diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/security')
15 files changed, 51 insertions, 40 deletions
diff --git a/nixpkgs/pkgs/tools/security/cie-middleware-linux/default.nix b/nixpkgs/pkgs/tools/security/cie-middleware-linux/default.nix index 7af3e9240f1e..fa5ec2d2af83 100644 --- a/nixpkgs/pkgs/tools/security/cie-middleware-linux/default.nix +++ b/nixpkgs/pkgs/tools/security/cie-middleware-linux/default.nix @@ -20,13 +20,13 @@ let pname = "cie-middleware-linux"; - version = "1.4.4.0"; + version = "1.5.0"; src = fetchFromGitHub { owner = "M0rf30"; repo = pname; - rev = "${version}-podofo"; - sha256 = "sha256-Kyr9OTiY6roJ/wVJS/1aWfrrzDNQbuRTJQqo0akbMUU="; + rev = version; + sha256 = "sha256-Z8K2Ibg5bBfSql5HEapKgdfiCf/EIKTTD15oVeysQGk="; }; gradle = gradle_7; @@ -44,6 +44,7 @@ let buildPhase = '' # Run the fetchDeps task export GRADLE_USER_HOME=$(mktemp -d) + ls -l gradle --no-daemon -b cie-java/build.gradle fetchDeps ''; @@ -60,7 +61,7 @@ let outputHashAlgo = "sha256"; outputHashMode = "recursive"; - outputHash = "sha256-WzT5vYF9yCMU2A7EkLZyjgWrN3gD7pnkPXc3hDFqpD8="; + outputHash = "sha256-jtaH8dBpnx8KMJe+jzJfkvcx1NO4nL5jsRO4+GI+d0c="; }; in @@ -84,7 +85,7 @@ stdenv.mkDerivation { buildInputs = [ cryptopp fontconfig - podofo + podofo.dev openssl pcsclite curl @@ -95,6 +96,10 @@ stdenv.mkDerivation { # substitute the cieid command with this $out/bin/cieid substituteInPlace libs/pkcs11/src/CSP/AbilitaCIE.cpp \ --replace 'file = "cieid"' 'file = "'$out'/bin/cieid"' + + # revert https://github.com/M0Rf30/cie-middleware-linux/commit/1a389d8 + sed -i libs/meson.build \ + -e "s@podofo_dep = .\+@podofo_dep = dependency('libpodofo')@g" ''; # Note: we use pushd/popd to juggle between the diff --git a/nixpkgs/pkgs/tools/security/clamav/default.nix b/nixpkgs/pkgs/tools/security/clamav/default.nix index 2188cf99a3c9..3f0daa8d945c 100644 --- a/nixpkgs/pkgs/tools/security/clamav/default.nix +++ b/nixpkgs/pkgs/tools/security/clamav/default.nix @@ -6,11 +6,11 @@ stdenv.mkDerivation rec { pname = "clamav"; - version = "1.2.0"; + version = "1.2.1"; src = fetchurl { url = "https://www.clamav.net/downloads/production/${pname}-${version}.tar.gz"; - hash = "sha256-l6GS3/4UFIC1bKvxBj15qfxVzVkgMkH6Qb/HqYpUgCA="; + hash = "sha256-mhT+hwy7j1959mi3idyg8lzGviKr4y9PfTZ35O45NbA="; }; patches = [ diff --git a/nixpkgs/pkgs/tools/security/der-ascii/default.nix b/nixpkgs/pkgs/tools/security/der-ascii/default.nix index 5fc3b179b3ad..28cab27731b1 100644 --- a/nixpkgs/pkgs/tools/security/der-ascii/default.nix +++ b/nixpkgs/pkgs/tools/security/der-ascii/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "der-ascii"; - version = "0.1.0"; + version = "0.3.0"; src = fetchFromGitHub { owner = "google"; repo = pname; rev = "v${version}"; - sha256 = "1my93m1rx08kn2yms6k8w43byr8k61r1nra4b082j8b393wwxkqc"; + sha256 = "sha256-LgxGSZQNxwx08mK9G8mSuBFTOd3pC1mvz3Wz7Y+6XR4="; }; vendorHash = null; diff --git a/nixpkgs/pkgs/tools/security/exploitdb/default.nix