diff options
Diffstat (limited to 'pkgs/tools/security')
22 files changed, 68 insertions, 81 deletions
diff --git a/pkgs/tools/security/cdxgen/default.nix b/pkgs/tools/security/cdxgen/default.nix index f624b10952fc..351fee2ff2af 100644 --- a/pkgs/tools/security/cdxgen/default.nix +++ b/pkgs/tools/security/cdxgen/default.nix @@ -5,16 +5,16 @@ buildNpmPackage rec { pname = "cdxgen"; - version = "10.2.3"; + version = "10.2.4"; src = fetchFromGitHub { owner = "AppThreat"; repo = pname; rev = "v${version}"; - sha256 = "sha256-C/XTMOFLW2FPPi1Pgx7g5H8jtJlya5LnKmo3oF21yMI="; + sha256 = "sha256-fou0BfQfL66Iv+STY0JcRqu22XTgA9nSOse1LJYl3vs="; }; - npmDepsHash = "sha256-64dKqV17WvuHjF+n1vCEfpLx6UBNpGkVE+XYi7YswgI="; + npmDepsHash = "sha256-ISmNasK44T21HagHKrX1LyCFVm0GF0CsTwIIi3n8h2o="; dontNpmBuild = true; diff --git a/pkgs/tools/security/cnquery/default.nix b/pkgs/tools/security/cnquery/default.nix index b418d4a79a04..7fac37bd02f3 100644 --- a/pkgs/tools/security/cnquery/default.nix +++ b/pkgs/tools/security/cnquery/default.nix @@ -5,18 +5,18 @@ buildGoModule rec { pname = "cnquery"; - version = "10.2.0"; + version = "10.8.4"; src = fetchFromGitHub { owner = "mondoohq"; repo = "cnquery"; rev = "v${version}"; - hash = "sha256-bz4a4+mgssrRBthkN87aYxlZV6as2uocFvBKrKLmy8A="; + hash = "sha256-YzoUl7dfmJpTAdJq2o8DrgRKvRoLcyIWiLUD7e7UOMk="; }; subPackages = [ "apps/cnquery" ]; - vendorHash = "sha256-vq6R2FgvoET8SLTpktGLoFzZHqnmizDp0fWU7kqlLgU="; + vendorHash = "sha256-FWPhKDndu+QNxERYc3aQCKAYiSR0BTrZOd3ZW8aG4HU="; meta = with lib; { description = "cloud-native, graph-based asset inventory"; diff --git a/pkgs/tools/security/cnspec/default.nix b/pkgs/tools/security/cnspec/default.nix index 9114c52a052a..b37f05e779cc 100644 --- a/pkgs/tools/security/cnspec/default.nix +++ b/pkgs/tools/security/cnspec/default.nix @@ -5,18 +5,18 @@ buildGoModule rec { pname = "cnspec"; - version = "10.8.0"; + version = "10.8.4"; src = fetchFromGitHub { owner = "mondoohq"; repo = "cnspec"; rev = "refs/tags/v${version}"; - hash = "sha256-EfVbYIGkjH0tHaMgnoyAGw7ZlAPVBlhbKTjryFRBF1A="; + hash = "sha256-emY8y+OKk052o5LGhHMra7CTpbmS/U+5sjWIYR7DRsA="; }; proxyVendor = true; - vendorHash = "sha256-xrWGILBxZEoNi4PHG1vixLpOVaW0LRKkTkJsx5mWBns="; + vendorHash = "sha256-W39Ccc5UU+K+W/h/R1vrB1lcJXKZs8gbfxmb99vGEfM="; subPackages = [ "apps/cnspec" diff --git a/pkgs/tools/security/dontgo403/default.nix b/pkgs/tools/security/dontgo403/default.nix index 19bc78f2206c..7fab0dac0425 100644 --- a/pkgs/tools/security/dontgo403/default.nix +++ b/pkgs/tools/security/dontgo403/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "dontgo403"; - version = "1.0.0"; + version = "1.0.2"; src = fetchFromGitHub { owner = "devploit"; repo = "dontgo403"; rev = "refs/tags/${version}"; - hash = "sha256-znmPXue+pzv7vAKnIYsjJQQGMeBETH+ekyVKGz9wRik="; + hash = "sha256-qA1i8l2oBQQ5IF8ho3K2k+TAndUTFGwb2NfhyFqfKzU="; }; vendorHash = "sha256-IGnTbuaQH8A6aKyahHMd2RyFRh4WxZ3Vx/A9V3uelRg="; diff --git a/pkgs/tools/security/exploitdb/default.nix b/pkgs/tools/security/exploitdb/default.nix index d5ad0068d6ea..9b971e958aa2 100644 --- a/pkgs/tools/security/exploitdb/default.nix +++ b/pkgs/tools/security/exploitdb/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "exploitdb"; - version = "2024-03-19"; + version = "2024-03-23"; src = fetchFromGitLab { owner = "exploit-database"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-VfaUm1d/Hpqo3TfS3gssr0YRPHqxXewZzH52/nSLHXU="; + hash = "sha256-2Z6HY2Pz7PKh0iBXaplxj7il0Ekzqsbq57l0/Pk03+s="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/security/gallia/default.nix b/pkgs/tools/security/gallia/default.nix index f19bd817d1d4..8279227f3d28 100644 --- a/pkgs/tools/security/gallia/default.nix +++ b/pkgs/tools/security/gallia/default.nix @@ -18,6 +18,11 @@ python3.pkgs.buildPythonApplication rec { nativeBuildInputs = with python3.pkgs; [ poetry-core + pythonRelaxDepsHook + ]; + + pythonRelaxDeps = [ + "httpx" ]; propagatedBuildInputs = with python3.pkgs; [ diff --git a/pkgs/tools/security/gotestwaf/default.nix b/pkgs/tools/security/gotestwaf/default.nix index 5a807b0a08c7..b710d209244c 100644 --- a/pkgs/tools/security/gotestwaf/default.nix +++ b/pkgs/tools/security/gotestwaf/default.nix @@ -7,13 +7,13 @@ buildGoModule rec { pname = "gotestwaf"; - version = "0.4.15"; + version = "0.4.16"; src = fetchFromGitHub { owner = "wallarm"; repo = "gotestwaf"; rev = "refs/tags/v${version}"; - hash = "sha256-C5lDiHDSSweUZh83AOv5WIQ4JuC9OiCvpHshgius51k="; + hash = "sha256-fMSXnA8ZuyfOQINkWiYwX7NSffsHbdlfDcpfo/hahMY="; }; vendorHash = null; diff --git a/pkgs/tools/security/hashcat/default.nix b/pkgs/tools/security/hashcat/default.nix index 627709d123a1..56399e61639e 100644 --- a/pkgs/tools/security/hashcat/default.nix +++ b/pkgs/tools/security/hashcat/default.nix @@ -21,13 +21,9 @@ stdenv.mkDerivation rec { }; postPatch = '' - # Select libstdc++ or libc++ based on stdenv # MACOSX_DEPLOYMENT_TARGET is defined by the enviroment # Remove hardcoded paths on darwin substituteInPlace src/Makefile \ - '' + lib.optionalString (stdenv.cc.libcxx != null) '' - --replace "-lstdc++" "-lc++ -l${stdenv.cc.libcxx.cxxabi.libName}" \ - '' + '' --replace "export MACOSX_DEPLOYMENT_TARGET" "#export MACOSX_DEPLOYMENT_TARGET" \ --replace "/usr/bin/ar" "ar" \ --replace "/usr/bin/sed" "sed" \ diff --git a/pkgs/tools/security/metasploit/Gemfile b/pkgs/tools/security/metasploit/Gemfile index e5c600b9ad7a..21f6f0ecbd2a 100644 --- a/pkgs/tools/security/metasploit/Gemfile +++ b/pkgs/tools/security/metasploit/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true source "https://rubygems.org" -gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.3.60" +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.4.0" diff --git a/pkgs/tools/security/metasploit/Gemfile.lock b/pkgs/tools/security/metasploit/Gemfile.lock index d0d57f703aec..b58232b1e8ef 100644 --- a/pkgs/tools/security/metasploit/Gemfile.lock +++ b/pkgs/tools/security/metasploit/Gemfile.lock @@ -1,9 +1,9 @@ GIT remote: https://github.com/rapid7/metasploit-framework - revision: 5df84967c30bc92484c217aa70754596ff358ad0 - ref: refs/tags/6.3.60 + revision: c82de1374a222da3ca6db840432a971cfd4e865e + ref: refs/tags/6.4.0 specs: - metasploit-framework (6.3.60) + metasploit-framework (6.4.0) actionpack (~> 7.0.0) activerecord (~> 7.0.0) activesupport (~> 7.0.0) @@ -83,7 +83,7 @@ GIT rex-zip ruby-macho ruby-mysql - ruby_smb (~> 3.3.0) + ruby_smb (~> 3.3.3) rubyntlm rubyzip sinatra @@ -166,7 +166,7 @@ GEM bcrypt (3.1.20) bcrypt_pbkdf (1.1.0) bigdecimal (3.1.6) - bindata (2.5.0) + bindata (2.4.15) bootsnap (1.18.3) msgpack (~> 1.2) bson (5.0.0) @@ -398,8 +398,8 @@ GEM ruby-mysql (4.1.0) ruby-rc4 (0.1.5) ruby2_keywords (0.0.5) - ruby_smb (3.3.2) - bindata + ruby_smb (3.3.4) + bindata (= 2.4.15) openssl-ccm openssl-cmac rubyntlm diff --git a/pkgs/tools/security/metasploit/default.nix b/pkgs/tools/security/metasploit/default.nix index cb3db6d932d3..cacaf4ec0b0e 100644 --- a/pkgs/tools/security/metasploit/default.nix +++ b/pkgs/tools/security/metasploit/default.nix @@ -15,13 +15,13 @@ let }; in stdenv.mkDerivation rec { pname = "metasploit-framework"; - version = "6.3.60"; + version = "6.4.0"; src = fetchFromGitHub { owner = "rapid7"; repo = "metasploit-framework"; rev = "refs/tags/${version}"; - hash = "sha256-K4NBMaoWpxbyKCtkHYzPJSIM27yY8MZZDXAuJM9T1ZE="; + hash = "sha256-1OWgQgnmsKxGHzX2ly/7xIJH4BcWUV6SjScxB5bMhu0="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/security/metasploit/gemset.nix b/pkgs/tools/security/metasploit/gemset.nix index bdbc5917777a..a35e66a42222 100644 --- a/pkgs/tools/security/metasploit/gemset.nix +++ b/pkgs/tools/security/metasploit/gemset.nix @@ -234,10 +234,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08r67nglsqnxrbn803szf5bdnqhchhq8kf2by94f37fcl65wpp19"; + sha256 = "04y4zgh4bbcb8wmkxwfqg4saky1d1f3xw8z6yk543q13h8ky8rz5"; type = "gem"; }; - version = "2.5.0"; + version = "2.4.15"; }; bootsnap = { groups = ["default"]; @@ -674,12 +674,12 @@ platforms = []; source = { fetchSubmodules = false; - rev = "5df84967c30bc92484c217aa70754596ff358ad0"; - sha256 = "14fmag7j8bkh1mcwdw4qpkdhq8i5ry61sr1b53r1d9qnm8ql30rb"; + rev = "c82de1374a222da3ca6db840432a971cfd4e865e"; + sha256 = "1vc6rjb0fc97in95wl8n2zh4g0n4zcprgxim3x3arc76151a1rfl"; type = "git"; url = "https://github.com/rapid7/metasploit-framework"; }; - version = "6.3.60"; + version = "6.4.0"; }; metasploit-model = { groups = ["default"]; @@ -1397,10 +1397,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1yy5z53mp2l3d8k8dhf8s8hbscmgd829j50nfcgmqrli0vvz0s1a"; + sha256 = "0wcbglknz86qf7sbsns84a35a0vvfn9cn1cbhf9ycjwh6nqxhcim"; type = "gem"; }; - version = "3.3.2"; + version = "3.3.4"; }; rubyntlm = { groups = ["default"]; diff --git a/pkgs/tools/security/mokutil/default.nix b/pkgs/tools/security/mokutil/default.nix index 8b36e5c1c631..cd36b8eaa1e9 100644 --- a/pkgs/tools/security/mokutil/default.nix +++ b/pkgs/tools/security/mokutil/default.nix @@ -11,13 +11,13 @@ stdenv.mkDerivation rec { pname = "mokutil"; - version = "0.7.1"; + version = "0.7.2"; src = fetchFromGitHub { owner = "lcp"; repo = pname; rev = version; - sha256 = "sha256-vxSYwsQ+xjW7a7gZhvgX4lzA7my6BZCYGwE1bLceTQA="; + sha256 = "sha256-DO3S1O0AKoI8gssnUyBTRj5lDNs6hhisc/5dTIqmbzM="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/security/osv-scanner/default.nix b/pkgs/tools/security/osv-scanner/default.nix index 2b9f2c4db236..e51ce66ad024 100644 --- a/pkgs/tools/security/osv-scanner/default.nix +++ b/pkgs/tools/security/osv-scanner/default.nix @@ -6,16 +6,16 @@ }: buildGoModule rec { pname = "osv-scanner"; - version = "1.6.2"; + version = "1.7.1"; src = fetchFromGitHub { owner = "google"; repo = pname; rev = "v${version}"; - hash = "sha256-/V0zn4Aic6tBJw23YJWkyeCZXf/ehIZlKWd9TZXe40Y="; + hash = "sha256-JlTD8el4hXVYI76+cxGNemkUu0n2QxCqisr6R9aPqdI="; }; - vendorHash = "sha256-wIXc0YYTdcnUBNbypVwZJ/RNTmaeMteEujmgs5WJ1g0="; + vendorHash = "sha256-J5qLs4EirBOfjnLv8eQBSd9w9nzpxBW5GS28CgQMsN8="; subPackages = [ "cmd/osv-scanner" diff --git a/pkgs/tools/security/pcsclite/default.nix b/pkgs/tools/security/pcsclite/default.nix index 2b55b76b6654..956bf451c7bf 100644 --- a/pkgs/tools/security/pcsclite/default.nix +++ b/pkgs/tools/security/pcsclite/default.nix @@ -19,7 +19,7 @@ stdenv.mkDerivation (finalAttrs: { inherit pname; - version = "2.0.1"; + version = "2.0.3"; outputs = [ "out" "lib" "dev" "doc" "man" ]; @@ -28,7 +28,7 @@ stdenv.mkDerivation (finalAttrs: { owner = "rousseau"; repo = "PCSC"; rev = "refs/tags/${finalAttrs.version}"; - hash = "sha256-7NGlU4byGxtGBticewg8K4FUiDSQZAiB7Q/y+LaqKPo="; + hash = "sha256-VDQh2PYAMFwgWvZFD20H3JxgKSFrSUoDLv/6fKEoy5Y="; }; configureFlags = [ diff --git a/pkgs/tools/security/proxmark3/default.nix b/pkgs/tools/security/proxmark3/default.nix index bbdbec9d5d0e..ee37f938b5d9 100644 --- a/pkgs/tools/security/proxmark3/default.nix +++ b/pkgs/tools/security/proxmark3/default.nix @@ -26,13 +26,13 @@ assert withBlueshark -> stdenv.hostPlatform.isLinux; stdenv.mkDerivation (finalAttrs: { pname = "proxmark3"; - version = "4.18218"; + version = "4.18341"; src = fetchFromGitHub { owner = "RfidResearchGroup"; repo = "proxmark3"; rev = "v${finalAttrs.version}"; - hash = "sha256-LltTTmYEF1JsqkVaj7Z19qGR+dEUj6Hwr6T5Z1eDzZc="; + hash = "sha256-YeBrrzCiDgl4WdhWYatm9sOAtBAECIv/f+OzB/RTdeg="; }; patches = [ diff --git a/pkgs/tools/security/sequoia-sqop/default.nix b/pkgs/tools/security/sequoia-sqop/default.nix index 19dd99b871b0..b9be02160898 100644 --- a/pkgs/tools/security/sequoia-sqop/default.nix +++ b/pkgs/tools/security/sequoia-sqop/default.nix @@ -9,7 +9,7 @@ rustPlatform.buildRustPackage rec { pname = "sequoia-sqop"; - version = "0.31.0"; + version = "0.32.0"; src = fetchFromGitLab { owner = "sequoia-pgp"; @@ -17,10 +17,10 @@ rustPlatform.buildRustPackage rec { # generated etc repo = "sequoia-sop"; rev = "v${version}"; - hash = "sha256-qGSVmjLdx84YphAXt1MRF1cIfk7xLOvtUj+3e7vO+jA="; + hash = "sha256-6g6JVNlLi++XboU/ewHM7KM0tJlDayCoz1octKloQro="; }; - cargoHash = "sha256-y4n6UPAYwI9P+jw59TOf98xSdNvzEgJp5n/GtiixsIU="; + cargoHash = "sha256-Vci29mnFiRRbI45Qkj6t8aVrEaJdKVB01zTXHQT5ckw="; nativeBuildInputs = [ pkg-config diff --git a/pkgs/tools/security/step-kms-plugin/default.nix b/pkgs/tools/security/step-kms-plugin/default.nix index 2a141e7012b9..fd3faedf6128 100644 --- a/pkgs/tools/security/step-kms-plugin/default.nix +++ b/pkgs/tools/security/step-kms-plugin/default.nix @@ -11,16 +11,16 @@ buildGoModule rec { pname = "step-kms-plugin"; - version = "0.10.0"; + version = "0.11.0"; src = fetchFromGitHub { owner = "smallstep"; repo = pname; rev = "v${version}"; - hash = "sha256-TmIQjkIESZm6u7CajyJGgf1xm3SvjA6EINUAKehzafs="; + hash = "sha256-FQ9UW1zz+8HMFETZVef7oyh2+Nm5z3ksvmOv/MTiKAU="; }; - vendorHash = "sha256-mwi7ux4pnnotdwW6v0j+q8mx5i7W6fJVuAKOEqVDueY="; + vendorHash = "sha256-bpQHe7B7dG1oeGP/V3su0Zc6in7tive7lmh18KqxGfo="; proxyVendor = true; diff --git a/pkgs/tools/security/trufflehog/default.nix b/pkgs/tools/security/trufflehog/default.nix index 250d597e6459..c40f80b0caa5 100644 --- a/pkgs/tools/security/trufflehog/default.nix +++ b/pkgs/tools/security/trufflehog/default.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "trufflehog"; - version = "3.70.2"; + version = "3.70.3"; src = fetchFromGitHub { owner = "trufflesecurity"; repo = "trufflehog"; rev = "refs/tags/v${version}"; - hash = "sha256-bw9Pjl3t3QEahKcpjh1IC4nWL4iLIr6P0aNPDNOQi1k="; + hash = "sha256-eTxqNsTcdYqflY5i6tV/4uL9jV2MPwVeWspXfjX8Xmc="; }; - vendorHash = "sha256-T8XLYTLQLgwJYaHC4erBt1fadSjmLtrykPJGiFioBRI="; + vendorHash = "sha256-VYF9QIlshfFkNbfEQlJsp1SbGsGVTwnGLdKprKOeB74="; ldflags = [ "-s" diff --git a/pkgs/tools/security/vals/default.nix b/pkgs/tools/security/vals/default.nix index c6355bb3683b..0c43a0204bbb 100644 --- a/pkgs/tools/security/vals/default.nix +++ b/pkgs/tools/security/vals/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "vals"; - version = "0.33.1"; + version = "0.35.0"; src = fetchFromGitHub { rev = "v${version}"; owner = "variantdev"; repo = pname; - sha256 = "sha256-5+yaDcHqOt+bOdQIv4rDJuiR7acbkQvHJEfvc058+b8="; + sha256 = "sha256-PH2R39bI357ND3Gf//Fe+xtMGVuqwggT9zZyy/OimmY="; }; - vendorHash = "sha256-Lt6OPA6k+zXIahZR8F36YWruCtUsoQKb/LgzJ5NIcx8="; + vendorHash = "sha256-oesPCwDZyJ1Q8LdyEnvAU5sdXFFHdxUP4jXltww8vuk="; ldflags = [ "-s" diff --git a/pkgs/tools/security/vault/default.nix b/pkgs/tools/security/vault/default.nix index bec13959dc43..6b5b0d595809 100644 --- a/pkgs/tools/security/vault/default.nix +++ b/pkgs/tools/security/vault/default.nix @@ -15,7 +15,7 @@ buildGoModule rec { hash = "sha256-XqPuikUUm8C02Uv6qZHPz/KEmrvBrr8gOznQ7qbMKnU="; }; - vendorHash = "sha256-SYGqlLCA7T4MhRlOVBSYnZdZ2+WuJvmmHw3MdnfoezM="; + vendorHash = "sha256-97/nNRwTJnoW1gRvWhdsO36TuLdGTX67o0oTiGMotrs="; proxyVendor = true; diff --git a/pkgs/tools/security/yubikey-touch-detector/default.nix b/pkgs/tools/security/yubikey-touch-detector/default.nix index a8474a1a5b3f..36822b6728e6 100644 --- a/pkgs/tools/security/yubikey-touch-detector/default.nix +++ b/pkgs/tools/security/yubikey-touch-detector/default.nix @@ -1,41 +1,27 @@ -{ lib, libnotify, buildGoModule, fetchFromGitHub, fetchurl, pkg-config, iconColor ? "#84bd00" }: +{ lib, libnotify, gpgme, buildGoModule, fetchFromGitHub, fetchurl, pkg-config }: buildGoModule rec { pname = "yubikey-touch-detector"; - version = "1.10.1"; + version = "1.11.0"; src = fetchFromGitHub { owner = "maximbaz"; repo = "yubikey-touch-detector"; rev = version; - sha256 = "sha256-y/iDmxlhu2Q6Zas0jsv07HQPkNdMrOQaXWy/cuWvpMk="; - }; - vendorHash = "sha256-OitI9Yp4/mRMrNH4yrWSL785+3mykPkvzarrc6ipOeg="; - - iconSrc = fetchurl { - url = "https://github.com/Yubico/yubioath-flutter/raw/yubioath-desktop-5.0.0/images/touch.svg"; - hash = "sha256-+jC9RKjl1uMBaNqLX5WXN+E4CuOcIEx5IGXWxgxzA/k="; + hash = "sha256-XpaCKNQpQD9dNj4EOGJ6PdjfSAxxG5dC8mIzYr7t/+I="; }; + vendorHash = "sha256-mhmYTicj/ihGNzeCZd1ZijWPkvxQZjBxaC5dyAU1O7U="; nativeBuildInputs = [ pkg-config ]; - buildInputs = [ libnotify ]; - - postPatch = '' - cp $iconSrc yubikey-touch-detector.svg - substituteInPlace yubikey-touch-detector.svg \ - --replace '#284c61' ${lib.escapeShellArg iconColor} - - substituteInPlace notifier/libnotify.go \ - --replace \ - 'AppIcon: "yubikey-touch-detector"' \ - "AppIcon: \"$out/share/icons/yubikey-touch-detector.svg\"" - ''; + buildInputs = [ libnotify gpgme ]; postInstall = '' - install -Dm444 -t $out/share/doc/${pname} *.md + install -Dm444 -t $out/share/doc/${pname} *.{md,example} + + install -Dm444 -t $out/share/licenses/${pname} LICENSE - install -Dm444 -t $out/share/icons yubikey-touch-detector.svg + install -Dm444 -t $out/share/icons/hicolor/128x128/apps yubikey-touch-detector.png install -Dm444 -t $out/lib/systemd/user *.{service,socket} |