It was found that Quassel could be remotely crashed and had an
unauthenticated RCE vulnerability. The public annoucement can be found
on the oss-sec archive [1]. The bump to 0.12.5 is supposed fixe both issues.
[1] http://seclists.org/oss-sec/2018/q2/77
Following legacy packing conventions, `isArm` was defined just for
32-bit ARM instruction set. This is confusing to non packagers though,
because Aarch64 is an ARM instruction set.
The official ARM overview for ARMv8[1] is surprisingly not confusing,
given the overall state of affairs for ARM naming conventions, and
offers us a solution. It divides the nomenclature into three levels:
```
ISA: ARMv8 {-A, -R, -M}
/ \
Mode: Aarch32 Aarch64
| / \
Encoding: A64 A32 T32
```
At the top is the overall v8 instruction set archicture. Second are the
two modes, defined by bitwidth but differing in other semantics too, and
buttom are the encodings, (hopefully?) isomorphic if they encode the
same mode.
The 32 bit encodings are mostly backwards compatible with previous
non-Thumb and Thumb encodings, and if so we can pun the mode names to
instead mean "sets of compatable or isomorphic encodings", and then
voilà we have nice names for 32-bit and 64-bit arm instruction sets
which do not use the word ARM so as to not confused either laymen or
experienced ARM packages.
[1]: https://developer.arm.com/products/architecture/a-profile
Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28
Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30
High CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous on 2018-02-20
High CVE-2018-6088: Use after free in PDFium. Reported by Anonymous on 2018-03-15
High CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by Rob Wu on 2018-02-04
High CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song on 2018-03-12
High CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05
High CVE-2018-6092: Integer overflow in WebAssembly. Reported by Natalie Silvanovich of Google Project Zero on 2018-03-08
Medium CVE-2018-6093: Same origin bypass in Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-01
Medium CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris Rohlf on 2016-08-01
Medium CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. Reported by Abdulrahman Alqabandi (@qab) on 2016-08-11
Medium CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-19
Medium CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr of Tencent's Xuanwu Lab on 2018-01-26
Medium CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-03
Medium CVE-2018-6099: CORS bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-02-03
Medium CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-02-11
Medium CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . Reported by Rob Wu on 2018-02-19
Medium CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-20
Medium CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani on 2018-02-24
Medium CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-08
Medium CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-18
Medium CVE-2018-6106: Incorrect handling of promises in V8. Reported by lokihardt of Google Project Zero on 2018-01-25
Medium CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-02
Medium CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-27
Low CVE-2018-6109: Incorrect handling of files by FileAPI. Reported by Dominik Weber (@DoWeb_) on 2017-04-10
Low CVE-2018-6110: Incorrect handling of plaintext files via file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24
Low CVE-2018-6111: Heap-use-after-free in DevTools. Reported by Khalil Zhani on 2017-11-02
Low CVE-2018-6112: Incorrect URL handling in DevTools. Reported by Rob Wu on 2017-12-29
Low CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani on 2018-01-25
Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on 2018-02-13
Low CVE-2018-6115: SmartScreen bypass in downloads. Reported by James Feher on 2018-03-07
Low CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by Jin from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. on 2018-03-15
Low CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey on 2018-03-15
Low CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS. Reported by Ian Beer of Google Project Zero on 2018-03-15
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/syncplay/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/dfjzzxr9ih0cpmz3ls5xcmfaf2qrhmhh-syncplay-1.5.3/bin/.syncplay-server-wrapped -h’ got 0 exit code
- ran ‘/nix/store/dfjzzxr9ih0cpmz3ls5xcmfaf2qrhmhh-syncplay-1.5.3/bin/.syncplay-server-wrapped --help’ got 0 exit code
- ran ‘/nix/store/dfjzzxr9ih0cpmz3ls5xcmfaf2qrhmhh-syncplay-1.5.3/bin/syncplay-server -h’ got 0 exit code
- ran ‘/nix/store/dfjzzxr9ih0cpmz3ls5xcmfaf2qrhmhh-syncplay-1.5.3/bin/syncplay-server --help’ got 0 exit code
- found 1.5.3 with grep in /nix/store/dfjzzxr9ih0cpmz3ls5xcmfaf2qrhmhh-syncplay-1.5.3
- directory tree listing: https://gist.github.com/52097c8cbb187c4fb391af784f94d056
Semi-automatic update generated by https://github.com/ryantm/nix-update tools. These checks were done:
- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 0.9.96 with grep in /nix/store/hy3dyckwbq8x0ylgydqf3hsd0yyj38mf-otter-browser-0.9.96
- directory tree listing: https://gist.github.com/3ba5ac755cab96acd876703e94dff4b4
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/notmuch/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/05v4k89ni4phwyxvqskr0hji49b5fmck-notmuch-0.26.1/bin/notmuch --help’ got 0 exit code
- ran ‘/nix/store/05v4k89ni4phwyxvqskr0hji49b5fmck-notmuch-0.26.1/bin/notmuch help’ got 0 exit code
- ran ‘/nix/store/05v4k89ni4phwyxvqskr0hji49b5fmck-notmuch-0.26.1/bin/notmuch --version’ and found version 0.26.1
- found 0.26.1 with grep in /nix/store/05v4k89ni4phwyxvqskr0hji49b5fmck-notmuch-0.26.1
- directory tree listing: https://gist.github.com/adeae189f9ac416571a7c0e3beca712f
Semi-automatic update generated by https://github.com/ryantm/nix-update tools.
