Merge commit '18c84ea816348e2a098390101b92d1e39a9dbd45'

Conflicts:
	nixpkgs/nixos/modules/misc/documentation.nix
	nixpkgs/pkgs/applications/networking/browsers/firefox/packages.nix
	nixpkgs/pkgs/applications/window-managers/sway/default.nix
	nixpkgs/pkgs/build-support/rust/build-rust-package/default.nix
	nixpkgs/pkgs/development/go-modules/generic/default.nix
	nixpkgs/pkgs/development/interpreters/ruby/default.nix
	nixpkgs/pkgs/development/interpreters/ruby/patchsets.nix
	nixpkgs/pkgs/development/libraries/boehm-gc/7.6.6.nix
	nixpkgs/pkgs/development/python-modules/django-mailman3/default.nix
	nixpkgs/pkgs/servers/mail/mailman/web.nix
	nixpkgs/pkgs/top-level/aliases.nix
	nixpkgs/pkgs/top-level/all-packages.nix
	nixpkgs/pkgs/top-level/impure.nix

11 files changed, 491 insertions, 63 deletions

diff --git a/nixpkgs/pkgs/tools/compression/advancecomp/default.nix b/nixpkgs/pkgs/tools/compression/advancecomp/default.nix
index 7f8733b9b4ec..00ce6af1d593 100644
--- a/nixpkgs/pkgs/tools/compression/advancecomp/default.nix
+++ b/nixpkgs/pkgs/tools/compression/advancecomp/default.nix
@@ -26,6 +26,13 @@ stdenv.mkDerivation rec {
       sha256 = "0cdv9g87c1y8zwhqkd9ba2zjw4slcvg7yzcqv43idvnwb5fl29n7";
       excludes = [ "doc/history.d" ];
     })
+
+    # Pull upstream fix for gcc-11:
+    (fetchpatch {
+      name = "gcc-11.patch";
+      url = "https://github.com/amadvance/advancecomp/commit/7b08f7a2af3f66ab95437e4490499cebb20e5e41.patch";
+      sha256 = "0gpppq6b760m1429g7d808ipdgb4lrqc1b6xk2457y66pbaiwc9s";
+    })
   ];
 
