nixpkgs/pkgs/servers
Red Davies b0f1fea52f cassandra_2_1: 2.1.20 -> 2.1.22
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability

Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.

Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.

2.1.x users should upgrade to 2.1.22
2020-11-24 20:42:29 -05:00
..
adguardhome adguardhome: add license 2020-06-30 21:57:50 +02:00
adminer adminer: 4.7.6 -> 4.7.7 2020-05-17 00:34:04 +00:00
amqp rabbitmq-server: 3.8.8 -> 3.8.9 2020-11-11 22:59:10 +00:00
ankisyncd ankisyncd: init at 2.1.0 2020-03-10 20:37:51 +01:00
apache-kafka Merge pull request #91170 from DianaOlympos/update/apache-kafka 2020-09-21 15:42:26 +02:00
apcupsd treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
asterisk asterisk: Bump all packages 2020-11-19 17:13:38 +01:00
atlassian atlassian-confluence: 7.8.1 -> 7.9.0 2020-11-10 11:53:23 +01:00
bazarr bazarr: 0.9.0.5 -> 0.9.0.6 2020-11-12 14:12:30 +00:00
beanstalkd beanstalkd: 1.11 -> 1.12 (#89890) 2020-06-09 07:52:57 +00:00
bird treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
blockbook maintainers: 1000101 -> _1000101 2020-08-18 07:59:48 +10:00
brickd brickd: request libusb1 directly 2020-04-27 12:19:12 +02:00
caddy maintainers: rename filalex77 -> Br1ght0ne 2020-11-17 13:09:31 +02:00
cayley buildGoPackage packages: editorconfig fixes 2020-07-31 14:07:43 +10:00
clickhouse clickhouse: update website 2020-07-08 08:19:43 +00:00
cloud-print-connector treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
code-server treewide: remove periods from end of package descriptions 2020-10-17 08:22:31 -07:00
computing storm: 2.1.0 -> 2.2.0 2020-10-25 09:33:38 +01:00
confluent-platform treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
consul consul: 1.8.4 -> 1.8.5 2020-10-29 22:44:05 +00:00
corosync treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
coturn coturn: 4.5.1.2 -> 4.5.1.3 2020-06-30 03:46:31 +00:00
couchpotato treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
dante treewide: remove periods from end of package descriptions 2020-10-17 08:22:31 -07:00
demoit demoit: unstable-2019-05-10 -> unstable-2020-06-11 2020-07-10 18:40:15 +02:00
dex dex-oidc: 2.17.0 -> 2.23.0 2020-09-07 19:56:20 +01:00
dgraph dgraph: 20.07.1 -> 20.07.2 2020-11-01 17:16:16 -08:00
dico dico: 2.9 -> 2.10 2020-09-07 16:49:32 +00:00
dict dict: look for config in /etc (#94050) 2020-07-28 18:12:20 +02:00
diod diod: fix build w/glibc-2.30 2020-01-23 00:21:22 +01:00
dns bind: fix cross-compilation 2020-11-19 21:49:19 +01:00
documize-community documize-community: 3.8.0 -> 3.8.1 2020-11-16 14:07:22 +01:00
domoticz nixos/domoticz: update to use GPL3 plus license 2020-10-11 11:16:45 +01:00
echoip buildGoModule packages: set doCheck = false 2020-08-10 16:02:30 +10:00
elasticmq treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
elasticmq-server-bin treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
endlessh endlessh: 1.0 -> 1.1 2020-01-31 12:00:00 -05:00
etcd etcd: 3.3.22 -> 3.3.25 2020-09-02 07:37:31 +10:00
exhibitor treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
fcgiwrap fcgiwrap: add license 2020-06-30 21:57:50 +02:00
felix felix: 5.6.1 -> 6.0.3 2020-05-01 09:04:29 +02:00
fileshare treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
fingerd/bsd-fingerd treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
firebird treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
foundationdb foundationdb: fix build: use glibc's gettid() 2020-10-11 19:53:53 +02:00
freeradius freeradius: 3.0.20 -> 3.0.21 2020-08-20 10:38:50 +02:00
ftp Merge pull request #95280 from risicle/ris-pure-ftpd-CVE-2020-9274 2020-08-14 21:49:16 +02:00
gemini/molly-brown molly-brown: 2020-07-06 -> 2020-08-19 2020-09-28 14:38:31 +02:00
gerbera gerbera: 1.6.1 -> 1.6.4 2020-10-18 09:03:52 +00:00
go-libp2p-daemon go-libp2p-daemon: init at 0.3.0 2020-11-06 12:04:00 -05:00
