| Commit message (Collapse) | Author | Age |
|
|
|
| |
Also move from buildGoPackage to buildGoModule.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Part of: https://github.com/NixOS/nixpkgs/issues/108938
meta = with stdenv.lib;
is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.
This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.
The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
|
|\ |
|
| | |
|
| | |
|
|/ |
|
| |
|
| |
|
|\
| |
| |
| |
| | |
redvers/update_cassandra_2.1.20_to_2.1.22_cve-2020-13946
cassandra_2_1: 2.1.20 -> 2.1.22
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability
Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.
Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.
2.1.x users should upgrade to 2.1.22
|
|\ \
| | |
| | |
| | |
| | | |
redvers/update_cassandra_2.2.14_to_2.2.19_cve-2020-13946
cassandra_2_2: 2.2.14 -> 2.2.19
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability
Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.
Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.
2.2.x users should upgrade to 2.2.18
|
|\ \
| | |
| | |
| | |
| | | |
redvers/update_cassandra_3.11.4_3.11.9_cve-2020-13946
cassandra: 3.11.4 -> 3.11.9
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability
Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.
Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.
3.11.x users should upgrade to 3.11.8
|
| |
| |
| |
| |
| | |
I've been disconnected from Cassandra for years now, I wouldn't be an
appropriate maintainer.
|
| | |
|
|\ \
| | |
| | |
| | |
| | | |
redvers/update_cassandra_3.0.17_to_3.0.23_cve-2020-13946
cassandra_3_0: 3.0.17 -> 3.0.23
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability
Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.
Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.
3.0.x users should upgrade to 3.0.22
|
|/
|
| |
Signed-off-by: David Anderson <dave@natulte.net>
|
|
|
|
| |
This reverts commit ecbe92e57616a22f8c4ec50a7f3832f28972dd79.
|
|
|
| |
Signed-off-by: David Anderson <dave@natulte.net>
|
| |
|
| |
|
|\
| |
| | |
victoriametrics: add passthru.tests
|
| | |
|
|/ |
|
| |
|
|\
| |
| | |
platform.gcc.arch: support for AMD CPUs
|
| | |
|
| | |
|
| |
| |
| |
| | |
And remove patch working around a GCC bug.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Update patch that prevents making V8 snapshots, as those segfault.
Fix build by building only the database server. Other make targets fetch
dependencies at build time and this behaviour cannot be overriden.
Therefore, the clients and web interface are no longer built. See
rethinkdb/rethinkdb#6867.
|
|/ |
|
| |
|
|\
| |
| |
| |
| |
| | |
Rebuild on Hydra seems OK-ish.
mongodb.nix needed some conflict resolution (scons versions);
all four versions seem to build fine.
|
| |\
| | |
| | |
| | |
| | | |
Some rebuilds, e.g. all of haskell.
Hydra nixpkgs: ?compare=1601713
|
| |\ \
| | | |
| | | | |
scons: 3.1.2 -> 4.0.0
|
| | | |
| | | |
| | | |
| | | | |
Required since SCons 4.0.0 doesn't support Python 2.7 anymore.
|
|\ \ \ \
| | | | |
| | | | | |
mongodb: 4.0.12 -> 4.2.8
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Not strictly an upgrade, but adds a new mongodb-4_2 target with the
current mongodb from that branch.
Use matching client and server versions in mongodb tests- tests were
using the mongo 3.4 client to connect, and this finally doesn't work
with server 4.2.
Per reviewer suggestion, adding myself as cheetah3 maintainer.
Additionally, reestore comments describing the purpose of the
build-dependencies patch
|
| |_|/
|/| |
| | |
| | |
| | |
| | | |
Release notes:
https://groups.google.com/g/redis-db/c/7tuERP0dN9c/m/HddqH3X5BwAJ?pli=1
|
|/ / |
|
|\ \
| |/
|/| |
|
| |
| |
| |
| |
| | |
For example, it detected the issue fixed in the parent commit
(tested on aarch64).
|
|\ \
| | |
| | | |
victoriametrics: 1.37.0 -> 1.37.4
|
| | | |
|
| |/ |
|
|/ |
|