   # autover.sh relies on 'git describe', which obviously doesn't work as we're not cloning
diff --git a/nixpkgs/pkgs/tools/compression/bsdiff/CVE-2020-14315.patch b/nixpkgs/pkgs/tools/compression/bsdiff/CVE-2020-14315.patch
new file mode 100644
index 000000000000..bb7ff41284eb
--- /dev/null
+++ b/nixpkgs/pkgs/tools/compression/bsdiff/CVE-2020-14315.patch
@@ -0,0 +1,384 @@
+Description: patch for CVE-2020-14315
+ A memory corruption vulnerability is present in bspatch as shipped in
+ Colin Percival’s bsdiff tools version 4.3. Insufficient checks when
+ handling external inputs allows an attacker to bypass the sanity checks
+ in place and write out of a dynamically allocated buffer boundaries.
+Source: https://svnweb.freebsd.org/base/head/usr.bin/bsdiff/bspatch/bspatch.c?revision=352742&view=co
+Author: tony mancill <tmancill@debian.org>
+Comment: The patch was created by comparing the Debian sources to the
+ "Confirmed Patched Version" [1] documented in the
+ X41 D-SEC GmbH Security Advisory: X41-2020-006 [2].
+ References to FreeBSD capsicum have been dropped.  Definitions for
+ TYPE_MINIMUM and TYPE_MAXIMUM have been borrowed from the Debian
+ coreutils package sources but originate in gnulib [3] and are used to
+ define OFF_MIN and OFF_MAX (limits of off_t). Whitespace changes from
+ the confirmed patched version are also included and keep the difference
+ between the Debian sources and the confirmed patched version minimal.
+ .
+ [1] https://svnweb.freebsd.org/base/head/usr.bin/bsdiff/bspatch/bspatch.c?revision=352742&view=co
+ [2] https://www.openwall.com/lists/oss-security/2020/07/09/2
+ [3] https://www.gnu.org/software/gnulib/
+Last-Update: 2021-04-03
+Forwarded: not-needed
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964796
+
+--- a/bspatch.c
++++ b/bspatch.c
+@@ -1,4 +1,6 @@
+ /*-
++ * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
++ *
+  * Copyright 2003-2005 Colin Percival
+  * All rights reserved
+  *
+@@ -24,56 +26,148 @@
+  * POSSIBILITY OF SUCH DAMAGE.
+  */
+ 
++#include <sys/cdefs.h>
+ #if 0
+-__FBSDID("$FreeBSD: src/usr.bin/bsdiff/bspatch/bspatch.c,v 1.1 2005/08/06 01:59:06 cperciva Exp $");
++__FBSDID("$FreeBSD$");
+ #endif
+ 
+ #include <bzlib.h>
+-#include <stdlib.h>
++#include <err.h>
++#include <fcntl.h>
++#include <libgen.h>
++#include <limits.h>
++#include <stdint.h>
+ #include <stdio.h>
++#include <stdlib.h>
+ #include <string.h>
+-#include <err.h>
+ #include <unistd.h>
+-#include <fcntl.h>
++
++#ifndef O_BINARY
++#define O_BINARY 0
++#endif
++#define HEADER_SIZE 32
++
++/* TYPE_MINIMUM and TYPE_MAXIMUM taken from coreutils */
++#ifndef TYPE_MINIMUM
++#define TYPE_MINIMUM(t) \
++  ((t) ((t) 0 < (t) -1 ? (t) 0 : ~ TYPE_MAXIMUM (t)))
++#endif
++#ifndef TYPE_MAXIMUM
++#define TYPE_MAXIMUM(t) \
++  ((t) ((t) 0 < (t) -1 \
++        ? (t) -1 \
++        : ((((t) 1 << (sizeof (t) * CHAR_BIT - 2)) - 1) * 2 + 1)))
++#endif
++
++#ifndef OFF_MAX
++#define OFF_MAX TYPE_MAXIMUM(off_t)
++#endif
++
++#ifndef OFF_MIN
++#define OFF_MIN TYPE_MINIMUM(off_t)
++#endif
++
++static char *newfile;
++static int dirfd = -1;
++
++static void
++exit_cleanup(void)
++{
++
++	if (dirfd != -1 && newfile != NULL)
++		if (unlinkat(dirfd, newfile, 0))
++			warn("unlinkat");
++}
++
++static inline off_t
++add_off_t(off_t a, off_t b)
++{
++	off_t result;
++
++#if __GNUC__ >= 5
++	if (__builtin_add_overflow(a, b, &result))
++		errx(1, "Corrupt patch");
++#else
++	if ((b > 0 && a > OFF_MAX - b) || (b < 0 && a < OFF_MIN - b))
++		errx(1, "Corrupt patch");
++	result = a + b;
++#endif
++	return result;
++}
+ 
+ static off_t offtin(u_char *buf)
+ {
+ 	off_t y;
+ 
+-	y=buf[7]&0x7F;
+-	y=y*256;y+=buf[6];
+-	y=y*256;y+=buf[5];
+-	y=y*256;y+=buf[4];
+-	y=y*256;y+=buf[3];
+-	y=y*256;y+=buf[2];
+-	y=y*256;y+=buf[1];
+-	y=y*256;y+=buf[0];
++	y = buf[7] & 0x7F;
++	y = y * 256; y += buf[6];
++	y = y * 256; y += buf[5];
++	y = y * 256; y += buf[4];
++	y = y * 256; y += buf[3];
++	y = y * 256; y += buf[2];
++	y = y * 256; y += buf[1];
++	y = y * 256; y += buf[0];
+ 
+-	if(buf[7]&0x80) y=-y;
++	if (buf[7] & 0x80)
