Commit Graph

102205 Commits

Author SHA1 Message Date
Joachim F
a9555f580e Merge pull request #23141 from romildo/upd.greybird
greybird: 2016-11-15 -> 2017-02-17
2017-02-24 18:55:03 +01:00
Joachim F
5502efb782 Merge pull request #23138 from leenaars/quickd
quickder: 1.0-RC1 -> 1.0-RC2
2017-02-24 18:54:13 +01:00
Joachim F
ad0770fb42 Merge pull request #23144 from romildo/upd.numix-gtk-theme
numix-gtk-theme: 2016-11-19 -> 2017-02-15
2017-02-24 18:50:48 +01:00
Joachim F
859f00a6c2 Merge pull request #23145 from romildo/upd.paper-icon-theme
paper-icon-theme: 2016-11-05 -> 2017-02-13
2017-02-24 18:50:36 +01:00
Joachim F
63d251f2e3 Merge pull request #23147 from romildo/upd.zuki-themes
zuki-themes: 2016-10-20 -> 2017-02-17
2017-02-24 18:50:22 +01:00
Ryan Mulligan
41b56b4b8a f2fs module: add crc32 dependency to initrd kernel modules, closes #23093
f2fs.fsck depends on crc32 module being present in the initrd system,
otherwise, if f2fs is used as the root disk, the system is unbootable.
2017-02-24 18:32:50 +01:00
Franz Pletz
76ae7e19a9
lxc: fix build for glibc-2.25 2017-02-24 17:57:41 +01:00
Franz Pletz
f15cebd28c
jool: 3.5.0 -> 3.5.2 2017-02-24 17:57:41 +01:00
Franz Pletz
114ae6baab
unbound: 1.6.0 -> 1.6.1 2017-02-24 17:57:41 +01:00
Franz Pletz
7cc86f79b4
mumble: 1.2.17 -> 1.2.19 2017-02-24 17:57:41 +01:00
Joachim F
2b5b14fd9b Merge pull request #23139 from romildo/upd.moka-icon-theme
moka-icon-theme: 2016-10-06 -> 2017-02-13
2017-02-24 17:51:12 +01:00
Joachim F
2646d314ff Merge pull request #23137 from romildo/upd.blackbird
blackbird: 2016-07-04 -> 2017-02-20
2017-02-24 17:50:57 +01:00
Joachim F
91101645e7 Merge pull request #23142 from romildo/upd.jwm
jwm: 1580 -> 1582
2017-02-24 17:50:31 +01:00
Robin Gloster
bb486ff975 Merge pull request #23125 from Ma27/update/nodejs-v7
nodejs: 7.2.1 -> 7.6.0
2017-02-24 17:11:55 +01:00
Michiel Leenaars
1fe6ed5392 hexio: unstable -> 1.0-RC1 2017-02-24 17:03:49 +01:00
Peter Hoeg
eae1866c28 sensu: 0.17.1 -> 0.28.0 2017-02-25 00:00:58 +08:00
Bjørn Forsman
64d058f472 Revert "sensu: 0.17.1 -> 0.28.0"
This reverts commit 4588f94396.

Because it breaks nixpkgs evaluation.
2017-02-24 15:13:57 +01:00
Jörg Thalheim
0eefe9bc62 lxc: fix glibc 2.25 incompatibility 2017-02-24 14:00:23 +01:00
Robin Gloster
8f60b43d9c Merge pull request #23130 from grahamc/insecure-packages-with-docs
nixpkgs: allow packages to be marked insecure (this time with docs)
2017-02-24 13:44:28 +01:00
Graham Christensen
30cea5f022
libplist: mark as insecure
Patches currently available don't seem to apply.
2017-02-24 07:41:11 -05:00
Graham Christensen
a9c875fc2e
nixpkgs: allow packages to be marked insecure
If a package's meta has `knownVulnerabilities`, like so:

    stdenv.mkDerivation {
      name = "foobar-1.2.3";

      ...

      meta.knownVulnerabilities = [
        "CVE-0000-00000: remote code execution"
        "CVE-0000-00001: local privilege escalation"
      ];
    }

and a user attempts to install the package, they will be greeted with
a warning indicating that maybe they don't want to install it:

    error: Package ‘foobar-1.2.3’ in ‘...default.nix:20’ is marked as insecure, refusing to evaluate.