gobetween gobetween: remove deleteVendor, enable checks 2020-08-12 20:16:37 +10:00
gonic gonic: init at 0.11.0 2020-08-30 00:03:54 +02:00
gopher/gofish treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
gortr buildGoModule: remove platform.all from packages 2020-08-15 19:34:47 -07:00
gotify gotify-server: 2.0.18 -> 2.0.20 2020-10-16 15:50:08 +02:00
gotty treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
gpm treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
gpsd scons.py2: Replace with sconsPackages.scons_3_1_2 2020-07-18 10:48:20 +02:00
grocy grocy: 2.7.0 -> 2.7.1 2020-04-17 22:02:28 +02:00
h2 treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
hashi-ui hashi-ui: add license 2020-06-30 21:57:50 +02:00
hasura hasura: 1.2.1 -> 1.3.1-beta.1 2020-09-03 14:59:08 -05:00
hbase treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
headphones buildPython*: use pname 2020-03-30 17:07:41 +02:00
hitch hitch: 1.6.0 -> 1.7.0 2020-11-02 09:37:15 +00:00
holochain-go
home-assistant homeassistant: 0.118.0 -> 0.118.1 2020-11-19 21:31:27 +01:00
http update contact info 2020-11-18 12:00:31 -08:00
hydron hydron: remove enableParallelBuilding = true 2020-08-17 17:13:01 +10:00
hylafaxplus hylafaxplus: 7.0.2 -> 7.0.3 2020-08-14 03:58:03 +00:00
icecast icecast: update homepage link to use HTTPS (#100145) 2020-10-10 14:09:55 +00:00
icingaweb2 icingaweb2: 2.8.1 -> 2.8.2 2020-10-25 09:50:06 +01:00
identd oidentd: 2.4.0 -> 2.5.0 2020-05-09 08:54:49 +02:00
imgproxy imgproxy: 2.14.1 -> 2.15.0 2020-09-23 11:51:06 +00:00
interlock treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
irc nixos/tests/robustirc-bridge: init 2020-08-31 15:22:50 +02:00
irker treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
isso isso: build from master 2020-09-21 11:03:26 -07:00
jackett jackett: 0.16.2131 -> 0.16.2152 2020-11-15 07:46:53 +00:00
jellyfin jellyfin: 10.6.3 -> 10.6.4 2020-09-03 21:00:35 +02:00
jetbrains treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
jicofo jicofo: 1.0-589 -> 1.0-612 2020-08-08 12:30:13 -07:00
jitsi-videobridge jitsi-videobridge: 2.1-202-g5f9377b9 -> 2.1-273-g072dd44b 2020-08-08 12:30:58 -07:00
kapowbang kapowbang: rename from kapow 2020-10-02 22:05:09 +00:00
keycloak keycloak: 11.0.2 -> 11.0.3 2020-11-05 18:39:44 +01:00
kippo treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
klipper klipper: init at 0.8.0 2020-10-11 15:55:50 -07:00
kwakd treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
ldap/389 net-snmp: rename from net_snmp 2019-12-21 22:56:08 +00:00
lidarr lidarr: 0.7.1.1381 -> 0.7.2.1878 2020-11-03 06:39:32 +00:00
limesurvey limesurvey: 3.23.0+200813 -> 3.23.7+201006 2020-10-12 20:39:03 +02:00
livepeer livepeer: 0.5.11 -> 0.5.12 2020-11-11 15:11:34 -08:00
ma1sd treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
mail postfix: 3.5.7 -> 3.5.8 2020-11-19 16:14:56 +00:00
martin martin: init at 0.5.0 2020-06-25 21:30:39 +03:00
matrix-appservice-discord treewide: replace base64 encoded hashes 2020-06-03 18:35:19 +02:00
matrix-synapse matrix-synapse: 1.22.1 -> 1.23.0 2020-11-18 12:20:20 +00:00
matterbridge matterbridge: 1.18.0 -> 1.19.0 2020-11-17 21:42:14 +01:00
mattermost mattermost: 5.25.0 -> 5.25.3 2020-08-18 12:29:34 +02:00
mautrix-telegram mautrix-telegram: add postgresql database driver 2020-08-01 20:43:24 +02:00
mautrix-whatsapp mautrix-whatsapp: 0.1.3 -> 0.1.4 2020-09-05 16:21:42 +02:00
mbtileserver mbtileserver: init at 0.6.1 2020-09-15 09:41:37 +03:00
mediatomb treewide: don't use spidermonkey attr 2020-10-09 16:50:48 -04:00
memcached memcached: 1.6.6 -> 1.6.8 2020-11-03 07:13:06 +00:00
mesos-dns buildGoPackage packages: editorconfig fixes 2020-07-31 14:07:43 +10:00
metabase metabase: 0.37.0.2 -> 0.37.1 2020-11-19 03:03:59 +00:00
meteor meteor: 1.10.1 -> 1.10.2 2020-05-14 21:33:52 -07:00
microserver microserver: init at 0.1.8 2020-09-12 12:56:36 +02:00