b/nixpkgs/pkgs/tools/security/exploitdb/default.nix index 4212d86afb98..a227705ec8df 100644 --- a/nixpkgs/pkgs/tools/security/exploitdb/default.nix +++ b/nixpkgs/pkgs/tools/security/exploitdb/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "exploitdb"; - version = "2023-10-26"; + version = "2023-11-02"; src = fetchFromGitLab { owner = "exploit-database"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-P+T3TM2MeHaN+ApgOMEFmyWv+AzQshVUfhbI+n/vozs="; + hash = "sha256-7j2HIYEYs1OcB919S3lLGYNsJzbkE3jIqq2MNCHG3lY="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/security/fulcio/default.nix b/nixpkgs/pkgs/tools/security/fulcio/default.nix index 4d085fb9980a..9c40c051bebc 100644 --- a/nixpkgs/pkgs/tools/security/fulcio/default.nix +++ b/nixpkgs/pkgs/tools/security/fulcio/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "fulcio"; - version = "1.4.1"; + version = "1.4.3"; src = fetchFromGitHub { owner = "sigstore"; repo = pname; rev = "v${version}"; - sha256 = "sha256-6muoKiryWTGIoy1U3kWjuka0X1+gcrUQOvbuas26H1M="; + sha256 = "sha256-LT8J9s008XQtDtNdH1ungQREqQUrlTsoxnlRLKimqLY="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; @@ -20,7 +20,7 @@ buildGoModule rec { find "$out" -name .git -print0 | xargs -0 rm -rf ''; }; - vendorHash = "sha256-i9RK9kNSB9FOnVbYcHLBHt8KKBQCNsEDONNm1IxgTJc="; + vendorHash = "sha256-ImZJXdOfMepMFU1z47XyNU39NGGdiCzQji2/tKVfibQ="; nativeBuildInputs = [ installShellFiles ]; diff --git a/nixpkgs/pkgs/tools/security/httpx/default.nix b/nixpkgs/pkgs/tools/security/httpx/default.nix index 4bcc379c5c9a..ec29abdb614d 100644 --- a/nixpkgs/pkgs/tools/security/httpx/default.nix +++ b/nixpkgs/pkgs/tools/security/httpx/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "httpx"; - version = "1.3.5"; + version = "1.3.6"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = "httpx"; rev = "refs/tags/v${version}"; - hash = "sha256-DayYelnimsIvM5zkUoCQcS3TiZi81MDjvys/5M2xc48="; + hash = "sha256-oLx8fyFmK6SyFLw4yDwa+z5CpuAqebQdEH3JCbt9cg0="; }; - vendorHash = "sha256-aUQc8dv3IHTIgeg8YHcoMbT2EzBoqCj4ST2113tg73Q="; + vendorHash = "sha256-QggYz5vAzhqagYIRCa7R09px8qXaqsTcj659XIV/LR4="; subPackages = [ "cmd/httpx" diff --git a/nixpkgs/pkgs/tools/security/kubeclarity/default.nix b/nixpkgs/pkgs/tools/security/kubeclarity/default.nix index ca4cb1bfb592..4ad4044adbaa 100644 --- a/nixpkgs/pkgs/tools/security/kubeclarity/default.nix +++ b/nixpkgs/pkgs/tools/security/kubeclarity/default.nix @@ -8,13 +8,13 @@ buildGoModule rec { pname = "kubeclarity"; - version = "2.21.1"; + version = "2.22.0"; src = fetchFromGitHub { owner = "openclarity"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-+kWqw8o5KlVciWIB8cCVkMuiqW0wpIfua5qVgXZG3ww="; + hash = "sha256-VpTLf4Z2l9Ix92GzcyJvj4j2j+aff8nc2qW9+2uaPBs="; }; vendorHash = "sha256-kYdKCHqzDbfCGMlTMPSHAQkSLyhkCl/OvV7CF5jdyaY="; diff --git a/nixpkgs/pkgs/tools/security/ldeep/default.nix b/nixpkgs/pkgs/tools/security/ldeep/default.nix index ebc1ca5922e5..79cb5f4def81 