Commit Graph

636213 Commits

Author SHA1 Message Date
Masum Reza
64b80bfb31
[Backport release-24.05] google-chrome: 130.0.6723.{58,59} -> 130.0.6723.{69,70} (#351926) 2024-10-28 23:17:05 +05:30
Thomas Gerbet
b580496414 google-chrome: 130.0.6723.{58,59} -> 130.0.6723.{69,70}
Fixes CVE-2024-10229, CVE-2024-10230 and CVE-2024-10231.
https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html

(cherry picked from commit ed24e9e893)
2024-10-28 16:16:41 +00:00
Hendrik Sokolowski
92ad245496 sysstat: add iostat as mainProgram
(cherry picked from commit f251273e41)
2024-10-28 17:10:18 +01:00
Hendrik Sokolowski
9fe0825aff sysstat: adopt
(cherry picked from commit 3db1263401)
2024-10-28 17:10:18 +01:00
Hendrik Sokolowski
1aa3b5d751 maintainers: add hensoko
(cherry picked from commit f40c74785c)
2024-10-28 17:10:18 +01:00
Pavol Rusnak
6e45ae4299
[24.05] micropython: 1.22.2 -> 1.24.0 (#351871) 2024-10-28 17:02:51 +01:00
Aleksana
d30a86d3f0
[24.05] furmark: add an icon (#344948) 2024-10-28 20:59:50 +08:00
Jordan Williams
e9e07262f4
micropython: 1.23.0 -> 1.24.0
(cherry picked from commit ece2d90480)
2024-10-28 12:58:05 +01:00
R. Ryantm
184cc0e6ba
micropython: 1.22.2 -> 1.23.0
(cherry picked from commit 9784118a2f)
2024-10-28 12:52:21 +01:00
teutat3s
bf4de27fa4 element-desktop: 1.11.81 -> 1.11.82
https://github.com/element-hq/element-desktop/releases/tag/v1.11.82
(cherry picked from commit 8991fdb136)
2024-10-28 08:37:21 +01:00
Artturin
9b9516e15a
[Backport release-24.05] pyhton3Packages.databricks-sql-connector: Fix broken (#331732) 2024-10-28 07:05:32 +02:00
Artturin
87fc112445
[Backport release-24.05] qq: 3.2.12-2024.9.27 -> 3.2.13-2024.10.23 (#351621) 2024-10-28 06:50:06 +02:00
Emily
e17a214fdb
[Backport release-24.05] {ungoogled-,}chromium,chromedriver: 130.0.6723.58 -> 130.0.6723.69 (#351722) 2024-10-28 03:19:43 +01:00
Masum Reza
ef498e16f8
[Backport release-24.05] nixos/sway: workaround idle inhibit not working in Firefox (#350955) 2024-10-28 03:25:05 +05:30
Sefa Eyeoglu
576ee82325
[Backport release 24.05] vencord: 1.10.2 -> 1.10.5 (#351216) 2024-10-27 21:19:00 +01:00
Emily
2473202c97
[Backport release-24.05] teams-for-linux: 1.9.5 -> 1.11.2; electron 30 -> 32 (#351714) 2024-10-27 19:42:17 +00:00
Masum Reza
59a210b624
[Backport release-24.05] minidjvu: mark as vulnerable (#351644) 2024-10-27 23:40:52 +05:30
Austin Horstman
e8ab03fe9c
teams-for-linux: electron 30 -> electron 32
Looks like upstream bumped electron version, already.

(cherry picked from commit 0cf4af9081)
2024-10-27 13:10:41 -05:00
Austin Horstman
e2bb6f8275
teams-for-linux: 1.11.0 -> 1.11.2
(cherry picked from commit bce77b92c6)
2024-10-27 13:04:14 -05:00
R. Ryantm
0afbe27458
teams-for-linux: 1.10.2 -> 1.11.0
(cherry picked from commit c29703dd92)
2024-10-27 13:04:06 -05:00
R. Ryantm
a2a75b055d
teams-for-linux: 1.9.6 -> 1.10.2
(cherry picked from commit 183a96374e)
2024-10-27 13:03:52 -05:00
R. Ryantm
afdc6d0e20
teams-for-linux: 1.9.5 -> 1.9.6
(cherry picked from commit 4d4bf95a91)
2024-10-27 13:03:42 -05:00
emilylange
4fbfb6e847 ungoogled-chromium: 130.0.6723.58-1 -> 130.0.6723.69-1
https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html

This update includes 3 security fixes.

CVEs:
CVE-2024-10229 CVE-2024-10230 CVE-2024-10231

(cherry picked from commit db9d29e7f1)
2024-10-27 17:59:46 +00:00
emilylange
418ec1405a chromium,chromedriver: 130.0.6723.58 -> 130.0.6723.69
https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html

This update includes 3 security fixes.

CVEs:
CVE-2024-10229 CVE-2024-10230 CVE-2024-10231

(cherry picked from commit 925537f0d4)
2024-10-27 17:59:46 +00:00
Emily
5e34aff468
[Backport release-24.05] webcord-vencord: switch to electron_31 (#351674) 2024-10-27 14:35:14 +00:00
NotAShelf
9d53405a77 pkgs/top-level/all-packages.nix
webcord-vencord: switch to electron_31

Unfortunately Electron 32 is not supported - this is annoying, but we have always remained behind the regular Webcord package due to Electron issues, so nothing new.

