Alexis Hildebrandt
f8c4a98e8e
treewide: Remove the definite article from meta.description
...
nix run nixpkgs#silver-searcher -- -G '\.nix$' -0l 'description.*"([Tt]he)? ' pkgs \
| xargs -0 nix run nixpkgs#gnused -- -i '' -Ee 's/(description.*")[Tt]he (.)/\1\U\2/'
2024-06-09 23:08:46 +02:00
Florian Brandes
cb4678361a
gnutls: fix an upstream regression in RSA certificates
...
The update to 3.8.5 involved adding a feature to conditionally
disable RSAES-PKCS1-v1.5 [1]. It was intended to be turned on
by default [2], but failed [3].
Therefore it is disabled, which in turn throws a new error:
"Fatal error: The encryption algorithm is not supported". (error 113).
This can have severe implications, as for example Lets Encrypt
signed RSA certificates aren't trusted anymore.
This commit fetches the upstream patch, which hasn't been included
in 3.8.5
[1]: https://gitlab.com/gnutls/gnutls/-/merge_requests/1828
[2]: https://gitlab.com/gnutls/gnutls/-/merge_requests/1828/diffs#cd5a2ba3b145c1bd292e027ef84c618b6b7fb895_267_274
[3]: https://gitlab.com/gnutls/gnutls/-/issues/1540
Signed-off-by: Florian Brandes <florian.brandes@posteo.de>
2024-05-15 07:33:04 +02:00
Sergei Trofimovich
307ef900a9
gnutls: 3.8.4 -> 3.8.5
...
While at it added a trivial updater.
Changes: https://gitlab.com/gnutls/gnutls/-/blob/3.8.5/NEWS
2024-04-25 09:54:34 +01:00
Alyssa Ross
5cd985405b
gnutls: add regression test for static builds
...
Would have caught the issue fixed by
525f8d9433
2024-04-05 14:35:23 +02:00
Alyssa Ross
525f8d9433
pkgsStatic.gnutls: fix build
...
We can't apply the upstream patch, because we'd have to redo the
bootstrap that's already done in the release tarball, and that's very
complicated.
Fixes: b6d2a4294e
2024-03-28 09:56:34 +01:00
Vladimír Čunát
f5487165d6
gnutls: revert switching compression libs to dlopen()
2024-03-21 10:02:29 +01:00
Vladimír Čunát
b6d2a4294e
gnutls: 3.8.3 -> 3.8.4 (medium security)
...
https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
2024-03-21 09:39:37 +01:00
Robert Scott
259fabc9ee
Merge pull request #282638 from risicle/ris-trivialautovarinit
...
cc-wrapper: add `trivialautovarinit` hardening flag support
2024-02-24 20:23:31 +00:00
Robert Scott
2b673eef6f
gnutls: disable trivialautovarinit hardening flag
2024-02-24 12:00:10 +00:00
Sean Link
629acbdc08
gnutls: add mingw support
...
part of a larger effort to add mingw support for qtmultimedia
2024-02-23 20:17:11 +01:00
Sean Link
7b11b26ca8
gnutls: run nixpkgs-fmt
2024-02-23 20:17:11 +01:00
Vladimír Čunát
1a9b407e59
gnutls: 3.8.2 -> 3.8.3
...
Fixes CVE-2024-0553 and CVE-2024-0567
https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html
2024-01-17 07:18:59 +01:00
Sergei Trofimovich
2707f6791a
gnutls: 3.8.1 -> 3.8.2
...
Changes: https://lists.gnupg.org/pipermail/gnutls-help/2023-November/004837.html
2023-11-19 12:23:40 +00:00
github-actions[bot]
0ee8715a0d
Merge master into staging-next
2023-08-13 12:00:52 +00:00
Vladimír Čunát
92dff845fa
gnutls: patch an API breakage from last update
...
https://github.com/NixOS/nixpkgs/pull/247704#issuecomment-1672810322
2023-08-11 09:19:40 +02:00
Robert Scott
933501dc92
gnutls: add openconnect and samba to passthru.tests
...
samba having been originally included in args but forgotten from
passthru.tests
2023-08-10 19:17:35 +01:00
Vladimír Čunát
6d54e6346c
gnutls: 3.8.0 -> 3.8.1
...
https://lists.gnupg.org/pipermail/gnutls-help/2023-August/004834.html
2023-08-07 11:40:46 +02:00
Gabriel Arazas
39e2454c14
gnutls: remove Guile bindings
...