This update was made based on information from https://repology.org/metapackage/qutebrowser/versions.
These checks were done:
- built on NixOS
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/qutebrowser -h` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/qutebrowser --help` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/..qutebrowser-wrapped-wrapped -h` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/..qutebrowser-wrapped-wrapped --help` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/.qutebrowser-wrapped -h` got 0 exit code
- ran `/nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1/bin/.qutebrowser-wrapped --help` got 0 exit code
- found 1.2.1 with grep in /nix/store/p9a5d6129dvx6gqbxn9fqgsmx7hnhwxb-qutebrowser-1.2.1
- directory tree listing: https://gist.github.com/b85ebb5c38a8861cac255f78b5c16525
* Fix reference CNI plugins
* The plugins were split out of the upstream cni repo around version
0.6.0
* Fix RBAC and DNS tests
* Fix broken apiVersion fields
* Change plugin linking to look in ${package}/bin rather than
${package.plugins}
* Initial work towards a working e2e test
* Test still fails, but at least the expression evaluates now
Continues @srhb's work in #37199Fixes#37199
Semi-automatic update generated by https://github.com/ryantm/nix-update tools.
This update was made based on information from https://repology.org/metapackage/newsboat/versions.
These checks were done:
- built on NixOS
- ran `/nix/store/sijgq2a38x45ada8xzl69s7c6lsiar3c-newsboat-2.11.1/bin/newsboat -h` got 0 exit code
- ran `/nix/store/sijgq2a38x45ada8xzl69s7c6lsiar3c-newsboat-2.11.1/bin/newsboat --help` got 0 exit code
- ran `/nix/store/sijgq2a38x45ada8xzl69s7c6lsiar3c-newsboat-2.11.1/bin/newsboat -V` and found version 2.11.1
- ran `/nix/store/sijgq2a38x45ada8xzl69s7c6lsiar3c-newsboat-2.11.1/bin/newsboat -v` and found version 2.11.1
- ran `/nix/store/sijgq2a38x45ada8xzl69s7c6lsiar3c-newsboat-2.11.1/bin/newsboat --version` and found version 2.11.1
- ran `/nix/store/sijgq2a38x45ada8xzl69s7c6lsiar3c-newsboat-2.11.1/bin/newsboat -h` and found version 2.11.1
- ran `/nix/store/sijgq2a38x45ada8xzl69s7c6lsiar3c-newsboat-2.11.1/bin/newsboat --help` and found version 2.11.1
- ran `/nix/store/sijgq2a38x45ada8xzl69s7c6lsiar3c-newsboat-2.11.1/bin/podboat -h` got 0 exit code
- ran `/nix/store/sijgq2a38x45ada8xzl69s7c6lsiar3c-newsboat-2.11.1/bin/podboat --help` got 0 exit code
- ran `/nix/store/sijgq2a38x45ada8xzl69s7c6lsiar3c-newsboat-2.11.1/bin/podboat -h` and found version 2.11.1
- ran `/nix/store/sijgq2a38x45ada8xzl69s7c6lsiar3c-newsboat-2.11.1/bin/podboat --help` and found version 2.11.1
- found 2.11.1 with grep in /nix/store/sijgq2a38x45ada8xzl69s7c6lsiar3c-newsboat-2.11.1
- directory tree listing: https://gist.github.com/b1dad1e84335a691d0ccf4aa357c12ad
Semi-automatic update generated by https://github.com/ryantm/nix-update tools.
This update was made based on information from https://repology.org/metapackage/telepathy-gabble/versions.
These checks were done:
- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 0.18.4 with grep in /nix/store/pg936ixgiw96xqsrdzbwc1civylmy1q5-telepathy-gabble-0.18.4
- found 0.18.4 in filename of file in /nix/store/pg936ixgiw96xqsrdzbwc1civylmy1q5-telepathy-gabble-0.18.4
- directory tree listing: https://gist.github.com/92190024cdfe17a3e79730f988d904f6