++		y = -y;
+ 
+-	return y;
++	return (y);
+ }
+ 
+-int main(int argc,char * argv[])
++static void
++usage(void)
+ {
+-	FILE * f, * cpf, * dpf, * epf;
+-	BZFILE * cpfbz2, * dpfbz2, * epfbz2;
++
++	fprintf(stderr, "usage: bspatch oldfile newfile patchfile\n");
++	exit(1);
++}
++
++int main(int argc, char *argv[])
++{
++	FILE *f, *cpf, *dpf, *epf;
++	BZFILE *cpfbz2, *dpfbz2, *epfbz2;
++	char *directory, *namebuf;
+ 	int cbz2err, dbz2err, ebz2err;
+-	int fd;
+-	ssize_t oldsize,newsize;
+-	ssize_t bzctrllen,bzdatalen;
+-	u_char header[32],buf[8];
++	int newfd, oldfd;
++	off_t oldsize, newsize;
++	off_t bzctrllen, bzdatalen;
++	u_char header[HEADER_SIZE], buf[8];
+ 	u_char *old, *new;
+-	off_t oldpos,newpos;
++	off_t oldpos, newpos;
+ 	off_t ctrl[3];
+-	off_t lenread;
+-	off_t i;
++	off_t i, lenread, offset;
+ 
+-	if(argc!=4) errx(1,"usage: %s oldfile newfile patchfile\n",argv[0]);
++	if (argc != 4)
++		usage();
+ 
+ 	/* Open patch file */
+-	if ((f = fopen(argv[3], "r")) == NULL)
++	if ((f = fopen(argv[3], "rb")) == NULL)
++		err(1, "fopen(%s)", argv[3]);
++	/* Open patch file for control block */
++	if ((cpf = fopen(argv[3], "rb")) == NULL)
++		err(1, "fopen(%s)", argv[3]);
++	/* open patch file for diff block */
++	if ((dpf = fopen(argv[3], "rb")) == NULL)
+ 		err(1, "fopen(%s)", argv[3]);
++	/* open patch file for extra block */
++	if ((epf = fopen(argv[3], "rb")) == NULL)
++		err(1, "fopen(%s)", argv[3]);
++	/* open oldfile */
++	if ((oldfd = open(argv[1], O_RDONLY | O_BINARY, 0)) < 0)
++		err(1, "open(%s)", argv[1]);
++	/* open directory where we'll write newfile */
++	if ((namebuf = strdup(argv[2])) == NULL ||
++	    (directory = dirname(namebuf)) == NULL ||
++	    (dirfd = open(directory, O_DIRECTORY)) < 0)
++		err(1, "open %s", argv[2]);
++	free(namebuf);
++	if ((newfile = basename(argv[2])) == NULL)
++		err(1, "basename");
++	/* open newfile */
++	if ((newfd = openat(dirfd, newfile,
++	    O_CREAT | O_TRUNC | O_WRONLY | O_BINARY, 0666)) < 0)
++		err(1, "open(%s)", argv[2]);
++	atexit(exit_cleanup);
+ 
+ 	/*
+ 	File format:
+@@ -90,104 +185,104 @@
+ 	*/
+ 
+ 	/* Read header */
+-	if (fread(header, 1, 32, f) < 32) {
++	if (fread(header, 1, HEADER_SIZE, f) < HEADER_SIZE) {
+ 		if (feof(f))
+-			errx(1, "Corrupt patch\n");
++			errx(1, "Corrupt patch");
+ 		err(1, "fread(%s)", argv[3]);
+ 	}
+ 
+ 	/* Check for appropriate magic */
+ 	if (memcmp(header, "BSDIFF40", 8) != 0)
+-		errx(1, "Corrupt patch\n");
++		errx(1, "Corrupt patch");
+ 
+ 	/* Read lengths from header */
+-	bzctrllen=offtin(header+8);
+-	bzdatalen=offtin(header+16);
+-	newsize=offtin(header+24);
+-	if((bzctrllen<0) || (bzdatalen<0) || (newsize<0))
+-		errx(1,"Corrupt patch\n");
++	bzctrllen = offtin(header + 8);
++	bzdatalen = offtin(header + 16);
++	newsize = offtin(header + 24);
++	if (bzctrllen < 0 || bzctrllen > OFF_MAX - HEADER_SIZE ||
++	    bzdatalen < 0 || bzctrllen + HEADER_SIZE > OFF_MAX - bzdatalen ||
++	    newsize < 0 || newsize > SSIZE_MAX)
++		errx(1, "Corrupt patch");
+ 
+ 	/* Close patch file and re-open it via libbzip2 at the right places */
+ 	if (fclose(f))
+ 		err(1, "fclose(%s)", argv[3]);
+-	if ((cpf = fopen(argv[3], "r")) == NULL)
+-		err(1, "fopen(%s)", argv[3]);
+-	if (fseeko(cpf, 32, SEEK_SET))
+-		err(1, "fseeko(%s, %lld)", argv[3],
+-		    (long long)32);
++	offset = HEADER_SIZE;
++	if (fseeko(cpf, offset, SEEK_SET))
++		err(1, "fseeko(%s, %jd)", argv[3], (intmax_t)offset);
+ 	if ((cpfbz2 = BZ2_bzReadOpen(&cbz2err, cpf, 0, 0, NULL, 0)) == NULL)
+ 		errx(1, "BZ2_bzReadOpen, bz2err = %d", cbz2err);
+-	if ((dpf = fopen(argv[3], "r")) == NULL)
+-		err(1, "fopen(%s)", argv[3]);
+-	if (fseeko(dpf, 32 + bzctrllen, SEEK_SET))
+-		err(1, "fseeko(%s, %lld)", argv[3],
+-		    (long long)(32 + bzctrllen));
++	offset = add_off_t(offset, bzctrllen);
++	if (fseeko(dpf, offset, SEEK_SET))
++		err(1, "fseeko(%s, %jd)", argv[3], (intmax_t)offset);
+ 	if ((dpfbz2 = BZ2_bzReadOpen(&dbz2err, dpf, 0, 0, NULL, 0)) == NULL)
+ 		errx(1, "BZ2_bzReadOpen, bz2err = %d", dbz2err);
+-	if ((epf = fopen(argv[3], "r")) == NULL)