(cherry picked from commit 77ff1fded3)
2024-10-27 14:25:03 +00:00
Emily
7a09e52da2
[release-24.05] grafana-loki: 3.1.1 -> 3.1.2 (#351254) 2024-10-27 14:36:06 +01:00
Artturin
f2c2d34ad0
[Backport release-24.05] skypeforlinux: 8.130.0.205 -> 8.131.0.202 (#351554) 2024-10-27 14:34:40 +02:00
Tomo
926a76fac7 minidjvu: mark as vulnerable
See https://github.com/NixOS/nixpkgs/issues/90896

(cherry picked from commit a0c6ffc324)
2024-10-27 12:30:16 +00:00
wxt
4dc13f35ef qq: 3.2.12-2024.9.27 -> 3.2.13-2024.10.23
(cherry picked from commit 8e1ad7ddb5)
2024-10-27 10:35:16 +00:00
wxt
8a2ee5a3c2 qq: nixfmt
(cherry picked from commit 2f3847af4f)
2024-10-27 10:35:16 +00:00
K900
e31c26bb54
[24.05] Backport kernel changes from #350757 (#351145) 2024-10-27 13:10:42 +03:00
Pavol Rusnak
87143242b5
[24.05] tor: 0.4.8.11 -> 0.4.8.13 (#351594) 2024-10-27 09:39:01 +01:00
PapayaJackal
dd370d3d0d
tor: 0.4.8.12 -> 0.4.8.13
(cherry picked from commit 81a8d9c892)
2024-10-27 09:19:36 +01:00
R. Ryantm
d9e04231de
tor: 0.4.8.11 -> 0.4.8.12
(cherry picked from commit cbd745cdf0)
2024-10-27 09:19:24 +01:00
Tomo
46c4646393
[24.05] python3Packages.js2py: remove usage in other packages (#351479)
Backport of https://github.com/NixOS/nixpkgs/pull/349550
2024-10-26 23:33:40 -07:00
Martin Joerg
72ab48edeb skypeforlinux: 8.130.0.205 -> 8.131.0.202
(cherry picked from commit 3b7509c608)
2024-10-27 03:30:37 +00:00
Samuel Tardieu
be9562c758 [24.05] python3Packages.js2py: remove usage in other packages
unmaintained and insecure: https://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape

(cherry picked from commit 0f79dd4197)
2024-10-27 02:14:18 +01:00
Ramses
cd3e8833d7
[Backport release-24.05] legcord: 1.0.1 -> 1.0.2 (#350123) 2024-10-26 22:11:06 +02:00
Philip Taron
7376799566
Fix codeowners backport (#351472) 2024-10-26 08:58:05 -07:00
Silvan Mosberger
9c45f83174 ci/OWNERS: Remove removed path
Was removed in 7e73ead5d0, but only
started failing once it actually started getting checked with https://github.com/NixOS/nixpkgs/pull/348642
2024-10-26 17:37:00 +02:00
Yorick
d89c30c07c
[release-24.05] Workflows security fix (#351461) 2024-10-26 17:02:56 +02:00
Silvan Mosberger
56e9a30c12 ci/OWNERS: Fix path of codeowners.yml
After https://github.com/NixOS/nixpkgs/pull/351446

(cherry picked from commit cd691f8864)
2024-10-26 16:56:01 +02:00
Silvan Mosberger
b246490d8c workflows: Rename after security fixes
In the previous two commits, security issues with these workflows were
fixed. In order for these to not be exploitable for PRs to branches that
don't have the fixes yet (including read-only branches like
nixos-unstable), these workflows are renamed, so that the old ones can
be turned off manually via GitHub interface.

Co-Authored-By: 13x1 <tori@disroot.org>
Co-Authored-By: basti564 <e3e@disroot.org>
(cherry picked from commit 5bbbc3a30b)
2024-10-26 16:54:44 +02:00
Silvan Mosberger
ccc38ebba1 workflows: Fix security issues
read-all permissions gives access to e.g. security-events, which these
don't need, and can easily lead to leaks

Co-Authored-By: 13x1 <tori@disroot.org>
Co-Authored-By: basti564 <e3e@disroot.org>
(cherry picked from commit 6b8ce4aedf)
2024-10-26 16:54:36 +02:00
Silvan Mosberger
5691625565 workflows/codeowners: Fix security issue
Co-Authored-By: 13x1 <tori@disroot.org>
Co-Authored-By: basti564 <e3e@disroot.org>
(cherry picked from commit 59aee1ca5d)
2024-10-26 16:54:23 +02:00
Masum Reza
d1a6e5865d
[Backport release-24.05] maintainers: update Atemu's emails (#351442) 2024-10-26 19:15:05 +05:30
Atemu
86b4df8737 maintainers: update Atemu's emails
(cherry picked from commit c83ce5bab4)
2024-10-26 13:37:52 +00:00
Nick Cao
bd7619e84a
[Backport release-24.05] arc-browser: 1.65.0-54911 -> 1.66.0-55166 (#351319) 2024-10-26 09:03:12 -04:00
DontEatOreo
cce85d9d8c arc-browser: 1.65.0-54911 -> 1.66.0-55166
Changelog: https://arc.net/e/00D675DF-0127-4340-9396-9616BEB71E57
(cherry picked from commit 1582530fed)
2024-10-26 00:54:09 +00:00