100644 --- a/nixpkgs/pkgs/tools/security/ldeep/default.nix +++ b/nixpkgs/pkgs/tools/security/ldeep/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "ldeep"; - version = "1.0.42"; + version = "1.0.43"; format = "setuptools"; src = fetchFromGitHub { owner = "franc-pentest"; repo = "ldeep"; rev = "refs/tags/${version}"; - hash = "sha256-kXXZU4/nWUKAFJbcp9PFyPUxd+fRXJb6JbS/fybHh3g="; + hash = "sha256-JuhpfgKk+qb5halKpjlSWJGtuNA/QgELJnFqka33nlU="; }; nativeBuildInputs = with python3.pkgs; [ diff --git a/nixpkgs/pkgs/tools/security/metasploit/Gemfile b/nixpkgs/pkgs/tools/security/metasploit/Gemfile index 719091e6d9a6..99481a946b57 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/Gemfile +++ b/nixpkgs/pkgs/tools/security/metasploit/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true source "https://rubygems.org" -gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.3.39" +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.3.40" diff --git a/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock b/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock index d9488beb1780..0441b9c8268f 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock +++ b/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock @@ -1,9 +1,9 @@ GIT remote: https://github.com/rapid7/metasploit-framework - revision: 77fb7ae14f17fd7f4851bca87e0c28c704797591 - ref: refs/tags/6.3.39 + revision: e4a23dc9d09f5b6b1b82768770e8063014a940bb + ref: refs/tags/6.3.40 specs: - metasploit-framework (6.3.39) + metasploit-framework (6.3.40) actionpack (~> 7.0.0) activerecord (~> 7.0.0) activesupport (~> 7.0.0) @@ -462,4 +462,4 @@ DEPENDENCIES metasploit-framework! BUNDLED WITH - 2.4.19 + 2.4.20 diff --git a/nixpkgs/pkgs/tools/security/metasploit/default.nix b/nixpkgs/pkgs/tools/security/metasploit/default.nix index d50d8760e21d..433d49e237ba 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/default.nix +++ b/nixpkgs/pkgs/tools/security/metasploit/default.nix @@ -15,13 +15,13 @@ let }; in stdenv.mkDerivation rec { pname = "metasploit-framework"; - version = "6.3.39"; + version = "6.3.40"; src = fetchFromGitHub { owner = "rapid7"; repo = "metasploit-framework"; rev = version; - sha256 = "sha256-EKLzIhrNiTUM3OtezPJL8g70BmR+vEyNcllyme5hH8o="; + sha256 = "sha256-vGCAkXLpsUvSXDf1H3pNStEYUZwFBxJnA7kdNJjqYwo="; }; nativeBuildInputs = [ makeWrapper ]; diff --git a/nixpkgs/pkgs/tools/security/metasploit/gemset.nix b/nixpkgs/pkgs/tools/security/metasploit/gemset.nix index 631d9f8c4dd8..f5d060dd9654 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/gemset.nix +++ b/nixpkgs/pkgs/tools/security/metasploit/gemset.nix @@ -654,12 +654,12 @@ platforms = []; source = { fetchSubmodules = false; - rev = "77fb7ae14f17fd7f4851bca87e0c28c704797591"; - sha256 = "1jhzc7p9jwjrfa6lrg3ych3g83pj9grcqppbvh63b2fd38ig78hh"; + rev = "e4a23dc9d09f5b6b1b82768770e8063014a940bb"; + sha256 = "02k3xac387dr0dki41q5ki8iilaa9mx1zx9pbk94pcg9fa8q0q5w"; type = "git"; url = "https://github.com/rapid7/metasploit-framework"; }; - version = "6.3.39"; + version = "6.3.40"; }; metasploit-model = { groups = ["default"]; diff --git a/nixpkgs/pkgs/tools/security/sigma-cli/default.nix b/nixpkgs/pkgs/tools/security/sigma-cli/default.nix index bbed9910f251..af052e3831e1 100644 --- a/nixpkgs/pkgs/tools/security/sigma-cli/default.nix +++ b/nixpkgs/pkgs/tools/security/sigma-cli/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "sigma-cli"; - version = "0.7.7"; + version = "0.7.8"; format = "pyproject"; src = fetchFromGitHub { owner = "SigmaHQ"; - repo = pname; + repo = "sigma-cli"; rev = "refs/tags/v${version}"; - hash = "sha256-Qqe9nJZfCb7xh93ERrV3XpqdtfeRECt7RDca9eQU3eQ="; + hash = "sha256-HvT2B0pahQbwa0atN2o9rc93QkCIaPttV859wOyHQzY="; }; postPatch = '' @@ -50,6 +50,11 @@ python3.pkgs.buildPythonApplication rec { "test_plugin_install_notexisting" "test_plugin_install" "test_plugin_uninstall" + # Tests require network access + "test_check_with_issues" + "test_plugin_show_identifier" + "test_plugin_show_nonexisting" + "test_plugin_show_uuid" ]; pythonImportsCheck = [ @@ -59,6 +64,7 @@ python3.pkgs.buildPythonApplication rec { meta = with lib; { description = "Sigma command line interface"; homepage = "https://github.com/SigmaHQ/sigma-cli"; + changelog = "https://github.com/SigmaHQ/sigma-cli/releases/tag/v${version}"; license = with licenses; [ lgpl21Plus ]; maintainers = with maintainers; [ fab ]; mainProgram = "sigma"; diff --git a/nixpkgs/pkgs/tools/security/trufflehog/default.nix b/nixpkgs/pkgs/tools/security/trufflehog/default.nix index e510bf2e2b2c..424f5811a486 100644 --- a/nixpkgs/pkgs/tools/security/trufflehog/default.nix +++ b/nixpkgs/pkgs/tools/security/trufflehog/default.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "trufflehog"; - version = "3.61.0"; + version = "3.62.1"; src = fetchFromGitHub { owner = "trufflesecurity"; repo = "trufflehog"; rev = "refs/tags/v${version}"; - hash = "sha256-thUDdfNSQHybP5y03Jh94u8lHlj0FSuJP+U+d1OqKI8="; + hash = "sha256-dDz8czTYRxmhyFaYuSoqnBwT7lMZDENBuH+F0HpaouE="; }; - vendorHash = "sha256-KEU2G5x2d0N+H8p9MXL9yzK1lC0YqWuuxcLw/cboUzs="; + vendorHash = "sha256-+Boe/bzCsmihspGqmiJ3jOcRJ9KPjkzu6MBmgtAgwjE="; ldflags = [ "-s" diff --git a/nixpkgs/pkgs/tools/security/xsubfind3r/default.nix b/nixpkgs/pkgs/tools/security/xsubfind3r/default.nix index 9ca2d3457a05..6ec445696bf9 100644 --- a/nixpkgs/pkgs/tools/security/xsubfind3r/default.nix +++ b/nixpkgs/pkgs/tools/security/xsubfind3r/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "xsubfind3r"; - version = "0.3.0"; + version = "0.4.0"; src = fetchFromGitHub { owner = "hueristiq"; repo = "xsubfind3r"; rev = "refs/tags/${version}"; - hash = "sha256-DY9/qcE8Ryue6NEWglM1F+xd669DPBIgt743ta+O//4="; + hash = "sha256-Xlxn9IZ9TTDzkEkyBoBwrS9AdQX21mmHngm03w+c4UM="; }; - vendorHash = "sha256-dFjyeIiDGdGTlZoZvsW9cwb+urS0NRxBMFf3+Y+rsAE="; + vendorHash = "sha256-DkYQkuhBAYnGx9gxi2X/Coh0FYV+z5/4IX1zTfUM6uI="; ldflags = [ "-s" |