Permalink
Commits on Jan 10, 2017
  1. flashplayer: 24.0.0.186 -> 24.0.0.194

    (cherry picked from commit ce11097)
    taku0 committed with 7c6f434c Jan 10, 2017
Commits on Jan 9, 2017
  1. pdf2djvu: fix build

    pSub committed Jan 9, 2017
  2. hackage-packages.nix: automatic Haskell package set update

    This update was generated by hackage2nix v2.0.4-7-g48fad11 from Hackage revision
    commercialhaskell/all-cabal-hashes@e89923e.
    peti committed Jan 8, 2017
  3. cc-wrapper: don't expand $ in response files

    This makes the response file handling more consistent with GCC.
    
    For example, a reponse file may contain:
    
        "-Wl,$ORIGIN"
    
    GCC will treat this as a double quoted string and not expand the
    variable reference.  Previously, cc-wrapper would expand the variable
    in the same was as if the string was provided on the command line.
    
    (cherry picked from commit 175461e)
    corngood committed with peti Nov 19, 2016
  4. cc-wrapper: expand response files

    Fixes #11762
    
    (cherry picked from commit 1ad1edb)
    corngood committed with peti Oct 30, 2016
  5. Merge pull request #21721 from jokogr/u/syncthing-gtk-for-16.09

    syncthing-gtk: 0.6.3 -> 0.9.2.3 (for 16.09)
    7c6f434c committed on GitHub Jan 9, 2017
Commits on Jan 8, 2017
  1. lighttpd: 1.4.41 -> 1.4.44

    (cherry picked from commit c24206d)
    bjornfor committed Dec 27, 2016
  2. ed: avoid the useless rebuild due to #21752

    (cherry picked from commit 936bc23)
    vcunat committed with sh01 Jan 8, 2017
  3. ed: Add fedoraproject mirror.

    The existing URL has gone dark; this commit adds one from fedoraproject.org
    that still works. We put the new mirror first since ed is in the bootstrap
    path, and 16.09 bootstrap doesn't try later URLs.
    
    (cherry picked from commit 547b203)
    sh01 committed Jan 8, 2017
  4. zlib: Fix zlib.net URL. (#21753)

    Look for primary source file below
      http://zlib.net/fossils/ as opposed to
      http://zlib.net/
    . zlib-1.2.8.tar.gz is still available at the former location, and will likely
    remain there. In addition, it's important that the first URL work since zlib
    is in the bootstrap path, and 16.09 (at least) bootstrap doesn't try to fetch
    from later ones.
    (cherry picked from commit d042abe)
    sh01 committed with vcunat Jan 8, 2017
  5. firejail: 0.9.44.2 -> 0.9.44.4

    (cherry picked from commit 9653be4)
    7c6f434c committed Jan 8, 2017
Commits on Jan 7, 2017
  1. openjpeg2: patch for multiple CVEs

     -  Floating Point Exception (aka FPE or divide by zero) in
        opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG
        2.1.2. (CVE-2016-9112)
    
     -  There is a NULL Pointer Access in function imagetopnm of
        convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is
        not assigned a value after initialization(NULL). Impact is Denial of
        Service. (CVE-2016-9114)
    
     -  NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in
        OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a
        crafted j2k file. (CVE-2016-9116)
    
     -  Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of
        convert.c:1719 in OpenJPEG 2.1.2. (CVE-2016-9118)
    
    (cherry picked from commit 428927f)
    grahamc committed Jan 7, 2017
  2. mpd: 0.9.19 -> 0.20

    Add support for no-minor-version
    
    (cherry picked from commit 5ebee16)
    manual merge fixes
    7c6f434c committed Jan 6, 2017
Commits on Jan 6, 2017
  1. kernel: 4.4.39 -> 4.4.40

    (cherry picked from commit 8fda707)
    NeQuissimus committed Jan 6, 2017
  2. kernel: 4.8.15 -> 4.8.16

    (cherry picked from commit ecf87b1)
    NeQuissimus committed Jan 6, 2017
  3. libpng12: security 1.2.56 -> 1.2.57