+-		err(1, "fopen(%s)", argv[3]);
+-	if (fseeko(epf, 32 + bzctrllen + bzdatalen, SEEK_SET))
+-		err(1, "fseeko(%s, %lld)", argv[3],
+-		    (long long)(32 + bzctrllen + bzdatalen));
++	offset = add_off_t(offset, bzdatalen);
++	if (fseeko(epf, offset, SEEK_SET))
++		err(1, "fseeko(%s, %jd)", argv[3], (intmax_t)offset);
+ 	if ((epfbz2 = BZ2_bzReadOpen(&ebz2err, epf, 0, 0, NULL, 0)) == NULL)
+ 		errx(1, "BZ2_bzReadOpen, bz2err = %d", ebz2err);
+ 
+-	if(((fd=open(argv[1],O_RDONLY,0))<0) ||
+-		((oldsize=lseek(fd,0,SEEK_END))==-1) ||
+-		((old=malloc(oldsize+1))==NULL) ||
+-		(lseek(fd,0,SEEK_SET)!=0) ||
+-		(read(fd,old,oldsize)!=oldsize) ||
+-		(close(fd)==-1)) err(1,"%s",argv[1]);
+-	if((new=malloc(newsize+1))==NULL) err(1,NULL);
+-
+-	oldpos=0;newpos=0;
+-	while(newpos<newsize) {
++	if ((oldsize = lseek(oldfd, 0, SEEK_END)) == -1 ||
++	    oldsize > SSIZE_MAX ||
++	    (old = malloc(oldsize)) == NULL ||
++	    lseek(oldfd, 0, SEEK_SET) != 0 ||
++	    read(oldfd, old, oldsize) != oldsize ||
++	    close(oldfd) == -1)
++		err(1, "%s", argv[1]);
++	if ((new = malloc(newsize)) == NULL)
++		err(1, NULL);
++
++	oldpos = 0;
++	newpos = 0;
++	while (newpos < newsize) {
+ 		/* Read control data */
+-		for(i=0;i<=2;i++) {
++		for (i = 0; i <= 2; i++) {
+ 			lenread = BZ2_bzRead(&cbz2err, cpfbz2, buf, 8);
+ 			if ((lenread < 8) || ((cbz2err != BZ_OK) &&
+ 			    (cbz2err != BZ_STREAM_END)))
+-				errx(1, "Corrupt patch\n");
+-			ctrl[i]=offtin(buf);
+-		};
++				errx(1, "Corrupt patch");
++			ctrl[i] = offtin(buf);
++		}
+ 
+ 		/* Sanity-check */
+-		if ((ctrl[0] < 0) || (ctrl[1] < 0))
+-			errx(1,"Corrupt patch\n");
++		if (ctrl[0] < 0 || ctrl[0] > INT_MAX ||
++		    ctrl[1] < 0 || ctrl[1] > INT_MAX)
++			errx(1, "Corrupt patch");
+ 
+ 		/* Sanity-check */
+-		if(newpos+ctrl[0]>newsize)
+-			errx(1,"Corrupt patch\n");
++		if (add_off_t(newpos, ctrl[0]) > newsize)
++			errx(1, "Corrupt patch");
+ 
+ 		/* Read diff string */
+ 		lenread = BZ2_bzRead(&dbz2err, dpfbz2, new + newpos, ctrl[0]);
+ 		if ((lenread < ctrl[0]) ||
+ 		    ((dbz2err != BZ_OK) && (dbz2err != BZ_STREAM_END)))
+-			errx(1, "Corrupt patch\n");
++			errx(1, "Corrupt patch");
+ 
+ 		/* Add old data to diff string */
+-		for(i=0;i<ctrl[0];i++)
+-			if((oldpos+i>=0) && (oldpos+i<oldsize))
+-				new[newpos+i]+=old[oldpos+i];
++		for (i = 0; i < ctrl[0]; i++)
++			if (add_off_t(oldpos, i) < oldsize)
++				new[newpos + i] += old[oldpos + i];
+ 
+ 		/* Adjust pointers */
+-		newpos+=ctrl[0];
+-		oldpos+=ctrl[0];
++		newpos = add_off_t(newpos, ctrl[0]);
++		oldpos = add_off_t(oldpos, ctrl[0]);
+ 
+ 		/* Sanity-check */
+-		if(newpos+ctrl[1]>newsize)
+-			errx(1,"Corrupt patch\n");
++		if (add_off_t(newpos, ctrl[1]) > newsize)
++			errx(1, "Corrupt patch");
+ 
+ 		/* Read extra string */
+ 		lenread = BZ2_bzRead(&ebz2err, epfbz2, new + newpos, ctrl[1]);
+ 		if ((lenread < ctrl[1]) ||
+ 		    ((ebz2err != BZ_OK) && (ebz2err != BZ_STREAM_END)))
+-			errx(1, "Corrupt patch\n");
++			errx(1, "Corrupt patch");
+ 
+ 		/* Adjust pointers */
+-		newpos+=ctrl[1];
+-		oldpos+=ctrl[2];
+-	};
++		newpos = add_off_t(newpos, ctrl[1]);
++		oldpos = add_off_t(oldpos, ctrl[2]);
++	}
+ 
+ 	/* Clean up the bzip2 reads */
+ 	BZ2_bzReadClose(&cbz2err, cpfbz2);
+@@ -197,12 +292,13 @@
+ 		err(1, "fclose(%s)", argv[3]);
+ 
+ 	/* Write the new file */
+-	if(((fd=open(argv[2],O_CREAT|O_TRUNC|O_WRONLY,0666))<0) ||
+-		(write(fd,new,newsize)!=newsize) || (close(fd)==-1))
+-		err(1,"%s",argv[2]);
++	if (write(newfd, new, newsize) != newsize || close(newfd) == -1)
++		err(1, "%s", argv[2]);
++	/* Disable atexit cleanup */
++	newfile = NULL;
+ 
+ 	free(new);
+ 	free(old);
+ 
+-	return 0;
++	return (0);
+ }
diff --git a/nixpkgs/pkgs/tools/compression/bsdiff/default.nix b/nixpkgs/pkgs/tools/compression/bsdiff/default.nix
index 8f8818781ab4..b8a86eae89bd 100644
--- a/nixpkgs/pkgs/tools/compression/bsdiff/default.nix
+++ b/nixpkgs/pkgs/tools/compression/bsdiff/default.nix
@@ -1,4 +1,4 @@
-{ lib, stdenv, fetchurl, bzip2 }:
+{ lib, stdenv, fetchurl, fetchpatch, bzip2 }:
 
