| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
'kvm64' is the most generic CPU, which does not support SSE4.2, AVX and other ISA extentions.
|
| |\
| |
| | |
aircrack-ng: fixed missing dependency for airmon-ng
|
| | | |
|
| |\ \
| | |
| | | |
spamassassin: enable IPv6 support with Socket6
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Communication between spamc and spamd would fail with messages about
addresses being too long:
error: Bad arg length for Socket::unpack_sockaddr_in, length is 28,
should be 16
By adding Socket6 as a buildInput, spamd is now able to process emails
without choking on IPv6 addresses.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* dolt: init at 0.12.0
* Update pkgs/servers/sql/dolt/default.nix
Co-Authored-By: robert seaton <robbpseaton@gmail.com>
* fix eval
* Update pkgs/servers/sql/dolt/default.nix
Co-Authored-By: Wael Nasreddine <wael.nasreddine@gmail.com>
* update Go docs as well
|
| |\ \ \
| | | |
| | | | |
xilinx-bootgen: init at 2019-10-23
|
| | | |/
| |/| |
|
| |\ \ \
| | | |
| | | | |
advancecomp: fix CVE-2019-9210
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | | |
ansible fixes for CVE-2019-10156 CVE-2019-10206 CVE-2019-14846 CVE-2019-14856 CVE-2019-14858 CVE-2019-14864
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This addresses the following security issues:
* CVE-2019-14846 - Several Ansible plugins could disclose aws
credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
lookup/aws_account_attribute.py, and lookup/aws_secret.py,
lookup/aws_ssm.py use the boto3 library from the Ansible process. The
boto3 library logs credentials at log level DEBUG. If Ansible's
logging was enabled (by setting LOG_PATH to a value) Ansible would set
the global log level to DEBUG. This was inherited by boto and would
then log boto credentials to the file specified by LOG_PATH. This did
not affect aws ansible modules as those are executed in a separate
process. This has been fixed by switching to log level INFO
* Convert CLI provided passwords to text initially, to prevent unsafe
context being lost when converting from bytes->text during post
processing of PlayContext. This prevents CLI provided passwords from
being incorrectly templated (CVE-2019-14856)
* properly hide parameters marked with no_log in suboptions when
invalid parameters are passed to the module (CVE-2019-14858)
* resolves CVE-2019-10206, by avoiding templating passwords from
prompt as it is probable they have special characters.
* Handle improper variable substitution that was happening in
safe_eval, it was always meant to just do 'type enforcement' and have
Jinja2 deal with all variable interpolation. Also see CVE-2019-10156
Changelog: https://github.com/ansible/ansible/blob/9bdb89f740a87bcf760424577ce18a8f68d7a741/changelogs/CHANGELOG-v2.6.rst
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This addresses the following security issues:
* Ansible: Splunk and Sumologic callback plugins leak sensitive data in logs (CVE-2019-14864)
* CVE-2019-14846 - Several Ansible plugins could disclose aws
credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
lookup/aws_account_attribute.py, and lookup/aws_secret.py,
lookup/aws_ssm.py use the boto3 library from the Ansible process. The
boto3 library logs credentials at log level DEBUG. If Ansible's
logging was enabled (by setting LOG_PATH to a value) Ansible would set
the global log level to DEBUG. This was inherited by boto and would
then log boto credentials to the file specified by LOG_PATH. This did
not affect aws ansible modules as those are executed in a separate
process. This has been fixed by switching to log level INFO
* Convert CLI provided passwords to text initially, to prevent unsafe
context being lost when converting from bytes->text during post
processing of PlayContext. This prevents CLI provided passwords from
being incorrectly templated (CVE-2019-14856)
* properly hide parameters marked with no_log in suboptions when
invalid parameters are passed to the module (CVE-2019-14858)
Changelog: https://github.com/ansible/ansible/blob/24220a618a6d5cd3b5c99f8c7f7771661ed08d33/changelogs/CHANGELOG-v2.8.rst
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This fixes the following security issues:
* Ansible: Splunk and Sumologic callback plugins leak sensitive data
in logs (CVE-2019-14864)
* CVE-2019-14846 - Several Ansible plugins could disclose aws
credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
lookup/aws_account_attribute.py, and lookup/aws_secret.py,
lookup/aws_ssm.py use the boto3 library from the Ansible process. The
boto3 library logs credentials at log level DEBUG. If Ansible's
logging was enabled (by setting LOG_PATH to a value) Ansible would set
the global log level to DEBUG. This was inherited by boto and would
then log boto credentials to the file specified by LOG_PATH. This did
not affect aws ansible modules as those are executed in a separate
process. This has been fixed by switching to log level INFO
* Convert CLI provided passwords to text initially, to prevent unsafe
context being lost when converting from bytes->text during post
processing of PlayContext. This prevents CLI provided passwords from
being incorrectly templated (CVE-2019-14856)
* properly hide parameters marked with no_log in suboptions when invalid
parameters are passed to the module (CVE-2019-14858)
* resolves CVE-2019-10206, by avoiding templating passwords from
prompt as it is probable they have special characters.
