Commit Graph

64 Commits

Author SHA1 Message Date
Thomas Gerbet
a12a0047d0 expat: 2.4.9 -> 2.5.0
Fixes CVE-2022-43680

https://github.com/libexpat/libexpat/blob/R_2_5_0/expat/Changes
2022-11-05 13:18:49 +01:00
Robert Scott
880fa3ec19 expat: 2.4.8 -> 2.4.9 2022-09-20 22:26:34 +01:00
Artturin
1d44ac176c treewide: add enableParallelBuilding's to bootstrap packages so hashes stay the same
when enableParallelBuildingByDefault is enabled

verified with
`nix-diff $(nix eval ".#gcc-unwrapped.drvPath") $(nix eval --expr 'with import ./. { config = { enableParallelBuildingByDefault = true; }; }; gcc-unwrapped.drvPath' --impure)`
2022-05-25 16:03:14 +03:00
Artturin
f002ffed9a treewide: enable strictDeps in bootstrap packages 2022-05-22 16:40:26 +03:00
R. Ryantm
de181bc8f1 expat: 2.4.7 -> 2.4.8 2022-04-29 09:09:20 -05:00
Robert Scott
d88dc978f6 expat: add python3Packages.xmltodict to passthru.tests
as it has revealed compatibility issues in the past
2022-03-06 00:12:20 +00:00
Vladimír Čunát
48a007306b
expat: 2.4.6 -> 2.4.7
This primarily fixes regressions in various other packages
after the expat security fixes.
2022-03-05 08:18:00 +01:00
github-actions[bot]
d4bfb57f40
Merge master into staging-next 2022-03-05 00:01:54 +00:00
Robert Scott
16098f1cee expat: add some reverse dependencies to passthru.tests 2022-02-27 18:03:21 +00:00
Sebastian Pipping
08bd5cbf9c expat: 2.4.5 -> 2.4.6 2022-02-20 18:19:31 +01:00
Sebastian Pipping
62b1a57752 expat: 2.4.4 -> 2.4.5 (security) 2022-02-19 04:02:19 +01:00
Sebastian Pipping
93d05cd472 expat: 2.4.3 -> 2.4.4 2022-01-31 21:52:06 +01:00
Robert Scott
4bff2f943e expat: add patch for CVE-2022-23990 2022-01-28 13:09:58 -08:00
Robert Scott
4292c49b93 expat: add patches for CVE-2022-23852 2022-01-24 19:53:06 +00:00
Sebastian Pipping
890ea19c1b expat: 2.4.2 -> 2.4.3 (security) 2022-01-17 03:00:26 +01:00
Sergei Trofimovich
5400fb8000
expat: 2.4.1 -> 2.4.2 (#151445) 2021-12-25 16:55:17 -05:00
OPNA2608
392bca4c58
expat: Fix cmake config files
Header & library path constructions in CMake modules expect them to reside under the same prefix as the CMake files.
This assumption doesn't work with our multiple outputs so we patch the library path to the correct output.

Co-authored-by: Dmitry Kalinkin <dmitry.kalinkin@gmail.com>
2021-07-03 19:30:35 -04:00
Sebastian Pipping
9e74629a33
expat: 2.2.10 -> 2.4.1 (CVE-2013-0340) (#124212)
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2021-06-12 21:17:51 +02:00
Ben Siraphob
66e44425c6 pkgs/development/libraries: stdenv.lib -> lib 2021-01-21 19:11:02 -08:00
Vladimír Čunát
89023c38fc
Recover the complicated situation after my bad merge
I made a mistake merge.  Reverting it in c778945806 undid the state
on master, but now I realize it crippled the git merge mechanism.
As the merge contained a mix of commits from `master..staging-next`
and other commits from `staging-next..staging`, it got the
`staging-next` branch into a state that was difficult to recover.

I reconstructed the "desired" state of staging-next tree by:
 - checking out the last commit of the problematic range: 4effe769e2
 - `git rebase -i --preserve-merges a8a018ddc0` - dropping the mistaken
   merge commit and its revert from that range (while keeping
   reapplication from 4effe769e2)
 - merging the last unaffected staging-next commit (803ca85c20)
 - fortunately no other commits have been pushed to staging-next yet
 - applying a diff on staging-next to get it into that state
2020-10-26 09:01:04 +01:00
Vladimír Čunát
c778945806
Revert "Merge #101508: libraw: 0.20.0 -> 0.20.2"
I'm sorry; I didn't notice it contained staging commits.

This reverts commit 17f5305b6c, reversing
changes made to a8a018ddc0.
2020-10-25 09:41:51 +01:00
Tim Steinbach
d137333e67
expat: 2.2.8 -> 2.2.10 2020-10-17 17:21:41 -04:00
Matthew Bauer
d0677e6d45 treewide: add warning comment to “boot” packages
This adds a warning to the top of each “boot” package that reads:

  Note: this package is used for bootstrapping fetchurl, and thus cannot
  use fetchpatch! All mutable patches (generated by GitHub or cgit) that
  are needed here should be included directly in Nixpkgs as files.