 stdenv.mkDerivation rec {
   pname = "bsdiff";
@@ -10,7 +10,27 @@ stdenv.mkDerivation rec {
   };
 
   buildInputs = [ bzip2 ];
-  patches = [ ./include-systypes.patch ];
+  patches = [
+    (fetchpatch {
+      url = "https://sources.debian.org/data/main/b/bsdiff/4.3-22/debian/patches/20-CVE-2014-9862.patch";
+      sha256 = "sha256-3UuUfNvShQ8fLqxCKUTb/n4BmjL4+Nl7aEqCxYrrERQ=";
+    })
+    ./CVE-2020-14315.patch
+    ./include-systypes.patch
+  ] ++ lib.optional stdenv.hostPlatform.isLinux [
+    (fetchpatch {
+      url = "https://sources.debian.org/data/main/b/bsdiff/4.3-22/debian/patches/30-bug-632585-mmap-src-file-instead-of-malloc-read-it.patch";
+      sha256 = "sha256-esbhz2/efUiuQDuF7LGfSeEn3/f1WbqCxQpTs2A0ulI=";
+    })
+    (fetchpatch {
+      url = "https://sources.debian.org/data/main/b/bsdiff/4.3-22/debian/patches/31-bug-632585-mmap-dst-file-instead-of-malloc-read-it.patch";
+      sha256 = "sha256-Of4aOcI0rsgdRzPqyw2VRn2p9wQuo3hdlgDTBdXGzoc=";
+    })
+    (fetchpatch {
+      url = "https://sources.debian.org/data/main/b/bsdiff/4.3-22/debian/patches/32-bug-632585-use-int32_t-instead-off_t-for-file-size.patch";
+      sha256 = "sha256-SooFnFK4uKNXvXQb/LEcH8GocnRtkryExI4b3BZTsAY=";
+    })
+  ];
 