miniflux miniflux: 2.0.21 -> 2.0.23 2020-09-19 18:21:22 +02:00
minio minio: drop redundant trimpath flag 2020-11-18 08:13:34 +10:00
mirrorbits mirrorbits: use deleteVendor 2020-09-08 16:32:39 +10:00
misc navidrome: 0.29.0 -> 0.38.0 2020-11-22 23:45:57 +01:00
mlflow-server diagrams-builder,mlflow-server: remove trailing whitespace 2020-11-09 11:39:28 +00:00
monitoring check-esxi-hardware: 20181001 -> 20200710 2020-11-23 06:33:53 -08:00
mpd mpd: 0.22.2 -> 0.22.3 2020-11-19 01:23:19 +00:00
mqtt/mosquitto mosquitto: 1.6.11 -> 1.6.12 2020-11-03 12:30:32 +00:00
mtprotoproxy mtprotoproxy: 1.0.9 -> 1.1.0 2020-11-22 04:22:31 +00:00
mumsi treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
mxisd treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
nas treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
nats-server nats-server: 2.1.7 -> 2.1.9 2020-11-09 12:14:38 +00:00
nats-streaming-server buildGoPackage: remove platform.all from packages 2020-08-15 19:34:47 -07:00
neard treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
news/leafnode treewide: remove package names from prefix of descriptions 2020-10-27 09:15:07 -07:00
nextcloud nextcloud18: 18.0.9 -> 18.0.10 2020-11-03 11:26:46 +01:00
nfs-ganesha nfs-ganesha: init at 3.3 2020-07-10 23:34:34 +02:00
nginx-sso nginx-sso: add passthru.tests 2020-06-23 00:42:00 +02:00
nosql cassandra_2_1: 2.1.20 -> 2.1.22 2020-11-24 20:42:29 -05:00
nsq treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
oauth2_proxy oauth2_proxy: 6.0.0 -> 6.1.1 2020-09-04 01:33:59 -04:00
openafs openafs_1_9: init at 1.9.0 2020-11-17 23:32:21 +01:00
openbgpd openbgpd: 6.7p0 -> 6.8p0 2020-10-29 22:09:51 -04:00
openxpki treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
osrm-backend osrm-backend: 5.22.0 -> 5.23.0 2020-10-15 00:57:12 +02:00
p910nd treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
pg_featureserv pg_featureserv: init at 1.1.1 2020-11-04 14:19:22 +03:00
pg_tileserv pg_tileserv: init at 1.0.3 2020-10-11 13:11:24 +03:00
pies treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
pim6sd pim6sd: init at unstable-2019-05-31 2020-05-25 00:53:33 +02:00
pinnwand treewide: remove periods from end of package descriptions 2020-10-17 08:22:31 -07:00
plex plex: add badmutex (myself) to maintainers list 2020-11-18 08:56:21 -06:00
polipo treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
pounce pounce: 1.4p2 -> 2.0 2020-11-04 06:23:23 +00:00
prayer treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
ps3netsrv treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
pulseaudio hsphfpd: init at 2020-10-25 2020-11-10 20:53:13 +01:00
quagga treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
radarr maintainers: add purcell (#96329) 2020-08-25 23:35:47 -04:00
radicale radicale: 3.0.3 -> 3.0.5 2020-09-02 09:04:04 -07:00
rainloop rainloop: 1.13.0 -> 1.14.0 2020-03-25 08:25:11 +00:00
rippled rippled: unbreak adding libnsl 2020-11-18 23:54:29 +01:00
roon-server treewide: remove periods from end of package descriptions 2020-10-17 08:22:31 -07:00
roundcube roundcube: 1.4.8 -> 1.4.9 2020-09-27 22:09:35 +02:00
routinator routinator: 0.7.1 -> 0.8.0 2020-10-19 12:01:21 +00:00
rpcbind treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
rt rt: fix build error 2020-03-19 18:13:20 -07:00
rtsp-simple-server rtsp-simple-server: 0.12.0 -> 0.12.1 2020-11-15 16:30:05 +00:00
sabnzbd sabnzbd: 2.3.9 -> 3.0.1 2020-08-22 11:50:28 +09:30
samba Merge branch 'staging-next' into staging 2020-09-29 00:12:29 +02:00
scylladb scylladb: don't build on Hydra; /cc PR #70576 2019-10-12 09:46:56 +02:00
search maintainers: rename filalex77 -> Br1ght0ne 2020-11-17 13:09:31 +02:00
ser2net treewide: simplify rev/repo arguments in src 2020-11-01 23:02:24 -08:00
serf treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
serviio serviio: 2.0 -> 2.1 2020-05-12 22:17:36 -07:00