The Guile bindings have been moved into its own repository.
2023-04-20 22:32:10 +08:00
Vladimír Čunát
0cedc3dedf
gnutls: drop the withSecurity option
...
The patch for `withSecurity = false` wouldn't apply anymore,
and it didn't seem sufficient for several months already.
Noone's shown interest in fixing that.
2023-02-14 20:39:48 +00:00
Vladimír Čunát
0442267e82
gnutls: 3.7.8 -> 3.8.0
...
https://lists.gnupg.org/pipermail/gnutls-help/2023-February/004816.html
Also fixes a "medium" severity CVE-2023-0361
http://www.gnutls.org/security-new.html#GNUTLS-SA-2020-07-14
nix-ssl-cert-file.patch: upstream's only changed whitespace around here
2023-02-14 20:39:48 +00:00
Robert Scott
dba170886f
gnutls: add some key reverse dependencies to passthru.tests
2023-02-11 20:07:29 +00:00
Artturin
7e49471316
treewide: optional -> optionals where the argument is a list
...
the argument to optional should not be list
2022-10-10 15:40:21 +03:00
Vladimír Čunát
45406f8116
gnutls: 3.7.7 -> 3.7.8
...
https://lists.gnupg.org/pipermail/gnutls-help/2022-September/004765.html
2022-09-28 08:57:21 +02:00
github-actions[bot]
de2d4d270d
Merge staging-next into staging
2022-08-11 00:03:19 +00:00
Vladimír Čunát
bf742b9b98
gnutls: officially adopt the package
...
I've been keeping an eye on it for years due to day job at knot-resolver
Eelco apparently hasn't touched gnutls since 2016,
so let's drop him from the list.
2022-08-10 20:14:13 +02:00
Maximilian Bosch
c9c802dfd8
gnutls: 3.7.6 -> 3.7.7, fix CVE-2022-2509
...
https://nvd.nist.gov/vuln/detail/CVE-2022-2509
https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html
2022-08-08 10:57:29 +02:00
Franz Pletz
c092a502df
treewide: remove myself as maintainer from some pkgs
...
Only packages I'm not able to maintain anymore as of today. Mostly
because I'm haven't been using them in a while.
2022-08-03 14:17:51 +02:00
Vladimír Čunát
8fb70dee32
gnutls: [darwin] propagate the security framework ( #179298 )
...
https://hydra.nixos.org/build/181628152
https://hydra.nixos.org/build/181629306
2022-06-27 09:51:49 +02:00
Vladimír Čunát
672046dceb
gnutls: enable Security framework on darwin (PR #179078 )
...
Otherwise the builds started to fail since the last bump:
https://hydra.nixos.org/build/181462581
https://hydra.nixos.org/build/181520558
2022-06-26 08:56:24 +02:00
Vladimír Čunát
f344b4da35
gnutls: 3.7.3 -> 3.7.6
...
https://lists.gnupg.org/pipermail/gnutls-help/2022-March/004738.html
https://lists.gnupg.org/pipermail/gnutls-help/2022-May/004743.html
https://lists.gnupg.org/pipermail/gnutls-help/2022-May/004744.html
2022-06-23 09:15:03 +02:00
Vladimír Čunát
a10d11b59f
gnutls: fix IDN support
...
- recent versions only accept libidn2 (not libidn)
- it's for free, as it's a runtime dependency of glibc anyway
2022-01-28 12:48:48 -08:00
Vladimír Čunát
67fc40aa12
gnutls: 3.7.2 -> 3.7.3
...
Includes a low-severity security fix.
https://lists.gnupg.org/pipermail/gnutls-help/2022-January/004736.html
2022-01-28 12:48:48 -08:00
Alyssa Ross
630883559a
pkgsStatic.gnutls: fix build
2021-11-23 20:34:44 +00:00
rnhmjoj
6f3b6a2fea
gnutls: enable p11-kit by default
...
GnuTLS has a single hard-coded location for the system trust store,
currently set to the path used by NixOS, Debian, Arch, Gentoo, etc.
Since not all distributions use the same path, notably Fedora and RHEL,
the certificate validation will break on some non-NixOS system.
This can be solved by enabling the p11-kit integration, so that by
default p11-kit (properly configured for all major distos) will provide
GnuTLS with the CA roots though the PKCS #11 API.