    CVE-2016-10087
    
    (cherry picked from commit 1e253d54f5aafd5200ad8c814242d88d3384c4ba)
    vcunat committed Jan 6, 2017
  4. syncthing-gtk: 0.6.3 -> 0.9.2.3

    (cherry picked from commit dc70cd1)
    jokogr committed Dec 26, 2016
Commits on Jan 5, 2017
  1. irssi: 0.8.20 -> 0.8.21 (security)

    Fixes four security vulnerabilities:
    
      https://irssi.org/security/irssi_sa_2017_01.txt
    
    No CVEs were assigned yet at the time of this commit.
    
    cc #21642
    
    (cherry picked from commit c58ac7e)
    fpletz committed Jan 5, 2017
  2. pythonPackages.pycrypto: add patch to fix CVE-2013-7459

    cc #21642
    
    (cherry picked from commit fe93734)
    fpletz committed Jan 5, 2017
  3. bash-4.3: fix security problems via a Gentoo patch

    (cherry picked from commit 22796f0d4f47a7942dd443ca125ade898032022b)
    vcunat committed Jan 4, 2017
Commits on Jan 4, 2017
  1. openfire: mark as broken; its unfriendlyness towards read-only instal…

    …lation directory and friendliness towards manual installation by just unpacking only grow with time
    
    (cherry picked from commit 567c1a360f1f3b531847432e734e6f7e6eec41a5)
    7c6f434c committed Jan 4, 2017
  2. irssi_otr: 1.0.1 -> 1.0.2

    (cherry picked from commit 71c1e2f)
    7c6f434c committed Jan 4, 2017
  3. mysql55: 5.7.16 -> 5.7.17

    (cherry picked from commit 8ec3b1f)
    7c6f434c committed Jan 4, 2017
  4. mysql55: 5.5.53 -> 5.5.54

    (cherry picked from commit b578bbb)
    7c6f434c committed Jan 4, 2017
  5. firejail: -> 0.9.44.2

    7c6f434c committed Jan 2, 2017
Commits on Jan 3, 2017
  1. avidemux: 2.6.15 -> 2.6.16

    (cherry picked from commit 26dc6da)
    bjornfor committed Jan 3, 2017
  2. avidemux: 2.6.12 -> 2.6.15

    (cherry picked from commit 79b0a9b)
    abbradar committed with bjornfor Nov 23, 2016
  3. curl: 7.51.0 -> 7.52.1

    (cherry picked from commit 82b0ae1223af12fdc1e38e0290b2577c47aa1a66)
    edolstra committed with vcunat Jan 3, 2017
  4. Make all meta.maintainers attributes lists

    (cherry picked from commit f7e0bc2)
    Fixes #21610.  (Two changes added by hand.)
    pSub committed with vcunat Nov 20, 2016
  5. Fix using ephemeral disks for /tmp etc. in EC2 instances

    This code in amazon-image.nix:
    
      if mountFS "$device" "$mp" "" auto; then
        if [ -z "$diskForUnionfs" ]; then diskForUnionfs="$mp"; fi
      fi
    
    relies on mountFS to return a zero exit status if mounting
    succeeds. But the lustrateRoot check in mountFS was causing a non-zero
    exit status. As a result /disk0 would be mounted, but not used for
    /tmp.
    
    (cherry picked from commit d082ed8c35dec48aee2afd1303b3c8b2a1b242b0)
    (cherry picked from commit b297af42d257426bdce617f510381f19365bc69d)
    edolstra committed Jan 3, 2017
  6. Fix big-parallel usage

    requiredSystemFeatures is not a meta attribute but a derivation
    attribute. So "big-parallel" was being ignored on e.g. chromium,
    causing it to be built (and timing out) on slow machines.
    
    http://hydra.nixos.org/build/45819778#tabs-buildsteps
    (cherry picked from commit b4f4011)
    edolstra committed Jan 3, 2017
  7. Use looser 9pfs caching in VM tests/builds

    This can give significant speed ups, see
    edolstra/linux@7e20254.
    
    (cherry picked from commit bbd03e2)
    edolstra committed Dec 29, 2016