shairplay treewide: name -> pname (easy cases) (#66585) 2019-08-15 13:41:18 +01:00
shairport-sync shairport-sync: 3.3.5 -> 3.3.6 2020-02-23 13:58:19 -08:00
shellinabox treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
shishi treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
sickbeard sickgear: 0.22.15 -> 0.23.0 2020-11-15 17:35:05 +00:00
silc-server treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
simplehttp2server treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
sip freeswitch: use spandsp3 2020-11-18 17:13:30 +01:00
sks treewide: remove redundant quotes 2019-09-08 23:38:31 +00:00
skydns buildGoPackage packages: editorconfig fixes 2020-07-31 14:07:43 +10:00
slimserver treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
smcroute treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
softether treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
sonarr maintainers: add purcell (#96329) 2020-08-25 23:35:47 -04:00
sozu maintainers: rename filalex77 -> Br1ght0ne 2020-11-17 13:09:31 +02:00
sql Merge pull request #103862 from r-ryantm/auto-update/dolt 2020-11-23 23:51:20 +01:00
squid squid: 4.12 -> 4.13 2020-08-31 05:22:17 +00:00
sslh sslh: 1.21 -> 1.21c 2020-08-31 05:40:31 +00:00
syncserver treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
tacacsplus tacacsplus: fix build w/glibc-2.32 2020-09-12 23:04:49 +02:00
tailscale tailscale: 1.2.6 -> 1.2.8 2020-11-16 16:46:16 -08:00
tang treewide: remove periods from end of package descriptions 2020-10-17 08:22:31 -07:00
tarssh tarssh: init at 0.4.0 2020-10-05 00:39:01 +02:00
tautulli treewide: remove periods from end of package descriptions 2020-10-17 08:22:31 -07:00
tegola tegola: exclude example package 2020-09-27 04:20:00 +00:00
teleport teleport: 4.2.10 -> 4.2.11 2020-07-02 17:36:30 -07:00
tmate-ssh-server treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
tracing/tempo tempo: 0.2.0 -> 0.3.0 2020-11-11 19:28:31 +01:00
traefik traefik: 2.3.2 -> 2.3.3 2020-11-22 14:32:32 +00:00
trezord trezord: 2.0.29 -> 2.0.30 2020-11-09 19:26:28 +01:00
trickster maintainers: 1000101 -> _1000101 2020-08-18 07:59:48 +10:00
tt-rss tt-rss-theme-feedly: 2.3.1 -> 2.5.0 2020-08-21 22:11:36 +02:00
ttyd ttyd: 1.6.0 -> 1.6.1 2020-06-30 18:01:39 +00:00
tvheadend tvheadend: include dtv scan tables 2020-07-30 23:22:46 +02:00
u9fs u9fs: 20110513 -> unstable-2020-11-21 2020-11-22 19:56:00 +01:00
udpt udpt: remove verifyCargoDeps 2020-08-15 10:34:08 +10:00
uftp uftp: 4.10.2 -> 5.0 2020-04-30 11:43:02 +00:00
uhub treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
ums Merge pull request #87147 from snicket2100/ums-maintainer 2020-05-06 20:58:54 -07:00
unfs3 treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
unifi unifiBeta: update to 6.0.28 2020-11-05 13:00:00 +01:00
unpfs unpfs: upgrade cargo fetcher and cargoSha256 2020-03-08 23:09:16 -04:00
ursadb ursadb: init at v1.2.0 2020-04-03 11:29:05 +02:00
urserver urserver: init at 3.6.0.745 2020-08-09 12:33:37 -07:00
uwsgi uwsgi: 2.0.18 -> 2.0.19.1 2020-07-06 18:35:34 +02:00
varnish treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
web-apps Merge pull request #103922 from r-ryantm/auto-update/shaarli 2020-11-23 23:33:02 +01:00
webmetro buildRustPackage: remove platform.all from packages 2020-08-16 12:48:18 +10:00
wsdd nixos/tests/samba-wsdd: add check WSD Discovery 2020-11-23 17:13:22 +03:00
x11 Merge master into staging-next 2020-11-09 14:33:52 +01:00
xandikos maintainers: 0x4A6F -> _0x4A6F 2020-08-18 07:59:44 +10:00
xinetd xinetd: fix build w/glibc-2.32 2020-09-12 23:04:50 +02:00
xmpp prosody: install prosody-migrator tool 2020-10-31 17:56:10 -07:00
zigbee2mqtt zigbee2mqtt: 1.16.0 -> 1.16.1 2020-11-17 04:58:52 +01:00
zoneminder zoneminder: 1.34.16 -> 1.34.22 2020-11-04 14:24:09 +01:00
zookeeper treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00