2021-11-18 22:38:22 +01:00
Vladimír Čunát
f083f92c1f
gnutls: avoid the (check-time) cacert dependency
...
The point is to reduce rebuild amount when updating cacert/nss,
though at *this* point it remains quite high - before & after:
Estimating rebuild amount by counting changed Hydra jobs (parallel=unset).
13109 x86_64-darwin
21567 x86_64-linux
Estimating rebuild amount by counting changed Hydra jobs (parallel=unset).
13109 x86_64-darwin
17141 x86_64-linux
2021-11-02 11:29:52 +01:00
github-actions[bot]
8b9fa8d446
Merge staging-next into staging
2021-06-16 18:04:48 +00:00
Alyssa Ross
b2ba2a9a4c
gnutls: fix homepage
...
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd ">
<html xmlns="http://www.w3.org/1999/xhtml " xml:lang="en" lang="en">
<head>
<title>GnuTLS - GNU Project - Free Software Foundation</title>
<meta http-equiv="content-type" content='text/html; charset=utf-8' />
<meta http-equiv="refresh" content="1; url=https://gnutls.org/ " />
<script type="text/javascript">
window.location.href = "https://gnutls.org/ "
</script>
</head>
<body>
<p>GnuTLS is at <a
href="https://gnutls.org/ ">https://gnutls.org/ </a>.</p>
<hr/>
</body>
</html>
2021-06-16 13:14:38 +00:00
Vladimír Čunát
ace52589b0
gnutls: construct url from version
...
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2021-06-16 08:50:04 +02:00
Vladimír Čunát
99ab89a4f5
gnutls: remove unused patch
...
It was forgotten in commit 8a91c70ec1
2021-06-11 06:55:04 +02:00
Vladimír Čunát
c41788d925
gnutls: simplify expression (pname + version)
...
We haven't supported multiple versions for a long time.
2021-06-11 06:53:41 +02:00
Vladimír Čunát
5945d9c484
gnutls: 3.7.1 -> 3.7.2
...
https://lists.gnupg.org/pipermail/gnutls-help/2021-May/004708.html
2021-06-10 19:54:41 +02:00
Kasper
54a942426e
gnutls: fix build with musl ( #119569 )
...
* gnutls: fix build with musl
* gnutls: don't handle old versions
Co-authored-by: Kasper Gałkowski <kpg@posteo.net>
2021-04-16 07:48:27 +01:00
Ben Wolsieffer
8a91c70ec1
gnutls: remove upstreamed armv7l patch
2021-04-16 00:14:30 -04:00
Vladimír Čunát
77cc22179b
gnutls: 3.7.0 -> 3.7.1
...
https://lists.gnupg.org/pipermail/gnutls-help/2021-March/004698.html
It includes a low-severity security fix:
https://gnutls.org/security-new.html#GNUTLS-SA-2021-03-10
postPatch: the patched file doesn't exist now and all tests still pass.
2021-03-18 16:02:56 +01:00
Martin Weinelt
e8308f4cbd
gnutls: 3.6.15 -> 3.7.0
...
https://lists.gnupg.org/pipermail/gnutls-help/2020-December/004670.html
2021-02-24 01:44:25 +01:00
Ivan Babrou
47f4eb0d66
gnutls: remove autogen from build dependencies
...
There's an error when compiling autogen on macos Big Sur with #105026 ,
and it compiles fine without autogen, so I see no reason to keep it.
The dependency on autogen was originally introduced in 31a128b32b
2021-01-20 07:36:45 +00:00
Jonathan Ringer
9bb3fccb5b
treewide: pkgs.pkgconfig -> pkgs.pkg-config, move pkgconfig to alias.nix
...
continuation of #109595
pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.
python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
2021-01-19 01:16:25 -08:00
Anderson Torres
52242b4e7d
Merge pull request #103925 from lopsided98/coreutils-tests-arm
...
coreutils, findutils, gnutls: fix build on 32-bit ARM
2020-12-07 23:38:08 -03:00
Graham Christensen
bc49a0815a
utillinux: rename to util-linux
2020-11-24 12:42:06 -05:00
Ben Wolsieffer
f54266824d
gnutls: fix build on 32-bit ARM
...
Add an upstream patch to fix failing tests. The patch actually affects gnulib,
which is included as a vendored dependency.
2020-11-21 20:02:22 -05:00