   buildPhase = ''
     $CC -O3 -lbz2 bspatch.c -o bspatch
diff --git a/nixpkgs/pkgs/tools/compression/crabz/default.nix b/nixpkgs/pkgs/tools/compression/crabz/default.nix
index ab5cc94b43a1..5eafb3f56145 100644
--- a/nixpkgs/pkgs/tools/compression/crabz/default.nix
+++ b/nixpkgs/pkgs/tools/compression/crabz/default.nix
@@ -29,6 +29,15 @@ rustPlatform.buildRustPackage rec {
     Security
   ];
 
+  # link System as a dylib instead of a framework on macos
+  postPatch = lib.optionalString stdenv.isDarwin ''
+    core_affinity=../$(stripHash $cargoDeps)/core_affinity
+    oldHash=$(sha256sum $core_affinity/src/lib.rs | cut -d " " -f 1)
+    substituteInPlace $core_affinity/src/lib.rs --replace framework dylib
+    substituteInPlace $core_affinity/.cargo-checksum.json \
+      --replace $oldHash $(sha256sum $core_affinity/src/lib.rs | cut -d " " -f 1)
+  '';
+
   meta = with lib; {
     description = "A cross platform, fast, compression and decompression tool";
     homepage = "https://github.com/sstadick/crabz";
diff --git a/nixpkgs/pkgs/tools/compression/dtrx/default.nix b/nixpkgs/pkgs/tools/compression/dtrx/default.nix
deleted file mode 100644
index 6c4f2f6e854e..000000000000
--- a/nixpkgs/pkgs/tools/compression/dtrx/default.nix
+++ /dev/null
@@ -1,45 +0,0 @@
-{ lib, fetchurl, python2Packages
-, gnutar, unzip, lhasa, rpm, binutils, cpio, gzip, p7zip, cabextract, unrar, unshield
-, bzip2, xz, lzip
-# unzip is handled by p7zip
-, unzipSupport ? false
-, unrarSupport ? false }:
-
-let
-  archivers = lib.makeBinPath ([ gnutar lhasa rpm binutils cpio gzip p7zip cabextract unshield ]
-  ++ lib.optional (unzipSupport) unzip
-  ++ lib.optional (unrarSupport) unrar
-  ++ [ bzip2 xz lzip ]);
-
-in python2Packages.buildPythonApplication rec {
-  pname = "dtrx";
-  version = "7.1";
-
-  src = fetchurl {
-    url = "https://brettcsmith.org/2007/dtrx/dtrx-${version}.tar.gz";
-    sha256 = "15yf4n27zbhvv0byfv3i89wl5zn6jc2wbc69lk5a3m6rx54gx6hw";
-  };
-
-  postInstall = ''
-    wrapProgram "$out/bin/dtrx" --prefix PATH : "${archivers}"
-  '';
-
-  checkPhase = ''
-    python2 tests/compare.py
-  '';
-
-  checkInputs = with python2Packages; [
-    pyyaml
-  ];
-
-  # custom test suite fails
-  doCheck = false;
-
-  meta = with lib; {
-    description = "Do The Right Extraction: A tool for taking the hassle out of extracting archives";
-    homepage = "https://brettcsmith.org/2007/dtrx/";
-    license = licenses.gpl3Plus;
-    maintainers = [ maintainers.spwhitt ];
-    platforms = platforms.all;
-  };
-}
diff --git a/nixpkgs/pkgs/tools/compression/flips/default.nix b/nixpkgs/pkgs/tools/compression/flips/default.nix
index b4a79aac2127..024ff5fbe9f1 100644
--- a/nixpkgs/pkgs/tools/compression/flips/default.nix
+++ b/nixpkgs/pkgs/tools/compression/flips/default.nix
@@ -2,13 +2,13 @@
 
