - another dead patch download 2017-06-09 21:57:35 +02:00
Edward Tjörnhammar
a66a9ae8e8
kodi-retroarch-advanced-launchers: ensure sound has been released 2017-06-09 20:41:02 +02:00
Daiderd Jordan
57091a19e2 Merge pull request #26043 from orivej/sasl
cyrus_sasl: fix version
2017-06-09 20:30:35 +02:00
Daiderd Jordan
a6dc11e81e
tmux: fix hash, looks like the upstream tag was moved
--- a/configure.ac       1970-01-01 01:00:01.000000000 +0100
+++ b/configure.ac       1970-01-01 01:00:01.000000000 +0100
@@ -1,6 +1,6 @@
 # configure.ac

-AC_INIT(tmux, 2.5-rc)
+AC_INIT(tmux, 2.5)
 AC_PREREQ([2.60])

 AC_CONFIG_AUX_DIR(etc)
2017-06-09 19:54:39 +02:00
Bjørn Forsman
6a55fda61e nixos/acme: improve documentation
* Use literalExample for better readability
* Clarify a bit wrt. 'webroot' and 'allowKeysForGroup'
2017-06-09 19:35:17 +02:00
Bjørn Forsman
7a0e958b97 nixos/acme: support "full.pem" (for lighttpd)
* Create "full.pem" from selfsigned certificate
* Tell simp_le to create "full.pem"
* Inject service dependency between lighttpd and the generation of certificates

Side note: According to the internet these servers also use the
"full.pem" format: pound, ejabberd, pure-ftpd.
2017-06-09 19:35:17 +02:00
Simon Lackerbauer
7d87d234d3 lbreakout2: init at 2.6.5 2017-06-09 19:23:40 +02:00
Michael Weiss
b615c2e992 android-studio: 2.3.2.0 -> 2.3.3.0 2017-06-09 18:46:54 +02:00
ikervagyok
55ca2cf495 minecraft-server: 1.11.2 -> 1.12 (#26458) 2017-06-09 17:07:31 +01:00
Joachim F
66e82eaea8 Merge pull request #26488 from romildo/upd.jwm
jwm: 1582 -> 1594
2017-06-09 15:33:54 +01:00
Simon Lackerbauer
762aa2b819 lbreakout2: init at 2.6.5 2017-06-09 16:31:36 +02:00
Simon Lackerbauer
ff621bc0ee Merge branch 'lbreakout2' of github.com:ciil/nixpkgs into lbreakout2 2017-06-09 16:24:56 +02:00
Graham Christensen
7d8218a351 Merge pull request #26489 from michalpalka/xen-security
xen: patch for XSAs: 206, 211, 212, 213, 214 and 215
2017-06-09 09:31:42 -04:00
Vladimír Čunát
97f3009bf8
pycairo: fix #26475 - a dead patch download 2017-06-09 15:21:25 +02:00
Michał Pałka
dd3dcceb23 xen: patch for XSAs: 206, 211, 212, 213, 214 and 215
XSA-206 Issue Description:

> xenstored supports transactions, such that if writes which would
> invalidate assumptions of a transaction occur, the entire transaction
> fails.  Typical response on a failed transaction is to simply retry
> the transaction until it succeeds.
>
> Unprivileged domains may issue writes to xenstore which conflict with
> transactions either of the toolstack or of backends such as the driver
> domain. Depending on the exact timing, repeated writes may cause
> transactions made by these entities to fail indefinitely.

More: https://xenbits.xen.org/xsa/advisory-206.html

XSA-211 Issue Description:

> When a graphics update command gets passed to the VGA emulator, there
> are 3 possible modes that can be used to update the display:
>
> * blank - Clears the display
> * text - Treats the display as showing text
> * graph - Treats the display as showing graphics
>
> After the display geometry gets changed (i.e., after the CIRRUS VGA
> emulation has resized the display), the VGA emulator will resize the
> console during the next update command. However, when a blank mode is
> also selected during an update, this resize doesn't happen. The resize
> will be properly handled during the next time a non-blank mode is
> selected during an update.
>
> However, other console components - such as the VNC emulation - will
> operate as though this resize had happened. When the display is
> resized to be larger than before, this can result in a heap overflow
> as console components will expect the display buffer to be larger than
> it is currently allocated.