This makes it clear to maintainer that they may need to treat this
package a little differently than others. Importantly, we can’t use
fetchpatch here due to using <nix/fetchurl.nix>. To avoid having stale
hashes, we need to include patches that are subject to changing
overtime (for instance, gitweb’s patches contain a version number at
the bottom).
2020-07-31 08:56:53 +02:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Vladimír Čunát
22a216849b
Re-Revert "Merge branch 'staging-next'"
This reverts commit f8a8fc6c7c.
2019-09-22 09:38:09 +02:00
Vladimír Čunát
f8a8fc6c7c
Revert "Merge branch 'staging-next'"
This reverts commit 41af38f372, reversing
changes made to f0fec244ca.

Let's delay this.  We have some serious regressions.
2019-09-21 20:05:09 +02:00
Vladimír Čunát
6b2aa16ec1
expat: 2.27 -> 2.28 (security)
Fixes #68818 CVE-2019-15903 (on this nixpkgs branch).
https://github.com/libexpat/libexpat/blob/R_2_2_8/expat/Changes
2019-09-15 09:36:40 +02:00
R. RyanTM
0eb4838191
expat: 2.2.6 -> 2.2.7
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/expat/versions
2019-07-01 17:02:38 +02:00
R. RyanTM
c64637ec6d expat: 2.2.5 -> 2.2.6
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/expat/versions.
2018-08-17 03:46:07 -07:00
volth
52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
John Ericson
133b4658df treewide: Simplify some doCheck calls
In anticipation of what I outline in #33599, I only simplify exactly those
`doCheck`s which are equal to `hostPlatform != buildPlatform`. I also stick a
comment next to them so I can grep for them later.
2018-01-09 12:37:38 -05:00
Vladimír Čunát
1d9a8e2289
Merge branch 'master' into staging 2017-11-06 13:24:06 +01:00
Robert Helgesson
b2e6b56016
expat: 2.2.4 -> 2.2.5 2017-11-01 21:58:48 +01:00
Ben Gamari
f8ce957263 expat: Don't run tests when cross-compiling 2017-10-27 20:32:24 -04:00
Tim Steinbach
4ab93f8236
expat: 2.2.3 -> 2.2.4 2017-08-21 10:42:52 +02:00
Robert Helgesson
2bbfac7b97
expat: fix build on aarch 2017-08-06 11:24:12 +02:00
Robert Helgesson
629becb544
expat: 2.2.2 -> 2.2.3 2017-08-04 11:30:04 +02:00
Robert Helgesson
cc8e2aec29
expat: 2.2.1 -> 2.2.2 2017-07-18 00:58:20 +02:00
Robert Helgesson
5fc48529bc
expat: 2.2.0 -> 2.2.1
Includes fixes for CVE-2017-9233 and CVE-2016-9063.
2017-06-19 00:01:17 +02:00
Tuomas Tynkkynen
a17216af4c treewide: Shuffle outputs
Make either 'bin' or 'out' the first output.
2016-08-29 14:49:51 +03:00
Alexander Ried
964fd18676 expat: 2.1.1 -> 2.2.0
security patches have been integrated upstream
2016-06-24 17:59:32 +02:00
Robert Helgesson
34cf7934c3 expat: patch CVE-2015-1283 and CVE-2016-0718 (close #15561)
Note, CVE-2015-1283 is already patched in expat version 2.1.1 but, as
explained in the patch, the fix was insufficient.
2016-05-20 09:43:29 +02:00
Robert Helgesson
6658077815 expat: 2.1.0 -> 2.1.1
Also remove CVE patch merged upstream and enable tests.
2016-05-17 21:20:48 +02:00
Vladimír Čunát
716aac2519 Merge branch 'staging' into closure-size 2016-01-19 09:55:31 +01:00
Vladimír Čunát
1878ac9335 tree-wide: various cleanups
It's mainly refactoring and mass-rebuild simplifications without any
real impact (besides better readability).
2016-01-02 11:29:45 +01:00
janus
55aa9163cc FreeBSD: minor fixes, add notes and make stdenv more robust 2016-01-01 17:01:13 +00:00
janus
9897b35661 FreeBSD: patch expat, kerberos, libedit, ossp-uuid, lz4, sharutils, add libelf-freebsd 2016-01-01 17:01:13 +00:00
Vladimír Čunát
dd915f82e7 expat: split dev output 2015-10-28 10:09:34 +01:00
James Cook
fba4a95068 expat: patch for CVE-2015-1283 from Mozilla 2015-07-27 22:36:15 -07:00
Vladimír Čunát
3f0ebe7e75 licenses: comment about two versions of MIT
I decided to follow spdx.org and not to differentiate those two.
Packages would often have the wrong version anyway.
2014-08-30 07:28:26 +02:00