    Known issues:

     - CVE-0000-00000: remote code execution
     - CVE-0000-00001: local privilege escalation

    You can install it anyway by whitelisting this package, using the
    following methods:

    a) for `nixos-rebuild` you can add ‘foobar-1.2.3’ to
       `nixpkgs.config.permittedInsecurePackages` in the configuration.nix,
       like so:

         {
           nixpkgs.config.permittedInsecurePackages = [
             "foobar-1.2.3"
           ];
         }

    b) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
    ‘foobar-1.2.3’ to `permittedInsecurePackages` in
    ~/.config/nixpkgs/config.nix, like so:

         {
           permittedInsecurePackages = [
             "foobar-1.2.3"
           ];
         }

Adding either of these configurations will permit this specific
version to be installed. A third option also exists:

  NIXPKGS_ALLOW_INSECURE=1 nix-build ...

though I specifically avoided having a global file-based toggle to
disable this check. This way, users don't disable it once in order to
get a single package, and then don't realize future packages are
insecure.
2017-02-24 07:41:05 -05:00
Eelco Dolstra
8e1fa01f3a
nix: 1.11.6 -> 1.11.7 2017-02-24 12:53:53 +01:00
Jascha Geerds
a49be4fcaf Merge pull request #23143 from romildo/upd.numix-icon-theme
numix-icon-theme: 2016-11-13 -> 2017-01-25
2017-02-24 12:20:40 +01:00
Nick Hu
cbe765043f fdr: init at 4.2.0 2017-02-24 11:00:02 +00:00
romildo
b474c5cd30 zuki-themes: 2016-10-20 -> 2017-02-17 2017-02-24 07:49:15 -03:00
romildo
767e50867c xdgmenumaker: 1.1 -> 1.4 2017-02-24 07:24:16 -03:00
romildo
08749dd231 paper-icon-theme: 2016-11-05 -> 2017-02-13 2017-02-24 06:57:19 -03:00
romildo
9ae7fb4b60 numix-gtk-theme: 2016-11-19 -> 2017-02-15 2017-02-24 06:48:09 -03:00
romildo
aaa93d32aa numix-icon-theme: 2016-11-13 -> 2017-01-25 2017-02-24 06:37:46 -03:00
romildo
1872f24c1b jwm: 1580 -> 1582 2017-02-24 06:29:24 -03:00
romildo
e27a7a3686 greybird: 2016-11-15 -> 2017-02-17 2017-02-24 06:22:42 -03:00
Peter Hoeg
9e59945383 calibre: 2.79.1 -> 2.80.0 2017-02-24 17:20:23 +08:00
romildo
e4ab4a733c moka-icon-theme: 2016-10-06 -> 2017-02-13 2017-02-24 06:10:52 -03:00
Michiel Leenaars
29d6460084 quickder: 1.0-RC1 -> 1.0-RC2 2017-02-24 10:02:13 +01:00
romildo
5b2199fcc6 blackbird: 2016-07-04 -> 2017-02-20 2017-02-24 05:45:11 -03:00
Pascal Wittmann
3af06724fa Merge pull request #23136 from ljli/global-enhance
global: support universal-ctags
2017-02-24 08:37:39 +01:00
Peter Hoeg
4588f94396 sensu: 0.17.1 -> 0.28.0 2017-02-24 15:30:15 +08:00
Leon Isenberg
d556f53517 rnv: init at 1.7.11 2017-02-24 08:26:09 +01:00
Leon Isenberg
3211ff1b50 global: support universal-ctags 2017-02-24 07:51:39 +01:00
Leon Isenberg
1eaf76ac7a wlc: 0.0.5 -> 0.0.8 2017-02-24 06:58:19 +01:00
Justin Bedo
4c2d75f58c
R: unmark edgeR and limma as broken 2017-02-24 15:52:10 +11:00
Justin Bedo
4bb8727284
R: 3.2.4 -> 3.3.2 2017-02-24 15:22:12 +11:00
Peter Hoeg
8e3d0b8323 awless: 0.0.13 -> 0.0.14 2017-02-24 11:15:26 +08:00
Graham Christensen
d36b1ccc13
Revert "Revert "linux kernels: patch against DCCP double free (CVE-2017-6074)""
This reverts commit 53a2baabbe.
2017-02-23 19:23:29 -05:00
Graham Christensen
53a2baabbe
Revert "linux kernels: patch against DCCP double free (CVE-2017-6074)"
This reverts commit 1d68edbef4.
2017-02-23 18:47:16 -05:00
Graham Christensen
1d68edbef4
linux kernels: patch against DCCP double free (CVE-2017-6074) 2017-02-23 18:44:43 -05:00
Shea Levy
c71bae0330 long-shebang: 1.1.0 -> 1.2.0 2017-02-23 18:27:12 -05:00
Tim Steinbach
82aae8f631
kernel: 4.4.50 -> 4.4.51 2017-02-23 17:47:51 -05:00
Tim Steinbach
18c2be2862
kernel: 4.9.11 -> 4.9.12 2017-02-23 17:47:18 -05:00
Maximilian Bosch
e20575cf5f
nodejs: 7.2.1 -> 7.6.0 2017-02-23 23:38:35 +01:00