More: https://xenbits.xen.org/xsa/advisory-211.html

XSA-212 Issue Description:

> The XSA-29 fix introduced an insufficient check on XENMEM_exchange
> input, allowing the caller to drive hypervisor memory accesses outside
> of the guest provided input/output arrays.

More: https://xenbits.xen.org/xsa/advisory-212.html

XSA-213 Issue Description:

> 64-bit PV guests typically use separate (root) page tables for their
> kernel and user modes.  Hypercalls are accessible to guest kernel
> context only, which certain hypercall handlers make assumptions on.
> The IRET hypercall (replacing the identically name CPU instruction)
> is used by guest kernels to transfer control from kernel mode to user
> mode.  If such an IRET hypercall is placed in the middle of a multicall
> batch, subsequent operations invoked by the same multicall batch may
> wrongly assume the guest to still be in kernel mode.  If one or more of
> these subsequent operations involve operations on page tables, they may
> be using the wrong root page table, confusing internal accounting.  As
> a result the guest may gain writable access to some of its page tables.

More: https://xenbits.xen.org/xsa/advisory-213.html

XSA-214 Issue Description:

> The GNTTABOP_transfer operation allows one guest to transfer a page to
> another guest.  The internal processing of this, however, does not
> include zapping the previous type of the page being transferred.  This
> makes it possible for a PV guest to transfer a page previously used as
> part of a segment descriptor table to another guest while retaining the
> "contains segment descriptors" property.
>
> If the destination guest is a PV one of different bitness, it may gain
> access to segment descriptors it is not normally allowed to have, like
> 64-bit code segments in a 32-bit PV guest.
>
> If the destination guest is a HVM one, that guest may freely alter the
> page contents and then hand the page back to the same or another PV
> guest.
>
> In either case, if the destination PV guest then inserts that page into
> one of its own descriptor tables, the page still having the designated
> type results in validation of its contents being skipped.

More: https://xenbits.xen.org/xsa/advisory-214.html

XSA-215 Issue Description:

> Under certain special conditions Xen reports an exception resulting
> from returning to guest mode not via ordinary exception entry points,
> but via a so call failsafe callback.  This callback, unlike exception
> handlers, takes 4 extra arguments on the stack (the saved data
> selectors DS, ES, FS, and GS).  Prior to placing exception or failsafe
> callback frames on the guest kernel stack, Xen checks the linear
> address range to not overlap with hypervisor space.  The range spanned
> by that check was mistakenly not covering these extra 4 slots.