* Handle improper variable substitution that was happening in
safe_eval, it was always meant to just do 'type enforcement' and have
Jinja2 deal with all variable interpolation. Also see CVE-2019-10156
Changelog: https://github.com/ansible/ansible/blob/0623dedf2d9c4afc09e5be30d3ef249f9d1ebece/changelogs/CHANGELOG-v2.7.rst#v2-7-15
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
thunderbird-bin: 68.2.2 -> 68.3.0
|
| | | |_|/ /
| |/| | | |
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
errbot: 5.2.0 -> 6.1.1
|
| | | | | | | |
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
nixos/networkd: only set gateway if it's explicitly specified in the module system
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
system
|
| | | | | | | | |
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
subfinder: 2018-07-15 -> 2.2.4
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| | | | | | | | | |
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
xsecurelock: Remove obsolete path fix
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
helpers/saver_blank became trivial in xsecurelock commit
d4a817ae5e071540a1b11825908dd91a8697591a, which first appeared
in release 1.4.0.
|
| |\ \ \ \ \ \ \ \ \
| |_|_|_|_|_|_|/ /
|/| | | | | | | | |
dovecot: 2.3.8 -> 2.3.9.2
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Update to latest version & updated the patch file to match with the
lastest verison.
Fixes the following security issue:
* CVE-2019-19722: Mails with group addresses in From or To fields
caused crash in push notification drivers.
|
| |\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
wire-desktop: fix desktop icon
|
| | | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Update the Name attribute in the wire-desktop.desktop applications file
and add StartupWMClass key. This fixes the icons on plasma5 and gnome3
which, in certain places, showed a generic X.org icon instead of the Wire
icon.
|
| | |_|_|_|_|/ / / /
|/| | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Also bumped gtk version from gtk2 to gtk3
|
| |\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
postgresql-backup: Use saner defaults for pg_dump
|
| | | | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
python38Packages.mysqlclient: 1.4.5 -> 1.4.6
|
| | | | | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | | |
python38Packages.sasmodels: 1.0.0 -> 1.0.1
|
| | |/ / / / / / / / / / |
|
| |\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | | |
gitAndTools.git-gone: 0.1.2 -> 0.2.0
|
| | | |_|_|/ / / / / / /
| |/| | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | | |
tpm2-tools: 4.0.1 -> 4.1
|
| | | |/ / / / / / / / /
| |/| | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \ \ \
| |_|_|_|_|_|_|_|_|/ /
|/| | | | | | | | | | |
chromium: 78.0.3904.108 -> 79.0.3945.79
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
WidevineCdm/
|
| | | | | | | | | | | | |
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
This hasn't worked since 2016 (https://github.com/NixOS/nixpkgs/issues/13983)
and is being removed very soon, per "Q4 2019" in
https://developer.chrome.com/native-client/migration
(It's staying around for "Chrome Apps", but those only run on ChromeOS now.)
earth.google.com users can use https://earth.google.com/web/?beta=1 to get
the wasm version instead of the PNaCl version.
|
| | | | | | | | | | | | |
|
| | | | | | | | | | | | |
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
CVE-2019-13725 CVE-2019-13726 CVE-2019-13727 CVE-2019-13728
CVE-2019-13729 CVE-2019-13730 CVE-2019-13732 CVE-2019-13734
CVE-2019-13735 CVE-2019-13764 CVE-2019-13736 CVE-2019-13737
CVE-2019-13738 CVE-2019-13739 CVE-2019-13740 CVE-2019-13741
CVE-2019-13742 CVE-2019-13743 CVE-2019-13744 CVE-2019-13745
CVE-2019-13746 CVE-2019-13747 CVE-2019-13748 CVE-2019-13749
CVE-2019-13750 CVE-2019-13751 CVE-2019-13752 CVE-2019-13753
CVE-2019-13754 CVE-2019-13755 CVE-2019-13756 CVE-2019-13757
CVE-2019-13758 CVE-2019-13759 CVE-2019-13761 CVE-2019-13762
CVE-2019-13763
The new widevine patch was taken from
https://git.archlinux.org/svntogit/packages.git/plain/trunk/chromium-widevine.patch?h=packages/chromium
|
| |\ \ \ \ \ \ \ \ \ \ \
| |_|_|_|_|_|_|_|_|/ /
|/| | | | | | | | | | |
idrisPackages.tparsec: 2019-06-18 -> 2019-09-19
|