 stdenv.mkDerivation {
   pname = "flips";
-  version = "unstable-2021-05-18";
+  version = "unstable-2021-10-28";
 
   src = fetchFromGitHub {
     owner = "Alcaro";
     repo = "Flips";
-    rev = "3476e5e46fc6f10df475f0cad1714358ba04c756";
-    sha256 = "0s13qrmqfmlb2vy0smpgw39vjkl8vzsmpzk52jnc9r7b4hisii39";
+    rev = "3a8733e74c9bdbb6b89da2b45913a0be3d0e1866";
+    sha256 = "1jik580mz2spik5mgh60h93ryaj5x8dffncnr1lwija0v803xld7";
   };
 
   nativeBuildInputs = [ pkg-config wrapGAppsHook ];
diff --git a/nixpkgs/pkgs/tools/compression/gzip/default.nix b/nixpkgs/pkgs/tools/compression/gzip/default.nix
index 6bcd5ae0c427..8bec5b481c90 100644
--- a/nixpkgs/pkgs/tools/compression/gzip/default.nix
+++ b/nixpkgs/pkgs/tools/compression/gzip/default.nix
@@ -11,11 +11,11 @@
 
 stdenv.mkDerivation rec {
   pname = "gzip";
-  version = "1.10";
+  version = "1.11";
 
   src = fetchurl {
     url = "mirror://gnu/gzip/${pname}-${version}.tar.xz";
-    sha256 = "1h6p374d3j8d4cdfydzls021xa2yby8myc0h8d6m8bc7k6ncq9c4";
+    sha256 = "01vrly90rvc98af6rcmrb3gwv1l6pylasvsdka23dffwizb9b6lv";
   };
 
   outputs = [ "out" "man" "info" ];
diff --git a/nixpkgs/pkgs/tools/compression/hacpack/default.nix b/nixpkgs/pkgs/tools/compression/hacpack/default.nix
index e60d483574bd..34722d52ccfd 100644
--- a/nixpkgs/pkgs/tools/compression/hacpack/default.nix
+++ b/nixpkgs/pkgs/tools/compression/hacpack/default.nix
@@ -15,6 +15,9 @@ stdenv.mkDerivation rec {
     mv config.mk.template config.mk
   '';
 
+  makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ];
+  enableParallelBuilding = true;
+
   installPhase = ''
     mkdir -p $out/bin
     cp ./hacpack $out/bin
diff --git a/nixpkgs/pkgs/tools/compression/imagelol/default.nix b/nixpkgs/pkgs/tools/compression/imagelol/default.nix
index d54d2da2f90e..187435d4eb34 100644
--- a/nixpkgs/pkgs/tools/compression/imagelol/default.nix
+++ b/nixpkgs/pkgs/tools/compression/imagelol/default.nix
@@ -12,6 +12,14 @@ stdenv.mkDerivation rec {
     fetchSubmodules = true;
   };
 
+  # fix for case-sensitive filesystems
+  # https://github.com/MCredstoner2004/ImageLOL/issues/1
+  postPatch = ''
+    mv imagelol src
+    substituteInPlace CMakeLists.txt \
+      --replace 'add_subdirectory("imagelol")' 'add_subdirectory("src")'
+  '';
+
   nativeBuildInputs = [ cmake ];
 
   installPhase = ''
diff --git a/nixpkgs/pkgs/tools/compression/lrzip/default.nix b/nixpkgs/pkgs/tools/compression/lrzip/default.nix
index 02f62c3e3c01..4fe5512b4c6f 100644
--- a/nixpkgs/pkgs/tools/compression/lrzip/default.nix
+++ b/nixpkgs/pkgs/tools/compression/lrzip/default.nix
@@ -1,17 +1,33 @@
-{ lib, stdenv, fetchurl, zlib, lzo, bzip2, lz4, nasm, perl }:
+{ lib, stdenv, fetchFromGitHub, autoreconfHook, zlib, lzo, bzip2, lz4, nasm, perl }:
 