More: https://xenbits.xen.org/xsa/advisory-215.html
2017-06-09 13:09:01 +00:00
romildo
44681c53d6 jwm: 1582 -> 1594 2017-06-09 09:30:20 -03:00
Jörg Thalheim
14eeae9d4e Merge pull request #26474 from Mic92/cc-wrapper
cc-wrapper: externalize default_cxx_stdlib_compile
2017-06-09 13:27:53 +01:00
Jörg Thalheim
fdf43ddf4a Merge pull request #26479 from jgertm/jgertm/buck
buck: build buckd as well
2017-06-09 13:26:40 +01:00
Vladimír Čunát
cc9a72a286
virtualboxGuestAdditions: don't install setuid/setgid 2017-06-09 13:09:21 +02:00
Frederik Rietdijk
a78bf7df14 Merge pull request #26437 from vaibhavsagar/unbreak-thumbor
python.pkgs.thumbor: fix package
2017-06-09 12:55:50 +02:00
Joachim Fasting
39f7530e47
tinycc: 0.9.27pre-20170527 -> 0.9.27pre-20170605
Contains further fix to x86_64 codegen (and some less relevant Windows
stuff).
2017-06-09 12:54:59 +02:00
Joachim Fasting
b1f0af7ef6
linuxPackages.evdi: specify minimum kernel version, per upstream
Upstream says 3.16 is the oldest supported kernel.  No versions prior to
3.18 build on Hydra. See e.g., https://hydra.nixos.org/build/53599831.
2017-06-09 12:54:57 +02:00
Frederik Rietdijk
184ab11fc9 Merge pull request #26484 from michalpalka/xen-python-fix
xen: fix pygrub by making sure it is wrapped
2017-06-09 12:45:03 +02:00
romildo
f2e075a241 mkvtoolnix: 11.0.0 -> 12.0.0 2017-06-09 12:44:17 +02:00
Joachim F
7badb92629 Merge pull request #26404 from ambrop72/kdevelop-511
kdevelop: 5.0.4 -> 5.1.1
2017-06-09 08:44:01 +01:00
Simon Lackerbauer
63e967a33a lbreakout2: init at 2.6.5 2017-06-09 09:25:28 +02:00
Peter Simons
fbb5b2ef01 multi-ghc-travis: update to latest git version 2017-06-09 09:23:36 +02:00
Simon Lackerbauer
d6138238e3 add package for lbreakout2, a breakout clone from the popular lgames
series
2017-06-09 09:21:17 +02:00
Michał Pałka
965668903a xen: fix pygrub by making sure it is wrapped
Recent commit #c10af9e744c91dff1ccc07a52a0b57d1e4d339f3 changed the
behaviour of wrapPythonPrograms, which caused pygrub to no longer
being wrapped. This commit fixes this.
2017-06-09 06:22:03 +00:00
Peter Hoeg
bcf9af560a ncmpc: 0.24 -> 0.27
Upstream has moved to github as well.
2017-06-09 12:55:20 +08:00
Peter Hoeg
207ac3c7b8 mpd_clientlib: 2.10 -> 2.11
Upstream has moved to github as well.
2017-06-09 12:55:20 +08:00
Peter Hoeg
c87f034977 mpd: 0.20.6 -> 0.20.9
Upstream has also moved to github.
2017-06-09 12:04:58 +08:00
Peter Hoeg
292f121fb2 mpc: 0.27 -> 0.28
Upstream has also moved to github
2017-06-09 12:04:58 +08:00
Tuomas Tynkkynen
2bfc977b6e ethtool: 4.10 -> 4.11 2017-06-09 01:58:23 +03:00
Joachim Fasting
8e706b051e
tor: 0.3.0.7 -> 0.3.0.8
Of particular note are fixes for hidden service crashing bugs
(TROVE-2017-004 and TROVE-2017-005).

See https://blog.torproject.org/blog/tor-0308-released-fix-hidden-services-also-are-02429-02514-02612-0278-02814-and-02911
2017-06-09 00:40:25 +02:00
Tim Jäger
cfe23e19ab buck: build buckd as well
buck tries to launch buckd to run in the background. While not neccessary, it
does speed up builds.
2017-06-08 15:36:30 -07:00
Jörg Thalheim
ffdfa662fc Merge pull request #26476 from romildo/upd.jetbrains
jetbrains.clion: 2017.1.1 -> 2017.1.3, jetbrains.idea-community: 2017.1.3 -> 2017.1.4, jetbrains.idea-ultimate: 2017.1.3 -> 2017.1.4
2017-06-08 21:35:24 +01:00
Jörg Thalheim
ff139c49f7 Merge pull request #26438 from jgertm/jgertm/buck
buck: init at v2017.05.31.01
2017-06-08 21:27:33 +01:00
Jörg Thalheim
211736fabf Merge pull request #26472 from romildo/upd.colordiff
colordiff: 1.0.16 -> 1.0.18
2017-06-08 21:25:06 +01:00
Tuomas Tynkkynen
69901f16c9 yle-dl: 2.15 -> 2.16 2017-06-08 23:13:06 +03:00
Tuomas Tynkkynen
211c55b247 strace: 4.16 -> 4.17 2017-06-08 23:13:06 +03:00