+let
+  inherit (stdenv.hostPlatform) isx86;
+in
 stdenv.mkDerivation rec {
   pname = "lrzip";
   version = "0.641";
 
-  src = fetchurl {
-    url = "http://ck.kolivas.org/apps/lrzip/${pname}-${version}.tar.xz";
-    sha256 = "0ziyanspd96dc3lp2qdcylc7aq8dhb511jhqrhxvlp502fjqjqrc";
+  src = fetchFromGitHub {
+    owner = "ckolivas";
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "sha256-253CH6TiHWyr13C76y9PXjyB7gj2Bhd2VRgJ5r+cm/g=";
   };
 
-  buildInputs = [ zlib lzo bzip2 lz4 nasm perl ];
+  postPatch = lib.optionalString stdenv.isDarwin ''
+    # Building the ASM/x86 directory creates an empty archive,
+    # which fails on darwin, so remove it
+    # https://github.com/ckolivas/lrzip/issues/193
+    # https://github.com/Homebrew/homebrew-core/pull/85360
+    substituteInPlace lzma/Makefile.am --replace "SUBDIRS = C ASM/x86" "SUBDIRS = C"
+    substituteInPlace configure.ac --replace "-f elf64" "-f macho64"
+  '';
 
-  configureFlags = [
+  nativeBuildInputs = [ autoreconfHook perl ] ++ lib.optionals isx86 [ nasm ];
+
+  buildInputs = [ zlib lzo bzip2 lz4 ];
+
+  configureFlags = lib.optionals (!isx86) [
     "--disable-asm"
   ];
 
diff --git a/nixpkgs/pkgs/tools/compression/ouch/default.nix b/nixpkgs/pkgs/tools/compression/ouch/default.nix
index c451b40fcf5c..3051c705c5fe 100644
--- a/nixpkgs/pkgs/tools/compression/ouch/default.nix
+++ b/nixpkgs/pkgs/tools/compression/ouch/default.nix
@@ -1,22 +1,48 @@
-{ lib, rustPlatform, fetchFromGitHub }:
+{ lib
+, rustPlatform
+, fetchFromGitHub
+, help2man
+, installShellFiles
+, pkg-config
+, bzip2
+, xz
+, zlib
+, zstd
+}:
 
 rustPlatform.buildRustPackage rec {
   pname = "ouch";
-  version = "0.2.0";
+  version = "0.3.1";
 
   src = fetchFromGitHub {
     owner = "ouch-org";
     repo = pname;
     rev = version;
-    sha256 = "sha256-OhEr/HvwgDkB8h3cpayOlnrs6OXiwAsQUH9XGqi5rpc=";
+    sha256 = "sha256-I9CgkYxcK+Ih9UlcYBa8QAZZsPvzPUK5ZUYKPxzgs38=";
   };
 
-  cargoSha256 = "sha256-lKsB75Lb9IYS80qu4jaIpnbEOr4Ow9M5S45Kk03An2o=";
+  cargoSha256 = "sha256-jEprWtIl5LihD9fOMYHGGlk0+h4woUlwUWNfSkd2t10=";
+
+  nativeBuildInputs = [ help2man installShellFiles pkg-config ];
+
+  buildInputs = [ bzip2 xz zlib zstd ];
+
+  buildFeatures = [ "zstd/pkg-config" ];
+
+  postInstall = ''
+    help2man $out/bin/ouch > ouch.1
+    installManPage ouch.1
+
+    completions=($releaseDir/build/ouch-*/out/completions)
+    installShellCompletion $completions/ouch.{bash,fish} --zsh $completions/_ouch
+  '';
+
+  GEN_COMPLETIONS = 1;
 
   meta = with lib; {
     description = "A command-line utility for easily compressing and decompressing files and directories";
     homepage = "https://github.com/ouch-org/ouch";
     license = licenses.mit;
-    maintainers = [ maintainers.psibi ];
+    maintainers = with maintainers; [ figsoda psibi ];
   };
 }